Linux In Government: Interoperability
Since August 2003, we have seen significant Linux adoption taking place within many sectors of the US federal government. Major accomplishments include deployment of a large interoperable database project using LAMP, Justice Department XML standards, establishment of a Government Open Source Community sponsored by the Federal Enterprise Architecture (FEA), and organization of the Government Open Code Collaborative.
While many other projects and initiatives exist, this article focuses primarily on standards-based thrusts into cooperation among states and local governments.
Secretary Tom Ridge has said that the Department of Homeland Security (DHS) "must create new ways to share information and intelligence both vertically, between governments, and horizontally, across agencies and jurisdictions." Unfortunately, the efforts of DHS have fallen far short of expectations. Secretary Ridge has run into the same problems others have encountered on the way to implementing standards-based IT solutions: putting the technology together and overcoming fiefdoms.
Last fall, I had the opportunity to observe technology in a lab at the University of North Texas operated by Dr. William Moen. Dr. Moen proved Linux and standards-based Z3950 technology could provide a huge start in solving the problems of Homeland Security's needs. While DHS struggles with getting the States to cooperate, Dr. Moen's LAMP project provides some keys to rapid deployment of interoperable document stores and databases.
I also spoke with Kevin Marsh of the Texas State Library and Archives Commission about the same interoperability project I saw at UNT, called the Library of Texas. If you have an interest in seeing how an interoperable government web services system works, go to the web site and log on as a guest. Run a search and watch the remarkable capabilities of the system.
Kevin has worked with Linux since 1994. He offered me insights into interoperability and standards rarely identified in my forays in the government sector. He pointed me to the National Information Standards Organization where I found a plethora of interoperability standards.
When I asked Kevin if the Library of Texas project offered an example of how our Government could implement interoperability under Homeland Security, he said, "yes". He then went on to say, "Achieving compliance isn't easy. The Library of Texas has over 100 libraries on-line as well as 40 commercial databases. But, we're targeting 700 libraries to become part of the network. You may achieve compliance today, but things can change tomorrow."
Index Data of Denmark developed the software for The Library of Texas project. The Company has made the software available under the GNU General Public License (GPL). Index Data runs an open-source consultancy specializing in networked information retrieval.
As Kevin Marsh and I discussed the Z3950 standards used in the Library Sciences he mentioned that interoperability for Homeland Security would require a different database library and definitions. This prompted me to mention Justice XML.
The site states:
What began in March 2001 as a reconciliation of data definitions evolved into a broad two-year endeavor to develop an XML-based framework that would enable the entire justice and public safety community to effectively share information at all levels - laying the foundation for local, state, and national justice interoperability.
Developed by Global and OJP, the GJXDM is an object-oriented data model comprised of a well-defined vocabulary of approximately 2,500 stable data objects, or reusable components, that facilitate the exchange and reuse of information from multiple sources and multiple applications.
While the Department of Justice has worked closely with state and local governments to create standards that can help protect the US, achieving compliance isn't easy. Chris Turrentine of ETS Development can explain why. Chris serves as a consultant to the Automated System Project (ASP) of the University of Southern Mississppi (see the entry on it.ojp.gov/topic.jsp?topic_id=107). The Office of Justice Programs describes ASP as establishing:
an information sharing network among county, local, and state agencies within three coastal counties in the state of Mississippi. The Project will provide a jail management, computer-aided dispatch, case management, and records management software suite to these agencies. Once the applications and databases are integrated, a mobile data infrastructure will be deployed for first responders to access information from laptops in the field.
According to Chris Turrentine, "the States say they want to implement Justice XML, but few have followed through." He also told me, "one State agency head said that they wouldn't share their database because they say it's their citizens' data. That's the prevailing sentiment."
Chris fought in the first Gulf War and recently added his secure portal, Quick Port, to the community of open-source applications licensed under GPL. We discussed his concern about the attitudes that exist with local government. The States don't really want to comply. They won't comply. We're going to need a national mandate to have them comply.
State and local governments follow what we might call fiefdoms or autonomous computing. The States maintain independent systems that do not trust each other. These systems hold mission-critical data such as warrants databases, directories of prison populations, and databases of known terrorists. The fiefdoms can work together under Linux like the Z3950 systems deployed by the Library of Texas.
Under the Z3950 model, each fiefdom can maintain the data in its own pond. The Z3950 Linux servers in the system deployed by Index Data in Texas can also provide interoperability without creating a single huge database. But, the heads of the fifedoms simply refuse to cooperate. That puts you and me at risk.
I recently spoke to the head of a court probation system in one of the ten largest districts in the country. She is the chief court officer. When I discussed interoperability with her, I thought she was going to go bonkers.
Her main concern dealt with the civil rights of the criminals. She said, "the Federal government has no right to violate the rights of state criminals by listing them in some database. It's like Big Brother watching everything we do. People might move to another location and they'd always have this mark against them. I'm dead set against connecting databases."
Unfortunately, I have heard this kind of argument many times. If that argument doesn't work, invariably, the last justification has something to do with the procurement process. People in state and local government consistently fall back on the argument that vendors don't provide the products they need to comply.
In almost every RFP (Request for Proposal) issued by a government entity, you will see two terms used consistently: COTS and GOTS. The first stands for Commercial Off-the-Shelf Software. The second stands for Government Off-the-Shelf Software.
The FEA's Center for Components provides a Sourceforge.net style open-source community for US governments starting with Federal agencies and including state and local entities. The web site is a joint venture of the Federal Enterprise Architecture Program Management Office and Collab.net.
You will not find COTS on core.gov, but you will find Government Off-the-Shelf Software. This allows government entities to create and/or acquire open-source, standards based software. If you want to see an interesting description of the overall project, read the interview with Andy Stein of Newport News, Virginia.
While not a quick fix for fiefdoms in our country, Core.gov provides evidence that the Federal government remains serious about creating interoperable, standards-based software at every level. Core.gov will not fix the ever-present problem of improper procurement practices which exist everywhere you look.
For example, many vendors who have one or two custom installations of an application will claim their product fits the definition of COTS or GOTS. Their products do not qualify under either definition. But, procurement will allow agency heads to acquire software from vendors while turning the other way.
Core.gov can solve the need for GOTS. Again, improper procurement practices can stop progress. In those agencies where procurement doesn't turn the other way, the agency head can have a vendor sign a statement that such vendor is the sole source of such software. People refer to that process as Sole Sourcing.
The rules bend a little in this context. Here's an example of a local government policy:
"State law requires formal competition for any transaction expected to involve an expenditure of $50,000 or more. State policy further recommends that competition be sought for any transaction of $10,000 or more. Competition is not required for:
*personal or professional services (e.g., physicians, architects, attorneys, etc.)
*sole source purchases.
It is imperative that the purchasing function in a public institution be open to all qualified suppliers and that the process not impair or discourage competition. Thus, competitive bidding is always the preferred method of making an award."
Recently, I saw this happen at a Juvenile Services Agency. The agency head wanted a specific vendor to provide the software for a database. The agency dropped the bidding process after procurement drafted an RFP. The purchase was made under a Sole Source exemption. Procurement did not have the time, knowledge or resources to verify the exemption. So, what we had in this case was "plausible deniability".
The Organization of the Government Open Code Collaborative (GOCC)
Several states, local governments and universities have banded together to create an open-source repository of government software. You will find some old friends there such as Jim Willis of Rhode Island who made headlines by implementing a LAMP project for $40,000.
An outgrowth of the Massachusetts Open Source Initiative, GOCC started with seven states and four municipalities that will contribute and download open-source software designed by government agencies for their use. The repository consists of a LAMP environment. It includes MySQL, Z Object Publishing Environment application server, Apache Web server, OpenLDAP and Debian.
GOCC and Core.gov differ because the former only wants working software. To upload software to the repository, one must become a member of GOCC, while any municipality can download the software for free.
GOCC has yet to prove itself, but one has to admit that this represents a good start.
I wonder if the fifedoms will ever connect the dots. If the American public understood the amount of money wasted everyday by the IT practices in this country, then you would expect an uprising. I wonder if anyone really cares.
While Linux and the open-source community continue to make strides, progress remains slow. In Government we not only face the problem of Linux acceptance, we also face the problems of people wanting to protect their territory and their niche. We also face bureacratic creep - the ability to keep a document authorizing a project on one's desk forever.
I hope that somehow this message makes it to Secretary Ridge.
Tom Adelstein works as a Linux consultant specializing in identifying opportunities for open-source software in organizations. He's the coauthor of the upcoming book, Exploring Linux with the Java Desktop System by O'Reilly and Associates. Tom also works with the Open Source Software Institute He recently published two articles in Forbes Magazine about open-source software and JBOSS.