5 star technologies that feds should know about and deploy

Featured eBooks
Health Tech
Read Now

Next-Generation Computing

Read Now

Space Tech

Read Now
Insights & Reports
Stay Ahead of the Latest Threats with Intelligence-driven Security Operations
Presented By Google Cloud
Download Now
Strengthening cloud security for federal agencies
Presented By Wiz
Download Now
By Wade-Hahn Chan

By Wade-Hahn Chan

|

These new information technologies will change the way government works.

Information technologies increasingly constitute the backbone of the federal government. But technology trends burn hot and flame out quickly — often faster than the pace of government procurement and policy changes.

We have consulted experts to identify five hot technologies and concepts that federal managers should know. And the experts think these won’t just be a flash in the pan.

1. Authentication/identity management
You know who you are, but does anyone else know? Managing identities is an IT discipline that overlaps with safeguarding information online, which is one of government officials’ biggest IT concerns.

The most prominent identity-related policy affecting feds is Homeland Security Presidential Directive 12, which requires agencies to issue interoperable personal identity verification cards to federal employees and contractors.

Eric Longo, federal business development manager at RSA Security, said electronic authentication is simply a process of exchanging access for “something you are, something you know, something you have.” The something you are could be biometric data, such as a fingerprint. The something you know could be a password, and the something you have could be a token, such as an ID card with a chip containing personal data.

“For identity and access management, it’s really about incorporating security into what you’re trying to accomplish,” Longo said. “If you don’t authenticate, you basically have a situation where everyone can be whoever the heck they want to be.”

E-authentication applies identity management technologies. Users must be able to prove they are who they say they are before they can gain online access to federal databases. Many experts expect telework to become an option for a growing number of federal employees in this decade, and it depends on e-authentication technologies. If you’re a teleworker and can’t log in to government systems from home, you can’t do your work.

2. Radio frequency identification
Radio frequency identification tags made this list because of their acceptance in government and industry. Wal-Mart is a leader in marking products with RFID tags to track shipments and reduce losses. The Defense Department has followed suit, mandating RFID use on supplies and containers worldwide. Other federal departments use RFID tags to keep tabs on everything from hazardous materials to animals.

“It’s providing innovation in areas we hadn’t seen before,” said Jennifer Kerber, homeland security director at the IT Association of America. “There’s a potential for great savings.” But RFID has bred controversy. The State Department’s new passports contain RFID tags, which has prompted complaints from privacy groups.

Some security companies have added to the controversy. Lukas Grunwald, a German security researcher at DN-Systems, showed how to clone an RFID-equipped passport at a recent Black Hat Briefings conference. Two employees from U.S. security firm Flexilis demonstrated at the conference what they described as a bomb detonation triggered by an active RFID tag when it entered scanning range.

But Kerber said people should not blame RFID technology for a lack of security. That depends on how organizations choose to use it, she said. “The technology is the innovation. It’s the enabler, but it doesn’t ensure privacy and security. That comes with your program decisions, your policy decisions.”

3. Search engines
Search engines aren’t new. The Google search engine is so ubiquitous that “google” is now listed as a verb in the Merriam-Webster dictionary. However, using searches to organize and quickly access agency information systems is a major reason why search engines have become hot in the government.

The FirstGov Web portal’s search engine uses more than 2,000 frequently asked question documents indexed by context. LexisNexis’ Advanced Government Solutions suite enables secure searches and information sharing among agencies.

The newest search engines seek to find information in databases and return customized results. “Modern ideas like this — custom treatment of high-value information — is something that feds need to know about, whether they operate citizen-facing portals or civil-service intranets,” said Raul Valdes-Perez, chief executive officer of Vivismo.

Information drives organizations, said Matthew Glotzbach, enterprise product manager at Google. The challenge for new search engines is to access databases of information and quickly find what you’re looking for.

“It’s easier to find an obscure fact about the Civil War on the Internet than it is to find a policy decision that was made two weeks ago,” Glotzbach said. Searching for information in large agency information systems is difficult, he added. Search engines have to sort through content systems, relational databases and dissimilar document types such as PDFs or Microsoft Word documents. Once you have search results, you must determine whether the information you need is at the front of thousands of results.

4. Open-source software
Open-source applications, utilities, geographic information systems and operating systems have become sought-after software.

The U.S. Marshals switched to Linux-based servers, and the Federal Aviation Administration moved air traffic control computers to Red Hat Linux. Both agencies cited cost savings. The Marshals said Linux provided good security and flexibility. The Army’s Future Combat Systems will also be based on Linux.

“You can have a much larger technology base supporting your capabilities out in the field” with open-source software, said John Scott, open-source development consultant for DOD’s Advanced Systems and Concepts Office. He is co-author of “Open Technology Development Roadmap Plan,” which is about developing agencywide open-technology standards.

Scott said open-source communities have an advantage because many people support and troubleshoot software.

“Open source allows you to have many more people who understand what that software does,” he said.

5. IPv6
The standard for Internet identity addresses is IPv4, which has space for about 4.3 billion IP addresses. IPv6 would increase that number exponentially — to more than 50 octillion IP addresses.

With ever-increasing uses for IP addresses, smart governments recognize the necessity of adopting the new standard. But the most immediate reason why feds should know about IPv6 is because they don’t have a choice.

“OMB says you gotta do it,” said Walt Grabowski, senior director of telecommunications at SI International, referring to an Office of Management and Budget policy that requires agencies to begin running IPv6 on their backbone networks by 2008.

“You’re going to get measured on your progress,” he said. “You’ve got this woven into enterprise architecture.”

Grabowski said the necessity of transitioning to IPv6 will require replacing older systems with ones that can support the new standard.

“The U.S. government’s transition efforts are motivated by a long-term view that our economy and our information technology industry need to make this change, even though [IPv4] is highly embedded within their legacy systems,” he said. “If there’s no leadership shown, then it could be a long, long time before we adopt it.”

Data encryption: From disks to serversWith the furor over stolen laptop computers still in the media, it’s no surprise that protecting data is foremost on the minds of many government managers when thinking about security.

One possible way to prevent another stolen laptop debacle is disk encryption software. Encrypted disks are inaccessible even when someone attempts to access them from outside the computer’s operating system.

As the name suggests, encryption translates data into a code that only an authorized user — someone with a password — can decrypt. Public-key encryption is particularly popular in the federal workplace because it requires both a public and a private key. The public key encrypts the code while the private key decrypts it.

Smart cards are one visible use of public-key infrastructures. They can contain the necessary access keys in addition to other secure means of verification, such as biometrics.

The government has also expressed interest in encrypting data on enterprise servers. For instance, in mid-August, the Social Security Administration released a sources-sought notice for an ambitious, commercial encryption program that would protect data in a Microsoft Active Directory-based, Windows Server 2003 environment.

— Wade-Hahn Chan

The honorableHere are a few more technologies that are beginning to make a difference in how some federal, state and local agencies do their work.

1. Wireless mesh networking:
Emergencies or natural disasters can destroy traditional communication lines and Internet connections. A wireless mesh has many nodes that offer wireless Internet access. If one node is disabled, the remaining nodes continue to provide connectivity. The military and state and local governments are now using such networks.

2. Virtualization:
Virtualization is a technique in which an organization runs multiple operating systems on one computer to support a variety of applications. The term also describes the pooling of resources from multiple computers on a network to run one or more applications. Either way, virtualization can produce efficiencies and savings.

3. Service-oriented architecture:
SOA describes middleware that is useful for creating new business applications. However, many agencies still lack a clear understanding of how to implement SOA.

— Wade-Hahn Chan

NEXT STORY: NIST solicits comment on new security publications