Linux in Government: LAMP Solution for the "9/11 Commission Report" Recommendation
As you read this article, I urge you to visit the Web site I discuss and actually test it. If you don't, then you're doing yourself and you community a disservice. Sitting right under our noses, open-source software is providing a solution right now to one of the major recommendations sited in the http://www.9-11commission.gov/ 9-11 Commission Report of July 22, 2004: "unifying the many participants in the counter terrorism effort and their knowledge in a network-based information sharing system that transcends traditional government boundaries.
The many participants in the counterterrorism effort include state and local law enforcement agencies, in addition to the FBI and CIA. In fact, the reorganization of the agencies that make up the Department of Homeland Security (DHS) was intended to increase information sharing. DHS has screamed for information sharing for three years.
DHS uses an acronym that people should recognize whenever it is used--ISAC. ISAC stands for Information Sharing and Analysis Center. The DHS ISAC Web page states:
To help develop ways to better protect our critical infrastructures and to help minimize vulnerabilities, The Department of Homeland Security has established Information Sharing and Analysis Centers or ISACs to allow critical sectors to share information and work together to help better protect the economy.
ISACs provide the framework for data sharing throughout the economy and the country as a whole. They also should provide a model for countries across the globe that are at risk for terrorists acts.
The ISAC for Government, NASCIO (National Association of State Chief Information Officers) says:
if the tragic lesson of September 11, 2001 has taught America anything, it is the value of actionable information about criminal activities and potential responses to those activities for the prevention of crimes. We have learned that a vast quantity of such information has little or no value in its undigested form. The "value add" comes when the information is
collected in an organized way from vigilant and discerning sources,
analyzed for local and widespread implications,
used to advise potential targets, and
incorporated into future prevention efforts.
Moreover, all of this must be done in a timely and comprehensive manner. The state CIOs, as the custodians of state critical information assets and as facilitators of statewide information sharing, have much to contribute to these goals.
Unfortunately, words on Web sites by a bunch of bureaucrats will not stop terrorism. In fact, the tragic lesson of September 11, 2001, has faded from memory. Law enforcement cannot work effectively when the people in decision-making positions in our government fail to empower them. Currently, the evidence points vividly to state CIOs who have failed to implement any of the "value add" they claim to have.
Distributing ISAC centers throughout sectors of the economy and government can and should work to help hinder terrorist activities. By contrast, consider the recent case of an al-Qaida hacker who was carrying a number of disks and a laptop at the time of his arrest. His arrest lead to the arrest of numerous cell members in England and the United States. By himself, the hacker was an ISAC connecting numerous al-Qaida cells globally. Perhaps that fact should make one stop and wonder if known terrorists share information better than we do.
Industry executives recognize the issues stopping the US from implementing the 9-11 Commission's recommendation. For example, Tom Richey, who leads Microsoft Corp.'s homeland security practice said in an article yesterday, "The biggest barriers still remain cultural components, legal components [and] political components. It requires leadership. It requires leaders who are willing to embrace technology as a force multiplier for solving these problems."
Analysts in the community know that Richey put it nicely. I simply would have called them bureaucrats. You and I know that if Microsoft has problems getting its solutions into ISACs, then the "components" have remained immovable.
Fortunately, a viable Linux solution to the task of connecting disparate databases over the networks is in existence today. This extant system connects a variety of government databases with a LAMP Web services application that is freely downloadable from the Internet. It allows one to search disparate databases in disparate geographical locations.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Devuan Beta Release
- May 2016 Issue of Linux Journal
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The US Government and Open-Source Software
- The Humble Hacker?
- BitTorrent Inc.'s Sync
- Open-Source Project Secretly Funded by CIA
- The Death of RoboVM
- New Container Image Standard Promises More Portable Apps
- Tech Tip: Really Simple HTTP Server with Python
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide