TSA piggybacks on Coast Guard emergency alert systems

Featured eBooks
The State of Trust in Government
Cybersecurity in State and Local Government
Building Data Literacy in the State and Local Workforce
By William Jackson
 

Connecting state and local government leaders

By William Jackson

|

When the Transportation Security Administration needed to upgrade its emergency alert system, it opted to use the system already in place for its sister agency the Coast Guard.

When the Homeland Security Department’s Transportation Security Administration wanted to upgrade its emergency alert system two years ago, it went to the U.S. Coast Guard for advice about the system it had recently implemented.

“Being a sister agency, we opened up the facility and showed them what we do,” said Lt. Cmdr. Ted Kim, operations systems manager at USCG headquarters in Washington.

Launched in 2009, USCG’s Alert and Warning System 2.0 is housed in the agency’s West Virginia data center and uses the Common Alerting Protocol, an XML-based data format for public warning that supports multiple communications channels including voice, text and fax. More than 100 Coast Guard facilities use it to send alerts to 50,000 port and industry officials as well as Coast Guard personnel.

Related coverage:

Emergency alert system expands to mobile phones

Souped-up alert system spreads the word for Coast Guard

TSA returned to USCG in March 2011 and announced that it had evaluated the available commercial systems and had decided it wanted instead to join the Coast Guard’s system.

“It was a bit of a surprise,” Kim said. USCG had been offering advice, not services. But the agencies came to an agreement in which TSA would become a tenant with its own virtual environment in the AWS.

A TSA network connection was established to the data center, and DHS’s two largest agencies became partners.

“The advantage to TSA is that they don’t have to set up their own system,” Kim said. “We are adding more hardware, but we are not doubling the infrastructure. When you share the infrastructure, both agencies win.”

The AWS 2.0 is built on IWSAlerts software from the mass notification vendor AtHoc Inc. “From the data center perspective, they needed more software licenses and the ability to support the software,” said AtHoc CEO Guy Miasnik. “It was more cost-efficient for TSA to integrate with the same system that the Coast Guard had.”

Sea and airport coverage

Today that infrastructure serves about 100,000 government and industry partner personnel at about 150 ports, airports and agency facilities on two segregated virtual networks. In the first phase of the virtual program, which began in May 2011, only TSA personnel are included in the database that provides the directory for TSA alerts.

In the second phase, which is expected to begin in April, additional partners in the aviation community will be added to the TSA database, and the Coast Guard would like to strengthen the authentication for system access.

USCG’s Alert and Warning System is a third-generation system used to fulfill the agency’s mandate to provide timely information to its partners in the nation’s sea ports and in the maritime industry, and to receive feedback from them.

The first generation had used radio broadcast and local phone trees to notify Coast Guard and private-sector personnel. This was replaced with the first AWS, which was integrated into its USCG’s Homeport Internet portal. This system enabled distribution of local or nationwide alerts about weather conditions, natural disasters, security threats or operational activities via e-mail and telephone messages, as well as text messages to wireless devices.

AWS was effective and was able to leverage the centralized Web resources at the USCG’s data center so that no additional software and hardware was required for local commands or ports. But limitations in the system appeared as needs expanded. The channels for distributing messages were not keeping up with the rapidly expanding technology, and there was no capability for automating responses from recipients. AWS only tracked messages that were sent and noted when they were received.

To scale up the reach, functionality and performance of the system, AWS 2.0 adopted the standards-based IWSAlerts. The CAP standard allows dissemination of data that can include images, audio and video over multiple channels and systems. It allowed the Coast Guard to continue leveraging the Web interface for alerts but provided better performance and almost unlimited scalability.

“The infrastructure really has not changed” with the addition of a new tenant, Kim said. “We set up a virtual system for TSA.”

How it works

Local commanders at each of the 16 Coast Guard districts set up their own distribution lists and have the ability to create messages that can be sent out to specific lists. The system is used for major events, such as issuing tsunami warnings in the wake of the March 2011 Japanese earthquake, as well as routine information such as day-to-day requirements for personnel at different stations.

There were some challenges to bringing TSA on board, Kim said. First of all, “we are not a vendor; we don’t sell stuff.” The agencies had to develop a memorandum of agreement spelling out requirements and service-level agreements. The systems also had to be segregated. “The Coast Guard can’t know what’s on TSA’s system, and TSA can’t see the Coast Guard system.”

That was a challenge because the Coast Guard was using its Common Access Card for authenticating users through its Homeport portal and TSA had neither a Web portal nor the CAC. TSA is in the process of implementing the civilian Personal Identity Verification card for logical access to IT systems, but until that ability is in place the Coast Guard hosts had to settle for a simpler, less secure means of authentication.

“We ended up using usernames and passwords,” Kim said. “That was a security violation for us,” but he said he hopes that strong, two-factor authentication can be used in Phase 2 of the TSA system with the PIV card.

The lack of a ready-made directory of aviation community partners for the alert system has been the biggest hurdle to adding TSA. A database of users that could be used for distribution lists was built, with USCG providing the technical expertise and TSA providing the data, starting with TSA personnel only. “All we needed is an e-mail or a cell number,” Kim said. “It was not a difficult job.”

In the second phase of operations, TSA hopes to be able to add aviation industry personnel to the directory of its system, but it will have to gather that data and create rules for vetting entries and for use of the system. “That was a little more than we bargained for,” Kim said of setting up that directory.

In the end, the system works for both agencies and is cost-efficient. “The bottom line in this budgetary environment is that these two agencies have created an optimized approach with reduced costs without sacrificing value,” Miasnik said.

NEXT STORY: A self-healing network and other new technology for government

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.