Working toward better messaging systems
- By Colleen O'Hara
- Oct 31, 1997
For years the government's use of electronic messaging technology has been marked by a scattershot approach with individual agencies setting up their own systems and giving little regard to larger issues of interagency interoperability. In part the problem has been that most agencies have procured their messaging products and services - including X.400 and Internet e-mail electronic commerce X.500 directory services and groupware - piecemeal directly from vendors.
Basic messaging services also are available through FTS 2000 the General Services Administration's vehicle for long-distance telecommunications services but the government has had no centralized messaging-specific contract that might have provided a well-defined set of standards and functionality. All that is now changing.
The Defense Information Systems Agency GSA and on a pilot basis the Treasury Department in partnership with GSA offer contracts that provide or will soon provide messaging services needed to build reliable and secure messaging systems as well as infrastructures based on commercial products. Other future contracts such as FTS 2001 which is the next iteration of FTS 2000 promise additional messaging and Internet services.
These new vehicles should bring some welcome relief for agencies as their reliance on messaging technology increases. George Ramick Jr. the Transportation Department's messaging manager said that when his group got money two years ago to integrate 12 separate messaging systems in the department it was like "gazing into a crystal ball" in terms of predicting the amount of e-mail traffic and what products they would need to support it. DOT's system now processes 220 000 messages a day - more than 20 times the anticipated 10 000 messages. "This showed us that e-mail is everywhere and people are using it in a way we didn't envision two years ago " he said.
Off-the-Shelf Emphasis DISA led the way several years ago with its Defense Message System. The goal with DMS was to provide a basic infrastructure that DOD and related users could tap into for reliable messaging services. However because of the critical nature of DOD communications DISA originally required its contractor to modify the basic commercial products significantly - a requirement that has delayed DMS' deployment.
In contrast GSA's Commerce Internet and Electronic Mail Access (CINEMA) program and Treasury's Government Electronic Messaging Services (GEMS) pilot are focusing on off-the-shelf technology from the outset. GSA awarded CINEMA contracts to IBM Corp.'s Advantis subsidiary and BTG Inc. earlier this year. GEMS is building on the existing Treasury Communications System program.
Both programs have made it a goal to provide what they call "business-quality" services - setting the bar based on the services expected and presumably available at large commercial organizations.
If there is a common thread among the available contracts it is support for commercial standards X.400 and Internet mail services as well as recognition of the need for more security and directory services. Internet standards have caught up with X.400/X.500 in terms of functionality and have exceeded those standards in terms of adoption said John Menkart regional sales manager for Netscape Communications Corp. "Internet standards and protocols are moving.
Standards are advancing so that within the next year or two Internet standards will have functionality that obviates the need for any specific client such as a DMS-specific client." "The Internet side offers convenience and simplicity. The X.400/X.500 side offers security and nonrepudiation and complexity " said Dion Rudnicki client executive at IBM Global Government Industry. "As additional messaging evolves into secure Internet messaging it will be easier to use it and will have security associated with it it's a matter of 'Will it still meet the requirements?' "
Many agencies are "looking for solutions with [Simple Mail Transfer Protocol (SMTP)] and MIME gateways because it's easy to do as opposed to X.400/X.500 " said Jack Finley program manager at GSA's Center for Electronic Messaging Technologies which drafted governmentwide specifications for messaging and which is building a governmentwide X.500 directory that agencies will tie into. "We really do not mind which it is as long as functional messaging requirements [fit into] our governmentwide scope " Finley said. "And as long as products meet the messaging requirements for basic intermediate and business-quality e-mail then we do not care which one it is."
At DOT the focus now is to ensure that service does not decrease as the amount of traffic continues to increase which means more servers stronger engines better security around-the-clock support and fault tolerance Ramick said. Also maintaining an X.500 directory which the department has developed is essential because such as directory offers integration of Internet e-mail and directory services.
"There has not been a great rush to X.500 despite the fact it's a compelling technology " Ramick said. "It's possible to get a big payoff if you understand how [to use the technology]. You have to show people what it does for them. Not everyone out there sees [the] need for [a] single directory for all agencies in the department."
For the present at least CINEMA just offers a basic menu of services: X.400 and SMTP mail X.500 directory services and X12 electronic commerce services. However it will be essential for GSA to offer more on CINEMA which users and vendors say is too narrow in focus. April Ramey director of the post-FTS 2000 special services center said GSA hopes to add within the next few months distribution-list capability protocol conversion message store and forward store and retrieve services and security products.
"We've heard from vendors and customers that we need to add more to CINEMA to make it more useful to folks " Ramey said. GSA and vendors may have a hard sell until then. "Agencies are already doing it themselves. I think people are already committed to things " said Ron Hack director of the Office of Systems and Telecommunications Management at the Commerce Department. "GSA's CINEMA contract is a little late. I would encourage agencies to look at CINEMA and see if it provides the answer but it doesn't yet provide the full breadth of services."
However as awareness builds and capabilities of CINEMA are understood it will become a "dynamic vehicle for services we offer " Rudnicki said. "We offer them commercially and will offer them to the government as well. Our concentration is services that have been proven in the commercial world."
Competitive Pressure With GEMS Treasury will vie with CINEMA for agency business by offering what agency officials describe as a more complete set of services. The GEMS pilot funded by $1 million in start-up money from the Innovation Fund Subgroup of the Interagency Management Council proposes building a duplicative system to the system provided under TCS a contract held by TRW Inc. but open only to Treasury agencies. GEMS will offer to the rest of the government on a pilot basis at first - and then if successful on a fee-for-service basis - X.400 and SMTP mail services X.500 directory services and electronic commerce clearinghouse services. The year-long pilot should get under way in November when the first user connects to the backbone.
"The purpose is to show we can demonstrate a more reliable and cost-efficient and effective messaging service than FTS 2000 " said Michele Rubenstein program manager for electronic messaging and Internet technology at Treasury. "GEMS offers more than CINEMA without the contract modification " Rubenstein said. "[GSA doesn't] offer the level of X.400 and X.500 with compliance to current standards nor do they offer directory services at all in those respects. We also provide an electronic commerce clearinghouse functionality so [that] it comes in one format and we translate it and send it out in another. No other government agency has that capability."
To a large degree agencies' needs have not been met by FTS which offers basic Internet access and messaging services or by CINEMA she said. "They have gone to outside sources and contracted for these services specifically and these are costly because they are not GSA schedule or FTS." The most popular services Treasury has been requested to provide under GEMS Rubenstein said are X.400 and SMTP mail service. She expects requests for directory services to increase particularly as agencies conduct more electronic commerce. Digital certificates used to secure EC transactions must be stored in an X.500 directory.
"The big emphasis is on security " said Linda Mills program manager for TCS at TRW. "Secure e-mail certificates public-key encryption intrusion detection - I would anticipate we would be providing those types of services. We're driven by our projection of what their needs are." One thing Commerce wants that is not yet there is the confidence to use the Internet for business Hack said. "We have Internet security but I'm still not convinced that that's universally available " he said.
Security is a central focus for agencies conducting business with the Defense Department which is building a message system to provide guaranteed e-mail and secure messaging services for the department as well as for intelligence and civilian agencies. DMS will eventually replace the current and aging Autodin system and other disparate e-mail systems in DOD with a single integrated system that allows users to send attachments access X.500 electronic directories and send digitally signed and encrypted messages through Fortezza.
Based on Microsoft Corp.'s Exchange Lotus Development Corp.'s Notes and Enterprise Solutions Ltd. client software DMS currently offers X.400 mail and X.500 directory services signed and encrypted messages multimedia attachments signed and unsigned receipts guaranteed delivery and notification of delivery or nondelivery system management and message trace and interfaces that connect to the Internet via SMTP.
"We would hope the rather small agencies in government would not duplicate what we have done and build an infrastructure and system which would be expensive " said Capt. Jim Day the DMS program director at DISA. Agencies should buy the user components and use the DMS infrastructure on a fee-for-service basis he said. "There are a lot of agencies that have to send messages to us such as the State Department and the FBI. They will want to use DMS because they want to know messages get through " Day said.
Those agencies also are connected to Autodin and will need a replacement for that. Although the DMS program has been delayed considerably due mainly to exhaustive interoperability testing DISA said there will be 20 DMS installations per month by January or February next year so that Autodin which is costing DOD hundreds of millions of dollars to operate can be turned off by 2000. Despite the problems in rolling out DMS the plan is "a brilliant vision " said Warren Suss president of Warren H. Suss Associates Jenkintown Pa. "The problem has been in executing vision and achieving planned objectives. If they get what they plan to get it would open up the government market and DMS would be the No. 1 solution for the government. It offers everything. I believe we will start to see some benefits from that."
The success of DMS which incorporates military-specific requirements hinges on the fact that it must remain based on commercial products Suss said. "[DOD] can't issue a military standard and say industry has to follow it but it can identify the ways in which the government requirements dovetail with commercial requirements and use government buying power as an incentive to move the way the government wants them to move " he said. That is the approach DOD is taking.
"We're on an aggressive path with regard to releases of software that will add capabilities to basic DMS capabilities that will be deployed shortly " said George Jakabcin national account manager for civilian agencies at Lockheed Martin Corp. the prime contractor on DMS. "We will add additional layers of security and capabilities required by various user communities. DMS is intended to be an evolutionary process to add capabilities that may not exist today or may not be a requirement today " he said.
Vendors like the idea. "The DMS community says 'How can I continually be aware of commercial tools that I can use to get my job done?' It's incorporating commercial products and technology in a controlled way " said Keith Attenborough the DMS program manager for Lotus. In the DMS world "they are always looking for industry standards so we try to keep people [abreast of] what we do 18 months down the road " said Mitra Azizirad federal systems engineer manager at Microsoft. "We want to talk about what S/MIME needs to be secure in the spirit of DMS and still be commercial off-the-shelf."
As with all programs DMS needs to be flexible and easy to use. DISA plans to streamline the testing process so that new features added to commercial products will be available on DMS faster will make it easier to use security products through a "security bus " which will let users plug in whatever National Security Agency-approved security solution they choose and will offer an SMTP server rather than requiring a multifunctional interpreter to translate the message from X.400.
Keeping Options Open However while DOD is putting in place a system that it can require or coerce its community to use there is less compulsion to use centralized vehicles among civilian agencies. Agencies are eager for more messaging products particularly in the security arena and they want the cost advantages a large contract can offer. But it may be that there is no one vehicle that will be the panacea for agencies' needs.
"You have to make sure people understand why they want a governmentwide contract in the first place " said DOT's Ramick. Contracts must provide services that are really needed by agencies such as directory services he added. But the bottom line is that agencies are ready to beef-up the systems they do have and that decision presents an opportunity for vendors.
"We are positioning ourselves to move to the next generation of products " Hack said. "It will be standards-based it won't be proprietary. We will continue to evolve and keep our options open. People have to decide if they want to be on the leading edge or the bleeding edge. I think they pick the mix that is based on their own situations."
* * * * * Terms of the Trade
MIME: Multipurpose Internet Mail Extensions.
A specification for formatting multiple types of data such as graphics audio and video over the Internet. Users can define their own MIME data types or use such pre-defined types as the Graphics Interchange Format for sending graphics. A version called S/MIME supports encrypted messages.
SMTP: Simple Mail Transfer Protocol.
A Transmission Control Protocol/Internet Protocol for sending e-mail messages from one server to another at which point the recipient retrieves a message from the server using the Post Office Protocol or the Internet Message Access Protocol.
X.400: A standard for addressing and sending e-mail messages. Based on the Open Systems Interconnection model X.400 supports Ethernet X.25 TCP/IP and dial-up networks. Not only does X.400 support more features than the older SMTP it is managed by a standards body.
X.500: An OSI standard that defines how global directories should be structured. X.500 directories which support X.400 messaging systems structure information hierarchically beginning with a root directory from which users drill down to greater levels of detail. X12: A set of electronic data interchange standard used for EC.