Linux in Government: Open Source Innovation within the DoD
Prior to implementing an integrated software solution for its hospitals in 1993, the military experienced bottlenecks in its computer services. Each branch of the armed services used different legacy systems and manual procedures to control the flow of medical supplies and equipment, facilities, contractors and record keeping. Then, the Department of Defense (DoD) automated the processes with a common standard platform to conduct medical logistics for every branch of service. When you manage as many hospitals and health-care facilities as the military does, standards-based solutions and coordinated automation are essential.
The Assistant Secretary of Defense for Health Affairs embraced what is referred to as the DoD information superiority initiative. Simply stated, as service members are deployed into various theaters of operations, new and better standards became essential. That's where the Defense Medical Logistics Standard Support (DMLSS) program comes into play. The DMLSS System is an automated information system used by the four major branches of the service to provide medical logistics support to military hospitals and other medical facilities.
DMLSS provides the four services with a common, standard platform for conducting medical logistics. It provides end-to-end information technology that enables the services to order and receive products and services electronically as well as to create and release invoices for payment. DMLSS also provides record keeping services, such as inventory control. The system complies with the accounting standards of the DoD, allowing the Comptroller's office to more efficiently compile its financial records. Finally, DMLSS serves as a source of record for DoD medical assets.
The Program Management Office (PMO) for DMLSS is located in Falls Church, Virginia. Continuing development and support facilities exist at Ft. Detrick, Maryland, at the Joint Medical Logistics Functional Development Center. At Ft. Detrick, programmers support open-source components in applications that require cryptography. They open-source components include Stunnel, Apache, ModSSL and OpenSSL.
Although Stunnel does not contain any cryptographic code itself, it relies on external SSL libraries, such as OpenSSL. ModSSL provides strong cryptography for the Apache 1.3 WebServer by way of the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, with some help from the open-source SSL/TLS toolkit, OpenSSL. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured and open-source toolkit that implements the SSL v2/v3 and TLS v1 protocols, as well as a full-strength general purpose cryptography library.
The PMO supported the use of open source and saw it as an enabling technology. As DMLSS became the standard throughout the military, the department heads enjoyed the success of their program. It has won 17 awards, beginning with the 1997 Government Information Technology Leadership Award and most recently winning the E-Business Transformation Award in 2003.
Some of us may find it hard to imagine, but in January 2000 members of the National Security Agency promulgated a policy that required any military program using information assurance to have its products validated by National Institute of Standards and Technology (NIST). The open-source components of DMLSS lacked such validation, called a FIPS 140-2 validation.
That led Steve Marquess, the technical manager of DMLSS, to the job of finding replacements for the OpenSSL libraries so prominently used in DMLSS. It also led him on a journey that blended serendipity with the realities of DoD chains of command. After months of research, Steve says he "discovered two things: not much commercial software was available and what existed was very expensive. Secondly, OpenSSL had already been validated multiple times."
Because OpenSSL has a BSD-style license, many vendors simply grabbed the source code and incorporated it into their proprietary products. Those vendors wanted literally hundreds of thousands of dollars in licensing fees. As Steve attests, "as a taxpayer, I felt very annoyed. But it made me realize a couple of things. First, if OpenSSL had been validated, then it was possible for us to do it again. Secondly, if we could do it we could save a lot of money for the program."
Steve took the idea to his superiors: Debbie Bonner, Director of Operations in the PMO, and Colonel Dan Magee, the DMLSS Program Manager at the time. Both actively encouraged Steve to go forward. Steve said, "The path of least resistance [for Debbie Bonner and Col. Magee] would have been to fork over a pile of taxpayer dollars for proprietary software, but they backed this out of the box move instead. That took guts, I think, especially when we were being told by nearly everyone that it couldn't be done."
|Bitcoin on Amazon! Sort of...||Sep 28, 2016|
|Free Today: September Issue of Linux Journal (Retail value: $5.99)||Sep 27, 2016|
|nginx||Sep 27, 2016|
|Epiq Solutions' Sidekiq M.2||Sep 26, 2016|
|Nativ Disc||Sep 23, 2016|
|Android Browser Security--What You Haven't Been Told||Sep 22, 2016|
- Free Today: September Issue of Linux Journal (Retail value: $5.99)
- Bitcoin on Amazon! Sort of...
- Android Browser Security--What You Haven't Been Told
- Epiq Solutions' Sidekiq M.2
- Identity: Our Last Stand
- Nativ Disc
- The Many Paths to a Solution
- Securing the Programmer
- Tech Tip: Really Simple HTTP Server with Python
Pick up any e-commerce web or mobile app today, and you’ll be holding a mashup of interconnected applications and services from a variety of different providers. For instance, when you connect to Amazon’s e-commerce app, cookies, tags and pixels that are monitored by solutions like Exact Target, BazaarVoice, Bing, Shopzilla, Liveramp and Google Tag Manager track every action you take. You’re presented with special offers and coupons based on your viewing and buying patterns. If you find something you want for your birthday, a third party manages your wish list, which you can share through multiple social- media outlets or email to a friend. When you select something to buy, you find yourself presented with similar items as kind suggestions. And when you finally check out, you’re offered the ability to pay with promo codes, gifts cards, PayPal or a variety of credit cards.Get the Guide