Stakeholder value, usage, needs and obligations from differnet types of F/LOSS licenses

Similar documents
This slide is relevant to providing either a single three hour training session or explaining how a series of shorter sessions focused on per chapter

Open Source Software Licence at CERN Recommendations from the OSL Task Force François Fluckiger, Editor 20 April; 2012

ISTE SEAL OF ALIGNMENT REVIEW FINDINGS REPORT. Certiport IC3 Digital Literacy Certification

Big data privacy in Australia

IoT & Open Source. Martin von Haller Groenbaek Partner, Copenhagen LES SCANDINAVIA: INTERNET OF THINGS & IP SEMINAR 25 November 2015

Rationale for the Evolution of the EUPL v1.1 (towards the EUPL v 1.2)

Open Source and Free Software 2015:

Economics: Principles in Action 2005 Correlated to: Indiana Family and Consumer Sciences Education, Consumer Economics (High School, Grades 9-12)

EXIN BCS SIAM Foundation. Sample Exam. Edition

GDPR: A QUICK OVERVIEW

TERMS OF USE Effective Date: January 1, 2015 To review material modifications and their effective dates scroll to the bottom of the page. 1.Parties.

Terms & Conditions. Privacy, Health & Copyright Policy

Graham Taylor.

The Need for a Terminology Bridge. May 2009

Matt Quinn.

JBoss Enterprise Middleware

PRINCIPLES AND FUNCTIONAL REQUIREMENTS

Fritztile is a brand of The Stonhard Group THE STONHARD GROUP Privacy Notice The Stonhard Group" Notice Whose Personal Data do we collect?

Basic Requirements for Research Infrastructures in Europe

THOMAS LATOZA SWE 621 FALL 2018 DESIGN ECOSYSTEMS

Resolution on Software Interoperability and Open Standards

RESOLUTION 45 (Rev. Hyderabad, 2010)

Chapter 7 Design and Implementation

Cloud solution consultant

2017 Company Profile

Bachelor of Design (Interior Design)

The challenges of the NIS directive from the viewpoint of the Vienna Hospital Association

EXAM PREPARATION GUIDE

The Data Protection Act 1998 and the Use of Personal Data for IT Administration

ehealth Ministerial Conference 2013 Dublin May 2013 Irish Presidency Declaration

New CEPIS Mission

Public consultation on Counterfeit and Piracy Watch-List

Topic 1- The Basic Knowledge of Open Source and Free Software

Cybersecurity. Quality. security LED-Modul. basis. Comments by the electrical industry on the EU Cybersecurity Act. manufacturer s declaration

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

Terms in the glossary are listed alphabetically. Words highlighted in bold are defined in the Glossary.

Software Engineering

CHAPTER 13 ELECTRONIC COMMERCE

Application for Social Entrepreneurship Legal Services Clinic 1

Module specification

Supporting the Cloud Transformation of Agencies across the Public Sector

OPEN SOURCE SOFTWARE A Tool for Digital Transformation in the Broadcasting Industry

2018 NFP Governance and Performance Study. Key results and implications

Archiving the Web: What can Institutions learn from National and International Web Archiving Initiatives

MySQL Port Reference

Cloud solution consultant

In brief, these criteria or elements of a profession are as follows:

IPv6 Migration Framework Case of Institutions in Ethiopia

Technical Requirements of the GDPR

Foundations of Software Engineering. Lecture 24: Open Source Claire Le Goues

UCD Centre for Cybersecurity & Cybercrime Investigation

Governance, Risk, and Compliance Controls Suite. Hardware and Sizing Recommendations. Software Version 7.2

Sukhmani, a watershed in the history of e-governance in

ICAEW REPRESENTATION 68/16

Peer Participation and Software

Evolution of Canadian

OSSLI: Architecture Level Management of Open Source Software Legality Concerns

QUESTIONS AND CONTACTS

Open Source Development

PRIVACY POLICY TABLE OF CONTENTS. Last updated October 05, 2018

By Open Banking and the Implementation of the Consumer Data Right: Implications for Energy Sector

DMR Interoperability Process DMR Association

MySQL Development Cycle

Avaya Aura Call Center Elite Multichannel Documentation Roadmap

Please remember to put your name and address on the cover of your blue book(s).

Bachelor of Business. HE Bachelor of Business HE Associate Degree of Business HE Diploma of Business. Course information for

Adkin s Privacy Information Notice for Clients, Contractors, Suppliers and Business Contacts

V Conference on Application Security and Modern Technologies

Architecture and Standards Development Lifecycle

The ITIL v.3. Foundation Examination

ISAO SO Product Outline

Course Information

1.0 General AUTODESK S ENTRY INTO OPEN SOURCE QUESTIONS AND ANSWERS FOR CUSTOMERS MARCH 2006 UPDATE UPDATES IN BLUE

OpenChain Specification Version 1.3 (DRAFT)

Open Source Legality Patterns

MITA s approach to Open Standards. Presented by: Noel Cuschieri 24 th November 2015

Strategic Information Systems Systems Development Life Cycle. From Turban et al. (2004), Information Technology for Management.

Digital Preservation Policy. Principles of digital preservation at the Data Archive for the Social Sciences

MONTHLY TEST MAY 2017 QUESTION BANK FOR AVERAGE STUDENTS. Q.2 What is free software? How is it different from Open Source Software?

FSC STANDARD. Standard for Multi-site Certification of Chain of Custody Operations. FSC-STD (Version 1-0) EN

QNX Hypervisor 1.0 License Guide Version 1.0

Software Engineering Chap.7 - Design and Implementation

Our Privacy Policy gives you detailed information on when and why we collect your personal information, how we use it and how we keep it secure.

Hardening Fingerprint Authentication Systems Using Intel s SGX Enclave Technology. Interim Progress Report

IACA Discussion List Guidelines, Use and Subscription Management

Open Source in Public Sector and large custom development projects

Eclipse Foundation. Provenance and Licensing Considerations. Eclipse IP Team November 2008

Addressing the Barriers to IPv6 Adoption - Barriers to IPv6 Adoption: Overview and Categories

CFRE INTERNATIONAL STYLE GUIDE FOR USE OF THE CFRE DESIGNATION AND MARKS

Workshop on the IPv6 development in Saudi Arabia 8 February 2009; Riyadh - KSA

AVOIDING HIGH ORACLE DBMS COSTS WITH EDB POSTGRES

Legal Issues in Data Management: A Practical Approach

Commonwealth Cyber Declaration

Research & Innovation

Internet Interconnection An Internet Society Public Policy Briefing

Wonde may collect personal information directly from You when You:

Privacy Policy Mobiliya Technologies. All Rights Reserved. Last Modified: June, 2016

Adaptive Risk Manager Challenge Question Cleanup 10g ( ) December 2007

IACA Discussion List. About the IACA Discussion List. Guidelines, use and subscription management

PMSA CONTINUOUS PROFESSIONAL DEVELOPMENT FRAMEWORK

Transcription:

Stakeholder value, usage, needs and obligations from differnet types of F/LOSS licenses Monash University, Melbourne Australia. darren.skidmore@infotech.monash.edu.au Abstract. This paper discusses different types of Stakeholders of F/LOSS, their needs, the value, usage, and obligations that stakeholders have for different types of F/LOSS licenses. Stakeholders include Developers: Individuals, Projects, Embedded Systems. Vendors: Dominant, Niche, F/LOSS. Packagers. End Users. Organisations: Disseminators, Internally, Externally Used. Key words: F/LOSS, Licenses, Stakeholder analysis, Obligations, Value, Usage 1 Introduction This paper, briefly, explores the perspectives of different stakeholders their requirements / constraints and usage of types of Free / Libre and Open Source Software (F/LOSS) licenses. The increase in the number, the reach and range of F/LOSS applications, as well as the types of stakeholders creates a discussion about the types of licenses which suit different stakeholders, and their needs. This is not a paper about specific licenses, but about broad types of licenses and the generalized aspects of the types, individual licenses still need to be investigated for their specific terms. 2 F/LOSS licenses The license of the software determines what rights and obligations govern the usage of the source code. The most common F/LOSS licenses in use are the GNU GPL, and GNU LGPL and the BSD licenses 1. These match to three main general types of licenses: reciprocal, linking and non-reciprocal licenses. Reciprocal license requires 1 Using data from FLOSSMole project - http://ossmole.sourceforge.net/. Because of space limitation this cannot be shown, the FLOSSMole has SQL queries that generate the data.

344 software that uses source code licensed under a reciprocal license must be licensed under the same license [1]. A linking license allows for an application to link to a library or application for functionality without requiring the linkee application to be licensed under the license of the linkor application. A non-reciprocal license does NOT require an application to be relicensed under the license of the original code. Other license types exist such as obligation licenses which require specific conditions or impose limits. Table 1 gives a brief description of a taxonomy of license types drawn from [2]. Table 1. Different types of F/LOSS licenses from [2] License Type Brief Explanation Example Traditional Considered to be the more traditional types of F/LOSS licenses Reciprocal Require derivatives to follow original license GNU GPL Non-Reciprocal NOT required to follow original license BSD Linking Allow other code / applications to link GNU LGPL Dual Different conditions for different types of Use MySQL Quasi Open Source These may or may not have other considerations attached to them Obligation Have an obligation or restriction Squiz.Net Morality Moral conditions restricting license use HESSLA Viewable Source Allows viewing of source code, but not usage Ms-RL Membership Usage of source within a select community. Avalanche Corp Support Not software licenses but assist and support other aspects of F/LOSS Content For documentation and support information. Creative Commons Open Standards For Standards for interoperability Public Domain Anyone can take and use the work. Closed Source No access to source code. Microsoft EULA 3 Stakeholders The stakeholders below are explained, in each section. The incoming licenses are those that govern the source code and / or applications that the stakeholders use. The outgoing licenses are the licenses that stakeholders use for governing the source code / applications they produce for others to use. It is possible that the licenses of the incoming and outgoing source code are the same, different or available under multiple types of licenses.

Stakeholder value, usage, needs and obligations from differnet types of F/LOSS licenses 345 Table 2. List of Stakeholders in F/LOSS Developers Individual (developers) Project (developers) Embedded Systems (developers) Vendors Dominant (vendors) Niche (vendors) F/LOSS (vendors) Packagers End Users Organisations Disseminators (organisations) Internally Used without Development (organisations) Internally Used with Development (organisations) External Shared with Development (organisations) Due to page limitations, the discussion is brief, which is a limitation of the paper. Many of the stakeholders will share issues, but raised here are those important to that stakeholder. Individually a business decision may be made about the license of the source code against alternatives or a specific philosophical or ideological choice may decide the license choice. 3.1 Developers Developers are historically the users and participants in F/LOSS. In this paper, developers are generally individuals or collections of individuals. For incoming code developers may want to develop the code on their own, but may procure code to make their own work easier, solve problems, learn, or to provide functionality. Developers might prefer using a non reciprocal style license [3] or Linking licenses. For outgoing license, the developer might allow anyone to do what they wish, with a non-reciprocal license, or may ensure others share their modifications, or do not profit from their work and use a reciprocal license. Depending upon the incoming licenses used there may be no choice. Individual (developers) Individual developers want to use software for their own use or for small number of people. Since they are smaller, they may have to accept impositions of incoming licenses, due to lack of resources. Project (developers) The Projects are where developers and others have organised themselves into a project, perhaps large (e.g. KDE, Apache), or small project. The issues for Project developers especially for incoming licenses are similar to that of the Packagers. Some problems are in the engineering of the project, which code is being added, and from whom, or where did the code come. Where all of the code is being developed

346 from scratch then the authors of the code, are able to license that code as they wish. Otherwise where there is a combination there are issues of management of license mixing. For outgoing licenses the issues are similar to that of the generic developers. The project might create their own license, to protect or enable aims of the project, eg protect trademarks [4], morality / ethical considerations, [5] or commercial control [6]. Embedded Systems (developers) Embedded systems are generally specially built to carry out a task, such as mobile phones, lift controllers. With outgoing licenses, they may use a nonreciprocal license to increase the adoption, to increase adoption by purchasers of the embedded system; another option might be dual licenses. 3.2 Vendors A vendor has a commercial focus with a product or range of products. Vendors might be dependent on other applications in the software stack, needing to build a supporting application or rely on third parties products. Dominant (vendors) Dominant vendors have control of large sections of a market. F/LOSS can be used in a mixture of tactical and strategic ways (i.e. participation in the community; sharing development costs, bug fixing and innovation). Vendors may participate in F/LOSS activities of software products, to lower their user s costs, while not interrupting their own revenue streams. The general usage by Dominant vendors seems to be of reciprocal licenses, since this keeps changes and innovation open. There might also be use of some obligation licenses, but this is generally seen in Niche (vendors). Niche (vendors) Niche vendors are generally small to medium vendors, who may do work on request, and / or may have a niche product in the market. They may need incoming functionality to fit into their software stack and so linking licenses might be used. Where they cannot link but must incorporate Non- Reciprocal licenses are probably the preferred choice. With outgoing licenses, the use of linking or non-reciprocal licenses, might encourage others to use their applications, with the Niche vendor being able to pickup maintenance work, or advertise their expertise. They might also use an obligation license, to assist their organisational aims. F/LOSS (vendors) F/LOSS vendors are those vendors who primarily use F/LOSS, as part of their offerings to the market, in general they would be similar to Niche (vendors), but should be more sophisticated in their use of F/LOSS.

Stakeholder value, usage, needs and obligations from differnet types of F/LOSS licenses 347 3.3 Packagers Packagers are people or projects which package up FLOSS applications into a package for others to use, e.g. the Linux distributions. Specific issues are ensuring that the incoming licenses of component packages are compatible with each when combined, since some licenses have conditions which are incompatible with other license conditions. 3.4 End Users End Users just use the application. The incoming licenses will usually not be of concern, since F/LOSS licenses are generally for the ongoing use of the code not the end user. No outgoing licenses should be needed. 3.5 Organisations Organisations have different needs to end users. F/LOSS is no different from any software, where a business decision must be made about the benefits and constraints of any business artefact used, including the adoption of a software application or suite. A greater issue facing organisations is possibly the ongoing support and maintenance of their software [7], including the patching and possibly roadmaps of the software [8]. Dissemination (Organisations) Some organisations wish to disseminate the source code. A Government might wish to have an authentication code distributed, and for developers and vendors to incorporated this into their software packages. One method of distribution would be to use a Non-Reciprocal type of license, which would allow any open source project to use the code, but would also allow closed source vendors to incorporate the code with no ongoing obligation. A Linking license might also be used, for greater control. Internally Used without Development (Organisations) Internal users of F/LOSS using it without development are possibly more concerned about support costs including training, patching and usability. Internally Used with Development (Organisations) For incoming code, with most F/LOSS code, an organisation should be able to take F/LOSS, use it, modify or adapt the source code to fulfil their own needs. If they do not distribute the application, they should not need to reveal the changes to the source code. Although this may differ with some obligation licenses. However there are valid reasons to reveal the changes, in that especially to get the benefits of the continual development of the program to obtain some control and certainly over the ongoing development, maintenance and direction of the codebase [9].

348 Externally Shared with Development (Organisations) Some organisations, might share development, this might be part of the mission of the organisation, or to lower costs and risks. Where the organisation wishes to use the application with an external party the choice of incoming license is more important, depending on the outgoing considerations, or business requirements. Outgoing licenses will depend on the outcomes desired by the organisation, perhaps using a reciprocal license to ensure that the code is open to all, or a membership or obligation license to enable the organisation to keep control over the software and code base. 4 Conclusion This paper has described multiple types of stakeholders which now exist in the F/LOSS domain, and their different requirements of incoming and outgoing F/LOSS licenses. The purpose has not been to give a prescriptive directive to the matching of a license or type of license to a particular stakeholder but to try and give some background and definition as to the different types of stakeholders and what type of licenses match to their needs. Ultimately the choice of incoming and outgoing licenses should be a decision to fit with the aims and constraints of the individual project. References [1] L. Rosen, Open Source Licensing Software Freedom and Intellectual Property Law. Prentice Hall, 2004. [2] D. Skidmore, "Free / Libre and Open Source Software: Describing Some Legal, and Software Engineering Terms, and a Taxonomy for Classifying Licenses," in Handbook of Research on Open Source Software: Technological, Economic, and Social Perspectives, K. St.Amant and B. Still, Eds. Idea Group, 2007, Chapter 31. [3] J. Michaelson, "There's no such thing as a Free (software) lunch," ACM Queue, vol. 2, 2004. [4] Apache Software Foundation, "Apache License, Version 2.0," 2004. [5] Hacktivismo, "The Hacktivismo Enhanced-Source Software License Agreement," 2005. [6] Squiz.net, "Squiz.Net Open Source Licence Agreement (Version 1.1),", 2005. [7] D. L. Parnas, "Software Aging," Proceedings of the 16th international conference on Software engineering, Italy, 1994. [8] S. Goode, "Something for nothing: management rejection of open source software in Australia's top firms," Information & Management, vol. 42, pp. 669-681, 2005. [9] K. Edwards, "An economic perspective on software licenses open source, maintainers and user-developers," Telematics and Informatics, vol. 22, pp. 97-110, 2005.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback