Open Source Software In Cloud Applications

Open Source Software In Cloud Applications

Open Source Software In Cloud Applications

Providers of cloud-based solutions will bring in more than $241 billion in 2020, according to Forrester Research’s report on “Sizing the Cloud”. Since the emergence of cloud solution providers like Amazon, Rackspace, IBM and Microsoft, software development and deployment is increasingly taking place in the cloud. And, in the next few years, we are likely to see more and more innovative technology companies completely suspended in the cloud.

What makes the cloud particularly attractive to enterprises is that it enables companies to lease access to infrastructure, platforms and software, drastically reducing their overall operating costs. The economies of scale associated with the cloud, costs that accurately reflect usage, elimination of maintenance costs, and increased ability of users to enjoy access to applications across a variety of devices including tablets and smart phones are additional drivers behind adoption of cloud applications.

While enterprises are shifting from legacy solutions towards the cloud, open source software is gaining significant traction for similar reasons. Desirable attributes such as faster time to market, lower development cost, better security, peer-reviewed quality, zero licensing cost, and multiple sources from mostly reputable suppliers have made open source the software of choice for commercial business applications, including cloud-based applications and collaboration solutions. As open source software becomes increasingly available in the cloud, it is important for enterprises to understand how the cloud environment changes open source license obligations.

There are two broad categories of open source licenses – permissive and restrictive. Permissive licenses such as MIT and BSD provide minimal obligations on code use, modification and distribution, enabling developers to incorporate open source code into open source or proprietary software with their choice of license terms. In contrast, restrictive licenses such as the GPL force users of covered code to distribute derivative works under GPL only, and require these users of GPL code to make their source code available to downstream users. This feature of restrictive licenses, with few exceptions, renders it impossible to incorporate open source code into proprietary offerings. Failure to comply with such obligations can lead to severe consequences, including paying damages for license infringement.

In the pre-cloud environment, software vendors made their products available to end users through software distribution, and the reciprocal aspects of GPL ensured that the its creators ideals of software freedom were maintained. With emergence of cloud services, users of SaaS applications technically are not receiving any code as software applications that use GPL in their internals are not distributed, hence the old GPL terms governing distribution of code would not apply.

In order to maintain the software-freedom aspect of GPL when code is deployed in a cloud, Affero GPLv3 (AGPL for short) was created. Under provisions of AGPL, any user of the cloud that uses an application containing AGPL-licensed code must be provided with the source code of the entire application.

In summary, with GPL covered code:

  • If you distribute the software, you must make your code available to users
  • If you offer SaaS through the public or private cloud, you do not have to make your code available to users

With AGPL covered code:

  • If you distribute the software, you must make your code available to users
  • If you offer SaaS through the public or private cloud, you must make your code available to its users

Given the new obligations imposed by the AGPL, it is critical for SaaS providers to take inventory of the open source code embedded in their product offerings, and to ensure that their intellectual property policies are in line with the obligations imposed by the various open source licenses covering their code.

A variety of automated scanning tools generically known as enterprise analyzers are available that can assist SaaS providers to manage open source obligations in the cloud. In addition, a structured Open Source Software Adoption Process (OSSAP) can be used to define acceptable intellectual property license policies for the organization, audit the current software portfolio and incoming code, and ensure compliance through all of the software development and procurement stages. These open source license management solutions are now available in both on-premises and hosted versions. Furthermore, these tools generally offer License Obligations Reporting, for a simplified “bulleted” view of the obligations associated with each open source package that is discovered in the SaaS code.

The emerging cloud-based SaaS model offers immense opportunities but also raises new risks for your organization’s intellectual property. If your organization’s intellectual property policies were developed for the traditional software distribution model, then they need to be re-assessed and updated to meet the distinct obligations associated with the cloud environment.

By Mahshad Koohgoli/Diana Marina Cooper

Mahshad Koohgoli is CEO of Protecode, Inc. (www.protecode.com), a provider of open source license management solutions, based in Canada. He has more than 25 years of experience in the telecommunications industry, specializing in technology start-up businesses, and holds several patents in the computer and communications field.

Diana Marina Cooper is an open source corporate strategy consultant for Protecode (www.protecode.com). Cooper obtained a BA in Politics and Governance, a MA in Globalization Studies, and is currently a JD Candidate (2013), pursuing a concentration in Law and Technology.

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

Sorry, comments are closed for this post.

Why Cloud Compliance Doesn’t Need To Be So Overly Complicated

Why Cloud Compliance Doesn’t Need To Be So Overly Complicated

Cloud Compliance  Regulatory compliance is an issue that has not only weighed heavily on the minds of executives, security and audit teams, but also today, even end users. Public cloud adds more complexity when varying degrees of infrastructure (depending on the cloud model) and data fall out of the hands of the company and into…

On-Premise VoIP vs The Cloud

On-Premise VoIP vs The Cloud

Modern Day Phone Systems The jargon in the business phone system industry is enough to make even the most tech-savvy entrepreneur’s head spin. However, if we cut through all the strange wording and focus on the features that make each system unique, we can develop enough of an understanding to make a well-informed decision for…

Immune Systems: Information Security And Risk In 2016

Immune Systems: Information Security And Risk In 2016

Information Security And Risk C-suite executives have woken up to the threat posed by data theft, denial-of-service attacks and vulnerable systems. In 2015, for example, a series of high-profile cases illustrated the degree to which such attacks can damage a company’s reputation, brand and, ultimately, profits. Where businesses once undervalued cybersecurity, considering it the domain of CIOs and…

Hot Emerging Trends – The Pizza Delivery Drone

Hot Emerging Trends – The Pizza Delivery Drone

The Pizza Delivery Drone Recently, drone delivery systems have been discussed as future state plans for many vendors. I personally think the traceable IoT-based pizza delivery drone is the next big thing. If you think about it, your pizza makes it to your house much faster. Since the drone carries both a temperature and a…

Connecting To Information With Cyber Physical Systems

Connecting To Information With Cyber Physical Systems

CPS Device Trends On The Rise It isn’t, “Do you remember who starred in XYZ Movie?” It’s, “Can you look it up please?” “Did you ever think you would sit at the dinner table, and when a question came up, someone would look up the answer and share it with everyone?” The words echoed at…

New Smartphones From Apple, Samsung and HTC Promise To Light Up 2016

New Smartphones From Apple, Samsung and HTC Promise To Light Up 2016

New Smartphones from Apple, Samsung and HTC (Sponsored post courtesy of Verizon Wireless) The launch of the Galaxy S7 Edge at the Mobile World Congress in Barcelona during February was the first shot in a vintage year for mobile phones. The S7 is an incredible piece of hardware, but launches from HTC and Apple later in the…

Featured Sponsored Articles
How Successful Businesses Ensure Quality Team Communication

How Successful Businesses Ensure Quality Team Communication

Quality Team Communication  (Sponsored post courtesy of Hubgets) Successful team communication and collaboration are as vital to project and overall business success as the quality of products and services an organization develops. We rely on a host of business tools to ensure appropriate customer interactions, sound product manufacturing, and smooth back-end operations. However, the interpersonal relationships…

Featured Sponsored Articles
How To Develop A Business Continuity Plan Using Internet Performance Management

How To Develop A Business Continuity Plan Using Internet Performance Management

Internet Performance Management Planning CDN Performance Series Provided By Dyn In our previous post, we laid out the problems of business continuity and Internet Performance Management in today’s online environment.  In this article, we will take a look at some of the ways you can use traffic steering capabilities to execute business continuity planning and…

Featured Sponsored Articles

CloudTweaks is recognized as one of the leading influencers in cloud computing, infosec, big data and the internet of things (IoT) information. Our goal is to continue to build our growing information portal by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

Sponsor