Linux In Government: Interoperability
Since August 2003, we have seen significant Linux adoption taking place within many sectors of the US federal government. Major accomplishments include deployment of a large interoperable database project using LAMP, Justice Department XML standards, establishment of a Government Open Source Community sponsored by the Federal Enterprise Architecture (FEA), and organization of the Government Open Code Collaborative.
While many other projects and initiatives exist, this article focuses primarily on standards-based thrusts into cooperation among states and local governments.
Secretary Tom Ridge has said that the Department of Homeland Security (DHS) "must create new ways to share information and intelligence both vertically, between governments, and horizontally, across agencies and jurisdictions." Unfortunately, the efforts of DHS have fallen far short of expectations. Secretary Ridge has run into the same problems others have encountered on the way to implementing standards-based IT solutions: putting the technology together and overcoming fiefdoms.
Last fall, I had the opportunity to observe technology in a lab at the University of North Texas operated by Dr. William Moen. Dr. Moen proved Linux and standards-based Z3950 technology could provide a huge start in solving the problems of Homeland Security's needs. While DHS struggles with getting the States to cooperate, Dr. Moen's LAMP project provides some keys to rapid deployment of interoperable document stores and databases.
I also spoke with Kevin Marsh of the Texas State Library and Archives Commission about the same interoperability project I saw at UNT, called the Library of Texas. If you have an interest in seeing how an interoperable government web services system works, go to the web site and log on as a guest. Run a search and watch the remarkable capabilities of the system.
Kevin has worked with Linux since 1994. He offered me insights into interoperability and standards rarely identified in my forays in the government sector. He pointed me to the National Information Standards Organization where I found a plethora of interoperability standards.
When I asked Kevin if the Library of Texas project offered an example of how our Government could implement interoperability under Homeland Security, he said, "yes". He then went on to say, "Achieving compliance isn't easy. The Library of Texas has over 100 libraries on-line as well as 40 commercial databases. But, we're targeting 700 libraries to become part of the network. You may achieve compliance today, but things can change tomorrow."
Index Data of Denmark developed the software for The Library of Texas project. The Company has made the software available under the GNU General Public License (GPL). Index Data runs an open-source consultancy specializing in networked information retrieval.
As Kevin Marsh and I discussed the Z3950 standards used in the Library Sciences he mentioned that interoperability for Homeland Security would require a different database library and definitions. This prompted me to mention Justice XML.
The site states:
What began in March 2001 as a reconciliation of data definitions evolved into a broad two-year endeavor to develop an XML-based framework that would enable the entire justice and public safety community to effectively share information at all levels - laying the foundation for local, state, and national justice interoperability.
Developed by Global and OJP, the GJXDM is an object-oriented data model comprised of a well-defined vocabulary of approximately 2,500 stable data objects, or reusable components, that facilitate the exchange and reuse of information from multiple sources and multiple applications.
While the Department of Justice has worked closely with state and local governments to create standards that can help protect the US, achieving compliance isn't easy. Chris Turrentine of ETS Development can explain why. Chris serves as a consultant to the Automated System Project (ASP) of the University of Southern Mississppi (see the entry on it.ojp.gov/topic.jsp?topic_id=107). The Office of Justice Programs describes ASP as establishing:
an information sharing network among county, local, and state agencies within three coastal counties in the state of Mississippi. The Project will provide a jail management, computer-aided dispatch, case management, and records management software suite to these agencies. Once the applications and databases are integrated, a mobile data infrastructure will be deployed for first responders to access information from laptops in the field.
According to Chris Turrentine, "the States say they want to implement Justice XML, but few have followed through." He also told me, "one State agency head said that they wouldn't share their database because they say it's their citizens' data. That's the prevailing sentiment."
Chris fought in the first Gulf War and recently added his secure portal, Quick Port, to the community of open-source applications licensed under GPL. We discussed his concern about the attitudes that exist with local government. The States don't really want to comply. They won't comply. We're going to need a national mandate to have them comply.
State and local governments follow what we might call fiefdoms or autonomous computing. The States maintain independent systems that do not trust each other. These systems hold mission-critical data such as warrants databases, directories of prison populations, and databases of known terrorists. The fiefdoms can work together under Linux like the Z3950 systems deployed by the Library of Texas.
Under the Z3950 model, each fiefdom can maintain the data in its own pond. The Z3950 Linux servers in the system deployed by Index Data in Texas can also provide interoperability without creating a single huge database. But, the heads of the fifedoms simply refuse to cooperate. That puts you and me at risk.
I recently spoke to the head of a court probation system in one of the ten largest districts in the country. She is the chief court officer. When I discussed interoperability with her, I thought she was going to go bonkers.
Her main concern dealt with the civil rights of the criminals. She said, "the Federal government has no right to violate the rights of state criminals by listing them in some database. It's like Big Brother watching everything we do. People might move to another location and they'd always have this mark against them. I'm dead set against connecting databases."
Unfortunately, I have heard this kind of argument many times. If that argument doesn't work, invariably, the last justification has something to do with the procurement process. People in state and local government consistently fall back on the argument that vendors don't provide the products they need to comply.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Death of RoboVM
- BitTorrent Inc.'s Sync
- The US Government and Open-Source Software
- The Humble Hacker?
- Open-Source Project Secretly Funded by CIA
- ACI Worldwide's UP Retail Payments
- New Container Image Standard Promises More Portable Apps
- Canonical and BQ's Aquaris M10 Ubuntu Edition Tablet
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide