The Department of Homeland Security (DHS) Science and Technology (S&T) Directorate recently selected the Georgia Tech Research Institute (GTRI) to lead a five-year, $10 million effort for researching open source software.
Under the Homeland Open Security Technology (HOST) program, GTRI will help improve the government’s understanding of open source capabilities will also using funding for advanced research in these areas. The HOST program is overseen by DHS S&T’s Cyber Security Division.
Open security doesn’t have a commonly accepted definition, Joshua Davis, associate division head at GTRI’s Cyber Technology and Information Security Laboratory and principal investigator for the HOST program, told sister publication TR2. Open security is essentially open source software for the purpose of security computer systems and networks, he says. Using open security allows the government to take advantage of lower costs and without being tied to a single vendor, he added.
The HOST program consists of several phases, the first of which is discovery. One aspect of this phase will be a study to inventory all open security software, said Davis. Another study will be to inventory open source software that is accredited for governments, he said.
Having software that is accredited means the “security bar has been raised,” said Davis, so that government employees can easily acquire critical open security components. The study will also look at government uses this technology so that best practices and lessons learned can be gathered to share with others in government to help them take advantage of this technology.
These studies will be done in the first year of the project.
The second phase of HOST will be a collaboration involving representatives from the federal government to “help us understand where we might find collaborative investments into open security tools, where we might find ways to influence policy, and where it makes sense to help them do their job more effectively,” Davis said. Ultimately the HOST program is aimed at state and local governments too, he said.
Part of the collaboration phase will include roundtable events with federal and state government representatives and eventually local governments to educate them on how to take advantage of open security tools.
The final element of HOST is investments in research and development of software for open security. So far, HOST has made two investments: one is an intrusion detection tool called Suricata, developed by the nonprofit Open Information Security Foundation (OISF).
Currently, most government organizations have another intrusion detection system called Snort, which was originally developed through open source methods but is now controlled by the cyber security firm SourceFire [FIRE]. Suricata gives customers more options for intrusion detection and enables them to tailor the program to their needs.
The other investment is OpenSSL, a volunteer effort that is creating more open source secure socket layer (SSL) technology, which enables encryption of sensitive information during online transactions. In the case of OpenSSL, the technology is validated to federal security standards through ongoing efforts partially supported by HOST.
GTRI is leading the HOST effort in conjunction with the Open Technology Research Consortium (OTRC), which consists of academic research institutions, industry partners and open source community organizations. OTRC members participating in HOST in addition to GTRI are the Univ. of Texas at Austin, the Open Source Software Institute and OISF.