Linux in Government: Open Source Innovation within the DoD
Prior to implementing an integrated software solution for its hospitals in 1993, the military experienced bottlenecks in its computer services. Each branch of the armed services used different legacy systems and manual procedures to control the flow of medical supplies and equipment, facilities, contractors and record keeping. Then, the Department of Defense (DoD) automated the processes with a common standard platform to conduct medical logistics for every branch of service. When you manage as many hospitals and health-care facilities as the military does, standards-based solutions and coordinated automation are essential.
The Assistant Secretary of Defense for Health Affairs embraced what is referred to as the DoD information superiority initiative. Simply stated, as service members are deployed into various theaters of operations, new and better standards became essential. That's where the Defense Medical Logistics Standard Support (DMLSS) program comes into play. The DMLSS System is an automated information system used by the four major branches of the service to provide medical logistics support to military hospitals and other medical facilities.
DMLSS provides the four services with a common, standard platform for conducting medical logistics. It provides end-to-end information technology that enables the services to order and receive products and services electronically as well as to create and release invoices for payment. DMLSS also provides record keeping services, such as inventory control. The system complies with the accounting standards of the DoD, allowing the Comptroller's office to more efficiently compile its financial records. Finally, DMLSS serves as a source of record for DoD medical assets.
The Program Management Office (PMO) for DMLSS is located in Falls Church, Virginia. Continuing development and support facilities exist at Ft. Detrick, Maryland, at the Joint Medical Logistics Functional Development Center. At Ft. Detrick, programmers support open-source components in applications that require cryptography. They open-source components include Stunnel, Apache, ModSSL and OpenSSL.
Although Stunnel does not contain any cryptographic code itself, it relies on external SSL libraries, such as OpenSSL. ModSSL provides strong cryptography for the Apache 1.3 WebServer by way of the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, with some help from the open-source SSL/TLS toolkit, OpenSSL. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured and open-source toolkit that implements the SSL v2/v3 and TLS v1 protocols, as well as a full-strength general purpose cryptography library.
The PMO supported the use of open source and saw it as an enabling technology. As DMLSS became the standard throughout the military, the department heads enjoyed the success of their program. It has won 17 awards, beginning with the 1997 Government Information Technology Leadership Award and most recently winning the E-Business Transformation Award in 2003.
Some of us may find it hard to imagine, but in January 2000 members of the National Security Agency promulgated a policy that required any military program using information assurance to have its products validated by National Institute of Standards and Technology (NIST). The open-source components of DMLSS lacked such validation, called a FIPS 140-2 validation.
That led Steve Marquess, the technical manager of DMLSS, to the job of finding replacements for the OpenSSL libraries so prominently used in DMLSS. It also led him on a journey that blended serendipity with the realities of DoD chains of command. After months of research, Steve says he "discovered two things: not much commercial software was available and what existed was very expensive. Secondly, OpenSSL had already been validated multiple times."
Because OpenSSL has a BSD-style license, many vendors simply grabbed the source code and incorporated it into their proprietary products. Those vendors wanted literally hundreds of thousands of dollars in licensing fees. As Steve attests, "as a taxpayer, I felt very annoyed. But it made me realize a couple of things. First, if OpenSSL had been validated, then it was possible for us to do it again. Secondly, if we could do it we could save a lot of money for the program."
Steve took the idea to his superiors: Debbie Bonner, Director of Operations in the PMO, and Colonel Dan Magee, the DMLSS Program Manager at the time. Both actively encouraged Steve to go forward. Steve said, "The path of least resistance [for Debbie Bonner and Col. Magee] would have been to fork over a pile of taxpayer dollars for proprietary software, but they backed this out of the box move instead. That took guts, I think, especially when we were being told by nearly everyone that it couldn't be done."
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- Petros Koutoupis' RapidDisk
- The Italian Army Switches to LibreOffice
- Linux Mint 18
- Oracle vs. Google: Round 2
- Firefox 46.0 Released
- Ubuntu Online Summit
- The FBI and the Mozilla Foundation Lock Horns over Known Security Hole
- Privacy and the New Math
- Ben Rady's Serverless Single Page Apps (The Pragmatic Programmers)
Until recently, IBM’s Power Platform was looked upon as being the system that hosted IBM’s flavor of UNIX and proprietary operating system called IBM i. These servers often are found in medium-size businesses running ERP, CRM and financials for on-premise customers. By enabling the Power platform to run the Linux OS, IBM now has positioned Power to be the platform of choice for those already running Linux that are facing scalability issues, especially customers looking at analytics, big data or cloud computing.
￼Running Linux on IBM’s Power hardware offers some obvious benefits, including improved processing speed and memory bandwidth, inherent security, and simpler deployment and management. But if you look beyond the impressive architecture, you’ll also find an open ecosystem that has given rise to a strong, innovative community, as well as an inventory of system and network management applications that really help leverage the benefits offered by running Linux on Power.Get the Guide