IT Governance, Risk, and Compliance » Intellectual Property Right

Open Source Hardware and Software Licensing – Part VIII

Robert Davis — Tue, 14 Dec 2010 21:49:59 +0000

Open source products have emerged as the dominant thyme for some IT development projects due to cost considerations. This rise in alternative IT development can be linked to tensions between creative practices that often involve base acquisitions requiring access to patented and/or copyrighted material and increasingly restrictive intellectual property laws governing access to patented and/or copyrighted material. Nonetheless, open source hardware and software licenses generally are legally enforceable contracts. Thus, utilizing open source hardware and/or software licensing to construct products considered necessary to improve business processes mandates due diligence to ensure legal noncompliance risks are accurately assessed and effectively redressed prior to adoption and deployment.

“View Part I of the Open Source Hardware and Software Licensing series here“

Open Source Hardware and Software Licensing – Part VII

Robert Davis — Fri, 10 Dec 2010 22:23:02 +0000

In many situations, open source licensing is an essential element enabling open source programs to qualify as open source software. However, there are numerous variations in the terms and conditions associated with an open software licensing agreement. To reduce misunderstandings that can lead to legal adjudication, current OSI license agreements are classified as: Academic, Reciprocal, Content, and Standards. Within this context, the key difference between the various types of open source licenses are what mechanism, if any, will be utilized to enforce open source software contractual terms and conditions. For instance, an OSI license can permit affirmative agreement to contractual terms and conditions by ‘clicking’ a designated web page text-box prior to accessing the open source software; therefore, providing prima facie evidence regarding acceptable software development practices of the licensee.

“View Part I of the Open Source Hardware and Software Licensing series here“

Open Source Hardware and Software Licensing – Part VI

Robert Davis — Tue, 07 Dec 2010 19:05:41 +0000

Primary open source software development conventions are ‘peer production’ by bartering and collaboration based on mutual interest in root materials (such as source-code and documentation) and desired outcome. Nevertheless, utilizing a generally accepted open source software development process presents business, technology, and legal risks to a system development life cycle achieving the entity’s objectives. In particular, there are elevated risks to: cost management, release management, copyright infringement, and project assurance associated with undertaking an open source software development project. Thus, management needs to understand and appropriately mitigate perceived risks considering the operating environment’s requirements.

“View Part I of the Open Source Hardware and Software Licensing series here“

Open Source Hardware and Software Licensing – Part V

Robert Davis — Fri, 03 Dec 2010 12:52:23 +0000

Simplistically, open source software “refers to any program whose source code is made available for use or modification as users or other developers see fit. Open source software is usually developed as a public collaboration and made freely available.” Depending on the product, as with open source hardware, open source software can be licensed.

Open source software developers utilize intellectual property licensing — through various types of open source licensing agreements — in order to sustain open source project integrity. In fact, for an IT program to be classified as open source software, the object must commonly address specific criteria established through the Open Source Initiative (OSI). Interpretively, to meet the OSI Open Source Definition requires permitting: the right to make source code copies, the right to freely distribute source code copies, unrestricted access to source code, and the freedom to modify the source code.

“View Part I of the Open Source Hardware and Software Licensing series here“

Digital Rights Management – Part IV

Robert Davis — Tue, 09 Jun 2009 21:33:40 +0000

IPR protection requirements shape complex and challenging management issues. Audio and visual material protection is especially problematic due to the existence of the various known vulnerabilities, and there are even suggestions that effective DRM is logically impossible. Common techniques for audio and video file infringement include unlawful interception, decryption, reverse engineering, authentication manipulation, and analog format capture. Therefore, additional information asset protection mechanisms are required to ensure adequate safeguarding controls, such as instituting continuous security improvement plans for IPR information.

“View Part I of the Digital Rights Management series here“

Digital Rights Management – Part III

Robert Davis — Fri, 05 Jun 2009 20:40:49 +0000

DRM software is generally considered an access control technology deployed to limit unauthorized usage. However, arguably, a technology cannot in principle, know what legal restrictions and rights apply in a specific jurisdiction, allowable usage context, contractual conditions, or the individual author, owner, or publisher without human intervention. Therefore, as with other information assets protection related software, vulnerabilities may exist that can be exploited by unscrupulous or curious individuals.

Even if adequate IPR security protection is deployed, based on the laws of judgmental probability, widely-used DRM systems eventually yield to hackers and crackers intent on defeating or circumventing deployed access controls. Supporting this projected outcome is Internet advertised software allowing DRM circumvention. Nevertheless, those with an interest in preserving DRM systems have attempted to initiate proceeding restricting the distribution and development of information piracy enabled software.

“View Part I of the Digital Rights Management series here“

Digital Rights Management – Part II

Robert Davis — Tue, 02 Jun 2009 15:44:23 +0000

Intellectual property protection has ushered in an era of technological solutions that attempt to prevent asserted rights infringement. Digital Rights Management (DRM) can be considered a response to legal requirements which criminalize the production and dissemination of technology that allows individuals to circumvent technical copy-restriction methods. Specifically, as a preventive control, DRM software usually manages the downloading of sound files, movies, and other copyrighted materials through diverse security features. Globally, DRM systems have received international legal reinforcement through the World Intellectual Property Organization (WIPO) Copyright Treaty (WCT) and the World Trade Organization (WTO) Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS) national implementations.

“View Part I of the Digital Rights Management series here“

Digital Rights Management – Part I

Robert Davis — Fri, 29 May 2009 19:40:34 +0000

Intellectual property right (IPR) issues affect Information Security Governance as well as Internet Governance deployments through a direct impact on ‘ Trust Management ‘. Since knowledge and ideas are an important part of cultural heritage, social interaction and business transactions, they retain a special value for many societies. Logically, if the associated electronically formatted information is valued, preventive and detective measures are necessary to ensure minimum organizational impact from an IPR security breach.