Three to watch in coming year

Featured eBooks
Whole-of-State Cybersecurity
The State of Trust in Government
Cybersecurity in State and Local Government
 

Connecting state and local government leaders

By

No one has to tell government IT managers that the challenges they face don't suddenly change when one year passes into the next.

No one has to tell government IT managers that the challenges they face don't suddenly change when one year passes into the next.

Enterprise architecture, security and IT management were hot in 2004 and will continue to be in 2005.

But the tools and technologies used to deal with these challenges will mature, evolve or simply gain better acceptance. Among the 2005 technology trends, experts tell GCN that service-oriented architectures, network user authentication and managed IT services will be fertile ground for agencies in the coming year.

Service-oriented architecture

The emerging concept of a service-oriented architecture promises to fulfill one of the IT community's most enduring dreams: software reuse. Implement an SOA in your agency, and one group's programs could be easily reused elsewhere within your network.

Now, as Web services have matured and enterprise architecture initiatives are taking hold at agencies, experts see SOA use as inevitable.

'SOA is about finally realizing the benefit of software reuse, without the cost or pain of software reuse,' said Art Fritzson, vice president at Booz Allen Hamilton Inc. of McLean, Va.

Web services provide a common technical foundation for building an SOA, said Pradeep Nair, product marketing manager for asset management software provider MRO Software Inc. of Bedford, Mass. By submerging the fine-grained implementation details, an SOA frees managers to think about optimizing business processes.

'Instead of exposing your objects and having your end users understand the intricate details about how your methods and properties work, you provide a service layer at a business level,' Nair said.

In an SOA, a Web services application exposes its features and functionality to the outside world as reusable components.

For instance, MRO's Maximo logistics software could offer a service such as the ability to create a work order. To help users'and other machines'find these services, an agency sets up a central directory using the Universal Description, Discovery and Integration standard.

Not surprisingly, SOA is a close relative of enterprise architecture and stands to play a major role in streamlining agencies' IT.

As agency heads map lines of business under their EAs, they realize, in many cases, that they have excess capacity, said Mark Forman, former administrator for e-government and IT at the Office of Management and Budget. Applying SOA to EA lines of business can provide agencies with a map they can use to consolidate operations and share resources.

How does an agency start down the SOA path? The first step comes in the IT procurement process, before ever building a thing, said Fritzson. Agencies should ensure the software, hardware and systems they procure are compliant with open Web services standards. Such gear can be easily reappropriated for missions outside their intended function, Fritzson said.

Like any new technology, SOAs still have implementation issues. Billing is one. If one office provides a service heavily used by others, how does the office justify the cost of maintenance?

Forman sees the creation of 'IT services brokers' that keep track of what resources are being used by whom. 'There are models out there' to resolve this problem, he said.

'It's amazing we have gotten as far as we have, given the fact we reinvent software every time we need it,' Fritzson said. 'It feels like we're poised on an era where software reuse becomes a reality.'

'Joab Jackson

Password security

According to the CERT Coordination Center at Carnegie Mellon University, poor passwords account for up to 80 percent of network security problems. Still, this legacy authentication technique is so ingrained in IT infrastructures it is unlikely to disappear anytime soon.

'Passwords are here for a long time,' said Burt Kaliski, chief scientist for RSA Labs, a division of RSA Security Inc. of Bedford, Mass. But new twists are coming.

The problem with passwords is that the same factors that make them difficult to crack also make them difficult to remember without writing them down. And writing a password down is a no-no.

Passwords can be hashed for storage and salted with random numerical values to help foil hackers and dictionary attacks. But when passwords threaten to become too complex for a user to remember, a second factor for authentication can be added to raise the level of security.

America Online Inc. began offering a second factor for account protection in September with its PassCode premium service. The service uses RSA's SecurID token, which generates a new six-digit code every 60 seconds. An algorithm on the authenticating server generates the same sequence of codes. The current code is required along with the password to access protected accounts.

Recently, Entrust Inc. of Addison, Texas, launched what it calls IdentityGuard to do away with tokens. The system uses a random grid of alphanumeric characters that can be stored on a wallet-size card or in a downloaded file. When signing on to a protected account, the user is challenged with a set of coordinates from the grid. To gain access, the user must supply the characters that correspond to the coordinates, along with his regular password.

Other new technologies to improve password protection are still in development. RSA began work two years ago on its Nightingale system to eliminate a single point of compromise for stealing passwords. To foil hackers, it uses technology that mathematically splits passwords apart and stores the parts on separate servers.

The Institute of Electrical and Electronics Engineers is developing a standard for an encrypted-key exchange protocol, which Kaliski described as a hybrid between
public-key cryptography and password cryptography. Passwords are used to protect public keys, which are used to set up connections with protected resources. The math involved is not trivial. But if implemented correctly, the system could effectively authenticate both the user and the server.

The protocol won't replace plain passwords anytime soon, and it requires that both the server and the client are enabled for the new standard. But any improvement over current password authentication methods will help agencies live up to their security requirements.

'William Jackson

Managed network services

Call it outsourcing, call it seat management, call it what you will, but managed network services in government IT are finally coming on strong, from simply monitoring traffic to network security.

According to IT executives, managed services in the federal, state and local IT arena will continue to grow'and change'over the next few years. The issues driving their adoption this year will be security, performance-based contracts and the ever-present drive to improve government IT infrastructures.

'Most governments are keenly interested in becoming more efficient,' said Cheryl Janey, vice president of state and local enterprise solutions for Northrop Grumman Corp.'s IT unit in Herndon, Va. But traditional outsourcing may not be the best way to achieve this.

Governments might decide on 'some sort of hybrid approach'a mix of asset management, transactional management and managed services,' Janey said.

Minneapolis officials breathed a sigh of relief when they turned over the management of the city's IT operations to Unisys Corp.

Under the city's seven-year, $56 million managed services contract, the company handles all of Minneapolis' technology operations, overseeing about 2,700 PCs, more than 100 servers, the e-mail system, printers and peripherals.

Minneapolis decided on the managed services contract because 'IT wasn't a core competency of the city,' said Bill Beck, Minneapolis' deputy CIO and director of planning and program management for the city's Business Information Services Division.

The city no longer owns any computer equipment, Beck said. 'Unisys owns it all.'

Managed services contracts will continue to grow by double digits in the years ahead, but the 'megadeals are over,' said Phil Smith, vice president of solutions for Unisys' global infrastructure services sector. 'I believe there will be a lot more smaller deals. Unisys will handle the network and data center, and someone else will get the desktop work.'

Smith even expects an uptick in managed services contracts that cover IT security. Historically, this has been one area that governments were loath to surrender to an outside organization, but Smith sees that fear abating. 'As issues of identity theft become more alarming, security is going to be a huge issue over the next couple of years,' he said.

'Trudy Walsh

NEXT STORY: FIPS validation opens federal doors for pcAnywhere

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.