While the IC’s research organization looks into adding security to cloud environments, in the here and now, intelligence agencies are sharing more data.
Think about it: The coin of the realm may vary, but success at pretty much any business boils down to “buy low, sell high.”
Modern business is about information processing across a widely distributed ecosystem of suppliers and demanders to do just that in new and creative ways. The more efficiently an organization conducts its information transactions, the more effective its processes. Software is about telling computers how to process information. It follows, then, that the way a modern business — any business, even the federal government — deploys its software on its networks has a big impact on its ability to execute its mission. In other words, good business is good e-business.
Government leaders “get this” and increasingly make speeches and write policies that say as much. So, why does it typically take an agency as long as three years to move from recognition of a burning need for some information processing capability to accepting delivery of the software that might — or might not — provide it? Further, why are the commercial, off-the-shelf) segments of that software delivery often several versions out of date? After all, it typically takes less than 90 days for a large company to take delivery of the first increment of new software, and the embedded COTS segments in that delivery will certainly be current versions.
Here’s how government is using open technology development to cross this knowing-doing e-government gap.
Flat Internet collaboratives often take the form of “dot-orgs.” A dot-org can have legal nonprofit status, even tax-exempt status, if properly structured. Government organizations can join tax-exempt dot-orgs as peers with their industrial and academic partners. They may legally contribute their resources along with industry to pursue whatever “goodness” motivated them to join.
In this case, the goodness is faster, cheaper, better information transactions. “Better” means more secure and interoperable. “Contributed resources” in dot-orgs often means intellectual property like software. Contributions could be open-source software infrastructure developed by experts, at government expense, for the public good.
This isn’t just abstract thinking. The Defense Department’s Joint Interoperability Test Command (JITC) is developing a government-industry Internet collaborative around this rapid open technology development model to allow government to manage agile COTS software development as a peer with industry. There are dot-org, dot-gov and dot-com components of the plan.
The mission of the dot-org, notionally dubbed “NetReady.ORG,” is to manage 90-day experiments that bundle COTS, government OTS and open-source software in open-standard service-oriented architectures. The experiments will aim at small, specifically defined increments of capability using Agile or similar nonwaterfall programming.
Multiple government and industry creators of software components, together with consumers of that software, will collaborate under continuously refined intellectual property rights (IPR) conducive to open technology development. This IPR model will streamline open sourcing of government-owned software as an incentive to industry.
NetReady.ORG experiments — essentially mashing up and testing networked software modules — will demonstrate how various product bundles might deliver trustworthy transactions of valuable information at ever-decreasing cost per transaction. Note the emphasis on security, interoperability and affordability as testable attributes. One way a vendor (or agency) might do that is by bundling whatever killer app it has developed with pre-approved government security and interoperability packages. When an agency verifies, validates and in some cases formally certifies these bundles to meet its objectives, these applications will be designated and documented as pre-approved “reference implementations.”
One mission of the dot-gov, notionally “NetReady.GOV,” is to manage the fee-for-service process that tests, certifies and documents a solution’s network readiness. Software assurance, network assurance, information assurance, information interoperability, quality of service (service-level objectives and agreements) and mission enhancement (mission-level objectives and agreements) are all aspects of net-readiness. NetReady.GOV would market a net-ready logo as an incentive to industry to participate. An essential deep change from the current government system certification process is that this net-ready verification, validation and certification will be embedded, pragmatic and adaptive.
The NetReady.GOV component will also manage the intellectual property rights and monetary exchanges between government and industry participants per provisions of U.S. Code. Hence, a single point of contact on the government side will be legally empowered to make it easy for all federal organizations to, one, transition intellectual property to the open collaborative process; two, sponsor projects for its own purposes; and three, accept funding from projects to perform reimbursable development or testing for others.
An Internet portal, notionally “NetReady.COM,” will offer an Internet marketplace. The portal will link to a NetReady.GOV version of Consumer Reports to make it easy for agencies to do side-by-side evaluations of NetReady offerings. Further, agencies with critical information processing requirements and expert providers can find one another through the NetReady.COM “dating service.” NetReady.COM will also link to the NetReady.ORG online build-time/run-time laboratory. Finally, NetReady.COM will link to commercial and government portals that distribute pre-approved net-ready COTS/GOTS bundles.