The NSA’s Security Challenge

Using open source software, the National Security Agency was able to gather a community of professional and amateur security experts together to make unprecedented security protections available to public.

The National Security Agency has a mission. It is not just the nation’s code keeper and code breaker, but it must ensure the security of the nation’s digital infrastructure. Ironically, it had a security problem: the ecosystem for software that was keeping top secret information secret was deeply broken. There was little competition, no innovation and this essential software was expensive, slow to market, and antiquated.

Multi-Level Security, or MLS, is a complex problem: how to allow data with many different security classifications exist on the same machine? MLS software is difficult to get right, and easy to get wrong. It is subject to a stringent certification process. Although useful in certain areas of the private sector, there’s really only one customer for this kind of software: government. Once you’ve deployed MLS software, it’s very difficult to move to another solution as every MLS system was different. These are near-perfect conditions for very expensive, proprietary software that doesn’t innovate.

The NSA didn’t care for this situation at all. It was spending too much money to acquire software that was quickly obsolete. It was dependent on a handful of companies who had every reason to lock the NSA in to their platform. What’s worse, the private sector had no ready access to this technology that could be enormously helpful in the war against hackers and viruses.

The NSA had a new approach to this security problem, called Flexible Mandatory Access Control. They also had a new approach to bringing this theory into the real world. They knew that if they could solve the MLS problem with an open source implementation of this new approach, it would simultaneously reduce the cost of the software, open the field to new innovations, and make the technology available to the private sector. In one stroke.

So the team did something unprecedented: they took their proof of concept and released it to the world as a project called SELinux. It began as a set of changes to the open source Linux operating system, but soon it was completely integrated. What was once expensive and proprietary was now available to millions of Linux users and developers, at no charge.

At first glance, this is strange. Detractors of the SELinux project warned that this software must have backdoors that would give the NSA access to their computer systems. Others claimed that an open source security project could never be secure, since anyone could see where the flaws might be.

After careful scrutiny — scrutiny on a scale that was only possible because the software was open — it was quickly determined that SELinux had no backdoors. Likewise, the NSA knew that the best way to ensure the security of the software was to make it open an available to anyone’s scrutiny. They knew that software is never perfect, and the most effective strategy for identifying and quickly fixing security problems is to make sure that anyone can find the flaws, and anyone can provide a fix.

The SELinux project now has a life of its own. There’s a broad community of developers working on new SELinux features and improvements. The project solves much more than the MLS problem. It now provides a generalized framework for access control  that’s as useful to the private sector as it is to the government. A number of companies now provide consulting and development services around SELinux. The availability of the SELinux project has drastically expanded the use of these controls and created a private sector market that maintains the software over time, which is exactly what the NSA needed.

Millions of Linux users now protect themselves from attack with SELinux, dramatically improving the security of computer systems around the world. Healthcare companies can now use sophisticated security measures to protect personal health records and meet the government-mandated HIPPA requirements. Cloud computing has introduced serious security concerns, and SELinux is being used to safely and efficiently allow many users to share the same computing resources.

Open source software creates markets. It spreads innovation, and harnesses the collective intelligence of every member of the community. Without open source, the NSA would still be saddled with expensive and antiquated MLS systems. That’s the power of open source software: we can do more when we work together.