Case Studies

German Federal Institute for Geosciences and Natural Resources (BGR)

Ingres Corporation is helping the German Federal Institute for Geosciences and Natural Resources (BGR) in its global monitoring of earthquakes, including the 7.9 magnitude earthquake that struck China’s Sichuan Province on May 12, 2008. The Ingres Database, a leading enterprise open source database, is the backbone of BGR’s Earthquake Monitor System (ERMOS), which is used to track real-time information on earthquakes in China, Germany, Europe, and around the world. Recent data from the monitoring of the China earthquake can be accessed here. In addition, the system also monitors compliance with the Comprehensive Nuclear Test Ban Treaty (CTBT), a prohibition of all forms of nuclear testing underground, underwater, and in the atmosphere.

Despite technological advancement in earthquake monitoring, today it is still nearly impossible for scientists to forecast when and where an earthquake might occur. Even though warning systems are in place in many of the regions most threatened by earthquakes, at present they are still only able to sound the alarm seconds after the event. For this reason, collection of the relevant seismological data is crucial so that it can be made available to research and scientific organizations across the globe. The BGR has historical data on earthquakes dating back to 800 AD, as well as metadata on more than two million seismological events, and the database continues to grow.

The BGR migrated to an Ingres open source database in 2007. The open source business model of the Ingres database brought the institute flexibility and costs savings. In addition, the BGR relies on a double support service – from active Ingres user groups that exchange ideas and tips, as well as from Ingres itself through its comprehensive support services.

Fast access to data and permanent availability are two of the key requirements for successful operation of the BGR. As a government agency commissioned to monitor and ensure compliance with the CTBT, the BGR must ensure a minimum 98 percent availability of data at all times. The International Monitoring System, (IMS), has 321 monitoring stations around the world that monitor adherence to the CTBT. The BGR is responsible for operating four of these highly sensitive listening posts and assumes the role of a national data center (NDC). The institute acts as expert advisor to the federal government and the CTBT organisation in Vienna.

About the Federal Institute for Geosciences and Natural Resources (BGR)

The Federal Institute for Geosciences and Natural Resources (BGR) is the geoscientific centre of excellence within the federal government and is part of its scientific and technical infrastructure. As a Federal Regulatory Authority it is accountable to the Federal Ministry of Economics and Technology. The BGR provides neutral and independent advice and information on all geoscientific and natural resource issues. In this way it supports the following Federal Government objectives for:

* stimulating economic development,
* long-term protection and improvement of the quality of life,
* enhancing scientific and technical expertise.

These tasks are divided into three main categories: Natural Resources and Georesources, Geosafety and Geoscientific Cross-Sectional Functions. For further information, click here.

 

The NSA’s Security Challenge

Using open source software, the National Security Agency was able to gather a community of professional and amateur security experts together to make unprecedented security protections available to the public.

The National Security Agency has a mission. It is not just the nation’s code keeper and code breaker, but it must ensure the security of the nation’s digital infrastructure. Ironically, it had a security problem: the ecosystem for software that was keeping top secret information secret was deeply broken. There was little competition, no innovation and this essential software was expensive, slow to market, and antiquated.

Multi-Level Security, or MLS, is a complex problem: how to allow data with many different security classifications exist on the same machine? MLS software is difficult to get right, and easy to get wrong. It is subject to a stringent certification process. There’s only one customer for this kind of software: government. Once you’ve deployed MLS software, it’s very difficult to move to another solution as every MLS system was different. These are near-perfect conditions for very expensive, proprietary software that doesn’t innovate.

The NSA found it was spending too much money to acquire software that was quickly obsolete. It was  dependent on a handful of companies who had every reason to lock the NSA into their platform. What’s worse, the private sector had no ready access to this technology that could be enormously helpful in the war against hackers and viruses.

Stephen Smalley at the NSA had a new approach. He knew that if he could solve the MLS problem with open source software, it would
simultaneously reduce the cost of the software, open the field to new innovations, and make the technology available to the private sector. In one stroke.

So Smalley and his team did something unprecedented: they took their proof of concept and released it to the world as a project called
SELinux. It began as a set of changes to the open source Linux operating system, but soon it was completely integrated. What was once expensive and proprietary was now available to millions of Linux users and developers at no charge.

At first glance, this may seem strange. Detractors of the SELinux project warned that this software must have backdoors that would give the NSA access to their computer systems. Others claimed that an open source security project could never be secure, since anyone could see where the flaws might be.

After careful scrutiny — scrutiny on a scale that was only possible because the software was open — it was quickly determined that SELinux had no backdoors. Likewise, the NSA knew that the best way to ensure the security of the software was to make it open and available to anyone’s scrutiny. They knew that software is never perfect, and the most effective strategy for identifying and quickly fixing security problems is to make sure that anyone can find the flaws, and anyone can provide a fix.

The SELinux project now has a life of its own. There’s a broad community of developers working on new SELinux features and improvements. A number of companies now provide consulting and development services around SELinux. The SELinux project has created a market for very sophisticated and complex software, which is exactly what the NSA needed.

Millions of Linux users now protect themselves from attack with SELinux, dramatically improving the security of computer systems around the world. Healthcare companies can now use sophisticated security measures to protect personal health records and meet the government-mandated HIPPA requirements.

Open source software creates markets. It spreads innovation, and harnesses the collective intelligence of every member of the community. Without open source, the NSA would still be saddled with expensive and antiquated MLS systems. That’s the power of open source software: we can do more when we work together.

 

NHIN Connect

If the Nationwide Health Information Network (NHIN) is the information highway for health data exchange, CONNECT is the universal on-ramp for federal agencies. CONNECT is a software solution that lets federal agencies securely link their existing systems to the NHIN. During 2008, more than 20 federal agencies and the private sector collaborated to build CONNECT through the Federal Health Architecture (FHA), and as a result, agencies are heading down the road toward electronic health information interoperability…

The CONNECT solution enables secure and interoperable electronic health information exchanges with other NHIN participating organizations, including federal agencies, state, tribal and local-level health organizations, and healthcare participants in the private sector. The NHIN will ultimately be a vast network of public and private-sector organizations sharing information with each other under clearly defined specifications, agreements and policies.

AN OPEN-SOURCE APPROACH PROMOTES MASS ADOPTION

Based upon federal agency demand, FHA built the CONNECT gateway software from open source code. The solution was jointly developed by federal agencies yet deployed individually at the agency level. The decision to build the solution in open source provides many benefits, including:

  • Driving down the cost of the solution for each agency and saves taxpayer dollars
  • Making it affordable for other organizations to implement
  • Promoting consistency throughout the federal government
  • Decreasing deployment times for agencies
  • Encouraging government and industry to innovate and build on CONNECT to continually make it stronger and promote interoperability throughout the industry

The CONNECT software is now available to any and all stakeholders in the health information exchange community for download. The goal is for CONNECT to be a platform on which government and industry can continue to collaborate and innovate. This will allow the software vendors to build, sell and compete with better AND interoperable solutions for the healthcare sector.

BUILDING BLOCKS OF THE CONNECT GATEWAY

The CONNECT Gateway is built on open source technologies and was made available publicly in spring of 2009. Three primary elements make up the CONNECT Gateway:

  • The Core Services Gateway provides the ability to locate patients at other health organizations within the NHIN, request and receive documents associated with the patient, and record these transactions for subsequent auditing by patients and others. Other features include mechanisms for authenticating network participants, formulating and evaluating authorizations for the release of medical information, and honoring consumer preferences for sharing their information.
  • The Enterprise Service Components, which provide default implementations of many critical enterprise components required to support electronic health information exchange, including a Master Patient Index (MPI), XDS.b Document Registry and Repository, Authorization Policy Engine, Consumer Preferences Manager, HIPAA-compliant Audit Log and others. Agencies are free to adopt the components or substitute their own implementations.
  • The Software Development Kit (SDK) enables agencies to develop adapter components that integrate their existing electronic health information systems with the Core Services Gateway.

2008 ACCOMPLISHMENTS

The CONNECT initiative sped from concept to reality in 2008. In March 2008, FHA awarded a contract to develop the CONNECT solution. The solution was built with federal agency participation, and in September of 2008, three agencies were already demonstrating the ability to share information with the private sector through the NHIN. The number of participating agencies grew to six for the December 2008 public demonstrations, and the plan is to have all federal agencies with a health line of business participate in the NHIN by the end of 2009. In the meantime, federal agencies have continued to participate in a series of trial implementations that focus on defining and deploying an initial set of services for the secure exchange of interoperable health information, and all agencies have received a deployable package that includes the CONNECT Gateway, enterprise service components and an adapter SDK.

 

THE ROAD FORWARD IN 2009

CONNECT has identified a number of opportunities for federal agencies to utilize the Gateway to address their mission needs in 2009 and beyond. These citizen-centric initiatives will provide a roadmap for 2009 development. Expected FHA activities include helping agencies deliver solutions that:

  • Collect patient status assessments as they move among various care settings to track effectiveness of treatment
  • Populate patient personal health records with information from federal systems
  • Support needs of health plans to combat fraud and waste
  • Improve coordination of benefits with other payer organizations
  • Enhance onsite care for patients during disasters and other public health emergencies
  • Support data collection for analysis of potential adverse events associated with drugs and medical equipment
  • Help establish local networks among community health clinics that provide care to underserved populations

The expected journey forward is exciting. The progress achieved to date clearly demonstrates the viability of the NHIN and provides a glimpse into a dramatically enhanced healthcare future for Americans — one based on agreed standards, attention to interoperability, affordability, and that leverages the advantages of open source software.

You may also be interested in CENATIC’s CONNECT case study.

German Federal Institute for Geosciences and Natural Resources (BGR)

Ingres Corporation is helping the German Federal Institute for Geosciences and Natural Resources (BGR) in its global monitoring of earthquakes, including the 7.9 magnitude earthquake that struck China’s Sichuan Province on May 12, 2008. The Ingres Database, a leading enterprise open source database, is the backbone of BGR’s Earthquake Monitor System (ERMOS), which is used to track real-time information on earthquakes in China, Germany, Europe, and around the world. Recent data from the monitoring of the China earthquake can be accessed here. In addition, the system also monitors compliance with the Comprehensive Nuclear Test Ban Treaty (CTBT), a prohibition of all forms of nuclear testing underground, underwater, and in the atmosphere.

Despite technological advancement in earthquake monitoring, today it is still nearly impossible for scientists to forecast when and where an earthquake might occur. Even though warning systems are in place in many of the regions most threatened by earthquakes, at present they are still only able to sound the alarm seconds after the event. For this reason, collection of the relevant seismological data is crucial so that it can be made available to research and scientific organizations across the globe. The BGR has historical data on earthquakes dating back to 800 AD, as well as metadata on more than two million seismological events, and the database continues to grow.

The BGR migrated to an Ingres open source database in 2007. The open source business model of the Ingres database brought the institute flexibility and costs savings. In addition, the BGR relies on a double support service from active Ingres user groups that exchange ideas and tips, as well as from Ingres itself through its comprehensive support services.

Fast access to data and permanent availability are two of the key requirements for successful operation of the BGR. As a government agency commissioned to monitor and ensure compliance with the CTBT, the BGR must ensure a minimum 98 percent availability of data at all times. The International Monitoring System, (IMS), has 321 monitoring stations around the world that monitor adherence to the CTBT. The BGR is responsible for operating four of these highly sensitive listening posts and assumes the role of a national data center (NDC). The institute acts as expert advisor to the federal government and the CTBT organisation in Vienna.

About the Federal Institute for Geosciences and Natural Resources (BGR)

The Federal Institute for Geosciences and Natural Resources (BGR) is the geoscientific centre of excellence within the federal government and is part of its scientific and technical infrastructure. As a Federal Regulatory Authority it is accountable to the Federal Ministry of Economics and Technology. The BGR provides neutral and independent advice and information on all geoscientific and natural resource issues. In this way it supports the following Federal Government objectives for:

* stimulating economic development,
* long-term protection and improvement of the quality of life,
* enhancing scientific and technical expertise.

These tasks are divided into three main categories: Natural Resources and Georesources, Geosafety and Geoscientific Cross-Sectional Functions. For further information, click here.

The NSA’s Security Challenge

Using open source software, the National Security Agency was able to gather a community of professional and amateur security experts together to make unprecedented security protections available to the public.

The National Security Agency has a mission. It is not just the nation’s code keeper and code breaker, but it must ensure the security of the nation’s digital infrastructure. Ironically, it had a security problem: the ecosystem for software that was keeping top secret information secret was deeply broken. There was little competition, no innovation and this essential software was expensive, slow to market, and antiquated.

Multi-Level Security, or MLS, is a complex problem: how to allow data with many different security classifications exist on the same machine? MLS software is difficult to get right, and easy to get wrong. It is subject to a stringent certification process. There’s only one customer for this kind of software: government. Once you’ve deployed MLS software, it’s very difficult to move to another solution as every MLS system was different. These are near-perfect conditions for very expensive, proprietary software that doesn’t innovate.

The NSA found it was spending too much money to acquire software that was quickly obsolete. It was  dependent on a handful of companies who had every reason to lock the NSA into their platform. What’s worse, the private sector had no ready access to this technology that could be enormously helpful in the war against hackers and viruses.

Stephen Smalley at the NSA had a new approach. He knew that if he could solve the MLS problem with open source software, it would
simultaneously reduce the cost of the software, open the field to new innovations, and make the technology available to the private sector. In one stroke.

So Smalley and his team did something unprecedented: they took their proof of concept and released it to the world as a project called
SELinux. It began as a set of changes to the open source Linux operating system, but soon it was completely integrated. What was once expensive and proprietary was now available to millions of Linux users and developers at no charge.

At first glance, this may seem strange. Detractors of the SELinux project warned that this software must have backdoors that would give the NSA access to their computer systems. Others claimed that an open source security project could never be secure, since anyone could see where the flaws might be.

After careful scrutiny — scrutiny on a scale that was only possible because the software was open — it was quickly determined that SELinux had no backdoors. Likewise, the NSA knew that the best way to ensure the security of the software was to make it open and available to anyone’s scrutiny. They knew that software is never perfect, and the most effective strategy for identifying and quickly fixing security problems is to make sure that anyone can find the flaws, and anyone can provide a fix.

The SELinux project now has a life of its own. There’s a broad community of developers working on new SELinux features and improvements. A number of companies now provide consulting and development services around SELinux. The SELinux project has created a market for very sophisticated and complex software, which is exactly what the NSA needed.

Millions of Linux users now protect themselves from attack with SELinux, dramatically improving the security of computer systems around the world. Healthcare companies can now use sophisticated security measures to protect personal health records and meet the government-mandated HIPPA requirements.

Open source software creates markets. It spreads innovation, and harnesses the collective intelligence of every member of the community. Without open source, the NSA would still be saddled with expensive and antiquated MLS systems. That’s the power of open source software: we can do more when we work together.

NHIN Connect

If the Nationwide Health Information Network (NHIN) is the information highway for health data exchange, CONNECT is the universal on-ramp for federal agencies. CONNECT is a software solution that lets federal agencies securely link their existing systems to the NHIN. During 2008, more than 20 federal agencies and the private sector collaborated to build CONNECT through the Federal Health Architecture (FHA), and as a result, agencies are heading down the road toward electronic health information interoperability…

The CONNECT solution enables secure and interoperable electronic health information exchanges with other NHIN participating organizations, including federal agencies, state, tribal and local-level health organizations, and healthcare participants in the private sector. The NHIN will ultimately be a vast network of public and private-sector organizations sharing information with each other under clearly defined specifications, agreements and policies.

AN OPEN-SOURCE APPROACH PROMOTES MASS ADOPTION

Based upon federal agency demand, FHA built the CONNECT gateway software from open source code. The solution was jointly developed by federal agencies yet deployed individually at the agency level. The decision to build the solution in open source provides many benefits, including:

  • Driving down the cost of the solution for each agency and saves taxpayer dollars
  • Making it affordable for other organizations to implement
  • Promoting consistency throughout the federal government
  • Decreasing deployment times for agencies
  • Encouraging government and industry to innovate and build on CONNECT to continually make it stronger and promote interoperability throughout the industry

The CONNECT software is now available to any and all stakeholders in the health information exchange community for download. The goal is for CONNECT to be a platform on which government and industry can continue to collaborate and innovate. This will allow the software vendors to build, sell and compete with better AND interoperable solutions for the healthcare sector.

BUILDING BLOCKS OF THE CONNECT GATEWAY

The CONNECT Gateway is built on open source technologies and was made available publicly in spring of 2009. Three primary elements make up the CONNECT Gateway:

  • The Core Services Gateway provides the ability to locate patients at other health organizations within the NHIN, request and receive documents associated with the patient, and record these transactions for subsequent auditing by patients and others. Other features include mechanisms for authenticating network participants, formulating and evaluating authorizations for the release of medical information, and honoring consumer preferences for sharing their information.
  • The Enterprise Service Components, which provide default implementations of many critical enterprise components required to support electronic health information exchange, including a Master Patient Index (MPI), XDS.b Document Registry and Repository, Authorization Policy Engine, Consumer Preferences Manager, HIPAA-compliant Audit Log and others. Agencies are free to adopt the components or substitute their own implementations.
  • The Software Development Kit (SDK) enables agencies to develop adapter components that integrate their existing electronic health information systems with the Core Services Gateway.

2008 ACCOMPLISHMENTS

The CONNECT initiative sped from concept to reality in 2008. In March 2008, FHA awarded a contract to develop the CONNECT solution. The solution was built with federal agency participation, and in September of 2008, three agencies were already demonstrating the ability to share information with the private sector through the NHIN. The number of participating agencies grew to six for the December 2008 public demonstrations, and the plan is to have all federal agencies with a health line of business participate in the NHIN by the end of 2009. In the meantime, federal agencies have continued to participate in a series of trial implementations that focus on defining and deploying an initial set of services for the secure exchange of interoperable health information, and all agencies have received a deployable package that includes the CONNECT Gateway, enterprise service components and an adapter SDK.

THE ROAD FORWARD IN 2009

CONNECT has identified a number of opportunities for federal agencies to utilize the Gateway to address their mission needs in 2009 and beyond. These citizen-centric initiatives will provide a roadmap for 2009 development. Expected FHA activities include helping agencies deliver solutions that:

  • Collect patient status assessments as they move among various care settings to track effectiveness of treatment
  • Populate patient personal health records with information from federal systems
  • Support needs of health plans to combat fraud and waste
  • Improve coordination of benefits with other payer organizations
  • Enhance onsite care for patients during disasters and other public health emergencies
  • Support data collection for analysis of potential adverse events associated with drugs and medical equipment
  • Help establish local networks among community health clinics that provide care to underserved populations

The expected journey forward is exciting. The progress achieved to date clearly demonstrates the viability of the NHIN and provides a glimpse into a dramatically enhanced healthcare future for Americans – one based on agreed standards, attention to interoperability, affordability, and that leverages the advantages of open source software.