Monday, June 30, 2014

Storage security “Marked ghost imaging” offers enhanced security for data storage, transmission

Published 25 June 2014
"Ghost imaging” sounds like the spooky stuff of frivolous fiction, but it is an established technique for reconstructing hi-res images of objects partly obscured by clouds or smoke. Now researchers are applying the same idea in reverse to securing stored or shared electronic data. Their work establishes “marked ghost imaging” technology as a new type of multi-layer verification protocol for data storage or transmission.
Ghost imaging” sounds like the spooky stuff of frivolous fiction, but it is an established technique for reconstructing hi-res images of objects partly obscured by clouds or smoke. Now a group of researchers at the National University of Singapore (NUS) is applying the same idea in reverse to securing stored or shared electronic data.
Described in the journal Applied Physics Letters, from AIP Publishing, the work establishes “marked ghost imaging” technology as a new type of multi-layer verification protocol for data storage or transmission.
An AIP release reports that by “ghosting up” data, the scientists can hide the contents of electronic communications from hackers, deconstructing it into multiple foggy files that make no sense on their own and can only be reconstructed by someone who has the right decoder key (technically called a “reference intensity sequence”).
The sender can send out a huge number of different reference intensity sequences — only one is authentic, and others are counterfeit — for confusing the attackers,” said Wen Chen, an NUS professor who led the work with co-author Xudong Chen.
This novel method based on ghost imaging can dramatically enhance system security, and it may be straightforward to apply it to other optical security systems,” Chen added.
How the technology works
Information security has become one of the most important social and academic topics in recent years as massive increases in data storage have coincided with rapidly developing modern technologies for accessing that data virtually anywhere. Imaging technology has attracted more and more attention in computer security circles because of its promise to enhance the security of data storage or transmission, which is what led Chen and colleagues to develop their marked ghost imaging technology based on traditional optical ghost imaging.
Traditional ghost imaging uses digital cameras to detect light bouncing directly off of an object as well as light that does not directly bounce from the object to the detector. It allows solid images of objects to be reconstructed by shining light into a beamsplitter and separating it into two correlated beams — one directed at the object and the other, reference arm directed at the camera lens. When these two beams are correlated, they create a silhouette image of the object.
Chen and colleagues report that they can do the same thing either virtually, using software, or physically, by altering the optics of the data transmission. Their technology allows them to create highly-sparse reference intensity patterns that act as security keys and lowly-sparse intensity patterns of the object as ciphertexts, the information being decoded. To decode object data, the reference-arm patterns are then processed to “rebuild” one new reference intensity sequence. This is crucial because requiring only one rebuilt intensity sequence doesn’t increase the system’s complexity, while allowing multiple marks (the keys) to be hidden.
Future research includes analysis of the upper limit of keys that can be embedded without increasing the system’s complexity and developing greater robustness of the system against attacks.
— Read more in  Wen Chen and Xudong Chen, “Marked ghost imaging,”Applied Physics Letters 104, 251109 (2014) (doi:org/10.1063/1.4879843)
http://www.homelandsecuritynewswire.com/

Cybersecurity Research identifies Android security weaknesses caused by performance design

Published 25 June 2014
Researchers have identified a weakness in one of Android’s security features. Their research, titled Abusing Performance Optimization Weaknesses to Bypass ASLR, identifies an Android performance feature that weakens a software protection called Address Space Layout Randomization (ASLR), leaving software components vulnerable to attacks that bypass the protection. The work is aimed at helping security practitioners identify and understand the future direction of such attacks.
Georgia Tech researchers have identified a weakness in one of Android’s security features and will present their work at Black Hat USA 2014, which will be held 6-7 August in Las Vegas.
The research, titled Abusing Performance Optimization Weaknesses to Bypass ASLR, identifies an Android performance feature that weakens a software protection called Address Space Layout Randomization (ASLR), leaving software components vulnerable to attacks that bypass the protection. The work is aimed at helping security practitioners identify and understand the future direction of such attacks.
A Georgia Tech release reports that the work was conducted at the Georgia Tech Information Security Center (GTISC) by Ph.D. students Byoungyoung Lee and Yeongjin Jang and research scientist Tielei Wang, and reveals that the introduction of performance optimization features can inadvertently harm the security guarantees of an otherwise vetted system. In addition to describing how vulnerabilities originate from such designs, they demonstrate real attacks that exploit them.
“To optimize object tracking for some programming languages, interpreters for the languages may leak address information,” said Byongyoung Lee, lead researcher for the effort. “As a concrete example, we’ll demonstrate how address information can be leaked in the Safari Web browser by simply running some JavaScript.”
Bypassing ASLR using hash table leaks was previously believed to be obsolete due to its complexity. By exhaustively investigating various language implementations and presenting concrete attacks, the research aims to show that the concern is still valid.
“As part of our talk, we’ll present an analysis of the Android Zygote process creation model,” Lee said. “The results show that Zygote weakens ASLR as all applications are created with largely identical memory layouts. To highlight the issue, we’ll show two different ASLR bypass attacks using real applications – Google Chrome and VLC Media Player.”
The Black Hat Briefings were created about sixteen years ago to provide computer security professionals a place to learn the very latest in information security risks, research and trends. Presented by the brightest in the industry, the briefings cover everything from critical information infrastructure to widely used enterprise computer systems to the latest InfoSec research and development. These briefings are vendor-neutral, allowing the presenters to speak candidly about the real problems and potential solutions across both the public and private sectors.
http://www.homelandsecuritynewswire.com/

Information security DHS receives top FISMA score for the second year in a row

Published 26 June 2014
DHS has received the top score in the annual Federal Information Security Management Act (FISMA), making it the only agency to achieve a score of ninety-nine two years in a row. The act, passed in 2002, requires the Office of Management and Budget to report on federal agencies’ implementation of set processes designed to secure federal ITinfrastructures.Analysts credit the achievement to DHS’ Office of Inspector General’s (OIG) push for continuous monitoring ofIT systems and standards. The OIG uses commercial vulnerability scanning tools and open source management software to form a system that routinely scans the agency’s networks for compliance with FISMA metrics.
DHS has received the top score in the annual Federal Information Security Management Act(FISMA), making it the only agency to achieve a score of ninety-nine two years in a row. The act, passed in 2002, requires the Office of Management and Budgetto report on federal agencies’ implementation of set processes designed to secure federal IT infrastructures. Analysts credit the achievement to DHS’ Office of Inspector General’s (OIG) push for continuous monitoring of IT systems and standards. The OIG uses commercial vulnerability scanning tools and open source management software to form a system that routinely scans the agency’s networks for compliance with FISMA metrics.
Our process was one of making security a part of the operational unit,” and not just an IT function, said Jaime Vargas, the OIG’s chief information security officer. Being aware of system vulnerabilities on a consistent basis means appropriate personnel can be held accountable for results. “We can ask very pointed questions. We are telling them not only that something is broken, but what is broken.”
Vargas points out that the high marks for FISMA compliance does not always translate to a secure network, but the new scanning system is helping his office shift from a process-driven to a result-driven program that provides greater visibility in the agency’s systems. “I think we are moving in the right direction.”
GCNreportsthat the OIG performs department-wide evaluations on FISMAcompliance but each operational unit of DHS including the OIG, manages its own IT systems and is responsible for its own security. That adds pressure on the OIG, Vargas said. “One of the challenges the IG has is that we don’t set our own policies, we follow the policies of the department at large,” he said. “At the same time, we are expected to set an example in order to be credible.”
To maintain top security measures in a time of budget austerity, OIG relies on products already available to the office such as the Nessus vulnerability scanner from Tenable Network Securityand Microsoft’s Active Directorytools, in conjunction with open source tools. Active Directory is synchronized with the office’s accounting system to track IT assets that have been bought. With a baseline inventory, compliance policies were developed for each IT device. Open source tools were also developed to customize the scanning process. There was some resistance to using open source tools but they are cheap and available. “Nothing is perfect,” Vargas said. “But when you get some code and some smart people working on it, they can actually leverage it and get something that works.”
With its current system, the OIG is able to scan 90 percent of its ITinfrastructure every week, but whether compliance equals security, Vargas believes that compliance improves transparency which improves security. “Whether the metrics address security is outside my purview,” he said. “That is decided by the administration and department policy. But this allows us to know what should be on the network, what should not be on the network, what is normal and what is not.
http://www.homelandsecuritynewswire.com/

06/30/2014 The newly installed director of the National Security Agency says..

By Mark Tarallo

The newly installed director of the National Security Agency says that while he has seen some terrorist groups alter their communications to avoid surveillance techniques revealed by Edward Snowden, the overall damage done by a year of Snowden’s revelations does not lead him to the conclusion that “the sky is falling.” In an interview with the New York Times, Adm. Michael Rogers, who has overseen the agency for almost three months, described the series of steps he was taking to ensure that no one could download the trove of data that Mr. Snowden gathered—more than a million documents. But Rogers cautioned that there was no perfect protection against a dedicated insider with access to the agency’s networks. “Am I ever going to sit here and say as the director that with 100 percent certainty no one can compromise our systems from the inside?” Rogers said. “Nope. Because I don’t believe that in the long run.”
www.securitymanagement.com 

06/27/2014 Congress Questions DHS on Minors Illegally Crossing Mexican Border into U.S.

By Megan Gates

Congress grilled the Department of Homeland Security this week in a series of hearings on the problem of thousands of unaccompanied minors illegally crossing the Mexican border into the United States.
The first hearing was held Tuesday in front of the House Homeland Security Committee and Secretary Jeh Johnson testified on the work that DHS is doing to handle the situation. Following his appearance on Capitol Hill, the House Judiciary Committee hosted a hearing of its own Wednesday and further scrutinized the department’s actions.
“There is a tsunami hitting our nation’s southern border—unaccompanied alien minors and adults traveling with minors are arriving in unprecedented numbers,” Chairman Rep. Bob Goodlatte (R-VA) said in his opening statement. “Central American minors, largely teenagers, are making a perilous journey through Mexico and then walking miles across a hostile border environment, assisted by smugglers, and coming to the United States in violation of the law.”
The Problem
According to estimates, the Department of Homeland Security (DHS) expects to apprehend more than 90,000 unaccompanied minors on the border this year. This estimate would equal a 1,381 percent increase in apprehensions since 2011. There has also been a drastic increase in the number of adults apprehended with minors attempting to cross the border. According to DHS estimates, there has been a 143 percent increase in families apprehended at the border since 2012.
Many of them are walking part of the way to the border and then catching trains through Mexico or purchasing bus tickets to the border. Others are relying on smugglers to transport them to the border. Of the minors crossing the border, 80 percent of them are boys and 83 percent of them are older than 14 years old. They’re mainly coming from El Salvador, Guatemala, and Honduras, all of which have a history of violence and poverty.
Ranking committee member Rep. John Conyers, Jr., (D-MI) reiterated this in his statement at the hearing. “Each of these countries, the level of violence is sky high and the ability of the government to protect its most vulnerable citizens is low,” he explained. “Honduras has the highest murder rate in the world and El Salvador and Guatemala are close behind.”
These countries are also ripe with corruption and gang violence, which news reports suggest are now targeting youth in an effort to recruit more members or persuade the general public into supporting their efforts. Oftentimes, law enforcement also plays a role in the violence within these nations, as earlier in June the former head of Guatemala’s national police was found guilty of murdering seven people and sentenced to life in prison.
All of the individuals testifying at the hearing acknowledged that violence is one of the reasons that thousands of people are attempting to cross the border illegally. Other reasons included the lack of economic opportunity in their home countries, the desire to reunite with family members in the United States, and the belief that if they crossed the border and turned themselves over to U.S. Border Patrol, they would be allowed to stay.
Chris Crane, president of the National Immigration and Customs Enforcement Council 118, testified at the hearing and said that confusion over U.S. policies on immigration and lack of reform are contributing to the problem.
“Continued talk in the United States of amnesty and legalization without appropriate law enforcement safeguards first put in place will continue to draw millions like a magnet to our southern border,” he said. “The most humane thing that we can do as Americans is to deter crisis like this one through consistent enforcement of our nation’s immigration laws.”
One of the main components under fire at the hearing was the coined “Catch and Release Program,” which is federal law and requires minors to be detained by Border Patrol, processed by the U.S. Department of Health and Human Services (HHS), and then placed with a family member or a close family friend who will care for the child. While in the family’s care, the child is required to go through a court process for deportation and can be deported from the United States, as can the family members if they are also in the country illegally. This process, however, is not swift and it can take years for minors to face even their first court proceeding that will determine their fate.
Brandon Judd, president of the American Federation of Government Employees National Border Patrol Council, said this aspect of the law—putting minors in care of their families—encourages people from countries other than Mexico to enter the United States illegally.
“Under this policy, and in most cases, individuals entering the United States illegally know they will be released if apprehended,” he explained. “The result is no one is afraid of breaking the law…although unaccompanied minors are still subject to deportation through the removal process, we have to be honest with ourselves. Most will never honor the notice to appear in court and face deportation. They simply fail to appear and blend into the community.”
Handling the Situation
Instead of releasing minors into family care, Judd argued that Border Patrol should detain them until they have gone through the court process for deportation. “We know from experience that the chance of minors being deported after they’ve failed to appear in court is small, once they’ve been released into the community,” he said. “We need to follow through enforcing the laws of this nation, so that breaking the law carries consequences.”
These consequences might also stem the flow of migrants who are coming to the United States through smugglers who charge individuals, or families, sometimes thousands of dollars to transport them to the border. The smugglers often have ties to cartels in the region and when they bring individuals to the border, they tell them to enter between the ports of entry in the Rio Grande Valley. This results in confusion and additional stress for Border Patrol agents who are often pulled off their normal duties to handle the influx of migrants attempting to cross the border in remote locations.
To attempt to handle the situation on the ground, Deputy Chief of Border Patrol Ronald Vitiello of Customs and Border Protection says the agency has worked with other agencies, such as Immigration and Customs Enforcement (ICE), FEMA, and HHS. Efforts have included increasing the transportation for migrants and increasing detention capacity through the opening of shelters at military bases in various parts of the country.
DHS is also adding detention capacity for adults who cross the border illegally with their children in the Rio Grande Valley. It’s currently in the process of establishing a 700-bed facility at the Federal Law Enforcement Training Center’s campus in Artesia, New Mexico. This will improve on the existing facility, which was filled to capacity with only 90 beds for families. DHS is looking into adding additional facilities to help handle the influx and expedite the removal of the increasing number of adults with children illegally crossing the border.
Additionally, DHS and HHS are working to make sure all detainees are given a public health screening when they arrive at facilities to screen for any symptoms of contagious diseases or other possible public health concerns. So far, there has only been one confirmed case of H1N1, also known as swine flu, and vaccines were sent to the appropriate facility to ensure that it did not spread.
Committee members also raised concerns during the hearing about the issue of minors and trafficking as the U.S. government’s ability to verify who minors are is limited. Oftentimes, Vitiello said that agents have to rely on what the children tell them their names are and who their family member is in the United States that they want to be reunited with as minors usually do not have any documentation to verify their identity. Once Border Patrol has interviewed the minor, HHS conducts a background check on the family member they’re asking to be placed with. However, it’s not always possible to verify if the individuals are related.
Border patrol agents are also limited when they first engage minors as they cannot collect finger prints from them unless they are 14 or older. Only later are minors assigned an A number, or alien number, that’s used to track their process through the system. This process raised criticism from some members of the committee who were concerned that children would slip through the cracks of the system and the government would have no way to track them down later.
Stemming the FlowAlong with its efforts to expedite the process and increase resources available to help with the illegal crossing, the U.S. government is working to address the root cause of why people are traveling to the country in record numbers. DHS has been in contact with senior government officials of Guatemala, El Salvador, Honduras, and Mexico to assess how the countries can work together to stop the mass exodus.
Vice President Joseph Biden has also announced that the United States will be providing a new range of assistance to Central America. The U.S. is planning to pledge $9.6 million in additional funding for Central American governments to receive and reintegrate their repatriated citizens, a $40 million U.S. Agency for International Development program in Guatemala over five years to improve citizen security, and $161.5 million to the Central American Regional Security Initiative to help countries respond to the region’s most pressing security and governance challenges.
While the federal government works with other regional governments, DHS and the Department of Justice (DOJ) are working together to increase investigation, prosecution, and dismantling of smuggling organizations that are facilitating border crossings into the Rio Grande Valley. In his statement, Vitiello said that increased efforts in a month-long, targeted enforcement operation that focused on the southwest border resulted in 163 arrests of smugglers with operations in El Paso, Houston, Phoenix, San Antonio, and San Diego.
DHS plans to continue this focus on taking down smuggling operations as they “not only facilitate illegal migration across our border, they traumatize and exploit the children who are objects of their smuggling operation,” Vitiello said in his statement.
DHS is also stepping up its public affairs campaigns in Spanish with radio, print, and TV spots to communicate the dangers of sending unaccompanied children to the United States. As part of the campaign, Secretary Johnson penned a letter to parents in Central America that was released to newspapers and other outlets, telling them that if they send their children to America, there is no free pass and their children will not be allowed to stay.
No hearings are scheduled on the border security situation for next week as Congress is not in session. However, the House Judiciary Committee is planning a trip to the Rio Grande Valley region to further assess the situation.
www.securitymanagement.com 

Homeland Security and Public Safety Should States Take the Lead on Implementing Alert Systems?

Some states are implementing statewide systems while others are giving localities the lead and providing oversight and support.

Lightning
As technology becomes cheaper, more sophisticated and easier to use, states have more options available to improve their public warning capabilities and integration with FEMA’s Integrated Public Alert and Warning System(IPAWS). Some states are choosing to implement statewide systems while others are giving localities the lead and providing statewide oversight and support.

Iowa is one state that is pushing for a statewide alert system. The state previously left the deployment of alert systems to each county. But based on the results of a survey it conducted — which found that just 53 of the state’s 99 counties had a public alert system and that those counties were spending about $600,000 a year on those systems — the state decided to investigate other approaches. In January 2013, the Iowa Homeland Security and Emergency Management Department (HSEMD) issued an RFI to investigate the feasibility of developing a statewide alert system. 

“We asked vendors what a statewide alert system might look like and cost,” said John Benson, spokesperson for the Iowa HSEMD. “Based on the responses, we recognized that if we did it right, we’d be able to provide statewide coverage for less than what those 53 counties were paying.” He said it would be a cost savings for those who were already paying and provide a new tool to the 46 counties that didn’t have a system. 

Soon after, legislation was introduced supporting the implementation of a statewide system and requesting funds to support it. The request for funding was secured through the General Assembly this year. The Iowa HSEMD then issued an RFP, which was under review at press time. Once a vendor is selected, plans were to begin implementation July 1.

Benson said Iowa’s new alert system likely won’t be used on a statewide level, but decisions to alert residents would be made by local law enforcement and emergency management agencies. 

“It’s basically a statewide system that retains its local control. It will be a statewide system, but the state will probably be the most limited user of it,” Benson said. “Our goal is to give local folks a tool to use and they would determine how and when to use it to send an alert for whatever emergency situations they have.”

The new system, which will be a Web-based SaaS application, will provide users a single Web page on which they can quickly compose a message and determine how they would like it delivered (text, email, voice mail, etc.). The system will also integrate with IPAWS and will include a special-needs advisory so someone with a mobility impairment can easily alert first responders of the need for assistance.

Local Control


Minnesota is taking a slightly different approach to its emergency alert system plans. Rather than implement a statewide system, the Minnesota Homeland Security and Emergency Management (HSEM) agency has asked counties to implement their own IPAWS compatible systems and is providing oversight and guidance from a statewide level. 

“In 2010 we looked at doing a statewide system — what it would cost, what each county would gain from it, and where the funding would come from,” said John Dooley, communications and warning officer of Minnesota HSEM. “Third-party software just wasn’t sophisticated or available enough yet for us to pursue a statewide system.”

Minnesota HSEM then conducted a survey of public safety answering points (PSAPs) and decided to leave it up to the counties to determine and implement alert systems that would integrate with IPAWS (access to IPAWS is free; however, to send a message using IPAWS, an organization must procure its own software that’s compatible with the system).

“We thought, because pretty much all disasters are local, we wanted to keep the concept of operation local as well,” Dooley said. 

At the same time, Minnesota HSEM  formed a statewide IPAWS committee. The committee provides the counties with guidance, best practices, and education on IPAWS and how to use it. 

“From our surveys, we found the PSAPs really wanted their alert systems to be simple, because when they get a call in and they are dealing with a disaster where they have to alert the public, there is already a flurry of things going on,” said Dooley. “They wanted to be able to choose a system they were comfortable with, and we felt allowing them to make that decision and providing oversight and support from a statewide level would put us miles ahead.”

Seven out of Minnesota’s 87 counties are active on IPAWS, and several others are in the process of securing software and working with FEMA to complete a memorandum of agreement.


Mix and Match in Ohio


In Ohio, local governments have the option of using parts of the statewide system to address their alerting needs. Michael Swaney, communications infrastructure specialist for the Ohio Department of Public Safety, said Amber Alert origination capability and the availability of equipment gave the Ohio State Emergency Communication Committee a means to specify how to do a system at the county level with state government oversight. Swaney said most of Ohio’s equipment was replaced in 2003 when the Emergency Alert System (EAS) replaced the previous Emergency Broadcast System. Today, local governments can use parts of the statewide system as they see fit.

In Texas, the Department of Public Safety (DPS) deployed a major upgrade to the Texas Emergency Alert System statewide this May. The new system will serve as the core of the state’s public alert and warning system, simultaneously activating the state EAS relay to radio, TV and cable systems across the state. The new system will be the state’s primary interface with the IPAWS network, giving the department synchronized access to EAS and enabling IPAWS to generate wireless emergency alerts to the cellphone systems. 

In Texas, the size and geographic diversity of the state pose numerous hurdles to conventional EAS capabilities. The upgraded system addresses these challenges by allowing Department of Public Safety officials to create and issue alerts to both the existing EAS system and the IPAWS system. The system will allow Texas DPS to send statewide alerts or target the messages to any number of the state’s 254 counties. 

“By replacing its older equipment … Texas now has a more robust, efficient and reliable way to spread lifesaving warnings to its citizens about emergencies via all modes of digital technology,” said Edward Czarnecki, senior director of strategic development and global government affairs for Monroe Electronics, which provided the system. 

Czarnecki added that because Texas DPS chose a standards-based approach, the system also sets the foundation for interoperability with future systems the department may consider.


Technology Tools


Benson said the technology has advanced by leaps in recent months, increasing its viability as a lifesaver. 

“When you look back over the last 18 months, you can see a huge evolution in technology in terms of how it can be employed for mass notification and emergency alerts,” Benson said. “With that has come recognition that this is something as emergency managers we really need to be leveraging.”

Benson added that the system Iowa plans to deploy can also be used to more effectively manage and alert first responders. It can generate lists and first responders can designate which number should be called to summon them immediately in an emergency.

“You can set up a call list for a specific group of first responders so you can reach out and touch them all very quickly instead of doing the old call tree method,” explained Benson. “It’s another way to marshal your response force more effectively because it doesn’t require human intervention.”

Overall, Benson believes more states will choose to deploy statewide alert systems in the future. 

“We are starting to see a lot of states lean this direction,” he said. “With a statewide system, you have unified technology being utilized across the state, and that’s always good in terms of being able to back people up. But there is also the cost that goes along with that, because generally the more you buy, the cheaper it gets. So when you talk about covering an entire state, a lot of times the cost savings really get your attention.”

Several states are pressing forward with other types of early warning systems as well. For example, California is working on a statewide earthquake early warning system, though there is debate about how the system should operate and whether it will be strictly free or whether a more advanced, paid system will be incorporated.
Justine Brown  |  Contributing Writer
Justine Brown is a veteran journalist who specializes in technology and education. Email her at justinebrown@comcast.netwww.emergencymanagement.com.

Training & Education Technology Plays an Increasing Role in Emergency Management

Microsoft Disaster Response’s chief technology officer discusses the use of tech in emergency response.

San Antonio and Bexar County, Texas, EOC
Technology is at the heart of many emergency operations centers. In this image, the San Antonio and Bexar County, Texas, EOC bustles with activity in anticipation of Hurricane Ike in September 2008. Jocelyn Augustino/FEMA
Technology is beginning to dominate many aspects of the emergency management profession. This is particularly evident during disaster response. Today we have a number of large technology companies that offer their software or services for larger scale disasters. Chief technology officer for Microsoft Disaster Response, Tony Surma, answered questions about technology’s use in emergency management.
 
Surma is responsible for the worldwide team and program at Microsoft focused on delivering technologies and technical assistance to communities, responders and customers both in response to natural disasters and in support of proactive resiliency efforts. He has been a part of the Microsoft Disaster Response team from the start — first as a volunteer global coordinator for solutions builds and deployments in time of disaster response and, more recently, as the lead for the program. Between response efforts, his focus is on building proactive partnerships and cross-organization initiatives, such as Humanitarian Toolbox, to operationalize innovations for use during response and leverage trends in technology and solution development to the benefit of response organizations and community readiness.

Surma answered the following questions in writing.

Where do you see technology being used today to advance the different missions of the emergency management community?
Tony+SurmaThe role of technology in emergency management is to connect, inform and ultimately save the lives of those impacted by disasters. Technology restores connectivity to impacted areas so that governments can communicate with citizens and people can find their loved ones. Technology enables responders to coordinate rescue missions and work efficiently from the minute they arrive in a disaster zone, and helps businesses recover so communities can begin to rebuild faster. Lastly, after and in between incidents, technology helps us analyze, track and study natural disasters so that we can always be learning and developing better solutions — and prepare to save more lives. 

How is the cloud impacting emergency management?

The cloud has been transformational for preparation and management of disaster responses. Disasters can knock out or overload local infrastructure, making access to data and communication systems nearly impossible. The cloud works around this challenge because data is stored and kept accessible far from the disaster zone. The cloud can also be quickly scaled depending on traffic and volume, so local agencies’ online presence after a disaster is secure from outages. For example, we help nonprofits and local agencies use the Microsoft cloud, Azure, with our ReadyReach portal solution, which allows sharing logistics quickly and broadcasting information to citizens, as well as informing those outside the disaster zone about ways they can help. 

How is Microsoft trying to be proactive versus reactive when it comes to disasters?

The way we respond after a natural disaster is crucial, whether within the first few minutes or the months of rebuilding that follow. However, Microsoft Disaster Response emphasizes that the best disaster response begins before a disaster happens. As part of disaster preparedness, we are always learning from past experiences, building on solutions that worked and growing our network of partnerships so that all of these give responders what they need when disasters happen.

There is the concept of What’s In My Back Yard (WIMBY)? Explain that concept and how it works with disasters and emergency management.

Rather than viewing disaster response as everyone trying to individually have 100 percent of what they need ready to go for themselves, we should think of WIMBY as preparation built from neighbors helping neighbors, sharing resources and being empowered to be first responders for each other. Emphasizing community is a key way to scale disaster response and preparedness to a backyard level, and communities should work together with emergency managers to jointly build resiliency before disaster strikes. 

What solutions are out there today to obtain information faster and distribute it to the correct people and organizations at the right point in time?
This reminds me of a really powerful statement made by the Red Cross in its World Disasters Report: When disaster strikes, access to information is “just as important as food and water” and is an increasing critical need. 

The best examples of Microsoft getting solutions out there to fulfill critical needs are the times we have partnered with others to bring a solution that directly addresses the challenge. Let me give you a few examples: Microsoft was one of the partnering entities with the government of Luxembourg to developemergency.lu, a satellite that can be rapidly deployed to a disaster zone within hours in order to bring high-quality Internet connectivity and low-bandwidth versions of Skype and Lync to areas where regular Internet connections have been downed. This satellite has been used successfully during Typhoon Haiyan, as well as by the World Food Programme in humanitarian situations such as the food crises in Sudan and Mali.

We were also involved with the deployment of another innovative connectivity solution during Typhoon Haiyan: TV White Space. We partnered with the Philippines government to leverage unused television channels, known as TV White Space, to enable connectivity in areas that lost Internet. Using TV White Space, Microsoft was able to provide Skype capabilities to the government and nongovernment agencies coordinating relief efforts, and citizens impacted by the Typhoon were able to use TV White Space Skype access to reunite with loved ones. 

What role do you see big data playing in the future in regard to emergencies and disasters?

As greater volumes of data are generated and gathered during disaster response efforts, there is greater opportunity for research, analysis and visionary ways to build upon key lessons learned. As we are increasingly able to collect and extract more detailed assessments, we can proactively act before the next disaster. Working with our industry partners to build effective and collaborative ways to mine data, including social media, both during disasters and afterward is an important focus for us. 

There are silos of data that are not being shared across the disaster enterprise today, because the right hand doesn’t know what the left is doing in trying to help. What solutions do you see out there now that can help?

To us, it’s about asking, “What role can technology play in improving logistics?” not asking “What role can Microsoft play?” When it comes to logistics, there needs to be a free flow of data during disaster response so that all people can access the information and play a part. We are talking about reconnecting loved ones, getting clean water where it needs to be, directing people to safety, and other tasks that transcend ownership. This is not an area to be competitive or closed to other organizations and businesses, which is why all of Microsoft’s efforts involve building partnerships and sharing data, infrastructure and resources. 

What is the future for information management during disaster response?

With the progressive, real-time open sharing of data during disasters, we expect to see a shift and rewiring of how disaster response is managed. Today we have phone calls, situation reports that come a day later, and a variety of data sources we rely upon to make critical decisions. An analogy I often use is the stock market. Think about an old-world model where you found out a stock’s price a day later in the newspaper compared to today’s integrated, immediate access that delivers the data needed to make important decisions nearly simultaneously to all involved. I see the future of disaster response similarly, that there will be a transformation in the way agencies exchange critical data in an open and real-time manner and make it available to people whose livelihood — and lives — rely upon it. 
 
Eric Holdeman  |  Contributing Writer
Eric Holdeman is a contributing writer for Emergency Management and is the former director of the King County, Wash., Office of Emergency Management.
He can be reached by emailTwitter and Google
+

Thursday, June 26, 2014

The Future of U.S.-China Relations-U.S Department of State

The Future of U.S.-China Relations


Testimony
Daniel R. Russel
Assistant Secretary, Bureau of East Asian and Pacific Affairs
Testimony Before the Senate Foreign Relations Committee
Washington, DC
June 25, 2014

Introduction
Chairman Menendez, Ranking Member Corker, Members of the Committee, thank you for the opportunity to testify today on U.S.-China relations. It is also a great honor to be participating in today’s hearing with one of our nation’s most accomplished diplomats, Ambassador Stapleton Roy – a friend, former colleague, and one of the foremost experts on U.S.-China relations. Ambassador Roy’s contributions to the U.S.-China relationship have been invaluable, and I look forward to hearing his insights.
I would also like to take this opportunity to thank you, Mr. Chairman, for your leadership and to acknowledge this Committee’s contributions to the rich bipartisan tradition of engaging China. I have found it extremely valuable to work closely with the Committee’s Members, and in particular with the Asia Sub-committee, in advancing U.S. interests vis-à-vis China and the Asia-Pacific region as a whole.
Overall Bilateral Relations
This year marks the 35th anniversary of the establishment of official diplomatic relations between the United States and China. We have made remarkable progress since the era of back-channel messaging and secret trips. The scope of today’s U.S.-China relationship was unimaginable when President Nixon made his historic visit in 1972 to China.
Yet there is still enormous potential for progress in the U.S.-China relationship. Progress that will yield benefits to the citizens of both countries, our neighbors, and the world. To realize this progress and these benefits, we seek to ensure that the relationship is not defined by strategic rivalry, but by fair and healthy competition, by practical cooperation on priority issues, and by constructive management of our differences and disagreements. Where interests overlap, we will seek to expand cooperation with China. These areas include economic prosperity, a denuclearized Korean Peninsula, peaceful resolution of the Iranian nuclear issue, and a reduction in the emission of greenhouse gases. Where they diverge – and we have significant and well-known areas of disagreement – we will work to ensure that our differences are constructively managed.
Mr. Chairman, there are those who argue that cold war-like rivalry is inevitable and that the United States and China are condemned to a zero-sum struggle for supremacy, if not conflict. I reject such mechanistic thinking. As anyone who has served in government can tell you, this deterministic analysis overlooks the role of leaders who have the ability to set policy and to shape relationships. It gives short shrift to the fact that our two economies are becoming increasingly intertwined, which increases each side’s stake in the success of the other. It undervalues the fact that leaders in Washington and Beijing are fully cognizant of the risk of unintended strategic rivalry between an emerging power and an established power and have agreed to take deliberate actions to prevent such an outcome. And it ignores the reality of the past 35 years – that, in spite of our differences, U.S.-China relations have steadily grown deeper and stronger – and in doing so, we have built a very resilient relationship.
We view China’s economic growth as complementary to the region’s prosperity, and China’s expanded role in the region can be complementary to the sustained U.S. strategic engagement in the Asia-Pacific. We and our partners in the region want China’s rise to contribute to the stability and continued development of the region. As President Obama and Secretary Kerry have made very clear, we do not seek to contain China; to the contrary, we welcome the emergence of a stable, peaceful, and prosperous China. We believe all countries, and particularly emerging powers like China, should recognize the self-benefit of upholding basic rules and norms on which the international system is built; these are rules and norms which China has participated in formulating and shaping, and they are rules and norms that it continues to benefit from. In this context, we are encouraging China to exercise restraint in dealing with its neighbors and show respect for universal values and international law both at home and abroad.
A key element of our approach to the Asia-Pacific region, often called the rebalance, is strengthening America’s alliances and partnerships in the region. This contributes directly to the stable security environment that has underpinned the region’s – and China’s – dramatic economic growth and development.
A second element is working to build up regional institutions in order to uphold the international rules-based system and create platforms for the countries and leaders to work on priority strategic, economic, and other issues. These institutions help develop habits of cooperation and promote respect for the interests of all parties.
A third key element has been expanding and deepening our relationships with important emerging countries such as China, including through regular and high-level dialogue.
In just two weeks, our countries will hold the sixth round of the U.S.-China Strategic and Economic Dialogue – the “S&ED” – in Beijing. This annual dialogue is unique in its level and scope. It is led on the U.S. side by Secretaries Kerry and Lew and brings a number of Cabinet-level and other senior U.S. government officials together with their Chinese counterparts to work on the major issues facing us. The breadth of the agenda in the two tracks – strategic and economic – reflects the breadth of modern U.S.-China relations. The S&ED is an important vehicle for making progress in the pursuit of a cooperative and constructive relationship; for building a “new model” that disproves the thesis that the United States and China are somehow destined for strategic rivalry and confrontation.
The S&ED is an important forum for the United States and China to take stock of and set goals for the bilateral relationship, to review regional and international developments and explain our respective policies, to coordinate and seek practical areas of cooperation on important issues of mutual interest, and to constructively manage areas of difference through candid, high-level discussions.
Let me preview of some of the topics for upcoming discussions at this year’s S&ED:
  • We will exchange views and explore prospects for progress on regional challenges, including Sudan, Afghanistan, Iran, North Korea, Ukraine, Iraq, and maritime disputes in the South and East China Seas;
  • The world’s two largest economies will work on strengthening the global economic recovery;
  • The world’s two biggest energy consumers and carbon emitters will work on combating climate change, and expand cooperation on clean energy;
  • We will discuss global challenges ranging from cyber security to counter terrorism to wildlife trafficking, and the United States will raise our concerns over human rights;
  • Secretary Kerry will co-chair the annual U.S.-China High-Level Consultation on People-to-People Exchange, which supports exchange programs that build the foundation for mutual understanding and trust;
  • And Deputy Secretary of State Bill Burns and his Chinese counterpart will hold the U.S.-China Strategic Security Dialogue (SSD), our highest-ranking joint civilian-military exchange with China, where we will conduct frank discussions on some of the most sensitive strategic issues in the relationship.
The S&ED and our numerous other dialogues and official exchanges with the Chinese each year reflect the importance we attach to managing this relationship. This level and pace of engagement show the commitment of both sides to producing tangible benefits for our two peoples, the Asia-Pacific region, and the global community.
The United States and China have a vital stake in each other’s success. That is why we maintain an intensive schedule of engagement; President Obama and President Xi met in Sunnylands, California, a year ago and have met twice more since then. The President plans to visit Beijing in November when China hosts APEC. Secretary Kerry, as well as numerous Cabinet and sub-Cabinet officials, have visited China already in 2014 and have met with Chinese counterparts in the United States or at international fora.
We work with China in virtually all important international arenas, including the UN, the G20, the East Asia Summit, and APEC where we are cooperating closely on regulatory transparency, supply chain efficiencies, promoting clean and renewable energy, cross-border education, and combatting corruption and bribery. Our relationship touches on nearly every regional and global issue, and, as such, requires sustained, high-level attention. Moreover, few of these issues can be effectively addressed if China and the United States do not cooperate.
Economic Relations
Economic issues play a central role in the U.S.-China relationship. China’s economic success has added to our growth and increased the purchasing power of consumers in the United States. Our two-way trade has almost quadrupled since China joined the WTO in late 2001. While the long-standing imbalance in that trade remains troubling, China is now one of the fastest growing U.S. export markets. In fact, U.S. exports to China grew by more than 90 percent between 2007 and 2013. In our bilateral engagements, we are encouraging economic reforms within China to ensure not only that its economic behavior is sustainable on its own terms, but that it contributes to strong, sustainable and balanced growth of the global economy. This includes re-orienting its economy away from a development model reliant on exports and credit-fueled investment in real estate and infrastructure to one that increases consumer spending and contributes to global demand. Central to this goal has been urging China to move toward a market-determined exchange rate. We are also addressing sources of friction in our bilateral relationship by pressing China to change a range of discriminatory policies and practices that harm U.S. companies and workers and that undermine incentives to innovate. These include subsidies that tilt the competitive playing field in favor of Chinese national champions, policies that pressure companies to hand over intellectual property as a condition for access to the Chinese market, and export credits that unfairly advantage Chinese companies in third markets. U.S. businesses have investments totaling over $50 billion. And from 2012 to 2013, Chinese direct investment flows into the United States more than doubled, according to private sector figures, and now contribute to thousands of jobs here. Our ongoing bilateral investment treaty negotiations hold the potential for even more mutually beneficial economic ties.
Even as we increase trade and investment, we will continue insisting on tangible progress in other economic areas that matter to the United States. These include:
  • China continuing to move toward a market-determined exchange rate;
  • negotiating a Bilateral Investment Treaty;
  • increasing access to Chinese markets for U.S. businesses;
  • developing a more transparent regulatory regime;
  • ending industrial policies that favor state-owned enterprises and national champions and seek to disadvantage foreign companies and their products;
  • ending forced technology transfer; and
  • addressing U.S. concerns over the theft of intellectual property and trade secrets, including government-sponsored, cyber-enabled theft for the purpose of giving Chinese companies a competitive advantage.
We will also continue to encourage greater Chinese integration into the rules-based international economic and trading system, in order to create a level playing field
for domestic and foreign companies operating in its and other markets. Over the last few months, China’s leaders have announced plans for sweeping reforms that, if realized, could go a long way in moving China’s economy toward market principles. We are encouraged that these announced reforms would potentially give the market a greater role in the economy, and we are keenly interested to see such reforms put into practice. I believe we can do much to work with China as it transitions to a consumption-driven, market-oriented growth model that would benefit both our economies.
Military-to-Military Relations
On the military side of the U.S.-China relationship, we are committed to building a sustained and substantive military-to-military relationship that focuses on identifying concrete, practical areas of cooperation and reducing risk. This includes not only deepening the use of institutionalized dialogue mechanisms, including senior defense participation at the SSD and S&ED, but also inviting the Chinese to join regional cooperative exercises and expanding talks with the Chinese military about operational safety in the region. For the first time this year, China will participate in RIMPAC June 26-August 1 in Hawaii.
We also aim to continue high-level exchanges between our militaries. Recent exchanges have included visits to China by Secretary Hagel in April and General Odierno in February, and a visit to the United States by Chief of the General Staff General Fang Fenghui in May.
At the same time, we will continue to carefully monitor China’s military developments and encourage China to exhibit greater transparency with respect to its military spending and modernization. This will help countries better understand the motivations of the People’s Liberation Army. We continue to encourage China to use its military capabilities in a manner conducive to the maintenance of peace and stability in the Asia-Pacific region.
Global and Regional Issues
As the largest energy consumers, greenhouse gas emitters, and renewable energy producers, the United States and China share common interests, challenges and responsibilities. These are issues that relate directly to our economic and national security. Cooperation on climate change, energy, and environmental protection is more critical than ever and is an important area of focus in the U.S.-China bilateral relationship.
Through broad dialogues such as the Ten-Year Framework for Energy and Environment Cooperation and the S&ED, over the last year we have been able to produce new and expanded commitments to cooperation on climate change, energy, and the environment. During Secretary Kerry’s February trip to Beijing, he announced implementation plans for each of the five initiatives under the Climate Change Working Group as well as a new enhanced policy dialogue on domestic and international policies to address climate change that will be held on the margins of the upcoming S&ED.
China is a vital partner on some of the world’s most pressing proliferation challenges, including the DPRK and Iran. The United States and China agree on the importance and urgency of achieving a denuclearized, stable, and prosperous Korean Peninsula. While differences remain between us on some of the tactics, we coordinate closely and consult intensively on how to advance these shared goals. The result has been a tightened web of sanctions targeting North Korea’s nuclear, ballistic missile, and proliferation efforts. China has also strengthened its own sanctions enforcement, which we welcome, though it could do more to prevent North Korea from engaging in proliferation activities. Indeed, North Korea remains in flagrant violation of the UN Security Council resolutions that the United States and China approved and support. So we are urging China to make greater use of its unique leverage with the DPRK to produce concrete signs that the DPRK leader has come to the realization that his only viable path forward is denuclearization.
On Iran, the United States and China share the goal of preventing Iran from acquiring a nuclear weapon and are working together within the P5+1 negotiations with Iran toward that goal. Through our frequent and high-level engagement, we will continue to press China to honor its commitments, in particular those related to its imports of Iranian oil and enforcement of UN sanctions, in furtherance of reaching a comprehensive and long-term solution to the Iran nuclear issue.
Managing Differences
In the Asia-Pacific region, Beijing’s neighbors are understandably alarmed by China’s increasingly coercive efforts to assert and enforce its claims in the South China and East China Seas. A pattern of unilateral Chinese actions in sensitive and disputed areas is raising tensions and damaging China’s international standing. Moreover, some of China’s actions are directed at U.S. treaty allies. The United States has important interests at stake in these seas: freedom of navigation and overflight, unimpeded lawful commerce, respect for international law, and the peaceful management of disputes. We apply the same principles to the behavior of all claimants involved, not only to China. China – as a strong and rising power – should hold itself to a high standard of behavior; to willfully disregard diplomatic and other peaceful ways of dealing with disagreements and disputes in favor of economic or physical coercion is destabilizing and dangerous.
The United States does not take sides on the sovereignty questions underlying the territorial disputes in the South and East China Seas, but we have an interest in the behavior of states in their management or resolution of these disputes. We want countries, including China, to manage or settle claims through peaceful, diplomatic means. For example, the Philippines and Indonesia have just done so in connection with their EEZ boundary. Disputes can also be addressed through third-party dispute resolution processes. Where parties’ rights under treaties may be affected, some treaties provide for third-party dispute settlement, as is the case of the Law of the Sea Convention, an avenue pursued by the Philippines in an arbitration with China currently being considered by an Arbitral Tribunal constituted under that treaty. The United States and the international community oppose the use or the threat of force to try to advance a claim, and view such actions as having no effect in strengthening the legitimacy of China’s claims. These issues should be decided on the basis of the merits of China’s and other claimants’ legal claims and adherence to international law and norms, not the strength of their militaries and law enforcement ships or the size of their economies.
Another area where we believe China’s actions run counter to important universal principles is the worsening human rights situation in China. Just this month, China conducted a harsh crackdown on commemorations of the 25th anniversary of Tiananmen Square. China’s actions included the detention, harassment and arrests of journalists, lawyers, and activists. Top U.S. officials raise our concerns with Chinese leaders on a regular basis, and, as we have in every previous round, Secretary Kerry plans to raise human rights at this year’s S&ED. We express concern about the Chinese government’s censorship of the media and Internet. We push for the release of all political prisoners, including but not limited to prominent figures like Liu Xiaobo. We urge China to address the policies in Tibetan areas that threaten the distinct religious, cultural, and linguistic identity of the Tibetan people. Instability and violence are on the increase in the Xinjiang Uighur Autonomous Region. As we unequivocally condemn the acts of terrorism and violence, we also urge China to take steps to reduce tensions and reform counterproductive policies that stoke discontent and restrict peaceful expression and religious freedom.
Conclusion
Clearly, a wide-ranging and complex relationship such as ours with China comes with challenges. Some degree of friction is inevitable. But an essential tool for managing and resolving differences is open and extensive communications between our two countries – at senior and working levels of government, military to military, through local governments and organizations, between our business communities, and at the grassroots level.
We are now reflecting on the considerable progress attained in 35 years of bilateral relations. One key lesson is that to ensure that our relationship grows and matures, we need to build up the links among our two peoples. People-to-people exchanges are essential to enhancing mutual understanding and furthering U.S. strategic and economic goals. To that end, the United States in 2013 received 1.8 million Chinese visitors who collectively spent $9.8 billion on goods and services in our economy. Our State Department personnel work hard to facilitate growing Chinese demand for international travel by maintaining average visa wait-times under five days over the past two years.
Education also plays an important role fostering mutual understanding. In 2013, we had 235,000 students from China studying in the United States, more than from any other country, and the United States aspires to increase the number of American students studying in China and learning Mandarin through the 100,000 Strong Initiative. In March, PRC First Lady Peng Liyuan welcomed First Lady Michelle Obama to China where together they met with U.S. and Chinese students and faculty and promoted the value of study abroad and educational exchange.
We are also working with groups like the Sister Cities International and the U.S.-China Governors Forum. These programs help by encouraging and supporting cities and states to deepen their cultural or commercial ties with Chinese counterparts. In the last year alone, we have supported numerous visits of governors and state delegations and helped them to find opportunities to deepen their involvement and links to China.
The Department works closely with the United States Chamber of Commerce, AmCham China, the U.S.-China Business Council, and other business groups to support key priorities for U.S. companies doing business in China and to promote - greater Chinese investment in the United States. In partnership and consultation with those organizations, we have encouraged the Chinese government to eliminate investment restrictions, strengthen IPR protection, increase regulatory transparency, and establish a level playing field for all companies in China.
In conclusion, let me paraphrase what President Obama said earlier this year when he met with Chinese President Xi at the Nuclear Security Summit in The Hague. The U.S.-China relationship has made great strides over these past several decades, and both sides are committed to building a new model of relations between our countries defined by expanded cooperation and constructive management of differences.
Mr. Chairman, I thank you for the opportunity to appear before you today to discuss U.S.-China relations. I look forward to answering any questions you and others from the Committee may have.
www.state.gov