Skip to main content
SpringerLink
Log in

Managing license compliance in free and open source software development

  • Published:
Information Systems Frontiers Aims and scope Submit manuscript

Abstract

License compliance in Free and Open Source Software development is a significant issue today and organizations using free and open source software are predominately focusing on this issue. The non-compliance to licenses in free and open source software development leads to the loss of reputation and the high costs of litigation for organizations. Towards an automated compliance management, we use the Open Digital Rights Language to implement the clauses of open source software licenses in a machine interpretable way and propose a novel algorithm that analyzes compatibility between free and open source software licenses. Also, we describe a framework that inductively manages compliance of license clauses in a free and open source software development. We simulate and evaluate the formalized license compliance management by analyzing a real-time open source software project GRASS.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

Notes

  1. United States Pub. L. No. 107-204, 116 Stat. 745.

  2. www.isaca.org/cobit.htm

  3. www.gnu.org/licenses/gpl.html

  4. http://grass.osgeo.org/

  5. The article 105 states that works of art realized by US public institutions—such as the Army—are not eligible to copyright protection and therefore fall in the Public Domain.

  6. The public domain license is used by 0.6% of all FOSS projects listed on ohloh, a popular directory of FOSS projects.

  7. http://www.opendwg.org/

  8. http://www.osgeo.org

  9. http://www.gnu.org/copyleft/gpl.html

  10. http://www.affero.org/oagpl.html

  11. http://www.fsf.org/licensing/licenses/agpl-3.0.html

  12. http://harmony.apache.org/bulk_contribution_checklist.txt

  13. http://www.eclipse.org/org/

  14. http://www.eclipse.org/legal/epl-v10.html

  15. http://www.eclipse.org/legal/committer_process/EclipseIndividualCommitterAgreementFinal.pdf

  16. http://www.eclipse.org/legal/EclipseMemberCommitterAgreementFinal.pdf

  17. http://www.blackducksoftware.com

  18. http://www.palamida.com

  19. http://fossology.org/

  20. http://www.qualipso.org

  21. http://www.openbrr.org/forums/viewtopic.php?t=104

  22. http://www.gnu.org/philosophy/bsd.html

References

  • Bezroukov, N. (1998). The idea of dynamic licensing. http://www.softpanorama.org/Copyright/License_classification/dynamic_licensing.shtml.

  • Campbell, J. (2007). Open source software—clarifying the IP trail. http://www.talentfirstnetwork.com.

  • De Paoli, S., & D’Andrea, V. (2008). How artefacts rule web-based communities: Practices of free software development. International Journal of Web Based Communities, 4(2), 199–219.

    Article  Google Scholar 

  • Fan, B., Aitken, A., & Koenig, J. (2004). Open source intellectual property and licensing compliance: A survey and analysis of industry best practices. http://olliancegroup.com/opensource/compliance_best_practices.php.

  • Free Software Foundation (1991). GNU general public license. http://www.gnu.org/licenses/old-licenses/gpl-2.0.html.

  • Free Software Foundation (2009). Various licenses and comments about them. http://www.gnu.org/philosophy/license-list.html.

  • Gangadharan, G. R., D’Andrea, V., Iannella, R., & Weiss, M. (2007a). ODRL service licensing profile (ODRL-S). In Proceedings of the 5th international workshop for technical, economic, and legal aspects of business models for virtual goods.

  • Gangadharan, G. R., Weiss, M., D’Andrea, V., & Iannella, R. (2007b). Service license composition and compatibility analysis. In Proceedings of the international conference on service oriented computing (ICSOC’07), Vienna.

  • Gangadharan, G. R., Weiss, M., & D’Andrea, V. (2008). Patterns for licensing web services. In Proceedings of the European conference on pattern languages of programs (EuroPLOP).

  • Ghose, A., & Koliadis, G. (2007). Auditing business process compliance. In Proceedings of the international conference on service oriented computing (ICSOC).

  • Giblin, C., Muller, S., & Pfitzmann, B. (2006). From regulatory policies to event monitoring rules: Towards model driven compliance automation. Technical report RZ-3662, IBM Research Laboratories.

  • Gobeille, R. (2008). The FOSSology project. In Proceedings of the (MSR).

  • Governatori, G., Milosevic, Z., & Sadiq, S. (2006). Compliance checking between business processes and business Contracts. In Proceedings of the 10th IEEE international enterprise distributed object computing conference (EDOC).

  • Hassin, K. (2007). Open source on trial. Open Source Business Resource. http://www.osbr.ca/ojs/index.php/osbr/article/view/391/352.

  • Iannella, R. (Ed.) (2002). Open digital rights language (ODRL) version 1.1. http://odrl.net/1.1/ODRL-11.pdf.

  • Iannella, R. (Ed.) (2005). ODRL creative commons profile. http://odrl.net/Profiles/CC/SPEC.html.

  • Kaminski, H., & Perry, M. (2007). Open source software licensing patterns. In Proceedings of the sixth latin american conference on pattern languages of programming (SugarLoafPLoP).

  • Lessig, L. (2004). The creative commons. Montana Law Review, 65, 1–13.

    Google Scholar 

  • Liu, Y., Muller, S., & Xu, K. (2007). A static compliance checking framework for business process models. IBM Systems Journal, 46, 335–361.

    Article  Google Scholar 

  • Nordquist, P., Petersen, A., & Todorova, A. (2003). License tracing in free open and proprietary software. In Proceedings of the northwestern conference by the consortium for computing sciences in colleges.

  • Open Source Initiative (2006). Open source licenses. http://www.opensource.org/licenses/alphabetical.

  • Press, W., Teukolsky, S., Vetterling, W., & Flannery, B. (2007). Numerical recipes. The art of scientific computing. Cambridge: Cambridge University Press.

    Google Scholar 

  • Ruffin, M., & Ebert, C. (2004). Using open source software in product development: A primer. IEEE Software, 21, 82–86.

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Novay, Enschede, The Netherlands

    G. R. Gangadharan

  2. University of Trento, Trento, Italy

    Vincenzo D’Andrea

  3. National University of Ireland Maynooth, Maynooth Co. Kildare, Ireland

    Stefano De Paoli

  4. Carleton University, Ottawa, Canada

    Michael Weiss

Authors
  1. G. R. Gangadharan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vincenzo D’Andrea
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Stefano De Paoli
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Michael Weiss
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to G. R. Gangadharan.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Gangadharan, G.R., D’Andrea, V., De Paoli, S. et al. Managing license compliance in free and open source software development. Inf Syst Front 14, 143–154 (2012). https://doi.org/10.1007/s10796-009-9180-1

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10796-009-9180-1

Keywords

Search

Navigation