Software // Operating Systems
01:46 PM
Connect Directly
Repost This

Linux Foundation Launches License Compliance Program

The non-profit foundation is trying to remove barriers to open source code adoption by easing compliance issues including providing code scanning tools that identify if open source code is linked to commercial code.

Image Gallery: Yahoo!'s Hadoop Implementation
(click for larger image and for full photo gallery)
In a bid to eliminate a barrier to open source code adoption, the Linux Foundation is launching the Open Compliance Program to guide users on how to stay within the GPL and other open source code license limits. Open source licenses have gained a new, court-backed legitimacy, and Eben Moglen's Software Freedom Law Center has taken several well publicized enforcement actions against General Public License violators. The GPL governs use of Linux and other open source code. The Apache license and Berkeley BSD license are also frequently used.

Part of the resolution of the Software Freedom lawsuits has been to impose a compliance process on the future use of open source code at the target company. Jim Zemlin, executive director of the Linux Foundation, said the foundation is trying to make compliance as simple and easy as possible for companies that want to expand their use of open source.

"As open source has proliferated up and down the product supply chain, so has the complexity of managing open source compliance," he said in an interview in advance of LinuxCon, which began today in Boston.

With Linux spreading into mobile and embedded devices, manufacturers have confronted increasingly complex combinations of open source code and commercial code and need guidance on what rules govern the operation of the two. Linux often underlies telecommunications companies' operations. It's often bundled with other open source code to finds its way into the operation of product as an embedded system.

Facing such complexity, his foundation is trying to show "how we can create a vaccination for the software industry" against compliance issues, said Zemlin.

The foundation has released a set of code scanning tools, including a Dependency Checker, which can identify what code is linked to what. If open source code is linked to commercial code, that affects how it can be used, and the tool offers a license policy framework that would allow a code manager to define what licenses he needed.

1 of 2
Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Government, May 2014
NIST's cyber-security framework gives critical-infrastructure operators a new tool to assess readiness. But will operators put this voluntary framework to work?
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.