The research is a collaboration between the National Security Agency and a tiny software company in Portland, Ore. It aims to develop a platform that will allow sensitive but unclassified information to be securely shared over the internet between U.S. intelligence agencies and state and local law enforcement officials and other first responders.

"The aim is to create a trusted environment," said Charles Jennings, co-founder and CEO of the software company, Swan Island Networks, Inc.

In such an environment, information -- including personal data about Americans -- could be shared in a variety of ways that reflect and respect the different rules in place in different agencies to protect individual privacy and information security.

"The aim is to build in the privacy and civil rights (issues) right from the beginning," Richard Russell, the official in the office of Director of National Intelligence John Negroponte responsible for information-sharing policy, told United Press International.

It is a vision designed to cut through a series of knotty problems that have bedeviled efforts to make progress on the information-sharing issue, identified by a series of reports on the Sept. 11 hijackings as a key area in which improvement would make Americans safer from future attacks.

For example, Russell said, the technology would create "an immutable audit trail" showing exactly who had done what with each piece of data, "so that if someone were to challenge way that information about them was used, that could be resolved."

He said the development of the technology was going hand-in-hand with the development of new policies aimed at simplifying the federal regulatory regimes with which the new technology will have to comply.

Russell called it "spiral development," and Jennings said the approach showed "a new philosophy," a greater willingness on the part of U.S. intelligence agencies to work cooperatively with the private sector. "Rather than being the acquirer or the cyber-cop down the road," he said, this new approach meant the technology would "have the compliance with the (information) security (requirements of the agencies) baked in."

Russell emphasized the flexibility of the architecture, saying it would provide both "role-based access" for people who needed information because of the job they were doing, and "event-based access" for those who needed it because of being in the vicinity of, or having some set role in relation to an unfolding situation.

But the new research project is only the latest in a series of efforts to address the issue, many of which appear to have stalled or foundered.

In May last year, the members of the Joint Regional Information Exchange System, or JRIES, a state and local police data sharing effort started soon after Sept. 11, 2001, with help from military intelligence, told the Department of Homeland Security that they were ending plans to integrate their system into the department's own Homeland Security Information Network.

The network continues to be used by the governors and other state-level officials for whom it provides a secure channel of communication to federal homeland security officials.

But the vision of the new Department of Homeland Security as the hub within the federal government to which all terrorism threat information would flow before being disseminated to state and local jurisdictions has clearly faded.

Russell said the research was being coordinated with Homeland Security and the Justice Department through the information-sharing council, a Cabinet level policy committee.

Former homeland security official Michael Daconta said the Office of the Director of National Intelligence had become the de facto lead agency on information sharing -- "the entity in the federal government that's supposed to tie it all together."

Daconta, a former senior official in the department's information technology office, told UPI that the new director's office "seems to be establishing its leadership." He cited the work being done on the council of chief information officers -- which brings together the IT chiefs of the cabinet departments and major federal agencies -- where a major information-sharing policy effort was being led by the director of national intelligence's chief IT architect, Bryan Aucoin.

Daconta told UPI he hoped the new research platform would employ the emerging data standards he had worked on at homeland security, known as the National Information Exchange Model.

The idea of the model, he said, was to create a standard format for information that would make messages created on one network intelligible on any other network employing the same standards.

Peter O'Dell, the chief operating officer of Swan Island Networks, said the company had been one of the early adopters of the Common Alerting Protocol, a precursor to the National Information Exchange Model.

But he said the issue of which standards the system they built with the National Security Agency would eventually use was "complicated."

"We will continue to evaluate and adopt (government-developed data standards) as they are developed and as they are useable," he said.

Related Links
News and analysis about the Global War Against Terror at SpaceWar.com
Learn about Cyberwar Systems and Policy Issues at SpaceWar.com