Policing in the Cloud, An Garda Siochana, Systems Architecture, Cloud Computing, ICT

 

Policing in the Cloud, An Garda Siochana, White Paper (2) by Vincent McKenna BSSc, PG Dip, MSc
This White Paper will propose a new IT system that could enhance An Garda Siochana’s ability to deliver on its strategic and operational objectives.

 

 

 

  1. Discussion – Part 1
  2. Discussion – Part 2
  3. Discussion – Part 3
  4. Conclusion
  5. References

Introduction

Part 1

This White Paper (2) is a follow on from White Paper (1) will propose a new system that could enhance An Garda Siochana’s ability to deliver on its strategic and operational objectives. It will describe the high level architecture of the proposed system, the existing systems that it integrates with and the main flows of data between the new system and An Garda Siochana’s existing systems as set out in White Paper 1. It will be shown how the proposed system will support the objectives of An Garda Siochana as identified in White Paper 1.

This White Paper continues by commenting on the potential risks from both technical and business perspectives of deploying the proposed system. The possible alternative strategies for solving this problem from both a business and technology perspective will be explained.

Part 2

This White Paper will consider the IT systems identified in White Paper 1 and which are not currently implemented using a public cloud. This White Paper discusses the feasibility of migrating each existing system to a public cloud, such as those provided by Amazon, Google, Salesforce.com and Microsoft. This will involve consideration of replacement of the existing system with a new system or moving the hosting of the system to the cloud. Business, technology and legal considerations will be discussed.

This White Paper will then consider whether such a move would positively or negatively impact on each systems support for organisational objectives.

Part 3

This White Paper will conclude by reflecting on how the learning outcomes from the Systems Architecture module assisted in this White Paper.

Part 1

The Key Themes/Strategic Objectives of An Garda Siochana:

1.         National Security

2.         Confronting crime

3.         Effective Roads policing

4.         Ensuring a peaceful community

Part 1 of this White Paper will propose a new IT system that could enhance An Garda Siochana’s ability to deliver on its strategic and operational objectives. It will describe the high level architecture of the proposed system, the existing systems that it integrates with and the main flows of data between the new system and An Garda Siochana’s existing systems as set out in White Paper 1. It will be shown how the proposed system will support the objectives of An Garda Siochana as identified in White Paper 1.

This White Paper continues by commenting on the potential risks from both technical and business perspectives of deploying the proposed system. The possible alternative strategies for solving this problem from both a business and technology perspective will be explained.

An Garda Siochana uses Decision Support Systems (DSS) the same as any other organisation, however, the majority of data and information collected and interrogated by An Garda Siochana IT systems, to extract business intelligence and to support operational and strategic objectives, relates to crime and criminality. Be that intelligence relating to the suited gentry appearing before the Mahon Tribunal or the tracksuit clad pickpocket appearing before the District Court, that intelligence must be captured, stored and secured in line with current Data Protection Legislation.

DSS systems such as the Garda PULSE system are often specific software and hardware platforms employed due to the large amount of data that they store and process. This storing and processing of large volumes of data has to be administered and secured at significant cost to the tax payer. It could then be argued that DSS systems such as those employed by An Garda Siochana could be fully deployed to the public cloud, or integrated with the public cloud using IaaS or SaaS systems in order to gain efficiencies and scaled up securities. While security will remain a concern, an IaaS system can take the burden of cost and risk associated with in-house solutions to a public cloud based system that allows the customer to retain ownership of the data/information and determine scalability of space/security and to a lesser degree of certainty, cost control (see, costing in Part 2).

The SaaS system allows customers to shift the management of their internal software systems and any underlying platforms to the cloud vendor. The customer can then determine how much space/time they want to pay for by managing their on cloud activity. DSS are specialised systems and apply particularly where there are large scale data repositories; PaaS may not fit the bill. Business Intelligence and DSS systems can help with strategic and operational objectives, yet the right decisions have to be made in relation to vendors. An Garda Siochana could clearly benefit from such a system in terms of supporting their operational and business objectives. A SaaS vendor will almost certainly offer advice on the integration of existing IT systems, and this means that the control and integration of the DSS system stays with the enterprise IT domain. The DSS normally resides in-house and so a partnership between the public cloud and DSS systems would allow for elasticity in demand requirements, which are often high level and short term.

In White Paper 1 it was highlighted that An Garda Siochana as an organisation, has failed to master e-mail systems for its stations and members. On the 12th of February 2012, the Minister for Justice, Mr Alan Shatter, told the Dail that of the 703 Garda Stations in operation 282 stations were without access to e-mail and were not networked locations. It would appear that the cloud offers a unique solution to this communications problem, particularly when issues of security, cost and scalability are considered.

However, such a move to the cloud by An Garda Siochana would need serious investigation, the FBI which houses the largest criminal justice databases in the world, including criminal convictions, soft intelligence and finger print databases, has set out very stringent rules (Criminal Justice Information Systems, CJIS) for cloud vendors wishing to offer their services to law enforcement agencies within the USA.

It is certain that even if An Garda Siochana did move their e-mail to the cloud, if their chosen vendor was not FBI compliant, it could see a deterioration of relations between the FBI and An Garda Siochana. The Los Angeles Police Department (LAPD) recently moved their e-mail services to the cloud e-mail solution provided by Google Apps, however, as the cloud vendor was not FBI compliant the LAPD had no choice but to return their e-mail to the private cloud (Novell system) or lose access to the FBI’s database system. Stephen Fischer Jr., a spokesman for the FBI’s CJIS division said:

“The FBI remains committed to using technology in its information-sharing processes, but not at the sacrifice of the security of the information with which it has been entrusted,” (http://www.wired.com/cloudline/2012/02/fbi-cloud-security/) (also see Part 2 below).

An Garda Siochana would need to determine what exactly the front-of-house e-mail system would be used for, if it was simply for work scheduling, deployment of resources, policy documents, community engagements and so forth, then perhaps security would not be such a key issue, however, if e-mail was to be used for more sensitive information (see, Garda hacker story in Part 2) then e-mail may not be as reliable as the Garda digital radio system. However, as an initial step into the cloud, a cloud based e-mail system could be adopted for public information purposes; this would include missing person alerts, community safety information and other non-sensitive information.

As stated in White Paper 1, the new Automated Number Plate Recognition System (ANPR), The Garda Finger Print System (PRINTRAK) and the Automated Ballistics Identification System (ABIS) are all helping with the strategic and operational objectives of An Garda Siochana by allowing real time Number Plate checks on vehicles coming to the attention of frontline officers, finger printing of suspects in real time situations using touch pad technology and faster identification of weapons used in shooting incidents.

These technologies are in the first two cases linked directly to the Garda Digital Radio Service, with the ballistics software allowing speedy feedback to crime scene investigators, as in many instances the same weapons can be used in multiple shootings and the related gangs can be identified by ballistic reports. This simply means that Gardai can quickly focus their investigation. This vast volume of information could be hosted on the public cloud with clear security protocols put in place, however, as will be seen in Part 2 of this paper, cloud vendors may ‘not’ be up to the task of providing a secure service to law enforcement agencies such as An Garda Siochana.

The potential risks involved in deploying or integrating with the cloud system would be system failure, hacker attack and other security concerns. However, as will be seen from Part 2 of this White Paper, those risks must be contextualised and not sensationalised. Business perspectives from a policing point of view must be public concerns about safety and security of their personal data, therefore An Garda Siochana must ensure that if they move to the cloud they are supported in that move by the citizens they serve. This can be achieved by a public information campaign, and information sessions through the local policing partnerships.

From both a business and technological point of view possible alternative strategies to solving these problems would have to revert back to the private cloud or a hybrid of both the public and private cloud, however, transfer rather than integration would be the most streamlined and cost efficient outcome.

 Part 2

 The Key Themes/Strategic Objectives of An Garda Siochana:

1.         National Security

2.         Confronting crime

3.         Effective Roads policing

4.         Ensuring a peaceful community

Part 2 of this White Paper will consider the IT systems identified in White Paper 1 and which are not currently implemented using a public cloud. This paper discusses the feasibility of migrating each existing system to a public cloud, such as those provided by Amazon, Google, Salesforce.com and Microsoft. This will involve consideration of replacement of the existing system with a new system or moving the hosting of the system to the cloud. Business, technology and legal considerations will be discussed.

This White Paper will then consider whether such a move would positively or negatively impact on each systems support for organisational objectives.

An Gardai Siochana are the national police service of the Republic of Ireland and in that role they have duties relating to national security, organised crime, white collar crime, serious crime and public order, just to mention some. Due to the sensitivity of certain information held by An Garda Siochana it is essential that the security of systems employed by An Garda Siochana are as secure as they can be. This security aspect was recently highlighted when sensitive electronic communication exchanges between a member of An Garda Siochana and the FBI were hacked (see, http://arstechnica.com).

The National Institute of Standards and Technology (NIST), has published 16 variations on their definition of cloud computing, however, this is their most up to date definition and a good starting point for this discussion:

“Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.” (http://www.nist.gov/index.html)

While security will always be an issue for any organisation, business or governmental, the reality is that organisations must remain focused on efficiencies and value for money services. This is particularly so for An Garda Siochana who had almost 800 of their members retire without replacement (due to recruitment embargo) in February 2012, and over 100 of their stations closed since March 2012 due to budget cutbacks. The cloud for policing is an interesting concept, however, could the cloud be trusted to store the names and addresses of informers held on the PULSE computer system, could the cloud be trusted with the names and addresses of those citizens on the Witness Protection Programme. It is unlikely that such limited and highly sensitive information will ever be trusted to anything more than the private cloud or dusty filing cabinets. However, An Garda Siochana has vast databases that contain relatively low security data, yet it costs vast sums of public money to store and administer this information each year.

It has been said many times in recent years that cloud computing can provide an array of benefits to both public bodies and business organisations, and even when we pull back the veil of vendor marketeers, we can still see proven benefits such as scalability, resilience, elasticity, high performance, ‘security’ and cost efficiencies. For an organisation such as An Garda Siochana understanding and managing potential risks with the adoption and integration of the cloud will be a major challenge. An Garda Siochana may have to rethink their processes for assessing risk and making considered judgements relating to this relatively new service delivery model.

Senior management will have to define a decision making model to determine how operational, legal and data security requirements, coupled with new budgetary constraints can propel the identification of the systems architecture solution that best suits the needs of policing in the information age. Senior management in consultation with IT experts must tease out the pros and cons in terms of data/information security and resilience, that examination must include the public, community and private cloud models. While White Paper 1, highlighted the IT strategic and operational objectives/Plan (2010-2012) of An Garda Siochana, that plan offered little insight into the thinking of An Garda Siochana in relation to their attitude to cloud computing.

Recently the European Union ‘cyber security agency’ or European Network and Information Security Agency (ENISA) launched a comprehensive report on cloud computing, in which they set out the benefits, risks and recommendations for information security issues. The core theme of the report was how government and business organisations could benefit from adopting/integrating the cloud system without putting their organisations at risk. The ENISA report sets out to address technical, policy and legal implications for cloud computing and also puts forward recommendations to confront security risks while achieving the maximum benefits from adopting/integrating the cloud into a business or Governmental organisation. ENISA’s report is presented as the first independent look at the security and privacy issues related to moving to the cloud. ENISA partnered with an expert group began their investigation by asking business leaders about their main concerns in relation to moving to the cloud. Giles Hogben, an ENISA expert and Editor of the report said:

“The picture we got back from the survey was clear, the business case for cloud computing is obvious, it’s computing on tap, available instantly, commitment-free and on-demand. But the number one issue holding many people back is security – how can I know if it’s safe to trust the cloud provider with my data and in some cases my entire business infrastructure?” (https://www.enisa.europa.eu)

At the conclusion of the report by ENISA there is a security check-list which could be useful to probe cloud vendors before committing to a cloud based system. It is further worth noting comments by The Executive Director of ENISA, Dr Udo Helmbrecht, when he suggests that cloud computing can be as much a security enabler as security risk:

“The scale and flexibility of cloud computing gives the providers a security edge. For example, providers can instantly call on extra defensive resources like filtering and re-routing. They can also roll out new security patches more efficiently and keep more comprehensive evidence for diagnostics.” (https://www.enisa.europa.eu)

Whatever the reality in relation to cloud security, the fact is that the IDC predicts a growth of EU cloud services from 971 Million Euro in 2008 to 6,005 Million in 2013.

New System

An Garda Siochana, have shown their vulnerability by the hacker case highlighted in this paper, however, it can be argued that a new system based on a secure community cloud, shared between the FBI, Europol, UK police services and An Garda Siochana on matters of mutual interest could offer a secure, cost effective and intelligence efficient service. Such a community based/multi-tenant system would hold a range of information, ranging from very sensitive, to the more mundane information relating to lists of terrorist suspects. Security settings and access permissions would be allocated on the basis of the importance of the information stored in the cloud. As The Executive Director of ENISA, Dr Udo Helmbrecht has already stated, the cloud can give ‘a security edge’.

This new cloud based community model could also integrate with An Garda Siochana’s PULSE computer system with high security firewalls being built to ensure maximum protection for sensitive information exchange. Unlike most organisations that fear downtime, such as the case of the Amazon crash (Amazon elastic compute cloud or EC2) (http://siliconangle.com), An Garda Siochana have the added weapon in their information armoury of the secure national digital radio system, this means that even if there is no cloud cover, An Garda Siochana could continue to communicate, access information from the PULSE system without operational interruption.

In White Paper 1 it was highlighted that An Garda Siochana as an organisation, has failed to master e-mail systems for its stations and members. On the 12th of February 2012, the Minister for Justice, Mr Alan Shatter, told the Dail that of the 703 Garda Stations in operation 282 stations were without access to e-mail and were not networked locations. It would appear that the cloud offers a unique solution to this communications problem, particularly when issues of security, cost and scalability are considered. Salesforce.com offers a range of services/products including Database.com, which is a multitenant cloud database for integrating the social enterprise; such a secure system could host e-mail facilities for An Garda Siochana.

However, such a move would need serious investigation, the FBI which houses the largest criminal justice databases in the world, including criminal convictions, soft intelligence and finger print databases, has set out very stringent rules (Criminal Justice Information Systems, CJIS) for cloud vendors wishing to offer their services to law enforcement agencies within the USA.

It is certain that even if An Garda Siochana did move their e-mail to the cloud, if their chosen vendor was not FBI compliant, it could see a deterioration of relations between the FBI and An Garda Siochana. The Los Angeles Police Department (LAPD) recently moved their e-mail services to the cloud e-mail solution provided by Google Apps, however, as the cloud vendor was not FBI compliant the LAPD had no choice but to return their e-mail to the private cloud (Novell system) or lose access to the FBI’s database system. Stephen Fischer Jr., a spokesman for the FBI’s CJIS division said:

“The FBI remains committed to using technology in its information-sharing processes, but not at the sacrifice of the security of the information with which it has been entrusted,” (http://www.wired.com/cloudline/2012/02/fbi-cloud-security/).

In effect the FBI has pushed security compliance standards onto the vendors of cloud systems and Google is not the only vendor struggling to meet with FBI security standards, Microsoft marketing collateral reveals that the baseline version of Office 365 doesn’t offer at rest encryption of messages, a CJIS requirement. It is clear that the FBI have set the bar high when dealing with cloud vendors, however, such minor technical inconvenience to multi-billion dollar corporations must be measured against the rights of citizens to have their personal data, privacy and confidentiality protected.

Two important points can be picked from cloud vendor’s failure to meet with FBI standards:

  1. Cloud vendors must identify all system/database/security/network administrators on their staff “who have the capability to access and recompile criminal justice information”, and these employees must pass fingerprint-based criminal background checks.
  2. Remote maintenance on systems containing CJIS information cannot be performed “from locations outside the United States”.

An Garda Siochana will certainly have to consider all of the above and more before engaging with the cloud, however, An Garda Siochana cannot ignore solutions that offer low costs related to shared tenant cloud systems with tried and tested security features related to traditional on premises systems.

The PULSE system is a more vertically focused application than e-mail or other horizontal applications, yet, cloud vendors have an opportunity to reengineer their products and services such as e-mail to meet the rigors and demands of law enforcement organisations without need to impact on the substantial cost savings and efficiencies such organisations can gain from multi-tenancy solutions.

It is clear that some cloud vendors are investing in research and development to meet the needs of law enforcement agencies, the Datamaxx Group in the USA has developed a secure cloud infrastructure that meets FBI requirements, and this secure cloud means that law enforcement agencies in Montana can share sensitive information including Homeland security resources. An Garda Siochana will have to source and question their cloud vendor at length before making any commitments.

Amazon EC2 offers customers the opportunity to isolate compute instances by specifying a particular range of IP addresses to be used, this allows customers to connect their existing IT infrastructure using industry standard encrypted IPsec VPN. Amazon also offers Dedicated Instances to any VPC, this is Amazon’s EC2 instances that run on hardware dedicated to a single customer for additional isolation and security. Pricing is a major consideration when choosing a cloud vendor, Amazon allows customers to scale up and down as required, and customers only pay for what they use. However, pricing can be a real issue, and once you’re in the cloud you are at the mercy of the vendor, for example, in Ireland the Small (default) solution is 90 US cents per hour; in 2010 the Small (default) solution was 12 US cents per hour.

EU (Ireland)

 

Linux/UNIX Usage

Windows Usage

Standard On-Demand Instances

Small (Default)

$0.090 per Hour

$0.115 per Hour

Medium

$0.180 per Hour

$0.230 per Hour

Large

$0.360 per Hour

$0.460 per Hour

Extra Large

$0.720 per Hour

$0.920 per Hour

Micro On-Demand Instances

Micro

$0.025 per Hour

$0.035 per Hour

Hi-Memory On-Demand Instances

Extra Large

$0.506 per Hour

$0.570 per Hour

Double Extra Large

$1.012 per Hour

$1.140 per Hour

Quadruple Extra Large

$2.024 per Hour

$2.280 per Hour

Hi-CPU On-Demand Instances

Medium

$0.186 per Hour

$0.285 per Hour

Extra Large

$0.744 per Hour

$1.140 per Hour

Cluster Compute Instances

Quadruple Extra Large

N/A*

N/A*

Cluster GPU Instances

Amazon engages with a range of operating systems and these systems need to be compatible with any organisations existing systems if they are to be integrated rather than transplanted to the cloud. The application development environments, application servers and so forth are set out in the table below for ease of reference.

Operating Systems

 

 

Red Hat Enterprise Linux

Windows Server

Oracle Enterprise Linux

SUSE Linux Enterprise

Amazon Linux AMI

Ubuntu Linux

Fedora

Gentoo Linux

Debian

 

Application Development Environments

Application Servers

Video Encoding & Streaming

IBM sMash

IBM WebSphere Application Server

Wowza Media Server Pro

JBoss Enterprise Application Platform

Java Application Server

Windows Media Server

Ruby on Rails

Oracle WebLogic Server

 

The Law

Personal Data was traditionally thought of as paper files that were held in filing cabinets in businesses and Government offices relating to the personal information that they held about individual workers and citizens respectively, however, with the advent of new technologies people’s personal data is now flying through cyber space at unprecedented levels. Contrary to the general view that Data Protection is a new concept introduced to address security issues relating to the Internet, it was in Germany in 1970 that the first data protection laws were enacted, however it should be noted that data protection laws were not enacted for the mere protection of individual’s privacy in relation to their personal data, but rather to ensure that there were standard protocols in place to ensure that personal data could free-flow across the borders of Europe. Kelleher and Murray tell us that improved privacy standards are nothing more than a spin off from the European Communities desire to build an internal common market (Kelleher, D. Murray, K. 2007). However, Stewart Room states that, “The maintenance of free flows of personal data between countries is the second aim of data protection laws, with the first being the protection of privacy”.

In Ireland the job of the Data Protection Commissioner and the Data Protection Acts of 1988 and 2003 are to ensure that the private data relating to Irish Citizens is protected within the parameters of the above mentioned acts. In 2012 Data Protection is a mine-field for businesses and Government agencies as the Internet has introduced numerous security and privacy issues, this has been brought into focus by the development and growth of cloud computing. There are now two-billion internet users worldwide and as highlighted by a Report by, Symantec Intelligence Quarterly, security threats to the Internet are increasing at an alarming rate.

It may have been assumed that the Data Protection Act does not apply to An Garda Siochana, however, a case brought to the Data Commissioner by a young man proves that it does. The young man had been before the court on a minor charge, and while the case was proven, the judge applied the Probation Act. This meant that the young man would not have a criminal record if he stayed out of trouble. Some years later the young man applied to work in Australia and the Garda PULSE computer system showed that the young man had a criminal conviction. The Data Commissioner ruled that An Garda Siochana have the same obligations (in most circumstances) as any other organisation under the Data Protection Acts 1988/2003, and should have disposed of the inaccurate information relating to the young man.

It also has to be noted and as mentioned earlier, the big picture in relation to Data Protection as far as Ireland is concerned is the European Union, the European Network and Information Security Agency (ENISA) recently praised Ireland for its leading initiatives in relation to Data Protection and in particular it’s Mandatory Security Breach Code of Practice. 

The ENISA  also raises the issue of cloud computing and the new risks and challenges thrown up by billions of pieces of personal/business information flying through cyber space, information that might traditionally have been kept on internal private clouds to companies and government departments. This out sourcing of personal data and its endless possibilities in terms of economies of scale are a tantalising target for hackers. If Google street cars can pick up e-mails as they pass private houses, what can global hackers pick up as they trawl the clouds of multi-nationals and Government departments? These mainframe giants can be based in any country in the world and the tentacles of our progressive Data Protection safeguards may not be able to reach those cyber black holes.

Part 2 of this White Paper has shown how cloud computing could positively impact on the organisational objectives of An Garda Siochana, both in terms of multi-tenancy sharing with other law enforcement agencies, and the introduction of a universal secure e-mail platform. Legal and legislative obligations have been highlighted, and both must be to the fore of any plan to leap to the cloud. The strategic objectives of An Garda Siochana could be supported by moving certain systems to the cloud and integrating others, as information sharing could become more streamlined and secure, providing best practice in national security and community safety.

Part 3

The Key Themes/Strategic Objectives of An Garda Siochana:

1.         National Security

2.         Confronting crime

3.         Effective Roads policing

4.         Ensuring a peaceful community

Conclusions

Part 1

Law enforcement needs timely and secure access to services that provide data wherever and whenever for stopping and reducing crime, this assignment has proposed a new system that could enhance An Garda Siochana’s ability to deliver on its strategic and operational objectives. It has described the high level architecture of the proposed system, the existing systems that it integrates with and the main flows of data between the new system and An Garda Siochana’s existing systems as set out in White Paper 1. It has shown how the proposed system will support the objectives of An Garda Siochana as identified in White Paper 1, and in particular this assignment recommends an immediate leap to the cloud for public information e-mail systems. DSS, IaaS and SaaS systems have been explained in terms of efficiencies and scaled up security.

The assignment continued by commenting on the potential risks from both technical and business perspectives of deploying the proposed system. The possible alternative strategies for solving this problem from both a business and technology perspective have been explained. It is clear from the evidence presented that security remains a key concern for law enforcement agencies, however, that fear must not be allowed to become a firewall between progressive policing and developing technologies.

Part 2

This White Paper has considered the IT systems identified in White Paper 1 and which are not currently implemented using a public cloud. This assignment discussed the feasibility of migrating each existing system to a public cloud, such as those provided by Amazon, Google, Salesforce.com and Microsoft. This involved consideration of replacement of the existing system with a new system or moving the hosting of the system to the cloud. Business, technology and legal considerations have been discussed. Scalability, resilience, elasticity, high performance, security and cost efficiencies have been discussed.

The White Paper has considered whether such a move would positively or negatively impact on each systems support for organisational objectives, and the preliminary conclusion would be that policing on the cloud could have a positive impact on the objectives of An Garda Siochana. The failure of the Amazon EC2 system caused concerns among cloud vendors; however, Google, Microsoft and other vendors are on a steep learning curve. The conclusion must be that whatever the technological or legislative hurdles, vendors must not compromise on security.

References

Favaro, J., 2010, Renewing the Software Project Management Lifecycle, Informatica E Tecnologia Del Software Spa, IEEE Software.

Horch,J.W. 1996, Practical Guide to Software Project Management, Artech House Inc. Norwood, MA 02062.

“Information Technology Law in Ireland”, Kelleher and Murray, 2nd Edition, Chapter 15, Data Protection.

Kelleher, D, Murray, K. Information Technology Law in Ireland, 2nd edition, Tottel Publishing, 2007. [http://www.ictlaw.com/]

Lister, A.M. and Eager, R.D. 1993, Fundamentals of Operating Systems, Fifth Edition, Macmillan Press Ltd. London.

McKeown, P.G. 2004, Learning to program with Visual Basic.net, Wiley & Sons, University of Georgia, USA.

IT doesn’t make a difference to business

Nicholas Carr (Harvard Business School)

http://hbswk.hbs.edu/archive/3520.html

IT does make a difference to business

Faisal Hoque (BTM Institute)

http://www.cio.com/article/125950/Study_Provides_Evidence_That_Technology_Execution_Leads_to_Business_Performance/1

An Garda Siochana, Policing Plan 2010-2012, Garda Headquarters, Phoenix Park, Dublin.

An Garda Siochana, ICT Strategic Plan 2010-2012, Garda Headquarters, Phoenix Park, Dublin.

An Garda Siochana, Policing Plan 2012, Garda Headquarters, Phoenix Park, Dublin.

Google.images.com

www.siliconrepublic.com

http://www.garda.ie/controller.aspx?page=106

http://www.garda.ie/controller.aspx?page=47

http://debates.oireachtas.ie/dail/2006/04/04/00288.asp

http://www.inis.gov.ie/en/JELR/pages/garda_IT_and_telecoms

http://www.wired.com/cloudline/2012/02/fbi-cloud-security/

http://www.computerworld.com/s/article/9224048/FBI_declares_cloud_vendors_must_meet_CJIS_security_rules

http://safegov.org/2012/2/20/fbi-says-cjis-security-rules-are-cloud-friendly-but-can-the-vendors-deliver

http://siliconangle.com/blog/2012/02/27/cloud-reinvents-law-enforcement-fbi-imposes-rules/

http://siliconangle.com/blog/2011/04/26/amazon-disaster-the-impact-and-strength-of-cloud-computing-at-the-middle-of-the-setback/

http://aws.amazon.com/ec2/

http://publicintelligence.info/CJISsecuritypolicy.pdf

http://arstechnica.com/tech-policy/news/2012/03/fbi-names-arrests-anon-who-infiltrated-its-secret-conference-call.ars

https://www.enisa.europa.eu/media/news-items/final-world-economic-forum-report-on-cloud-computing-with-agency-input-launched/view?searchterm=None

http://www.enisa.europa.eu/activities/risk-management/emerging-and-future-risk/deliverables/security-and-resilience-in-governmental-clouds/

http://www.enisa.europa.eu/media/press-releases/enisa-clears-the-fog-on-cloud-computing-security-1/

salesforce.com

database.com

www.dataprotection.ie

http://www.dataprotection.ie/viewdoc.asp?DocID=130

Stewart Room, ‘Transborder Data Flows’.

http://www.dataprotection.ie/documents/annualreports/2010AR.pdf

http://www.symantec.com/security_response/index.jsp

http://www.nist.gov/index.html

http://vcloudexpress.terremark.com/pricing.aspx