OSIC - A Cost-Sharing Approach to Open Source Information
description
Transcript of OSIC - A Cost-Sharing Approach to Open Source Information
OSIC - A Cost-Sharing Approach
toOpen Source Information
Presented by:Scott Mutton
PM – Security & Intelligencexwave
13 April 2004
Agenda
• Fly through basic concepts 2 min• The OSIC Solution 5 min• Functionality of an OSIC 15 min• Savings and Benefits 5 min• Costs and Risks 5 min
• Questions as time (Robert) permits
OSINF & OSINTBasic Concepts
• OSINF = Open Source Information• Information that can be legally and morally
obtained either freely or by paying a fee• Some question the “morally” caveat
• OSINT = Open Source Intelligence• OSINT = OSINF that has been analyzed,
categorized, filtered, or validated through some intelligence-driven process
Security Implications Basic Concepts
• By its nature, OSINF is “unclassified”• Sometimes, though, the fact that a particular
person/topic is even of interest is classified
• OSINT may be classified• depends on the nature of the analysis,
categorization, etc.
Some Sources of OSINF Basic Concepts
• Meetings and presentations• Places of worship
• Books & Plays• Can be fact or fiction
• Fiction can provide insight into culture
• Newspapers & periodicals• also flyers, brochures, etc.
• Movies• Radio & Television• Unclassified reports and studies• Internet
Brief History of Internet Info Basic Concepts
15 years ago Estimated to be 100-200 million articles of data on the Internet
5 years ago Web added 200-300 million articles
2003 Over 3 billion web pages
Over 400 million images
Estimate Volume of info on the Internet doubling every 12-18 months
The OSIC Solution• Establish an OSINF infrastructure which
• Greatly improves the ability of people to get info from the Internet• Provides tools to help them understand the info they’ve found
• Organizations in the S & I community• Share the OSINF infrastructure• Each do their own processing to generate OSINT
• xwave• Owns & operates the infrastructure• Negotiates collective data purchasing agreements• Conducts ongoing tool reviews and infrastructure improvements
Chain of OSINT ProcessesOSIC Solution
Feedback
Distribute
Publish
Analyze
Reformat (Optional)
Collate
Collect
Access
RFI Info
Mandatory
Helpful
Optional Researchers
Analysts
Note: The process likely becomes classified at the point RFI Info introduced
Librarians
A Shared OSINF InfrastructureOSIC Solution
Feedback
Distribute
Publish
Analyze
Reformat
Collate
Collect
Access
Feedback
Distribute
Publish
Analyze
Reformat
Feedback
Distribute
Publish
Analyze
Reformat
GenericFunctions
(Technology Infrastructure)
Organization Specific
Functions
Org A Org B Org C
Components of OSICFunctionality
• Federated Search• Focus on specific websites• Access to fee-for-data sites• Multi-lingual• Multi-media• Local OSINF repository• Data Mining• Collaboration
Federated Search Functionality
• A “federated search engine” is one that• Takes a single user-query• Passes it on to other independent search engines• Collects the returns from each search engine• Removes duplicates• Prioritizes the collection • Presents the user with a single return list
• The OSIC incorporates Copernic Empower• a commercial federated search engine that can fan out to over
1,000 different Internet search engines• Can also “log into” fee-for-service sites• Xerox’s “AskOnce” an alternative under consideration
Focus on WebsitesFunctionality
• May want to spider and index some sites directly, rather than relying on commercial search engines• May want to ignore Robot.txt file• May want to access sites not indexed by commercial engines• May want to Data Mine the info
• The OSIC uses Autonomy for indexing, data mining, and other advanced functionality
• May want to monitor certain sites/pages for changes• Empower or AskOnce
Fee-for-Data SitesFunctionality
• A great deal of good OSINF needs to be purchased• BBC World Monitoring (FBIS), Canadian Press, LexisNexis, etc.
• Significant economies of scale for bulk data• A quote from one data vendor
• 11-30 users costs “X” dollars• 31-300 users costs “2X” dollars• 15 users pay 5 times more per-user than 150 users
• Tools exist to allow seats to be “shared” for sites that require interactive access• For example, might share 5 seats across 150 users• Price per shared seat high, but much less than 30 normal seats• The OSIC looking at Tarantella tool to control use• A similar solution in use in Canada’s Foreign Affairs department
Multi-LingualFunctionality
• A tremendous amount of needed information not in English
• Need to be able to• Recognize the language used in a document• Be able to conduct “native searches”
• E.g. an Arabic query to get Arabic info
• Be able to conduct “cross-language” searches• E.g. an English query to get Arabic info
• Do “gist” translations from one language to another
Multi-MediaFunctionality
• There can be significant benefit in being able to apply automation to • Monitor radio or television broadcasts• Search stored audio/video files for content
• Voice-to-text transcription improving• A key factor is to be able to maintain link between text
and original audio/video
• Another situation where multi-lingual functionality needed
Local RepositoryFunctionality
• Unclassified OSINF/OSINT that is not posted to the Internet• Could be product created by OSIC users
• Some Internet docs may be of such lasting value that they’re worth saving
• Data mining tools can be readily applied
Data MiningFunctionality
• Tools exist to analyze volumes of numeric and text data and • Identify trends and clusters• Allow users to easily “walk through” the data
• A significant benefit to the OSIC is that currently such tools are expensive and technically challenging to set up
CollaborationFunctionality
• Simple file sharing• Organizations connecting to the OSIC add
UNCLASS product to local repository
• Connecting users with questions to users with answers
• Possibly some vehicle for chat• Likely security issues
Components of OSICFunctionality - Summary
Federated Search Empower, AskOnce
Focus on specific websites Empower, AskOnce, Autonomy
Access fee-for-data sites Empower, AskOnce, Tarantella
Multi-lingual Empower, AskOnce, Autonomy
Multi-media Autonomy
Local OSINF repository Simple files for now
Data Mining Autonomy
Collaboration Autonomy (partial)
Savings and Benefits
• Cost sharing across multiple user groups
• Savings through economies of scale
• Savings through shared access
• Ongoing evaluation and adoption of new technologies
• Sharing of knowledge
• Easily implemented
Cost SharingSavings and Benefits
• One set of HW and SW serves entire community• Users access through Web Browser
• Shared operations and maintenance• One set of HW/SW support agreements• One system administrator
• If scale/need dictates, may have more than one and provide 24/7 support
Economies of ScaleSavings and Benefits
• When purchasing data, size matters• A quote from one data vendor:
• 11-30 users costs “X” dollars• 31-300 users costs “2X” dollars• 15 users pay 5 times more per-user than 150
users
Shared AccessSavings and Benefits
• Some data vendors require individual licenses to log into their systems
• The OSIC can potentially arrange for shared licenses• Higher cost per license, but many fewer
licenses needed• Technology can enforce sharing limits, so
vendors confident not they’re being abused
Access to New TechnologiesSavings and Benefits
• OSIC has mandate to investigate new tools and technologies for• Search & retrieve• Data mining• Knowledge sharing
• If a tool is put into OSIC, can be immediately available to all
• May be some benefits to entire community using common toolset
Knowledge SharingSavings and Benefits
• If one individual finds a useful document or URL, can be made available to entire community
• If users wish, they can make available to others• Their specific queries• Their areas of interest
• If OSIC used to “contract out” unclassified research, then expertise of who to call for what is centralized
Ease of ImplementationSavings and Benefits
• Subscribers don’t have to deal with• Evaluations and processes associated with a
system purchase or development• Staffing to support• Licensing with SW or data vendors• Training preparation or delivery
• Service can be available within days of signing up for subscription
Costs and Risks
• Operating model
• Different organizations have different requirements
• Security concerns
Operating ModelCosts and Risks
• The OSIC, as a contractor-owned user-subscription model, has some difficulties• Affordable fees depend on significant community participation
• 50-100 users likely a viable starting number• Subscription could be per-seat or per-organization• Problem: A number of orgs want to wait until “others go first”
• Problem: This is a model new to Canadian Federal contracting processes
• A government owned & operated model also has difficulties• Arriving at a fair way to distribute costs can be a problem
• Particularly if different organizations have very different data acquisition or system utilization needs
• The contracting process to establish such a capability very long
Organization RequirementsCosts and Risks
• There may be issues if parts of the community have substantially different needs for such things as• Security• 24/7
• Solutions almost certainly exist, but how would they be cost-shared?
Security ConcernsCosts and Risks
• Internet-based OSINT requires connectivity• Some agencies air-gap
• May leave “footprints”• All collection methods have a comparable problem
• Some believe their work so super-secret that the merest hint of my interests is classified • In many cases, this is an exaggeration