August 21, 2012

Open Source Software In Cloud Applications

By Cloud Syndicate

Open Source Software In Cloud Applications

Providers of cloud-based solutions will bring in more than $241 billion in 2020, according to Forrester Research’s report on “Sizing the Cloud”. Since the emergence of cloud solution providers like Amazon, Rackspace, IBM and Microsoft, software development and deployment is increasingly taking place in the cloud. And, in the next few years, we are likely to see more and more innovative technology companies completely suspended in the cloud.

What makes the cloud particularly attractive to enterprises is that it enables companies to lease access to infrastructure, platforms and software, drastically reducing their overall operating costs. The economies of scale associated with the cloud, costs that accurately reflect usage, elimination of maintenance costs, and increased ability of users to enjoy access to applications across a variety of devices including tablets and smart phones are additional drivers behind adoption of cloud applications.

While enterprises are shifting from legacy solutions towards the cloud, open source software is gaining significant traction for similar reasons. Desirable attributes such as faster time to market, lower development cost, better security, peer-reviewed quality, zero licensing cost, and multiple sources from mostly reputable suppliers have made open source the software of choice for commercial business applications, including cloud-based applications and collaboration solutions. As open source software becomes increasingly available in the cloud, it is important for enterprises to understand how the cloud environment changes open source license obligations.

There are two broad categories of open source licenses – permissive and restrictive. Permissive licenses such as MIT and BSD provide minimal obligations on code use, modification and distribution, enabling developers to incorporate open source code into open source or proprietary software with their choice of license terms. In contrast, restrictive licenses such as the GPL force users of covered code to distribute derivative works under GPL only, and require these users of GPL code to make their source code available to downstream users. This feature of restrictive licenses, with few exceptions, renders it impossible to incorporate open source code into proprietary offerings. Failure to comply with such obligations can lead to severe consequences, including paying damages for license infringement.

In the pre-cloud environment, software vendors made their products available to end users through software distribution, and the reciprocal aspects of GPL ensured that the its creators ideals of software freedom were maintained. With emergence of cloud services, users of SaaS applications technically are not receiving any code as software applications that use GPL in their internals are not distributed, hence the old GPL terms governing distribution of code would not apply.

In order to maintain the software-freedom aspect of GPL when code is deployed in a cloud, Affero GPLv3 (AGPL for short) was created. Under provisions of AGPL, any user of the cloud that uses an application containing AGPL-licensed code must be provided with the source code of the entire application.

In summary, with GPL covered code:

  • If you distribute the software, you must make your code available to users
  • If you offer SaaS through the public or private cloud, you do not have to make your code available to users

With AGPL covered code:

  • If you distribute the software, you must make your code available to users
  • If you offer SaaS through the public or private cloud, you must make your code available to its users

Given the new obligations imposed by the AGPL, it is critical for SaaS providers to take inventory of the open source code embedded in their product offerings, and to ensure that their intellectual property policies are in line with the obligations imposed by the various open source licenses covering their code.

A variety of automated scanning tools generically known as enterprise analyzers are available that can assist SaaS providers to manage open source obligations in the cloud. In addition, a structured Open Source Software Adoption Process (OSSAP) can be used to define acceptable intellectual property license policies for the organization, audit the current software portfolio and incoming code, and ensure compliance through all of the software development and procurement stages. These open source license management solutions are now available in both On-Premises and hosted versions. Furthermore, these tools generally offer License Obligations Reporting, for a simplified “bulleted” view of the obligations associated with each open source package that is discovered in the SaaS code.

The emerging cloud-based SaaS model offers immense opportunities but also raises new risks for your organization’s intellectual property. If your organization’s intellectual property policies were developed for the traditional software distribution model, then they need to be re-assessed and updated to meet the distinct obligations associated with the cloud environment.

By Mahshad Koohgoli

Mahshad Koohgoli is CEO of Protecode, Inc. (www.protecode.com), a provider of open source license management solutions, based in Canada. He has more than 25 years of experience in the telecommunications industry, specializing in technology start-up businesses, and holds several patents in the computer and communications field.

Cloud Syndicate

Welcome to the 'Cloud Syndicate,' a curated community featuring short-term guest contributors, curated resources, and syndication partners covering diverse technology topics. Connect your technology article or news feed to our syndication network for broader visibility. Explore the intersections of cloud computing, Big Data, and AI through insightful articles and engaging podcasts. Stay ahead in the dynamic world of technology with our platform for thought leadership and industry news.

Join us as we delve into the latest trends and innovations.
The Lighter Side Of The Cloud
Daniel Barber

Q&A Daniel Barber – 2024 AI + Data Privacy Predictions

2024 AI + Data Privacy Predictions In a recent interview with CloudTweaks, Daniel Barber, Co-Founder [...]
Read more
Gary Bernstein

Unleash the Power of Your Website with These 25 VPS Providers

Simplify Your Website Management with VPS Hosting Updated 10.17.2023 VPS stands for Virtual Private Server, [...]
Read more
Lex Hegt

How Can Organizations Effectively Monitor and Analyze Their Azure Billing Data?

Monitor and Analyze Azure Billing Data With the ever-increasing investments in Azure, many organizations struggle [...]
Read more

10 Data Governance Services: What You Need to Know Before You Choose

Data Governance Services In today’s data-driven world, the importance of Data Governance cannot be overstated. [...]
Read more
Drew Firment

Future Unveiled: Q&A with Drew Firment on AI, Cloud, & Beyond

AI, Cloud, & Beyond As we delve into the realm where artificial intelligence intersects with [...]
Read more

Leading Healthcare LMS Platforms: Enhancing Learning and Compliance in Medicine

Leading Healthcare LMS Platforms As the healthcare industry evolves, robust Learning Management Systems (LMS) are [...]
Read more
Unlock unparalleled exposure for your brand with CloudTweaks' premium sponsorship and advertising programs. Reach a global audience, amplify your message, and drive growth with our tailored solutions. Partner with us today and elevate your marketing strategy to new heights!
© 2024 CloudTweaks. All rights reserved.