Blog Posts

MŌDERAS takes over running local JUG

In a desire to give something back to the Java community MŌDERAS has taken over running the Capital District Java Developers Network, a local Java Users Group (JUG).  The previous president of the CDJDN has done an awesome job for years but is also involved in running a local Flex and XML group and was looking for someone to pass the baton to.  We want to thank Anthony Debonis for all his great work and are happy he's staying involved to show us the ropes.

Dan Patsey, the development manager at MŌDERAS, has taken a lead role in finding a new permanent location for meetings at the ITT Technical Institute in (13 Airline Drive, Albany New York), lining up presenters, and setting up the CDJDN as a not-for profit corporation organized under the New York State not-for-profit Corporation Law. It is exempt under Section 501(c)(3) of the Internal Revenue Service Code. Gifts, bequests, and donations made to the CDJDN are tax deductible for the donor.

Jeff Cutler (a Principal Software Engineer at and MŌDERAS) and Adam Myatt (our Technology Manager) have both provided presentations in the past and continue to support the group. Chris Thompson (our President) is responsible for attracting sponsors and the very important task of purchasing and delivering food and drinks to the meetings for the attendees.

MŌDERAS took over at the beginning of 2010 and have just had our 5th successful meeting and are looking forward to many more.  The CDJDN is a great place to learn the latest trends and network with your colleagues.  We provide free food and drink and relevant topics on contemporary subject of the day.

You can find the CDJDN website here and the Google group here if you'd like to learn more.  Please join us the third Thurday of the month at 5:30pm and bring a friend!

KC 2.0 Released

Kuali Coeus, The worlds first complete open source Pre and Post software application was released Friday May 14th.  To test drive the new version 2.0 release click here!  When prompted to login type "quickstart".

I'd ask that you read that last sentence again because it bears repeating. There has never been a FREE product that could provided pre and post award functionality to meet the needs of research institutions until now. Develop proposals, include proposals from outside the system, develop budgets, manage proposal and budget work flow electronically,  and finally submit via system to system.  If that's not enough you can then manage your awards with KC too! 

The finishing touches have been put on the functionality of the pre-award product with the inclusion of the Institute Proposal (IP) module that Coeus users know so well.  The previous release of Kuali Coeus (KC) was a complete proposal development (PD) module with the ability to submit system to system but IP completes the circuit. Many institutions have the need to summarize proposals developed using paper or other internal processes / systems and aren't yet ready to develop proposals within KC.  IP allows for these  types of proposals to be entered, tracked, and submitted.  All proposals wether developed within KC or imported ultimately create an IP (summary) record which allows for standardized reporting of the activity within your system even in the case of blended proposals (some from PD and IP).

If you're as excited about this news as we are please check out KC2010,  the conference we have planned this summer focused entirely on the Kuali Coeus product and what it can do for your institution. Click here for more details. 

We will also be unveiling our best in breed opportunity search tool Kwest in the coming months. Kwest will be integrated with KC to allow for automated proposal record creation from selected opportunities. No longer a need to search in multiple systems and then manually re-enter data into your proposal, eliminating wasted time and possible data entry errors.

Is Kuali Coeus FIPS 140-2 and FISMA Compliant?

Moderas was approached by an institute that had to determine if KC could meet both their FISMA and FIPS compliance requirements. Compliance is a terms that most research administrators would associate with human subjects, lab animals or possibly even reporting requirements so this was a somewhat unusual request. Luckily for them Moderas has staff that has familiarity with NIST and complying with their standards.

The problem facing them was that they work closely with the U.S. government and wanted to use Kuali Coeus to track their research efforts. To do this they needed to determine if it could comply with these requirements and if in fact they needed to.

FISMA or The Federal Information Security Management Act of 2002 recognizes the importance of information security to the economic and national security interests of the United States. The act requires each federal agency to develop, document, and implement an agency-wide program to provide information security for the information and information systems that support the operations and assets of the agency, including those provided or managed by another agency, contractor, or other source.

Luckily for the client FISMA applies to Federal Agencies so they are not required to comply with the extreme level of documentation and testing necessary to meet this standard. Staff from the agency would not be interacting directly with the system, the data would be updated and stored by the client  It is possible that the client might need to provide rudimentary information about their system so the agency could catalog it in their "Inventory of Information Systems"  but this would be a determination they would need to come to collectively.

The Federal Information Processing Standard (FIPS) Publication 140-2 is a U.S. Government computer security standard used to accredit cryptographic modules to secure sensitive data. The National Institute of Standards and Technology (NIST) issued the FIPS 140 Publication Series to coordinate the requirements and standards for cryptography modules that include both hardware and software components. 

The client was required to be FIPS 140-2 compliant because they would be storing and sharing sensitive data that they would be collecting in relation to their work with the agency. Generally speaking FIPS 140-2 deals with securing the process of collecting, storing, transferring, sharing and disseminating data.  Those functions can be put in two distinct groups, storage is the first and collecting, sharing, disseminating the second since those functions are all forms of sharing data.

For storage, there are solutions that are as simple as purchasing FIPS 140-2 certified hard drives such as this example http://www.seagate.com/www/en-us/products/laptops/momentus/momentus_7200_fde_fips_140_2/. There are also software solutions that can encrypt the data pragmatically.  The important thing to point out was that there was no need to go through the tremendously expensive process of having a home grown solution rigorously tested to assure it is NIST compliant.  The best course of action it to purchase a solution that has already been accredited for storage to meet those requirements.

The second bucket covers collection, transfer, sharing, and dissemination of data. Kuali Coeus utilizes OpenSSL which is FIPS certified.  Currently only the Grants.Gov submission uses ssl and assuming the only sensitive data shared is through this mechanism the application is compliant. Should data be shared through other means (data entry forms, reports, etc.)  there would be some development work necessary to assure that any pages that present sensitive data utilize OpenSSL. 

In summation with the purchase of a hardware or software solution to encrypt the data, using OpenSSL for any pages that present data, and likely assurances that they would provide information to the agency they client felt comfortable moving forward with their goal of implementing Kuali Coeus. 

MŌDERAS dives into Kuali Coeus

 

Kuali Days VIII (November 2010) - MŌDERAS, committed to supporting open source software for research administration, announced the launch of its new Kuali Coeus™ Support and Maintenance offerings. MŌDERAS recognizes the value of open source and the growing need of institutions for comprehensive solutions to support their ongoing operations, not just more software applications. Moderas can put the right people in place to assist with your implementation of KC. Let our experienced research administrators and technical teams demonstrate their knowledge and help you get up and running in record time. 

Update - Check out KC2010, the first ever KC User Conference hosted by MŌDERAS. For more details click here

Syndicate content