Linux In Government: Interoperability

Since August 2003, we have seen significant
Linux adoption taking place within many sectors of
the US federal government. Major accomplishments
include deployment of a large interoperable database
project using LAMP, Justice Department XML standards,
establishment of a Government Open Source Community
sponsored by the Federal Enterprise Architecture
(FEA), and organization of the Government Open Code
Collaborative.

While many other projects and initiatives exist, this
article focuses primarily on standards-based thrusts
into cooperation among states and local governments.
Interoperability - A Homeland Security Priority
Secretary Tom Ridge has said that the Department of
Homeland Security (DHS) "must create new ways to
share information and intelligence both vertically,
between governments, and horizontally, across agencies
and jurisdictions." Unfortunately, the efforts of
DHS have fallen far short of expectations. Secretary
Ridge has run into the same problems others have
encountered on the way to implementing standards-based
IT solutions: putting the technology together and
overcoming fiefdoms.

Last fall, I had the opportunity to observe technology
in a lab at the University of North Texas operated
by Dr. William Moen. Dr. Moen proved Linux and
standards-based Z3950 technology could provide a huge
start in solving the problems of Homeland Security's
needs. While DHS struggles with getting the States
to cooperate, Dr. Moen's LAMP project provides some
keys to rapid deployment of interoperable document
stores and databases.

I also spoke with Kevin Marsh of the Texas State
Library and Archives Commission about the same
interoperability project I saw at UNT,
called the Library of
Texas. If you have an interest in seeing how an
interoperable government web services system works,
go to the web site and log on as a guest. Run a search
and watch the remarkable capabilities of the system.

Kevin has worked with Linux since 1994. He
offered me insights into interoperability and
standards rarely identified in my forays in the
government sector. He pointed me to the National
Information Standards Organization where I found
a plethora of interoperability standards.

When I asked Kevin if the Library of Texas project
offered an example of how our Government could
implement interoperability under Homeland Security,
he said, "yes". He then went on to say, "Achieving
compliance isn't easy. The Library of Texas has
over 100 libraries on-line as well as 40 commercial
databases. But, we're targeting 700 libraries to
become part of the network. You may achieve compliance
today, but things can change tomorrow."

Index Data of Denmark developed the software for The
Library of Texas project. The Company has
made the
software available under the GNU General Public License
(GPL).
Index Data runs an open-source consultancy
specializing in networked information retrieval.
Justice Department XML Standards
As Kevin Marsh and I discussed the Z3950 standards
used in the Library Sciences he mentioned that
interoperability for Homeland Security would require
a different database library and definitions. This
prompted me to mention Justice XML.

The site states:

What began in March 2001 as a reconciliation of data definitions evolved into a broad two-year endeavor to develop an XML-based framework that would enable the entire justice and public safety community to effectively share information at all levels - laying the foundation for local, state, and national justice interoperability.

Developed by Global and OJP, the GJXDM is an object-oriented data model comprised of a well-defined vocabulary of approximately 2,500 stable data objects, or reusable components, that facilitate the exchange and reuse of information from multiple sources and multiple applications.

While the Department of Justice has worked closely
with state and local governments to create standards
that can help protect the US, achieving compliance
isn't easy. Chris Turrentine of ETS Development
can explain why. Chris serves as a consultant
to the Automated System Project (ASP) of the
University of Southern Mississppi (see the entry on
it.ojp.gov/topic.jsp?topic_id=107). The Office
of Justice Programs describes ASP as establishing:

an information sharing network among county, local, and state agencies within three coastal counties in the state of Mississippi. The Project will provide a jail management, computer-aided dispatch, case management, and records management software suite to these agencies. Once the applications and databases are integrated, a mobile data infrastructure will be deployed for first responders to access information from laptops in the field.

According to Chris Turrentine, "the States say they want to implement Justice XML, but few have followed through." He also told me, "one State agency head said that they wouldn't share their database because they say it's their citizens' data. That's the prevailing sentiment."

Chris fought in the first Gulf War and recently added his secure portal, Quick Port, to the community of open-source applications licensed under GPL. We discussed his concern about the attitudes that exist with local government. The States don't really want to comply. They won't comply. We're going to need a national mandate to have them comply.

State and local governments follow what we might
call fiefdoms or autonomous computing. The States
maintain independent systems that do not trust each
other. These systems hold mission-critical data
such as warrants databases, directories of prison
populations, and databases of known terrorists.
The fiefdoms can work together under Linux like
the Z3950 systems deployed by the Library of Texas.

Under the Z3950 model, each fiefdom can maintain
the data in its own pond. The Z3950 Linux servers in
the system deployed by Index Data in Texas can also
provide interoperability without creating a single
huge database. But, the heads of the fifedoms simply
refuse to cooperate. That puts you and me at risk.

I recently spoke to the head of a court probation system in one of the ten largest districts in the country. She is the chief court officer. When I discussed interoperability with her, I thought she was going to go bonkers.

Her main concern dealt with the civil rights of the
criminals. She said, "the Federal government has
no right to violate the rights of state criminals
by listing them in some database. It's like Big
Brother watching everything we do. People might
move to another location and they'd always have this
mark against them. I'm dead set against connecting
databases."

Unfortunately, I have heard this kind of argument many times. If that argument doesn't work, invariably, the last justification has something to do with the procurement process. People in state and local government consistently fall back on the argument that vendors don't provide the products they need to comply.
Establishment of a Government Open Source Community sponsored by FEA
In almost every RFP (Request for Proposal) issued by a government entity, you will see two terms used consistently: COTS and GOTS. The first stands for Commercial Off-the-Shelf Software. The second stands for Government Off-the-Shelf Software.

The FEA's Center for
Components provides a Sourceforge.net style
open-source community for US governments starting
with Federal agencies and including state and local
entities. The web site is a joint venture of the
Federal Enterprise Architecture Program Management
Office and Collab.net.

You will not find COTS on core.gov, but
you will find Government Off-the-Shelf
Software. This allows government entities
to create and/or acquire open-source,
standards based software. If you want to see an
interesting description of the overall project, read the interview with Andy Stein of Newport
News, Virginia.

While not a quick fix for fiefdoms in our country, Core.gov provides evidence that the Federal government remains serious about creating interoperable, standards-based software at every level. Core.gov will not fix the ever-present problem of improper procurement practices which exist everywhere you look.

For example, many vendors who have one or two custom
installations of an application will claim their
product fits the definition of COTS or GOTS. Their
products do not qualify under either definition. But,
procurement will allow agency heads to acquire
software from vendors while turning the other way.

Core.gov can solve the need for GOTS. Again, improper procurement practices can stop progress. In those agencies where procurement doesn't turn the other way, the agency head can have a vendor sign a statement that such vendor is the sole source of such software. People refer to that process as Sole Sourcing.

The rules bend a little in this context. Here's an example of a local government policy:

"State law requires formal competition for any transaction expected to involve an expenditure of $50,000 or more. State policy further recommends that competition be sought for any transaction of $10,000 or more. Competition is not required for:

*personal or professional services (e.g., physicians, architects, attorneys, etc.)

*sole source purchases.

It is imperative that the purchasing function in a public institution be open to all qualified suppliers and that the process not impair or discourage competition. Thus, competitive bidding is always the preferred method of making an award."

Recently, I saw this happen at a Juvenile Services Agency. The agency head wanted a specific vendor to provide the software for a database. The agency dropped the bidding process after procurement drafted an RFP. The purchase was made under a Sole Source exemption. Procurement did not have the time, knowledge or resources to verify the exemption. So, what we had in this case was "plausible deniability".

The Organization of the Government Open Code Collaborative (GOCC)

Several states, local governments and universities
have banded together to create an open-source repository of
government software. You will find some
old friends there such as Jim Willis of Rhode
Island who made headlines by implementing a LAMP
project for $40,000.
An outgrowth of the Massachusetts Open Source
Initiative, GOCC started with seven states and four
municipalities that will contribute and download
open-source software designed by government agencies
for their use. The repository consists of a LAMP
environment. It includes MySQL, Z Object Publishing
Environment application server, Apache Web server,
OpenLDAP and Debian.

GOCC and Core.gov differ because the former only wants working software. To upload software to the repository, one must become a member of GOCC, while any municipality can download the software for free.

GOCC has yet to prove itself, but one has to admit that this represents a good start.
Connecting the Dots
I wonder if the fifedoms will ever connect the dots. If the American public understood the amount of money wasted everyday by the IT practices in this country, then you would expect an uprising. I wonder if anyone really cares.

While Linux and the open-source community continue to make strides, progress remains slow. In Government we not only face the problem of Linux acceptance, we also face the problems of people wanting to protect their territory and their niche. We also face bureacratic creep - the ability to keep a document authorizing a project on one's desk forever.

I hope that somehow this message makes it to Secretary Ridge.

Tom Adelstein works as a Linux consultant specializing
in identifying opportunities for open-source software
in organizations. He's the coauthor of the upcoming
book, Exploring Linux with the Java Desktop System
by O'Reilly and Associates. Tom also works with the
Open Source Software Institute He recently published
two articles in Forbes Magazine about open-source
software and JBOSS.