Researcher: Open-source software could bolster government security
- By William Jackson
- Dec 04, 2003
Federal procurement requirements put open-source software at a disadvantage in the government market, making government systems less secure, a former program manager with the Defense Advanced Research Projects Agency said.
'It is still a debate whether open-source development produces more security than the traditional proprietary method,' said Doug Maughan, a senior research fellow with the Potomac Institute for Policy Studies. 'But a diverse environment of operating systems could improve security, and government officials now are limited in their choices.'
Maughan spoke today at the Secure Trusted OS Consortium Symposium in Washington.
Steve Cooper, the CIO of the Homeland Security Department, has been criticized for standardizing the department's systems on Microsoft Windows, he said, 'but I maintain Cooper made the choice he had to make.'
'Government is looking for a higher assurance than they have today' in open-source software, he said.
At DARPA, Maughan managed the Composable High-Assurance Trusted Systems program, a two-and-a-half-year project to fund research into the Linux, OpenBSD and FreeBSD operating systems.
Most recent releases of the OSes include DARPA-funded security enhancements, 'but government requirements for evaluation and certification still keep open-source software on the outside,' Maughan said.
William Jackson is a Maryland-based freelance writer.