[iwar] [fc:Air.security.may.require.IT.overhaul]

From: Fred Cohen (fc@all.net)
Date: 2001-10-22 21:52:22


Return-Path: <sentto-279987-3277-1003812723-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Mon, 22 Oct 2001 21:53:13 -0700 (PDT)
Received: (qmail 28665 invoked by uid 510); 23 Oct 2001 04:51:33 -0000
Received: from n29.groups.yahoo.com (216.115.96.79) by 204.181.12.215 with SMTP; 23 Oct 2001 04:51:33 -0000
X-eGroups-Return: sentto-279987-3277-1003812723-fc=all.net@returns.onelist.com
Received: from [10.1.4.52] by n29.groups.yahoo.com with NNFMP; 23 Oct 2001 04:52:03 -0000
X-Sender: fc@red.all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-8_0_0_1); 23 Oct 2001 04:52:03 -0000
Received: (qmail 27999 invoked from network); 23 Oct 2001 04:52:03 -0000
Received: from unknown (10.1.10.26) by m8.onelist.org with QMQP; 23 Oct 2001 04:52:03 -0000
Received: from unknown (HELO red.all.net) (65.0.156.78) by mta1 with SMTP; 23 Oct 2001 04:52:03 -0000
Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id f9N4qMw14454 for iwar@onelist.com; Mon, 22 Oct 2001 21:52:22 -0700
Message-Id: <200110230452.f9N4qMw14454@red.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL3]
From: Fred Cohen <fc@all.net>
X-Yahoo-Profile: fcallnet
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Mon, 22 Oct 2001 21:52:22 -0700 (PDT)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] [fc:Air.security.may.require.IT.overhaul]
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Air security may require IT overhaul: Mainframe systems would struggle
to perform functions feds are considering

By Jennifer Disabatino, ComputerWorld, 10/22/2001
<a href="http://www.computerworld.com/storyba/0,4125,NAV47_STO64966,00.html">http://www.computerworld.com/storyba/0,4125,NAV47_STO64966,00.html>

The U.S. Department of Transportation is considering recommendations
that could impact performance of the industry's aging mainframe systems
and require a costly overhaul. 
Some of the DOT's recommendations call for the airlines' IT systems to
perform event-based functions, like red-flagging a suspected terrorist's
name in a reservation system. While functions like that are relatively
simple procedures in a relational database, the databases used by
existing airline reservation systems can't perform them. And adding the
capability to screen passenger names could cause bottlenecks that would
bring the airlines' networks almost to a halt, according to industry
experts. 
American Airlines Inc., Delta Air Lines Inc., United Air Lines Inc.,
Southwest Airlines Co. and Northwest Airlines Inc. all declined to
comment for this story, saying only that they wouldn't publicly discuss
anything related to security. 
Secretary of Transportation Norman Mineta's Rapid Response Team on
Airport Security issued a report Oct. 1 that recommended, among other
measures, a nationwide program of voluntary prescreening of passengers. 
The problem is that mainframe-based reservation systems were "never
designed to respond to high-speed automated relational queries driven by
hundreds of millions of users," said Richard Eastman, president of The
Eastman Group Inc. in Newport Beach, Calif., in a soon-to-be published
report. 
Forty years ago, IBM developed the transactional reservation databases
that most airlines still use. This mainframe system is based on
Transaction Processing Facility, which constitutes the technology
underlying all in-house reservation systems as well as the global
distribution systems (GDS), like Sabre Holdings Corp. in Fort Worth,
Texas. 
The GDSes give travel agents and Internet sites a single point of
contact to search for airfares. Many airlines also outsource their
reservation systems to GDSes. 
Sabre has begun a process to move its reservation system off TPF and
onto Himalaya NonStop servers from Compaq Computer Corp. But that
process is expected to take four years (see story). 
Even implementing these security measures as an intermediate step toward
a complete overhaul would be a long and costly undertaking. 
"Whenever you make even the smallest changes in Sabre or any TPF
environment, it takes an unbelievably long time to do it - time and
resources," said Tom Cook, former president of Sabre Technology
Solutions. That company became Sabre Holdings in 1999, when Fort
Worth-based AMR Corp., the parent company of American Airlines, divested
itself of its interest in Sabre. Cook now heads Replane Inc. in Chicago. 
"The code is old and structured," Cook said. "Making changes in the TPF
environment is orders of magnitude more difficult than it is in a modern
environment." 
Even the company that developed the reservation systems in the late
1950s and early 1960s acknowledges that security queries are going to
cause performance problems. 
"That could be true," said Michael Hulley, vice president of the Global
Travel and Transportation Industry unit at IBM, referring to the
possibility of performance problems. "The reservation system is meant
for doing mostly one thing: acting at a very secure high speed with high
availability. It is not looking for triggers," like a terrorist's name
in the passenger list for a flight, he said. 
To screen passenger names, the airlines could add another processing
unit to run checks without sending the name through TPF, said Hulley.
The reservation system could send passenger names to the old system, as
well as to the new unit, working around the old TPF's inability to do
queries. Programs that scan passenger profiles, not just names, could
run in the second processor, Hulley said. 
He said other types of security could also be run in tandem with TPF. "I
would think that adding biometric capacity to that database, that would
be done externally," Hulley said. 
No Recognition 
The problem with that, said Eastman, is that the government and the
airline industry don't recognize the differences in each other's
systems. They just think they can write some code and make it work, he
said. 
"They don't know what they're doing yet," he said. 
However, Hulley noted, before the technological problems can be solved,
the airlines and various local, state, federal and even international
government agencies must first resolve the privacy and ownership issues
associated with uniform information sharing. 
The Federal Aviation Administration (FAA), which is under the DOT's
authority, declined to comment on when or even whether the new security
guidelines will be imposed. 
"We want to get this stuff going as soon as possible," said FAA
spokesman Paul Takemoto. When asked if the government would help fund
the implementation of computer-based screening, he said, "That all has
to be worked out."

------------------------ Yahoo! Groups Sponsor ---------------------~-->
Get your FREE VeriSign guide to security solutions for your web site: encrypting transactions, securing intranets, and more!
http://us.click.yahoo.com/UnN2wB/m5_CAA/yigFAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 



This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:56 PST