However, IT leaders are increasingly concerned with liability and security surrounding the use of open source. IT organizations must develop policies and procedures to aid in assessing the risk associated with all code utilized in the organization.

Meta trend: Application server consolidation will continue through 2003, as breadth of functionality expands to include portals (2002), EAI (2002), content management (2002/03), analytic structures (2003), mobile technology (2003), data distribution (2004), and application-specific development frameworks (2004/05).

Several risks are associated with using application software developed by others, such as copyrights and patents, liability, security, and quality. Commercial software brings a certain sense of safety by assigning specific rights, defining legal limits, and providing a named commercial entity that theoretically stands behind the code. When it comes to open source, the picture becomes murky. IT organizations (ITOs) must define rules of use based on where software is obtained and utilize software tools to evaluate third-party software.

[an error occurred while processing this directive]

By 2003, the use of open-source software will become a standard part of all organizations utilizing Java, with a high number already using the Apache Web server (60 percent of active sites) and a significant group using open-source Java servers (14 percent). Most organizations will initially make transparent use of software derived from open-source foundations in binary form. But, as the number of standard technologies in Java continues to grow, a greater number will become part of an organization's source code base. Microsoft users will have a slower uptake to open source, though many forms of example code are available.

As the core layer of J2EE (Java 2 Enterprise Edition) becomes increasingly marginalized (for example, availability of free servers or developer editions from traditional vendors), the line between open source (generally backed by companies that make money from training and support) and "commercial" Java vendors will blur (2003/04). The emergence of software libraries utilizing open-source licenses, combined with the continued bundling of open source into commercial products (2002-04) and the emergence of Web services (2004-06), will present challenges for IT groups managing the software used to create published services. By 2006/07, the cycle of movement between open source and standards will be common, and 80 percent of organizations developing with Java will make some use of open-source products.

Several forms of third-party software are available for developers to use. The Internet has greatly increased the availability of this software and, though it provides many options, each form must be considered individually to assess the risks and value associated with the code. Because the use of open source will become nearly unavoidable (especially in the Java market, where several vendors already build from open-source foundations), it is important to develop a set of policies around code acceptance and use.

Policies should include defining where the code is from (magazine examples, vendor Web sites, open-source organizations, and vendor-published open source, for example); each source will have specific published copyrights and license agreements. The legal department should review all licenses before the software is utilized. In addition, picking up code from less-controlled locations invites a greater chance of risk. However, most example code is made up of few lines of code, enabling easier analysis. Organizations must understand what rights have been assigned. When software is acquired, legal review of contracts and licenses is part of the normal process. This is an expense that must also be incurred with open source. However, accepting specific types of sources (for example, all software distributed under the Apache license) can limit the recurring cost for each new package from a site.

1 2 3	| Next page

Newsletters
	Tech Update Today eBusiness Update	Tech Update Weekly		All newsletters FAQ Manage my newsletters

[an error occurred while processing this directive]

[an error occurred while processing this directive]