Linux in Government: The Government Open Code Collaborative
As we celebrate the holiday season and prepare for the next round of legislation, a group of state and local governments has banded together to collect and distribute freely the costly software that normally runs taxpayers $100 billion annually. Called the Government Open Code Collaborative or GOCC.gov, this organization states that its members work together voluntarily to encourage "the sharing, at no cost, of computer code developed for and by government entities where the redistribution of this code is allowed".
In addition to state and local governments, the organization also encourages collaboration between public sector entities and non-profit academic institutions. With Web facilities hosted by the University of Rhode Island, GOCC.gov has a repository dedicated to hosting open-source software for download by any state or local government.
As so many people have said, "Nothing is as powerful as an idea whose time has come." And GOCC.gov is an idea whose time is long overdue. Open-source advocates attempting to initiate legislation and fight the battles on the floors of the various Houses, only to discover the political might and opposition of Microsoft, now have an alternative. State agencies now can download software for free and use it to create a cohesive and standard government infrastructure.
Instead of every county in the country buying the same Commercial Off-the-Shelf Software (COTS) 3,750 times, they simply can find what they need, download it and install it--a design similar to the distribution of Linux. Think of the cost savings and standardization this offers Homeland Security, law enforcement, the judicial system, deed databases, eGovernment applications and financial applications, to mention only a few areas. Additionally, the concerns of connecting various disparate databases across the country, a topic we heard about daily during the last campaign season, can be put to rest.
An example of the kind of software you can find on the GOCC.gov site is Election Tally, contributed by the city of Newport News, Virginia. Election Tally is a parameter-driven Web-enabled application written in Python and utilizing ModPython and MySQL. It generates an election tally report by extracting files for the state Board of Elections and produces a video simulcast.
That's pretty heady technology available to everyone in the country. In my voting precinct, our team had to generate the results and post them on the door of the polling place. If we could interest the Dallas County Election Board in adopting Election Tally, it would allow us to interface our polling machines directly with headquarters. The commission immediately could begin its audit, save time and eliminate voter fraud.
Of the many types and kinds of participants, eight states now participate to some extent in GOCC.gov: Rhode Island, Massachusetts, Pennsylvania, Utah, West Virginia, Virginia, Texas and New York. In the majority of cases, individual agencies have joined. Of course, GOCC.gov hopes to attract every state in the country. The more governments that participate, the faster the adoption rate can grow, along with the cost savings.
According to the GOCC.gov site:
The organizing meeting of the GOCC was sponsored in December 2003, by the Commonwealth of Massachusetts, in conjunction with Harvard University and MIT. The morning session at Harvard University's Kennedy School of Government was conducted by Professor L. Jean Camp, who presented an excellent tutorial on the various license options available to code sharers. Sparing every expense, the attendees took advantage of the Commonwealth's excellent public transportation system and used the MBTA's Red Line to make the transition to MIT for the afternoon program.
The afternoon session at MIT included an audio bridge for those folks that could not attend in person. The genesis of the collaborative was vetted and launched through a discussion facilitated by Dan Greenwood of MIT's E-Commerce Architecture Program. Dan has been a significant contributor to this initiative from inception. Through a series of subsequent audio conferences, the group agreed to the operating rules for the collaborative and the repository, the governance and officer structure and the actual announcement process. Highlights include the following:
The GOCC will be entirely independent and not affiliated with any professional or private sector entity.
The GOCC will accept no financial or in-kind assistance from any private sector company. All initial members will be either municipalities, legal entities of state government, or academic non-profit institutions.
Four officer positions were established to serve for one year:
Chairperson: Peter Quinn, CIO, Commonwealth of Massachusetts
Municipality Representative: Mike Wells, CIO, Gloucester, Massachusetts
Technical Lead: Jim Willis, CIO, Secretary of State, RI
Policy Lead: Patrick McCormick, Harvard University, Kennedy School of Government
On June 30, 2004, GOCC.gov made an official announcement that it was in business. Again, according to the Web site, "The Commonwealth of Massachusetts Information Technology Division; the Rhode Island Office of the Secretary of State; the Pennsylvania Office of Information Technology; the Utah Governor's Office, CIO Section; the Kansas Secretary of State Office; the Kansas Treasurer's Office; the Missouri Secretary of State Office; the West Virginia Auditor's Office; the City of Gloucester, MA; the City of Worcester, MA; and the City of Newport News, VA, [announced] the formation of the Government Open Code Collaborative (GOCC)."
The GOCC wants to offer only code licensed under an "OSI Approved License" or any other open-source license deemed acceptable under the GOCC's operating rules. And according to the GOCC, this code routinely is referred to as either "Open Source Software", "Free Software" and, less frequently, by other similar names.
GOCC also states that:
Government entities, defined as a federal, state or local government, an authority or other sub-national public sector entity of the United States, can join the GOCC as Members by signing the GOCC Operating Agreement through an authorized representative. The signatory or their designee can then appoint additional members within their entities.
Private non-profit U.S. academic institutions can also become members by signing the GOCC Operating Agreement through an authorized representative. The signatory or their designee can then appoint additional members within their institutions.
People belonging to a government entity or private non-profit academic institution that has not signed the Operating Agreement can participate with an Observer status. Representatives of non-profit associations of public entities can also participate as Observers. Observers have to be sponsored by a Member. Observers are able to join the GOCC list server to receive announcements and participate in discussions and are encouraged to participate in the GOCC bi-weekly conference calls.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- May 2016 Issue of Linux Journal
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Humble Hacker?
- BitTorrent Inc.'s Sync
- The US Government and Open-Source Software
- The Death of RoboVM
- Open-Source Project Secretly Funded by CIA
- New Container Image Standard Promises More Portable Apps
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide