Wednesday, November 20, 2019

Enlisting Open-Source Applications by U.S Department of Defense Case Study

Enlisting Open-Source Applications by U.S Department of Defense - Case Study Example Open-source software application is a recent technology which allows users of the web-based software to use, make modification to the source code, and distribute it. This paper looks at a case study of the implementation of this technology by the US Department of Defence.It assesses the security issues in the use of open-source software, as well as its pros and cons. The paper also evaluates the cultural changes required at DoD for the successive implementation of the system. The main security issues in the use of open-source software are those of ensuring confidentiality, availability and integrity of the information. Its use helps to reduce cost in addition to guaranteeing the user right to make modification to the software. Its implementation requires cultural change at the organization. Enlisting Open-Source Application by US Defence Department The US Department of Defence has contemplated to harness the benefits of open-source software. Open-source software is defined by Galliva n (2001, p. 281) as software which human-source readable source code is available for study, use, re-use, modification and redistribution by the users of the software. Having agreed that open-source software is similar to commercial software in almost all dimensions, DoD argues that it should be given an equal consideration when making a technology purchase decision. Open source software has a number of benefits that include a wide peer-review that can help to eliminate defects, exclusive modification rights that ensure speedy changes when needed and reduction in the cost. Open-source software allows for rapid prototyping. Despite its benefits, Department of Defence needs to be assured of the security of its information given the nature of the sensitive information the department handles. Security Issues To guarantee the Department of Defence the security of its data, several agencies have proposed measures to address this. The Defence Information System Agency (DISA) has issued ver sion two of software Forge to enable sharing of information and collaborative development of the software which is one way of ensuring security since the software developed will be tested to prevent any failure. This ensures stability of the software. Collaborative development helps to identify any problem that may occur and may have been foreseen by a single developer. They have also given a trial period to ensure that any problems with the software may be identified early before it is implemented for use by DoD. This is important since any failure of software after implementation could result in a disaster in case of data loss or unauthorised access. DISA has also introduced a closed computing-based version of Forge for classified environment, as seen in the case study. This is a measure to deal with security issue since some DoD information is usually classified and access to such information must be limited. Enlisting Open-Source Application Another security measure by DISA is i ts plan to add certificate services to Forge.mil to control access to information. Open-software Institute OSSI is also involved in licensing of where it has issued to different licences for government agencies and a free licence for learning institutions. From the case study, we learn that OSSI has copyrighted the software developed which is a move to protect the property rights of the team that developed the software. To increase security, I propose that Department of Defence uses both paid and volunteer reviewers to help identify any security flaws with the software, as proposed by Hoepman & Jacobs (2007, p. 81). This is important since paid reviewers may be able to unearth security flaws of the system rather than relying only on users. Advantages and Disadvantages of Open-Source Software Advantages The advantages of open-source software to a large organization presuppose that everyone has a right to change the source code

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.