Virtualization Technology News and Information
The Linux Foundation Releases Free Open Compliance Handbook to Improve Knowledge of Compliance Best Practices

The Linux Foundation, the nonprofit advancing professional open source management for mass collaboration, today released a free ebook, Open Source Compliance in the Enterprise, with the goal of improving understanding of issues related to the licensing, development and reuse of open source software.

The intent of Open Source Compliance in the Enterprise is to provide organizations with guidance on how best to participate appropriately in open source communities and to do so in a legal and responsible way. This publication is a resource on how to create a common understanding of the best ways to create shared value and innovation while adhering to the spirit and legal particulars of open source licensing.

The book is written by Ibrahim Haddad, Ph.D., vice president of R&D and the head of the open source group at Samsung Research America. Haddad is responsible for overseeing Samsung's open source strategy and execution, internal and external collaborative R&D projects. ​

Chapters take readers through the entire process of open source compliance, including an introduction to the topic, a description of how to establish an open source management program at their organization, and an overview of relevant roles. Examples of best practices and compliance checklists are provided to help those responsible for compliance activities create their own processes and policies.

"We frequently hear from organizations contributing to or simply using open source software about the desire to comply, but uncertainty about how best to do so," said Mike Dolan, VP of strategic programs at The Linux Foundation. "Although it is sometimes viewed as a challenge, with better education on the topic, compliance can be easier for all involved in open source. This ebook, along with other efforts such as our free Compliance Basics for Developers training course, is one way we are working to help close the knowledge gap and make compliance easier for everyone."

The Linux Foundation's Open Compliance Program achieved several milestones in 2016 with the launch of the OpenChain 1.0 specification, which helps supply chain members build trust with one another when using open source; a mechanism for tagging source files as well as now being able to link to security databases in the SPDX 2.1 specification release; the free Compliance Basics for Developers course launched earlier this year; and open source consulting services which can help tailor open source management programs.

Open Source Compliance in the Enterprise is available for download now at

Published Thursday, November 17, 2016 2:02 PM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<November 2016>