Someone doesn't like Accumulo. And by the looks of it they are very well versed in the language of open source software (OSS).
Back ground: Accumulo was recently released as OSS to the Apache foundation and has to do with securoty features using a cloud architecture. What was interesting is that NSA funded, created and released it to build a community around these features that they wanted.
Let the guessing begin on who put this in...
Department of Defense use of National Security Agency
cloud computing database and intelligence community
cloud computing infrastructure and services (sec. 929)
The committee recommends a provision that would prohibit the
use of the National Security Agency’s (NSA) Accumulo cloud computing database by other Department of Defense (DOD) components after September 30, 2013, unless the Chief Information Officer certifies that there are no viable commercial open source databases that have the security features of Accumulo, or that
Accumulo itself has become a successful open source database
project. The provision also would require that Department of Defense and intelligence community officials coordinate fully on the
use by DOD components of cloud computing infrastructure and
services offered by the intelligence community for purposes other
than intelligence analysis to ensure consistency with the DOD information technology efficiencies initiative, data center and server
consolidation plans, and cybersecurity plans and policies.
The committee applauds NSA’s decision to adopt open source architectures and software for most of its cloud computing development. However, the committee disagrees with NSA’s decision to develop its own cloud computing database—called Accumulo—rather
than adapt an open source version of the Google BigTable product.
The committee understands that NSA decided to build a government solution several years ago because the open source systems
lacked security features that NSA considers essential. In hindsight,
the committee believes it would have been smarter for NSA to have
worked with industry and the open source community to add NSA’s
security features to the open source database systems. Indeed, the
committee believes that NSA should pursue that course now.
The downside of using a government-unique database is that,
compared to open source products, there will be far fewer developers contributing to technology advances, and all of the applications, analytic tools, and functionality that the open source community and commercial industry are developing for cloud computing
will not be compatible or interoperable with the NSA database, depriving the government of valuable innovation. The committee believes it is very likely that the rapidly expanding and innovating
cloud computing industry will pass NSA by in a hurry, with lagging performance and higher costs. The consequences would not be
confined to NSA, since the Army intelligence community has already adopted the NSA cloud architecture, and NSA is strongly
urging the entire Department of Defense to do likewise. One of
NSA’s arguments is that the security features of Accumulo are essential for the cybersecurity of DOD as a whole.
NSA is making an effort to heal its divergence from the open
source community by proposing Accumulo as an open source project
under the Apache Foundation as a competitor to existing Apache
Foundation open source databases like HBase and Cassandra,
which are widely used and supported in industry.
The committee believes it is important to ensure that there are
options available if Accumulo does not in fact become a viable and
widely supported open source project. The committee is aware of
commercial interest in the cell-level data tagging security features
that NSA built into Accumulo. These features should be as useful
to industry clients who need to protect and control access to the
data resident in cloud facilities as they are to the intelligence community and DOD.
If Accumulo is successful, or if the commercial open source community produces nothing comparable to Accumulo’s security features, this provision would permit Accumulo to be used in DOD
outside of NSA. But if Accumulo is not an open source success, and
if industry follows NSA’s security lead, the Department should use
a commercial product. This provision would give NSA almost 2
years since it made the Accumulo open source proposal to Apache
to succeed. The deadline in this provision is also sufficiently distant
to enable DOD components and industry to plan accordingly.
Under the direction of the Director of National Intelligence, the
Central Intelligence Agency (CIA) and NSA are planning to provide
cloud infrastructure and software ‘‘as a service’’ to all of the intelligence community. As noted, NSA is offering a government implementation of open source standards. CIA is offering a competitively
awarded commercial solution. These cloud services would cover all
manner of computing needs and capabilities, not just intelligence
analysis. This provision is also intended to ensure that DOD components’ use of these cloud services is consistent with DOD information technology policies and plans. The committee notes that the
software services that the CIA may offer to DOD customers could
include analytic databases like HBase and Cassandra, and other
commercial open source products, potentially providing an alternative to Accumulo.
Recent Comments