NRO jumps on open source bandwagon
- By George Leopold
- Jun 26, 2015
The National Reconnaissance Office (NRO) is the latest government spy agency to take the leap into the open source software community.
Given the growing need for advanced databases with multiple levels of security to store geospatial intelligence, NRO contractor Lockheed Martin along with partners like Red Hat and Crunchy Data Solutions rolled out an open source relational database at a geospatial intelligence symposium in Washington this week that is billed as supporting multilevel security.
Lockheed Martin and Crunchy Data, a provider of enterprise database technology called PostgreSQL, jointly unveiled a multilevel security version of the open source object-relational database. They said it is designed to meet the relational database requirements of NRO's Centralized Super Computing Facility.
Open source leader Red Hat and data storage specialist Seagate Technology also contributed to development of the secure open source database.
Lockheed Martin said it took the open source route as way to enable "data fusion" and as a means of consolidating hardware and software. The data fusion capability eliminates data duplication while displaying real-time intelligence data on a single screen for analysts cleared to view it.
The multilevel secure version of the PostgreSQL database leverages a version of Red Hat's Linux kernel security module called SELinux, for Security-Enhanced Linux. It allows the geospatial intelligence database to manage data creation and access permissions based on SELinux security policies. The framework also manages SELinux security policies through both network connections and users' security level.
In one scenario, the secure database would allow an analyst with a Top Secret clearance to access lower-level security data. The system could also re-label the data security level if changed by higher-level users.
Other U.S. spy agencies have also embraced open source technology in recent projects. With security being such an important issue, it might seem counterintuitive to use software whose source code is openly available, but experts say that kind of transparency is one reason open source systems could be more secure—or at least no less secure—that closed systems.
IT automation specialist Puppet Labs announced last week the National Security Agency was releasing to the open source community a set of security tools based on Puppet Labs' technologies for the Systems Integrity Management Platform.
Last November, NSA expanded its open source portfolio by releasing the source code for software designed to manage data network interoperability.
The open source tool called “Niagarafiles,” or “Nifi,” was released through the Apache Software Foundation. The spy agency said the release was the first in a series of open source software tools from its technology transfer program that shares agency-developed technologies with academia, industry and research organizations.