The Business of Open Source
“I’ve experienced quite a bit about how open source works. It’s been a wonderful learning experience for me and definitely turned me from someone who thought open source code and developers were somehow not as good as closed source equivalents into a person who knows that the opposite is most definitely the case!”(Mark Little, Red Hat, blog)
Indisputable fact of today’s worlds is an existence of many IT companies that based their success on the Open Source. Talend, Alfresco, Cloudera, Mozilla and last but not least: Red Hat/JBoss (How JBoss did it!) are great examples of that.
Many more, Google, Facebook, Microsoft and Yahoo and many more, provides commercial services, and are not entirely based on open source projects, but helps their communities, seeing obviously support business model in there. Growing popularity of cloud computing has been giving birth of new open source cloud platforms, high performance distributed computing, decentralized and scalable databases. Many of these solutions does not have comparable closed ones and all of them in some way constitute of the revenue for the enterprises.
Even though, many businesses are constantly striving for using closed source software provided by “big vendor’s”, with very expensive and professional marketing machine. Good, that there is slow, but visible movement towards open products build within communities. Benefits of that movement are getting more and more visible, followed by many successful stories. That is caused by many advantages of the Open Source.:
- No vendor lock-in
There is no need to depend on any software vendor. Open source projects are free, and publicly available for everyone without requirement to sign purchase agreement. Take it and use it is the only rule. That gives high flexibility for any organization. If product does not suit your requirements you can simply change it without breaking contract and loosing money.
In more advanced cases you may want to have professional support for the open source product from external company that knows well this particular solution. Most of the times you can choose from at least few companies. Sometimes vendors provide a commercial version of open source projects. Using them make sense if you need very stable product, 24h support, SLA or customized functionality. Even if it looks like traditional vendor lock-in it is common practice that you require from them continuous compatibility with open source version, e.g. every feature requested by you that is added to commercial version is contributed back to the community. Then, you can always resign from their services and choose open source stack.
- Continuity
If you purchase closed product you take the risk that vendor will not bankrupt or shutdown project while you use it. You may easily end up with “black box” product, not developed anymore with potential bugs and security issues that you cannot fix. Replacing solution with competitive one is not usually easy way either even if both are standard compliant. With Open Source you never come across that. In the blackest scenario you have source that you can modify, add new features, fix bugs or train developers to expand it further.
- Companies competition
In most cases every mature open source products have several companies that provides professional services or commercial version of it. This provides to much healthier market than in single, monopoly vendor situation. Companies supporting clients has to compete with price, better adherence to the standards and services quality – often employees of these companies are commiters to open source projects and knows them very well.
- Zero entry cost
It is always good practice to try out several solution, to choose most suitable one before deploying it within your organization. You can test several open source projects without any cost and choose one that best matches you requirements.
- Reduced overall costs
From the business perspective what matters the most is TCO (Total Cost of Ownership) that determines direct and indirect costs of purchased software. There is plenty of arguments in Open Source favour:
- Zero purchase fee.
- No license fees, e.g. for every product user (does not increase cost when you organization grows)
- No organizational administrative costs to purchase software, updates etc.
- Competition in the markets keeps lower support costs and quality services
- Eliminated risk of closing project by the vendor or vendor bankruptcy
- Security and quality
Open source projects code is publicly available and may be seen by anyone. This causes that many developers from all over the world, browse actual source code, find bugs or security breaches and contribute patches. All they have different background, specialties, education so they focus on different aspects of the product. That makes overall open source software very reliable, consisting best practices of software engineering.
Open source software engineers produces much better code than in closed projects as code visible to their colleagues, random programmers or potential future employers.
- Engineers are happy
- Easier to add new features
- Benefit from each other
- Have influence on a standard
Very often reference implementation of the standard specification is implemented as open source project. It allows all involved in the standard parties to work on the development to fulfill all theirs priorities. Even more often happens that implementation is done beforehand standardization. If your organization is one of its creators, you can influence the way that standard goes.
This article is a mix of our thoughts and discussions over last ApacheCon NA 2011 in Vancouver, BC that SMART project was able to attend. Thanks very much for TAC team for the support.
User eXperience & Trusted Claims for UMA – New presentations!
Our colleague Domenico Catalano has just finished his stay at Newcastle University. During his stay Domenico has given two presentations – one on Exploring Visualization Techniques to Enhance Privacy Control UX for User-Managed Access and the other on Extending the UMA Protocol to support Trusted Claims.
OAuth 2.0 Implementation in Python
The SMART team has just released a new OAuth 2.0 implementation in Python. You can find the source code here and the documentation for the library is available here. The library in Python has been developed entirely by Jacek Szpot (with a little help from the SMART team). Jacek joined SMART around 4 weeks ago and we are very excited about this first release.
The OAuth 2.0 Python library has been released under the Apache 2.0 license and we plan to continue further development. As always, we very much appreciate feedback and we’re open to suggestions on how to make the library better!
SMART Mobile – Coming Soon!
Very soon, we are planning to release a mobile version of the SMART Authorization Manager, called SMART Mobile. This application has been designed to work with Android devices (> 1.5) but it will work on iPhone and other smartphones too. Each app user needs to register at www.smartam.net and generate the API KEY using the provided API. This API KEY has to be then copied to the settings form of SMART Mobile. This applications allows the user to view a log of access history and access requests on his or her smartphone. This way as an owner of protected resources, you can always track and have more control of your data on the Web.
To obtain an API KEY you need to log into your account at www.smartam.net. Go to an account page, and generate your API KEY.
Domenico & Jacek join SMART
We are extremely happy to announce that the SMART Team has 2 new members – Domenico Catalano (Oracle Corp., Italy) and Jacek Szpot (Wroclaw University of Technology, Poland). Domenico’s theoretical knowledge and real-world experience in the areas of security, usability and software development will help with addressing issues and concerns raised in the initial UX study of SMARTAM. Jacek, on the other hand, is gaining experience in the areas of software development and Web security and will help with progressing with development of the UMA/j framework. Stay tuned for more exciting news!
SMARTAM with History log and Access Requests log
We have just launched a new release of SMARTAM at www.smartam.net. Apart from fixing a few bugs, this release comes with two brand new features:
- History log
- Access requests log
History log is a list enabling you to see who accessed your resources and when. This way you are given even more control over protection of your resources and you are always able to follow what happens to your data. The other feature - Access requests – is a list of notifications from your friends who have heard about your data (e.g. newly uploaded photos) and have sent you a request to be able to access this data. You can then easily grant access to the requested data (according to your preferences!) instantly as this feature is located in the sidebar on almost all the pages of SMARTAM. This way you will be always sure that you didn’t missed anybody while setting security and privacy settings for your resources! Read more to see example screenshots!
SMARTAM v2.0 – Public Beta
SMARTAM v2.0 (http://www.smartam.net) is a user-managed authorisation manager for aggregating, sharing and protecting your online data. It allows you to register any kinds of Web resources (e.g. documents, photos, videos, etc) and share them with people from the contact list. As a user of the authorisation manager you can store various resources at different Web applications, in this version: Facebook, Picasa, and Gallerify.me!. Then, you can share these pictures by defining who can access them. All in one place, using a simple and friendly UI!
Internet Identity Workshop 12
At the beginning of May 2011, the SMART team attended the Internet Identity Workshop in Mountain View, CA. This was a great opportunity to present our work and to discuss it with other people from the community. The team scheduled to give three presentations and a demo of the newly released SMARTAM application. During our presentations, we talked about User-Managed Access (UMA) and SMARTAM (an UMA-based Authorisation Manager).
Identity Deployment of the Year (IDDY) 2011 Award
We’re pleased to announce that the SMART project has won the prestigious Identity Deployment of the Year (IDDY) 2011 award, in the Emerging Applications/Proof of Concept Category. The IDDY is awarded yearly by the Kantara Initiative, for deployment and development of identity management software. Previous winners include Google, US DoD, Vodafone, NTT and Oracle. This year’s winners were US National Institute for Health and Newcastle University. The Newcastle award was presented to Maciej Machulak during the Identity Collaboration Day in San Francisco.
smartam. v2.0
The totally new smartam. is soon to be released as one of our User-Managed-Access Web applications. It will be based on the newly designed and developed UMA/j framework. It will allow its users to share their online resources from various cloud-based Web applications and fully-control the level of sharing policies. Sign up for notifications about the release at http://www.smartam.net.
