One of the great challenges is the rapid collection, processing, and dissemination of information. However, information security remains one of the biggest hurdles for effective information exchange. In this article, we will analyze the security issues and present innovative concepts towards a solution.

The success of homeland security missions is largely determined by better, faster, and effective information exchange. Networked IT systems have the power to make timely quality operations information available, which improves reactive coordination. This communications process based on an integrated, networked IT infrastructure includes several main on-going activities: information collection, information processing, and information dissemination.

The potential of wide-spread use of integrated networked IT infrastructure for homeland security is vast. There are many benefits, in particular faster, better information-sharing and decision-making. As a consequence, many efforts are currently undertaken to design and build the IT infrastructure required for IT communications for homeland security.

However, a number of challenges still need to be resolved to make this vision a reality. In particular, information security and information sharing is a major concern, because the success of the entire operation often depends on the availability, integrity, and confidentiality of the communications. Most involved agencies and institutions are very aware of the need for good communications and information sharing. However, due to the lack of appropriate and interoperable infrastructure, many organizations today still revert back to low-tech communications methods in crisis situations.

The complexity of IT security policy management is to a large extent due to the many different (also legacy) platforms and security technologies that need to be managed. This complex environment makes it hard to enforce and administer a uniform, coherent, organization-wide security policy across the many different systems used today by many agencies.

As a result, many insular security solutions are typically put in place and administered separately in incompatible ways by administrators who are only concerned with their part of the overall IT landscape. The result is often a mishmash of conflicting, redundant, and incoherent policies. Moreover, it is often unclear if and how the abstract organizational security policy has been enforced adequately by the infrastructure.

To solve this complex problem, we have developed OpenPMF, an innovative security policy management framework for distributed IT environments. OpenPMF makes security management in any large, complex, heterogeneous, networked IT environments more efficient and more accurate, and therefore less expensive. OpenPMF has been designed to secure the complex IT environments involved in homeland security coordination.