Introduction
Allen Brown, President of the Open Group
Allen began the conference by welcoming the delegates, and explained the
meaning of the term 'Boundaryless Information Flow'. The term 'the
Boundaryless Enterprise' invented by Jack Welch
of GE expressed the aim to break down artificial and undesirable barriers to the flow
of information within organizations and between them and their business partners. Open
Source has an important part to play in this process, and Allen introduced the
audience to what promised to be a remarkable series of presentations on this
key topic.
He introduced the keynote speaker, Andrew Josey.
Andrew Josey began by giving several examples to stress the reality of the
Open Source market and the extent of the available applications. He explained that he intended to cover five topics in his presentation:
-
Introduction to Boundaryless Information Flow
-
Usage of Open Source in the Corporate Enterprise
-
What is Open Source ?
-
Barriers to Implementation
-
The role of Open Source in tackling the challenge
Introduction to Boundaryless Information Flow
Andrew pointed out that all business depends upon flows - of ideas, designs, raw materials, finished products,
cash and information. In recent years the tendency to put together
cross-functional teams has emphasized the need for effective communication of
information between departments and organizations.
To achieve Boundaryless Information Flow an organization needs to put in place an infrastructure that brings information together and provides that information to those
users and applications that need it.
As an example of the effect of Open Source software in achieving Boundaryless
Information Flow, Andrew referred to the Internet, which is built on Open Source Software,
and demonstrates much of the potential of Open Source - it has removed many barriers, and is reliable,
multi-platform, multi-vendor, and is built upon open standards. It has
also set high expectations of the capabilities of information systems.
As another Open Source example, Andrew referred to the Apache web server,
which is used by 66% of web servers on the internet.
Usage of Open Source in the Corporate Enterprise
A recent survey of 260 IT managers showed that
-
64% use Open Source Operating systems like Linux and BSD
-
57% use Open Source Web servers
-
56% use Open Source Web service protocols such as XML, SOAP
-
52% use Open Source Programming Languages and Tools
-
13% were not using Open Source products
He then moved on to consider why companies are using Open Source products,
and suggested five reasons:
- There is much less re-invention of the wheel, and organizations can choose
the best of breed and build upon the achievements of others.
- The licensing policies - non-discriminatory, royalty-free - of the
suppliers give much more freedom and potential for development.
- It is easier to switch suppliers because the same source is available from
different sources, so there is less risk attached to, for instance, a
supplier going out of business.
- Open source allows customization of a product to make it fit for purpose -
although this may be a mixed
blessing
- Finally, Open Source provides a way for organizations to collaborate, and
many are doing so.
The early adoption of Open Source products such as
Sendmail,
Apache,
Perl,
Samba and
Linux provided the core communications to drive the internet service that we see
today, and higher level applications like
Mozilla,
OpenOffice.org,
PostNuke,
Zope and
OpenSOAP are building on this achievement. These will become increasingly
important as the level of interoperability is raised.
Andrew summed up this section with two quotations:
“Open Source has introduced new licensing models and a new development paradigm”
(Carly Fiorina, CEO, Hewlett-Packard);
“Their community is very, very good, and we're hard at work trying to follow that model.” (Jim Allchin, Group Vice President Microsoft).
What is Open Source ?
Andrew introduced a definition from the Open Source Initiative (OSI):
“The basic idea behind open source is very simple: when programmers can read, redistribute, and modify the source code for a piece of software, the software evolves. People improve it, people adapt it, people fix bugs. And this can happen at a speed that, if one is used to the slow pace of conventional software development, seems astonishing.”
There have been 35 licenses certified by the OSI - including one for the Open Group test suite.
Open Source software is often described as 'Free' - Logiciel Libre; Andrew
pointed out that it is free as in free speech, not as in free beer! - free Software does not mean non-commercial
software.
He moved on to discuss the seminal paper, 'The Cathedral and the Bazaar', by Eric
Raymond. In this paper the traditional development model is likened to a
cathedral, with a small group of individuals - the monks - quietly developing
software in isolation. In contrast, the
Open Source world operates rather like a bazaar, with many people developing in
parallel and a leader working to make order out of the chaos. In this
model, the credo is
“release-early, release-often”.
There has been a similar change in the standards movement, from standards
being developed by a limited number of people, with restricted distribution, to
the open environment now adopted for development of the POSIX standards.
Since 1998 Open Source has become part of the IT Mainstream. The most
significant event was perhaps the announcement by Netscape regarding the source release
of Mozilla. Whether the strategy worked in practice, it acted as a
catalyst for other companies to adopt the idea. IBM then followed suit
with Apache, and HP, SGI, Sun and others announced support for Linux on their
hardware. Sun have made the source for Solaris open, and recently The Open
Group have made added Open Motif.
Barriers to Implementation
Andrew then moved to consider the barriers to implementation, both technical and cultural.
-
Projects still need good management and architecture
-
Need to reaching and engaging developers
- There is still a need to establish a development infrastructure (the homestead).
In this context, SourceForgeTM.net provides a community homestead that removes many of the
technical boundaries to developing an OpenSource project. It is the world's largest open source software development website,
with over 48,000 hosted projects and half a million registered users.
He then described OpenPegasus, which is an Open Source project homesteaded by
The Open Group.
Currently there are 30 engineers working on the development. It provides an open implementation of a standard manageability infrastructure
(WBEM), and is an excellent example of where Open Source has made a real
difference.
The role of Open Source in tackling the challenge
He considered some market trends that affect the movement towards Open
Source:
-
Moore's Law still applies - the continual doubling of disc space and processing power
-
Bandwidth is increasing, albeit less quickly.
-
Computing and communications proliferate beyond the desktop, with smart devices (phone, pdas etc) becoming pervasive
and embedded solutions increasingly wanting to reuse software because these products are price sensitive.
To achieve Boundaryless Information Flow we need to standardize at higher levels above the platform,
and incresingly
Open Source is providing such middleware solutions - Andrew cited Zope and PostNuke - objected oriented web application servers,
and integration tools such as
XML and OpenSOAP.
Turning to the potential barriers to success, Andrew considered the
likelihood that with products that can be changed, they will be changed; how can we be sure of compatibility and interoperability?
how can we be sure we do not lose the benefits and stimulate uptake? There is a need for standards and certification to ensure that these barriers
are overcome.
The Open Group is tackling the challenge represented by Boundaryless
Information Flow and utilizing Open Source as part of the solution, providing
certification and testing, a homesteading environment, and Open Source Project
Management in collaboration with the Open Source community
In conclusion he asked delegates to complete the on-line survey at http://www.opengroup.org/cannes2002/survey/
.
Questions:
Q: Bill Estrom, University of St. Thomas: How do we know whether the
SourceForge projects are active?
A: Andrew Josey: It is possible to look at the activity rating, so it is possible to work
out how many are active.
Q: Hirokazu Narita, Fujitsu: I understand that there are various licensing
conditions for each of the Open
Source programs. What is your view?
A: Bruce Perens: There are 34 licenses accepted by the OSI; a lot of them are
not compatible with each other, so we settled on 4 licenses for this
consortium of colleges and industry to use. On the most restruicve side
there is the GPL license; on the least restrictive side there is the BSD
license, which puts almost no requirements on licensees; however, these are compatible with each other. You need to choose a set of licenses
that you will stick to.
Q: David Emery, Mitre: One of the earliest Open Source projects was the Ada
compiler validation test suite; another example of where the Ada community did
something right that nobody noticed.
Top
Having reminded the audience that Linux is a trademark of Linux Torvalds, and
Unix is a trade mark of X/Open, Maddog Hall explained that he wished to consider
four topics:
- Free and OPen Source
- The (r)evolution of free software
- Linux definition and uses
- The use of Linux in three markets: business, government and education
He asked the audience four questions:
- How many have ever had a problem with proprietary software (commonly the
answer is 95%)
- How many have sent a bug report (... 75%)
- How many have ever got back a bug fix (... 2 or 3)
- How many have had to adapt the way you do business because of the
restrictions of proprietary software
He expressed the view that this last point is the most significant: this is
the hidden cost of using proprietary software.
Free and OPen Source
'Free' software is not necessarily free of cost, nor of obligations. Free means
'a freedom to read and change and redistribute the source code' and the license enforces rights and obligations.
The terms of the General Public License (GPL) basics are very simple - if you take someone else's code, change it,
and redistribute it, you are not allowed to restrict the next person's right to
less than you had. However, this does not mean that your application has
to be Open Source.
He pointed out that free software is not new. In the early days of
computing, all software was written under contract, and was owned by the
customer.
The (r)evolution of free software
Maddog summarised the decline and re-emergence of free software.
- In 1969:
- the DEC User Society gave away free software, the only charge being for
the copying service
- Unix was started on a PDP-7 at Bell Labs, and Universties were
able to get a campus-wide licence for $350, and
- Linux Torvalds was born in
Helsinki.
- Even in the 1970's free software listing were published for
microcomputers.
- In about 1980, shrink-wrapped software began to appear, and packages of
software were available in computer stores, but the source was not available.
- In 1983, companies started to bring out binary-only versions of UNIX, and
after a while this practice became the norm.
- In 1984, Richard Stallman started the GNU project, with a fairly sopisticated text
editor - Emacs, and then developed Compilers, Libraries and shells, and in 1991
he incorporated this into the Free Software Foundation.
- In 1994 124,000 people were using the v1.0 of Linux kernel, and small
companies started to create niche markets.
- In 1995 160 Alpha processors working together in the 'Beowulf' in creating
the film 'Titanic'. If they
had used another operating system the most expensive movie of all time would
have cost abother $500,000.
- Today Linux ships on 1/3 of all low to mid-range servers (WinCE is 4th),
and runs on 75% of all supercomputers in the world. It has passed Apple in desktop sales.
So what are the reasons for using Linux now? The most significant
factor is the low cost of hardware, and the high cost of proprietary software.
A powerful computer can be bought for $1000, but the software can cost 2-3 times
what the hardware cost.
The internet allowed Open Source to grow because it enabled a large community
of people to collaborate.
Finally, the internet made Open Source necessary because bugs that were found in Web servers needed
to be cured very quickly. Maddog gave the example of a pervasive bug in all versions of
UNIX, which a proprietary company
was able to produce a fix in 2 weeks; however it took the open source community
only 4 hours to achieve the same thing.
Maddog also referred to the development environment at www.sourceforge.net,
and gave some figures for the numbers of projects and developers involved.
Not every project may succeed, but when a development company goes out of business the source it produced is
available for others to build on. Even if only 10% of the projects come to fruition that's still more projects
than any other software company on the earth. There are 1246 research universities in China: what happens when they start
contibuting?
Linux definition and uses
Maddog moved on to the applications of Linux, and pointed out that many very
complex problems - weather forecasting, imaging, oil prospecting, data mining - can be solved by
hooking inexpensive systems together, and by using Open Source software.
In the old days of supercomputers, they each had a difference architecture and
operating system, and suppliers had to charge huge amounts for the software
because the market was so small. Now, the equivalent of a supercomputer
can be built for one fortieth of the price, using Open Source software.
Linux creates the perfect ISP machine, or file and print server, or database
engine, or firewall. It is possible to take a cast-off pc and use it for these basic tasks.
There is a need to use different hardware for different environments, but
there is no longer a need to use different operating systems, and Linux provides
a secure multi-user, multi-tasking operating system. Maddog gave examples
of embedded systems built using Linux, down to a watch produced by IBM as a
research project.
The use of Linux in three markets: business, government and education
Finally, Maddog considered these three markets.
The duties of business are to make money or save money, to make a superior
product than the competition, and then to give back to society jobs, a healthy
environment, and research
The duties of Government are to do those things that it is impossible for
individuals to do: to protect rights of individuals and minorities, to guard the
common good, and to provide defense, education, jobs and health. The
government of a small country like Estonia understands this, because many of
their population do not speak English; what are they to do? The government
of China also understands this - hence their interest in Open Source.
The duties of a university are to create a thinking electorate, to educate
workers for business and industry, and to research and publish new ideas.
Open Source software allows the substitution of paying for tailoring vs
paying for “Intellectual Property”. It brings local jobs, not trade
deficits, enabling local employees to buy local food, local housing, pay local
taxes. It builds a local software industry, allows better solutions,
creates more stable software, and allows more innovation.
Freedom of the Source code allows freedom of competition and good support,
allows business decisions to be made. It allows minorities to provide for
their needs, and lowers the barriers to entry for new companies.
“Linux is inevitable” - Jon “maddog” Hall, May 1994
Questions
Q: Charles Richardson: many Open Source companies have gone out of business; many of the
problems you described with proprietary software also apply to open source.
A: Maddog Hall: There are a lot of companies that have gone out of business with open
source software, they had a bad business model, or bad management. As the
marketplace becomes larger, we believe trhat they will become stable. So far as maintenance is concerned,
with Open Source software you have the option of changing the code;
it's a business decision. WIth proprietary software you don't have that
choice.
Top
|
|
|
|
Ken Linker
COE (Web COP) Community Process Coordinator,
with DISA's NCES Common Operating Environment Program Office.
|
Introduction
Ken began his presentation by explaining that he intended to present some of
the findings and issues that hed emerged from a recent study on Open Source Software in DOD – A DISA View.
Open Source provides much of the underpinning for DoD, and the purpose of this briefing is to provide an overview of the draft approach to open source
software in the DoD environment and some of the concerns that are being
addressed.
The DoD's definition of Open Source Software is 'Software where the source code is publicly available and others may modify and
redistribute it'.
He reported on a survey conducted in March, 2002 which identified four main categories of open source
software usage: infrastructure support, software development, security, and
research. So use is widespread.
However, the survey had unearthed several concerns with using Open Source, in
particular the risk of exposing vulnerabilities, the potential for introduction of Trojan
software, and the potential capture of software by GPL Licenses. He went
on to consider these points in further detail.
Concern 1: Exposing Vulnerabilities
The problem is that Open Source facilitates subversion by hostile analysts of otherwise reliable software.
On the other hand, Open Source allows pre-emptive identification of security holes by friendly analysts.
The issue is, which form (open or closed) better supports a “friendly-attack”
strategy, and the answer is - Open Source. Considerations for DoD usage
are:
-
Quality of software -
OpenBSD O/S has used “friendly attack” analysis very effectively and is
widely recognized as not a security risk.
-
How software is supported - software with little community interest is a poor candidate for an open source
approach
Open source contributions to IT Security include the early identification and rapid closure of security
holes, and the development of sophisticated security applications (ex. SARA and Snort) for
in-depth analysis of network and computer security risk.
Concern 2: Introduction of Trojan Software
Trojan software is hostile software that has been covertly placed in ordinary
“friendly” software applications. In a closed-source system it would
be inserted through binary code executables; this is harder to insert in the development process but also more difficult to detect in
large application. In an
Open-source system it would be introduced as contribution to the development process
through code corruption at an open-source web site.
The DoD conclusion is that the risk of Trojan software in open source appears to be no greater than
the risk for
proprietary – maybe less, due to the ability to perform friendly analysis, the
difficulty in introducing large binary Trojans without detection, and the
availability of authoritative sources for most open source code used by DoD.
Concern 3: The capture of software by GPL Licenses
The issue is that when GPL source code is directly incorporated into new software, the
entire new module must be given a GPL License. For DoD, “capture” of proprietary software is a concern for the areas of
software development and research support.
However, there are ways of preventing GPL propagation into proprietary software,
including combining GPL and non-GPL licensing, and the use of the Lesser GPL (LGPL).
The conclusion is that with reasonable care GPL software can be used without disrupting other licenses.
Furthermore, the introduction of unusually restrictive licenses (e.g. Microsoft MIT EULA)
presents a more significant issue.
Intellectual Property Rights
IP rights play a key role in providing incentives for commercial firms to invest
in innovative products, and the
DoD remains committed to protecting the IP rights of commercial developers and
not endanger those rights through inadvertent or intentional disclosure of their
software code.
Ken concluded by saying that the DoD has begun to understand the extent of open source software usage,
and is interested in the perspective of industry partners.
Ken Linker,
(703) 882-1146
linkerk@ncr.disa.mil
Questions
Bruce Perens: I would just like to comment on the issue of GPL contamination;
I am forced to the conlusion that Microsoft's argument about EULA is FUD.
Legally it doesn't
make sense because you never had any right to give away Microsoft code.
Q: Dave Emery, Mitre: do you see a trend towards procuring certain kinds
of software as Open Source.
A: Yes, within our current operating environment we have Web enabling program
where we are trying to use a modified open
source process. We have a Linux kernel that is available for those who
wish to download it. So we are moving towards Open Source, but we still have a lot of
proprietary software running our mission-critical systems.
Top
Introduction
Mary Ann began by asking how many in the audience were using Linux in their
organizations - and estimated that over 50% had raised their hands.
She went on to say that she intended to talk about the role of IBM in the
Linux market - what brought it into the market and how it saw the future
developing. IBM in the last 10 years has redsigned its business around
Open Standards, and sees Linux as the embodiment of Open Standards at the
Operating System level. So Linux is a key underpinning of IBM's future
technology.
Mary Ann described the stages in the Internet revolution: the development
from Networking (TCP/IP) to Communications (email), via Information (www) and Open Standards (Linux, SOAP,
WSDL, GLobus, XML), to Distributed Computing (The Grid).
Grid Computing
She described Grid computing. The concept is that you take IT components
and technology and create an environment that works in the same
way as an electricity grid, in which utilities are paid by usage, customers pay
based on their consumption. With the acceleration in development of IT
technology, the next level of technology shift is to create a World Wide
Grid. The challenges associated with this are extraordinary, and they will
put more focus on creating the autonomic systems that enable this to work.
Systems need to be able to adjust themselves -
optimising, protecting, healing, in way similar to the human immune system.
She reported that there has been a lot of progress in this area, built upon
the assumption of an underlying technology, and went on to mention some active
projects. In these Open Source had not been the only component, but it had
been a fundamental component. In particular she described a grid project in
the University of Pennsylvania. Has two
healthcare-relate activities which illustrate how Open Standards are going to change
the framework of how services are delivered.
- Digital mammography archive; in rural America it could take a long
time to diagnose breast cancer. Here they have established a network
and put all the speciality centers
on-line, reducing the diagnosis time from up to 2 months to a matter of days.
- In the other program they have a DNA program where can now analyse DNA for HIV-positive
patients much more quickly, and hence can
prescribe drugs much sooner.
Open source is a key part of this because without it there would not have the
collaborative environment for
making this happen.
We can begin thinking about the concept of on-demand Grids in which Open
Source software can be intermixed with commercial software.
Market adoption of Linux
Mary Ann commented on the market growth of Linux, and reported the comments
of analysts:
- Linux will have the fastest growth in 2002, at almost 50% over
2001 (Gartner Group, December 2001)
-
Linux will have a "breakout year" in 2002. Now it seems clear that
Linux has become a viable alternative for enterprise use. (IDC, January 2002)
-
Exploring Linux - especially on the server side - should be part of an
organization's IT investment portfolio. ...viewed as an insurance policy to
hedge against future incursions into your wallet. (META Group, August 2001)
She reported that in 2001, IBM invested $1bn in Linux, and that investment is
continuing. The company has ported Linux to run on all IBM hardware and middleware
products, and will support Linux to the same level as proprietary systems.
There are many healthy relationships with distributors. Over 5000 people
have been trained, and are working with Linux in many different areas. In
the Linux development centre, IBM staff are working on 70 different topics to improve
the Linux
kernel.
In addition to companies like IBM, many ISVs are also adopting Linux. Over 3600 application providers have ported their products to Linux -
the attractions are the size of the potential market, and the reduction in porting costs because
the environment is hardware independent. SAP use Linux as a reference
platform for development.
Mary Ann reported that 50% of IBM's Linux business in the public sector in
2001 was in Intel-based clusters, and typically clients saved 50-70% on
infrastructure costs. This opens up this kind of technology to all sorts
of new applications - oil companies can now perform much more analysis within
their budget; this is beginning to happen in industries throughout the
world. The R&D comunity is moving to the point where it standardizes
on Linux. She also referred to mission critical applications in many other
markets - banking, airlines, retail point of sale, eCommerce - that are based on
Linux.
In the Government market, the drive for improved security is driving the
growth of Linux - the 'many eyes' approach. Other considerations include
vendor independence, improved system capabilities, faster technology, and
reduced cost. Service to the citizen can improve because less time is
spent on the infrastructure.
On the legislative side, several countries have ruled that in government
procurement, Open Source must be considered. These include the United Kingdom,
Venezuela,
France,
Germany,
Belgium, and Brazil. The biggest weakness that many governments see is that they don't have the
training, and this is an exciting endeavour for IBM to be engaged with.
Linux is a particular interest in many countries, - Mary Ann highlighted India,
where 40% of IT skillls are
UNIX based) and China.
Questions
Q: Richard Chamberlain: I know that IBM is working with NetBSD and FreeBSD - can you
enlighten us
A: Mary Ann Fisher: I'm not up to date
Q: Dave Emery, Mitre: I'm interested in the situation when the Government sources
an Open Source product that competes with
proprietary.
A: To be successful an Open Source product needs a vibrant international
community. IBM's view is that Linux, TCP/IP, APache, have taken off.
When you move into more specialised areas, that's probably the place where you
want to stimulate the application provider. The European Commission is
encouraging European member Governments to collaborate on eGovernment projects.
Top
|
|
|
|
Larry Rosen
Founding Partner, ROSENLAW.COM LLP; Secretary and General Counsel of Open Source Initiative
|
Larry began his presentation by defining the term 'Open Source'. Open
Source software is not necessarily free: what distinguishes it is the rights of
the owner:
An open source license safeguards the rights of anyone, anywhere, for any
purpose whatsoever, to use, copy, modify and distribute (sell or give away)
the software and to have the source code that makes those things possible.
(note that a full definition is available at http://www.opensource.org/docs/definition.php).
Larry then spoke about the different types of licenses. The Open Source
Initiative has to accept licenses that are valid according to the Open Source
Definition, but it is trying to reduce the number of licenses in common use and
to improve their definitions.
Currently, licenses have been awarded as follows:
- Academic licenses: BSD, MIT, X11, UoI/NCSA, Apache, Academic Free License
(AFL)
- Reciprocal licenses: GNU General Public License (GPL), Open Software
License (OSL)
- Commercial licenses: IBM, Sun, Apple, Nokia, Intel, Mozilla, Jabber
- Standards and testing licenses: SISSL, The Open Group
- Content licenses: www.creativecommons.org
However, the GPL and BSD licenses are no longer completely adequate to meet
the needs of the community, so Larry then moved on to describe two new licenses,
intended to replace the others as far as possible.
Academic Free License
The Academic Free License is similar to the BSD, MIT, UoI/NCSA and Apache
licenses in many respects but it is intended to solve a few problems with those
licenses. It applies to any original work of authorship whose owner has
placed the following notice immediately following the copyright notice for the
original work: "Licensed under the Academic Free License version 1.1."
Unlike the BSD and Apache licenses, the AFL clarifies the copyright situation
by including a complete Grant of Copyright License:
Licensor hereby grants to any person obtaining a copy of the Original Work
("You") a world-wide, royalty-free, non-exclusive, perpetual,
non-sublicenseable license (1) to use, copy, modify, merge, publish, perform,
distribute and/or sell copies of the Original Work and derivative works
thereof, and ...
Similarly, it contains a complete Grant of Patent License:
... (2) under patent claims owned or controlled by the Licensor that are
embodied in the Original Work as furnished by the Licensor, to make, use, sell
and offer for sale the Original Work and derivative works thereof, subject to
the following conditions.
The AFL License contains a copyright warranty:
Licensor warrants that the copyright in and to the Original Work is owned
by the Licensor or that the Original Work is distributed by Licensor under a
valid current license from the copyright owner.
Except as expressly stated in the immediately preceding sentence, the
original work is provided under this license on an “AS IS” basis, without
warranty....
It also contains a clause that applies if the license holder takes any patent
action:
This License shall terminate automatically and You may no longer exercise
any of the rights granted to You by this License if You file a lawsuit in any
court alleging that any OSI Certified open source software that is licensed
under any license containing this "Mutual Termination for Patent
Action" clause infringes any patent claims that are essential to use that
software.
Other provisions in the AFL License include:
- Right of attribution
- Exclusions from license grant
- Limitation of liability
- License to source code
A definitive description may be found at http://www.opensource.org/licenses/academic.php
Open Software License
Larry went on to describe some of the provisions of the OSL.
Both the General Public License and the Open Software License include the
concept of reciprocity: “I will license my software to you on the express
condition that any derivative works you create and distribute must be licensed
to everyone under these same license terms.” However, whereas the GNU
General Public License is a copyright license, the Open Software License is a
contract.
Grant of Copyright License
Licensor hereby grants You a world-wide, royalty-free, non-exclusive,
perpetual, non-sublicenseable license to do the following:
- to reproduce the Original Work in copies;
- to prepare derivative works ("Derivative Works") based upon
the Original Work;
- to distribute copies of the Original Work and Derivative Works to the
public, with the proviso that copies of Original Work or Derivative Works
that You distribute shall be licensed under the Open Software License;
- to perform the Original Work publicly; and
- to display the Original Work publicly.
Grant of Patent License
Licensor hereby grants You a world-wide, royalty-free, non-exclusive,
perpetual, non-sublicenseable license, under patent claims owned or controlled
by the Licensor that are embodied in the Original Work as furnished by the
Licensor ("Licensed Claims") to make, use, sell and offer for sale
the Original Work.
Licensor hereby grants You a world-wide, royalty-free, non-exclusive,
perpetual, non-sublicenseable license under the Licensed Claims to make, use,
sell and offer for sale Derivative Works.
He described some other provisions in the OSL that are not in the GPL,
including statements relating to external deployment - any time you externally
deploy you incur the obligation of reciprocity - and jurisdiction - any lawsuit
will be resolved under the jurisdiction of the licensor.
A definitive description may be found at http://www.opensource.org/licenses/osl.php.
Finally, Larry emphasized the need for licenses to be taken seriously and
considered carefully, and for licenses to be read not as programmers read them
but as lawyers read them.
Questions
Q: Jim Bell, HP: Is the Mutual Defense Clause subject to abuse by someone with a
dubious patent who would hide behind the pooled power of those with legitimate
patents?
A: Larry Rosen: Many of us believe that many patents are dubious, and are
granted improperly by the patent office. To be more fair, I don't believe
that this is a clause that is going to allow people to tread on other people's
patents. If someone takes a patent and concerts it into proprietary
software, they can still be sued.
Q: Dirk-Willem van Gulik: The licenses you have described are essentially
one-way, whereas the Open Source process is a two-way thing, with developments
feeding back into the original product.
A: Larry Rosen: There are two important styles of licenses: the Academic License
says 'do what you want with it, including turning it into proprietary software';
others believe the reciprocity provision is the most important thing in the Open
Source world. Apache has chosen a license similar to the AFL, whereas
Linux has chosen to use a reciprocal license.
Top
Background
Dirk-Willem van Gulik introduced the Apache Software Foundation as a
volunteer organization - so all the members have two hats - the real one, and the
one with the apache feather. Over the years the Foundation has
grown to the point where now there are over 100 projects and over 1000
developers.
He explained that the Apache Web server project was founded in 1995, when the
NCSA dropped their Web server. The project was established with the goal of maintaining an open source, secure, efficient and extensible server
that provided HTTP services in sync with non-proprietary World Wide Web
standards.
What was to become the ASF began as an informal group of interested users,
and the need to become a legal entity arose only when they were approached by
IBM, who did not want to develop their own software. To this day, IBM
WebSphere consists largely of Apache components.
Apache is now the #1 web server, and runs on about 19 million sites, some 68%
of the market.
Why the name Apache? The project took its name from the conduct of the Kiowa Apache tribe, where
someone was appointed on merit to the task to which they were most suited, and
there was no centralized tribal organization. The criteria for including code is
simply that it should be well-written and
standards compliant with few license restrictions.
The Apache Software Foundation owns the intellectual property and copyright and acts as
the legal owner.
Development Process
The Apache
Development Process is built around a group of trusted 'core' developers
who have direct write access to the CVS repository. They work on what they
want, when they want. When they have completed something that they are
happy with, they build it into the repository.
Having so many developers creates issues and conflicts, and there is a need
to choose between implementations; there is therefore a process of conflict
resolution via voting. The Apache Groups is not really a democracy.
The process is that there are three ways to vote:
- Yes - I approve of this change, and I will help to maintain it in the
future
- No - I veto this change, and I am willing to work to solve the problem
- Shrug - I accept the view of the others
For something to be agreed there is a need for at least three 'Yes' votes,
and no Veto.
The process means that the only people who vote are those who are specialists
in the issue concerned.
This process leads well to mitigate conflicts and ensure an effective rough
consensus.
The decision to make a release is operated on a fairly informal basis,
releases happening when there are no serious issues to be resolved, with a
formal testing phase before release.
There are two Licenses for Apache: an Open Source License and a Free
License.
The Open Source (Academic) License is very short, and legal. It says,
roughly speaking, 'do not
remove the license, do with it what you want, and if it breaks, you cannot not sue
me'. Programmers can do what they want, and new developments cannot make
their way back to the community.
The Free Software License (GPL) conditions are, basically, 'do not
remove the license, if you give the product to someone else you must give the
source too, and if it breaks, you cannot not sue me'.
This has the effect that the code stays free and open. Companies like
IBM, Sun, Oracle, all sell their own Web server, based on Apache.
The Apache Vision
Dirk-Willem went on to describe the vision of the Apache Software Foundation,
which is to provide an environment for effective long-term development and maintenance of
a free, commercial grade, open source product. This requires an organization that will outlive any single contributor or
volunteer. The vision is built on the belief that real innovation occurs
when a contributor is able to implement his, or her, own ideas, at his own pace
and for his own purposes. The community-based development fosters synergy
and forges a common goal and still supports the work of individual innovators.
The aim behind the Apache License is that the software should be usable and
modifiable by the largest number of people for any purpose they see fit, and
therefore the ASF license is based on the BSD (Academic) license.
The Apache Software Foundation has about 60 members, of whom about 20 have
organizational role, and some 800 'committers', with access to the code
repository.
Each project has a Project Management Committee of some 4-10 people, and
around 10-150 people who can commit code.
The main projects at the moment are:
- The Web Server
- The Java engines
- XML/XSLT parsers and generators
- Languages - Java, TCL, Perl
The majority of work is currently being devoted to Java and XML.
Top
|
|
|
|
Yukinori Kakazu
CTO, Technoface Corporation, and President of Hokkaido University
Computing Center, and
S. Yoshii
Research & Development Manager, Softbank Commerce Corp
|
Introduction
Professor Kakazu began by thanking Jack Fujieda for his help in enabling him to
speak at the conference, and explained that he intended to talk about the
OpenSOAP project itself, and Yoshii-san would discuss OpenSOAP Applications.
Eight members of the Hokkaido University Computing Center were in the hall,
and they were welcomed to the meeting.
Kakazu-san explained that the Japanese Ministry of Economy, Trade and
Industry had decided to budget $194M for Open Software. He described the
components of the e-Japan Priority Program
- GRID Computing - Business GRID, working on Web services, and Research GRID,
working on high power computing.
-
Next generation software development - ubiquitous computing, mobile environment.
-
superSINET - a
10Gbps national backbone for Universities
He described Information Technology as a method of minimizing the increase in
entropy that is caused by human activity, by achieving cost reduction, energy conservation,
waste reduction and improving quality (these are functions of legacy systems)
and by improving transparency, ease of access, and the free exchange of
information, technology and ideas (these are functions of Open Source).
In order to achieve these goals several things are needed, and the OpenSOAP
Project sets out to meet these requirements:
- Technologies for a 'Hetero Collaborative System' which are
multi-platform, and which bridge to legacy systems
- A development policy for practical use, which provides interoperability with other implementations
- An organization capability which provides for collaboration among industry, academia and government,
with a hybrid-project cooperation with each role
The OpenSOAP Project is sponsored by
METI: The Ministry of Economy, Trade and Industry, and there is an entrustment research contract from April 2001 to March 2002.
The project is entitled
“Development of Middleware as Platform for IT Application Services”, and the
founding consortium members were six enterprises and four universities.
The objectives of the project are to prompt IT ventures to join the consortium,
to develop a low-cost web services platform, and to provide a technical platform everyone can
use, using Open source and Freeware.
OpenSOAP, its History and Future
Professor Kakazu continued by summarizing the achievements to date:
-
2001.Jun: Started development
-
2001.Dec: Core package 1.0 Beta released (SOAP Implemented API and SOAP Server)
-
2002.Mar: Core package 1.0 released (Implementation of Secure Messaging,
Legacy Bridging, Transaction Managing, Applications)
-
2002.Feb: Technoface Corporation was established to support the OpenSOAP
Project
-
2002.Sep: Interoperability Test with other SOAP Implementations (DOPG)
-
2002.Sep: Core Package Ver.1.0-20020930 released (monthly release)
(Bug fix, Additional samples, Functions and Tools)
Future Plans for the project are:
-
Ver.1.0 free (~2002.Dec) Stabilizing - a full implementation of the SOAP specification,
and an estimation tool (Soapping/Soaptrace), etc.
-
Ver.1.1 free (~2003.Mar) For Practical Use -
Loose transaction API, Server log management,
WSDL to Source Code converter, etc.
-
Ver.1.1 Pro. (~2003.Mar) Improvement of User Interface -
Database connection interface,
Server management GUI, Source code builder GUI, etc.
-
Ver.2.0 free (~2003.Oct) Challenging Technologies -
CoS support, Dynamic connecting, etc.
-
Ver.2.0 Pro. (~2003.Oct) Advanced Technologies for Business - priority queuing,
massive system, message managing system, etc.
The lessons learned from the project will feed back to the organizations
interested in the project.
OpenSOAP: Technology and Applications
Yoshii-san explained that he had been involved in the OpenSOAP project from
the beginning and was now responsibile for the development of a new
business model based on Web Services.
He described the technical characteristics of the OpenSOAP implementation,
which is ready to use and available for free as Open Source.
-
SOAP Specification 1.1 and 1.2
-
Multi-platform - the Windows family, UNIX family, and Linux family
-
Several software languages can be used to develop applications - C, C++, and Java
-
Encryption and security functions, based on PKI.
-
OpenSOAP provides a bridging interface with legacy systems -
CORBA, DCOM etc.
-
Messaging and transaction management: asynchronous communication, roll-back system
-
Document-centric implementation
One unique aspect of the OpenSOAP project is its organization, involving universities, research institutes, system integrators and IT
solution companies.
Yoshii-san went on to describe some specific application projects.
- He described the OpenSOAP Mobile Phone application, developed by Hokkaido
University, which provides Web services exploiting a Java VM on mobile phones.
This is executable by 15 million mobile phones on the market in Japan.
- Yoshii-san went on to describe a robot control system developed by the
University of Tokyo. The interfaces designed for embedded systems
provide for the control of module-based robots using OpenSOAP.
- A third application was for an online amusement game, played against
another player.
- Within Hokkaido University, a project had been created to expose a massive computing capability by
exploiting OpenSOAP, enabling everyone to have access to the power of a super computer on the Internet,
with users charged according to the computing time they had used.
- Softbank Commerce Corp is working on its own project on the orchestration
of Web Services, exploiting a 'Wallet' service for charges and settlements.
An Interoperability Evaluation had demonstrated that OpenSOAP could communicate
with the following products:
- Sun Microsystems, Inc.: J2EE SDK 1.3
- NEC Corporation: ActiveGlobe WebOTX Ver4.2
- Oracle Corporation Japan: Oracle9i Application Server Release2
- Hitachi, Ltd.: Cosminexus
- Fujitsu Limited: INTERSGTAGE Application Server V4.0L20
- Sarion Systems Research: SOAP4R v1.4.7
- Oracle Corporation Japan: Apache Axis 1.0RC
The projects had demonstrated that 'OpenSOAP is the best way to develop e-commerce Web services because of its security and transaction management
functions.', in Yoshii-san's closing phrase: 'OpenSOAP has just taken off'.
Top
Martijn Dekkers began by pointing out that the Open Office project was
precisely two years old, having celebrated its birthday on the previous day.
He described OpenOffice.org as a fully-featured Office Productivity Suite, based
on an
Open Standard, XML Based File Format. He stressed the importance of the
fact that this file format is documented and publicly available, compared to
most Office suites, which save their files in proprietary formats.
OpenOffice is a multi-user, multi-platform application, supported on
Windows 9x, 2000, XP;
Linux, LinuxPPC;
Solaris 7, 8 (SPARC & x86); and
HP/UX, AIX, SCO. Under development are support on IRIX, S/390, Tru64, MacOS, MacOSX.
He described a rich functionality:
Writer: Word Processor/HTML Editor;
Calc: Spreadsheet;
Impress: Presentations, and Draw: Diagrams. It is licensed under LGPL (the
Lesser General Public License) and SISSL (the
Sun Industry Standards Source License).
Sun Microsystems is a major benefactor of OpenOffice. They purchased the
German company StarDivision, the developer of StarOffice, and made available the
majority of the code under an Open Source License. They provide a
significant part of the infrastructure and employ several full-time staff.
In addition there are many developer volunteers working on porting, the build
system, and packaging, as well as non-developing volunteers who provide
marketing, a website, Q&A, and support.
He included in the users of OpenOffice a wide range of people and
organizations: individuals, small businesses, schools, and governments. In
addition it is pre-packaged with Linux distributions such as
Debian,
RedHat,
Mandrake,
SuSE and
Gentoo.
He presented some impressive statistics:
- 9,000,000 Binary Downloads
- 7,500,000 Lines of Source
- 2,000,000 Source Downloads
- 2,000,000 Site Views Per Month
- 75,000 Community Members
- 37,500 Source Files
- 2,500 Messages Per Week
-
Estimate 2.000.000 Regular Users
and presented a timetable of development:
-
Aug '99 - Sun buys StarDivision
-
Jul '00 - OpenOffice.org announced
-
Oct '00 - OpenOffice.org live
-
Feb '01 - Printing subsystem was integrated
-
Apr '01 - Released first Alpha code to Mac OS X
-
May '01 - Spelling integrated
-
Jun '01 - ODK released
-
Sept '01 - Help integrated
-
Oct '01 - 1,000,000 Downloads
-
Apr '02 - Formalised Marketing project - unique in the Open Source world.
Very dedicated group of people.
-
May '02 - Release 1.0
-
May '02 - 6,000,000 Download
-
May '02 - 5,000 Community
-
May '02 - 2,000 Posts per Week
-
May '02 - Mac OS X Dev Build
-
Jun '02 - 55,000 Community
-
Jul '02 - Mac OS X Dev Milestone 2
Recently OpenOffice had won the LinuxWorld 'Evolutionary Enterprise' Award, and
the Linux Journal 'Best Office Productivity' Award.
He described the capabilities of
Writer – The Wordprocessing Application; Calc – The Spreadsheet Application;
Impress – The Presentation Application and Draw – The Diagramming Application.
He described the OpenOffice community: its mission “To create, as a community, the leading international office suite that will
run on all major platforms and provide access to all functionality and data
through open-component based APIs and an XML-based file format “
All in all there is a core of 350-400 people involved on a daily basis, of whom 80%
are paid staff and 20% are volunteers.
The Open Source environment presented some particular issues and
challenges. Internal communication is very easy, but the relative difficulty of
external communication can tend to polarise the community. In
addition, there is a certain level of mistrust of Sun Microsystems because of a
past history of clashes over Apache and Java
Finally, Martijn summarized some application differences between OpenOffice and StarOffice.
StarOffice 6.0 has some proprietary functions, where OpenOffice uses Open Source
capability, for Spellcheck, Complex Language Support, and Printing. Also,
StarOffice has a traditional user community, a formal support contract, and
other different products (Webtop, etc).
OpenOffice.org:
http://www.openoffice.org
StarOffice 6.0:
http://www.sun.com/star
Top
|
|
|
|
Martin Kirk
Director, Enterprise Management, The Open Group
|
Introduction
Martin Kirk began his presentation by reiterating the definition of
OpenPegasus that Andrew Josey had used earlier in the day: 'It provides a
standards, open implementation of a standards manageability infrastructure
(WBEM). More specifically, it allows things that want to be managed to
communicate with things that want to manage them. It uses the Common
Information Model (CIM) and the other Web-Based Enterprise Management (WBEM)
standards from the Distributed Management Task Force (DMTF).
He went on to explain that WBEM provides an information model (CIM) and
interoperability specifications that allow communication of management
information between managed and managing components. The set of standards
provides much of what is needed to create a common manageability infrastructure.
The principle goal of the OpenPegasus project was to achieve a standard that
was used in practice rather than just in theory, by providing an easily portable
implementation.
More specific goals were that it should be
- Open Source - it uses the MIT License
- Portable - it is written in C++ with portable libraries
- Efficient and lightweight - it uses a C++ code base, rather than Java
- Production quality
- Modular and extensible - aside from the core, the components are
replaceable
- An ongoing, continuous development
- Standards based - DMTF WBEM
- Use Common Providers - making the management information portable to other
systems
OpenPegasus now runs on multiple platforms: AIX. HP/UX, Linux, ZOS, WIndows,
Himalaya, Solaris and Tru64UNIX.
OpenPegasus started out as a project within the Open Group's Enterprise
Management Forum, with initial contributions from BMC, HP, IBM, and
Tivoli. It quickly outgrew the confines of the Forum, and became an entity
in its own right. Now it has separate funding, its own website, etc, which
still retaining a relationship with the Forum. Major contributors now are
HP and IBM.
The activity started as an informal group, but there was a need for order and
discipline; so Architecture Teleconferences were held to provide this, but of
itself it was not enough. The lesson is that a degree of formality
is necessary in order to make a success of Open Source developments. Now
the project has a Steering Committee composed of the major project funders.
The Open Group provided a neutral space in which to cooperate; it provides
technical leadership and project management, and the electronic infrastructure
for the work (such as Web, mail, CVS, Bugzilla, etc). Also it provides a
route to standardization, testing, and certification of API specifications for
portability.
The timetable for development has been
- Version 1.0 – April 2002 - Limited functionality
- Version 2.0 - July 2002 - Not released in simple form
- Version 2.1 – end of October 2002 - Source, Binaries
- Version 2.2 – end of January 2003 - Shipped as part of commercially
available platforms
Future planned developments include
- Increased core functionality
- Track and influence the WBEM standards
- Closer integration with Java-based “SNIA CIMOM” – Pegasus-J?
- Extend to include common providers
- Interoperability with other CIMOMs
- Pegasus Lite
www.openpegasus.org
www.opengroup.org/snia-cimom
Top
Introduction
Bruce Perens introduced his talk by reviewing the background to this subject.
- Customers wanted control of their software and weren't getting any
- The dominant industry direction bypassed the needs of many important customers
- The single vendor focus de-emphasized quality because there was no
competition
- The consortium model of development did not provide fairness for its partners
- The arrogance of vendors inspired customers to look elsewhere
- We should not discount the role of anger in this transition; it was the fuelled that produced Linux and Free Source
Another factor in the move to Open Source was the financial: the stock market bubble, and other market factors, reduced the budget for IT
without reducing the demand, so IT managers were forced to find ways of reducing
their costs.
After September 11th, a shortage of equipment in Wall Street forced PCs to be pressed into
unexpected roles; people were using Linux and BSD where they had used Unix
before, and companies were surprised at about how well OpenSource
products performed. So suddenly Linux had a significant buy-in from
investment bankers.
Changes in perception
He described some major changes in perception over the last 3-4
years.
- Linux used to be regarded as a hobby project, and the product as not being
of industrial quality because of the informal nature of the
development. On the contrary, it is now understood that Open Source's
high quality leads to a lower cost of ownership.
- It used to be said that you can't sustain innovation in Open Source- and
to some extent it still is but if you look at the fundamental
innovations of the internet, they were - and are being - carried out in Open
Source.
- It was said that Open Source doesn't support the customer - but it is now
understood that Open Source has an the advantage over the single-vendor
support model. - if you don't like the suport you're getting you can go to someone else.
- People said that no real business would pick this up - but IBM and Wall Street have proven that
wrong.
- It was said that you can't make money with Open Source. It
turn out that pure software vendors can't, but they form a vanishingly small
part of the economy.
- It was said that the community will do your work for you - but the Open
Source community demands its quid pro quo from you.
- It was said that you could make money with support. This may be true
some day, but the support model is underperforming - early adopters joined
Open Source because they wanted control - to do their own support; it is
only when late adopters jump on the bandwagon that they will be willing to
pay.
- There was a big discussion about security issues: new Open Source software
is less secure than proprietary because everyone can see the code, and
therefore can spot the flaws. On the other hand, iIf you have binary-only software,
the only people who are going to look
at the code for security bugs are your enemies; with Open Source, friends can
look as well. He gave the example of the Borland Database InterBase, where
six months after it was made Open Source a major security flaw was
discovered and reported to the manufacturer.
The Future
Looking ahead, Bruce asked whether Open Source will provide sustainable
innovation in the future, and he expressed the view that a publicly funded
research policy is the key. Invention is serendipidous by its nature, but
only the largest corporations can support non revenue directed research.
The University model is more fruitful in general, because researchers are not
directly focused on revenue generation.
Turning to the role of patents, he suggested that the role of patents in
publicly funded research often means that customers pays for publicly funded
research twice: once to support the initial research, and again after that
research is bought and patented by an industrial company. He argued that
the results of publicly funded research should be transferred to the public who
paid for them by the use of Open Source licensing.
It is questioned whether the Open Source process is sustainable, and Bruce
suggested that it is, for everyone but the pure Software Vendor. It is
users who benefit most from Open Source, and they need to play a greater role in
directly supporting development. Vendors will have
to make revenue on something other than software, because Open Source commoditizes
both software and hardware, and removes differentiation between vendors.
The addiction model doesn't work any more, because customers are not locked into
continuing support in the same way as they could be locked into proprietary
software or hardware.
Bruce drew a parallel between Open Source software and the growth of the
World Wide Web. Ted Nelson, and Xanadu, had struggled with the revenue
model for hypertext, trying to understand how money could be made, but the Web
came along anyway and succeeded.
So why should customers collaborate in developing Open Source software?
At the moment only ten cents of each dollar spent on purchasing proprietary
software goes on product development; substantial improvements on cost-benefit
are possible. Customers can mobilize substantial software development
resources, and should do more of this in their own interests. Collaboration
distributes the risk and the cost.
The enterprise customer can be the driver of Open Source development: it is
ultimately in their interest. Consider the size of Fortune 500 companies' IT
staff. Collaboration distributes the cost among many collaborating
businesses, and provides greater control for the customer.
However, software patents can lock out Open Source. Open Source is
vulnerable to a large-scale patent attack, and Open Standards must be available
royalty-free.
This is a matter of business priorities, not a religious argument. The Customer's IT
department must choose the best and most economical solution for any job.
http://perens.com/
Questions
Bob Blakley, IBM Tivoli: It was a nice attempt to paint the software industry
as not paying dividends, but we do. When you talk about promoting choice,
you're talking about a world in which there are no viable vendors to deliver
products. And it's not true that customers end up paying twice for
products developed using publicly funded research.
A: IBM themselves are schizophrenic on this subject, of course. I spent
many years in the computer graphics business, and all the projects ultimately
failed, except the last; by contrast, many Open Source projects are
thriving. Who would have though that Linux would succeed as it has?
Larry Rosen: It is true that if it costs money to develop an invention in a
University, it also costs money to develop a product. But if public money
is used to develop a patent, that patent should be publicly available.
Bill Estrom: How can we do a better job of articulating a business case that
will allow effort to be focused so that customers can work with vendors to
achieve their joint benefits?
A: You know what needs to be done; the difficulty is in articulating
that.
Top
Mike Lambert concluded by reviewing the objectives for the day:
-
To define Open Source - that had been made very clear.
-
To understand how the Open Source model works: we should not
confuse Open Source with democracy. We've seen the role of the benevolent
sponsor, in OpenOffice.
-
How can businesses use Open Source with confidence? We've
seen that businesses can't use proprietary products with confidence, and that
Open Source technology can be better supported.
-
How does the breadth of Open Source development compare to the
breadth of customer needs? We've seen in the number of people using Apache
and Open Office, that the movement goes far beyond Linux.
So by and large he concluded that the day had achieved its
objectives, and thanked all the speakers for their part in its success.
The Open Source movement is contributing many building blocks;
so what is the role of The Open Group? The buildling blocks need to work
together; there is a need for architecture and design, and in those areas the
Open Group.
Open Source can go a long way in achieving the objectives that
The Open Group has set itself.
Top
