Air security may require IT overhaul
By Jennifer DiSabatino
(IDG) -- The U.S. Department of Transportation is considering recommendations that could impact performance of the industry's aging mainframe systems and require a costly overhaul.
Some of the DOT's recommendations call for the airlines' IT systems to perform event-based functions, like red-flagging a suspected terrorist's name in a reservation system. While functions like that are relatively simple procedures in a relational database, the databases used by existing airline reservation systems can't perform them. And adding the capability to screen passenger names could cause bottlenecks that would bring the airlines' networks almost to a halt, according to industry experts.
American Airlines Inc., Delta Air Lines Inc., United Air Lines Inc., Southwest Airlines Co. and Northwest Airlines Inc. all declined to comment for this story, saying only that they wouldn't publicly discuss anything related to security.
Secretary of Transportation Norman Mineta's Rapid Response Team on Airport Security issued a report Oct. 1 that recommended, among other measures, a nationwide program of voluntary prescreening of passengers.
The problem is that mainframe-based reservation systems were "never designed to respond to high-speed automated relational queries driven by hundreds of millions of users," said Richard Eastman, president of The Eastman Group Inc. in Newport Beach, Calif., in a soon-to-be published report.
Forty years ago, IBM developed the transactional reservation databases that most airlines still use. This mainframe system is based on Transaction Processing Facility, which constitutes the technology underlying all in-house reservation systems as well as the global distribution systems (GDS), like Sabre Holdings Corp. in Fort Worth, Texas.
The GDSes give travel agents and Internet sites a single point of contact to search for airfares. Many airlines also outsource their reservation systems to GDSes.
Sabre has begun a process to move its reservation system off TPF and onto Himalaya NonStop servers from Compaq Computer Corp. But that process is expected to take four years (see "Sabre to move off mainframe in $100M deal with Compaq," link below).
Even implementing these security measures as an intermediate step toward a complete overhaul would be a long and costly undertaking.
"Whenever you make even the smallest changes in Sabre or any TPF environment, it takes an unbelievably long time to do it -- time and resources," said Tom Cook, former president of Sabre Technology Solutions. That company became Sabre Holdings in 1999, when Fort Worth-based AMR Corp., the parent company of American Airlines, divested itself of its interest in Sabre. Cook now heads Replane Inc. in Chicago.
"The code is old and structured," Cook said. "Making changes in the TPF environment is orders of magnitude more difficult than it is in a modern environment."
Even the company that developed the reservation systems in the late 1950s and early 1960s acknowledges that security queries are going to cause performance problems.
"That could be true," said Michael Hulley, vice president of the Global Travel and Transportation Industry unit at IBM, referring to the possibility of performance problems. "The reservation system is meant for doing mostly one thing: acting at a very secure high speed with high availability. It is not looking for triggers," like a terrorist's name in the passenger list for a flight, he said.
To screen passenger names, the airlines could add another processing unit to run checks without sending the name through TPF, said Hulley. The reservation system could send passenger names to the old system, as well as to the new unit, working around the old TPF's inability to do queries. Programs that scan passenger profiles, not just names, could run in the second processor, Hulley said.
He said other types of security could also be run in tandem with TPF. "I would think that adding biometric capacity to that database, that would be done externally," Hulley said.
The problem with that, said Eastman, is that the government and the airline industry don't recognize the differences in each other's systems. They just think they can write some code and make it work, he said.
"They don't know what they're doing yet," he said.
However, Hulley noted, before the technological problems can be solved, the airlines and various local, state, federal and even international government agencies must first resolve the privacy and ownership issues associated with uniform information sharing.
The Federal Aviation Administration (FAA), which is under the DOT's authority, declined to comment on when or even whether the new security guidelines will be imposed.
"We want to get this stuff going as soon as possible," said FAA spokesman Paul Takemoto. When asked if the government would help fund the implementation of computer-based screening, he said, "That all has to be worked out."
Review of airport security firm shows security breaches continue
October 17, 2001
Democrats urge House vote on airport security
October 16, 2001
RELATED IDG.net STORIES:
Sabre to move off mainframe in $100M deal with Compaq
Hotels are having problems, too
The technology behind the problem
Oakland airport to install face-scan technology
Flight fear shifts tech planning
FAA imposes restrictions on e-tickets
Feds unveil airline security plans
Airport technology expected to improve in attack's aftermath
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
TECHNOLOGY TOP STORIES:
Report: SUVs pose danger to cars
New telemarketer tool trumps TeleZapper
Terra Lycos logs $2.2B loss
AOL to offer song downloads
Microsoft seeks fiscal fountain of youth
|Back to the top|