Need a Defense business service? 'There's an app for that'

Defense officials want the display for their app storefront to be as easy to use as iGoogle. Defense Department

The Defense Department is modeling its new online storefront for downloading Web services after Apple Inc.'s popular App Store.

While the store lets Apple iPhone owners download games, search tools and other inventive applications, Defense's marketplace will allow users to download large business applications and services such as pay systems and collaboration tools.

"If I, as an end user, need a capability, there's an app for that," said Dan Risacher, project lead and associate director of information policy and integration for the Office of the Chief Information Officer, mimicking Apple's slogan for the App Store.

The shop is intended to ease transition into cloud computing, a setup where users access information technology programs remotely through the Web rather than owning the equipment and software outright. Cloud computing advocates say it could save the government billions of dollars and offer agencies more flexibility, according to a Sept. 21, 2009, presentation by Risacher at the Network Centric Operations Industry Consortium Cloud Computing Workshop.

A prototype of the storefront is live. Risacher expects to open the Web site to a limited user base by the end of February and to expand availability to a broader Defense population in May.

Storefront users will obtain a single sign-on credential to access and download all the services and apps they need, instead of reauthenticating themselves for each service, Risacher said on Thursday.

He envisions a single access point on Defense's sensitive but unclassified network that will allow authorized users to share information and applications. CIO division officials want the display to be as easy to use and comprehensive as Google's personalized iGoogle page.

The storefront could galvanize third-party developers across Defense, according to Risacher's presentation. Resources available from the app store will include messaging services, data center storage, shared file systems and potentially the Defense travel system.

The project differs from other cloud-based, one-stop shops such as the governmentwide Apps.gov site because it will offer instant access to tools and easy authentication. Apps.gov is a storefront for ordering cloud computing services. The Defense site will allow users to download personalized applications immediately and start using them on their browsers.

"Part of the DoD storefront project . . . is to test our hypothesis of how we can better provide services," Risacher said. Critics of cloud computing say putting all one's work on the Internet could be a security nightmare. To address security, the storefront will require a robust identity management sign-on process. But users still will have the benefit of ease of access and portability because sign up will be a one-time procedure.

Risacher eventually plans to get elements of the Defense storefront approved as standards so other agencies can replicate it.

Some Defense IT specialists said the plan might duplicate Intelink, a network the intelligence community has used for 15 years to exchange information, collaborate and conduct business. That tool has the capability to resolve some of the information-sharing gaffes that led to the Christmas Day bombing attempt on a U.S.-bound air carrier, proponents say. Intelink provides applications to report, discover, gather and assess information that might seem inconsequential to individuals but prove revealing when combined. But the system needs centralized funding and increased participation to improve coordination.

Risacher said the Defense storefront is closely partnered with Intelink and if successful, the marketplace could merge with Intelink in the future. He added he hopes Intelink will adopt some of the storefront's features such as a universal sign on for nonintelligence partners.

Other federal IT executives applauded what they said was a well thought-out strategy. "It's quite innovative, quite creative," said Hord Tipton, a former chief information officer at the Interior Department who is now executive director of (ISC)2, an information security certification organization. "As suspicious as many of us in the security world are of moving into the cloud end of services, it's not only going to happen, it is happening."

The key for the site to operate smoothly will be standardization and buy-in from all partners, he added.

Tipton said he was surprised to see Defense so far along in its roadmap and anticipated it could serve as a template for other agencies. "The encouraging part to me [is] watching the government take a leadership role in this, in rolling it out in a carefully planned manner," he said. "If you plan it appropriately, your security can be better."