Solution

Case Study 3

Background

OSD/CAPE is responsible for evaluating programs and budgets for U.S. defense objectives and projected threats. OSD/CAPE provides leadership in developing and promoting tools and methods for analysis as well as analyzing national security programs and budgetary constraints. OSD/CAPE must ensure that all costs of DoD programs are presented accurately and assess the effects of DoD spending on the economy and analyze alternative policies to ensure the programs will be completed efficiently.

Size, Scope & Complexity

Within the program’s scope, Seeds delivered a total of 2 delivery orders, over 30 products of hardware and related software and over 2300 service hours to support the OSD’s mission. Seeds services included designing/customizing, configuring, testing, and deploying the customer’s solution per their specific requirements.

Seeds implemented and customized a Single-Sign-On solution for OSD/CAPE that allows internal and external OSD/CAPE application users to authenticate only once, via CAC or username and password, and to be able to access all of their applications. The exceptional work that Seeds performed has led to fully working solution where initial specifications and emerging requirements were met or exceeded.

  • Seeds engineers implemented their own custom code to add OSD/CAPE required functionality within the Oracle/Sun software. These customizations allow users to be added to multiple organizations, to maintain the legacy Identity Management solutions by keeping them in-sync
    with the Seeds-implemented solution, and to perform bulk actions quickly and easily all while maintaining high security standards.
  • Seeds engineers used Solaris Zones to split 3 servers into 11 virtual servers. By doing this, Seeds saved OSD/CAPE money not only in hardware costs, but money in software costs by resource capping each zone via CPU pools, reducing the costs of CPU-based licenses. The zones also serve as an application isolation security boundary, where a potentially compromised application has no ability to negatively impact any others.
  • Seeds engineers implemented a software reverse-proxy server that distributes the load on the applications between multiple servers and allows a single connection address for the end user. This provides seamless software fail-over which can occur without an end user noticing any change in functionality.

For Fall 2012, OSD/CAPE plans for Seeds of Genius to continue working on and expanding the functionality of the identity management system with a new custom resource adapter designed to communicate with DISA's central identity database.

Case Study 3: Download (PDF)