Centre For Development Of Advanced Computing Chennai 1 OPEN SOURCE COMPLIANCE PROGRAM.

Slides:



Advertisements
Similar presentations
NETWORKS By : Nicolas Pottier. Electronic security Establishing techniques that allow users to prove and protect their Identity from unauthorised personnel.
Advertisements

Enabling Technology Innovation using Open Source Software
Software change management
Configuration management
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
Configuration Management Managing Change. Points to Ponder Which is more important?  stability  progress Why is change potentially dangerous?
Abirami Poonkundran 2/22/10.  Goal  Introduction  Testing Methods  Testing Scope  My Focus  Current Progress  Explanation of Tools  Things to.
Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 10 04/18/2011 Security and Privacy in Cloud Computing.
Penetration testing – W3AF Tool
Presented by C.SARITHA ( 07R91A0568) INTRUSION DETECTION SYSYTEM.
Black Duck Offer for Open Health Tools Members Black Duck Software.
1 V2.4 [spec v1.0]Copyright Linux Foundation 2011 (CC-BY-3.0) SPDX™ a Year Later - What's New in Data Exchange LinuxCon North America, August 18, 2011.
Document Management Systems For Government Agencies Infocrew Solutions Pvt Ltd.
This is a work of the U.S. Government and is not subject to copyright protection in the United States. The OWASP Foundation OWASP AppSec DC October 2005.
1 Copyright 2008 NexJ Systems Inc. Confidential and Proprietary - Not for Distribution. Open Source Strategy NexJ Systems Inc.
Prepared by:Nahed AlSalah Data Security 2 Unit 19.
Antivirus Technology in State Government Kym Patterson State Chief Cyber Security Officer Department of Information Systems.
Update on The Open Compliance Program Phil Koltun, Ph.D. Director, Open Compliance Program
Term 2, 2011 Week 3. CONTENTS The physical design of a network Network diagrams People who develop and support networks Developing a network Supporting.
M Gallas CERN EP-SFT LCG-SPI: SW-Testing1 LCG-SPI: SW-Testing LCG Applications Area GridPP 7 th Collaboration Meeting LCG/SPI LCG.
Yuki Manabe*, Daniel M. German†,‡ and Katsuro Inoue†
Slide 1/8Jack IDE Tutorial, Index This program is part of the software suite that accompanies the book The Elements of Computing.
Logistics and Systems Rabby Q. Lavilles. Supply chain is a system of organizations, people, technology, activities, information and resources involved.
Accelerating Development Using Open Source Software Black Duck Software Company Presentation.
Open Source Software Bangladesh University of Business and Technology Nizar Saadi Dahir M.Sc. Computer Engineering Computer Center- Kufa University
Understanding open source licensing to deliver “clean” software Kamal Hassin FOSSLC Summercamp 2009 May 14, 2009.
Proof Carrying Code Zhiwei Lin. Outline Proof-Carrying Code The Design and Implementation of a Certifying Compiler A Proof – Carrying Code Architecture.
Bill Atkins, Exec. Vice President Health Management Consultants, LLC. Columbia, Maryland Electronic Medical Records Some.
Component Technology. Challenges Facing the Software Industry Today’s applications are large & complex – time consuming to develop, difficult and costly.
Cloud Computing Presented by Alicia Wallis and Kerri Warf.
Axel Naumann. Outline  Static Code Analysis  Coverity  Reporting Tools, Report Quality  "Demo": Examples Axel Naumann Application Area Meeting2.
The HTTP is a standard that all Web browsers and Web servers must speak in order for the Web portion of the Internet to work.
African Centre for Statistics United Nations Economic Commission for Africa Handbook on Supply and Use Table: Compilation, Application, and Good Practices.
Retina Network Security Scanner
Firmware - 1 CMS Upgrade Workshop October SLHC CMS Firmware SLHC CMS Firmware Organization, Validation, and Commissioning M. Schulte, University.
 Computer is an electronic tool that can accept, process, and accumulate data which can produce a result or output.  Computer System is a combination.
Chapter 16 Quality Assurance Through Software Engineering Systems Analysis and Design Kendall & Kendall Sixth Edition.
Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.
Good Practices to Reduce Forced and/or Child Labor in Supply Chains Part 2.
Building an E-commerce Web Site
NESSUS. Nessus Vulnerability Scanner Features: Ease of use Deep Vulnerability Analysis Discover network based and local vulnerabilities Perform configuration.
©2009 HP Confidential template rev © Copyright 2010 Hewlett-Packard Development Company, L.P. John Frey Americas Sustainability Executive March.
Open Health Tools Board Presentation June 30, 2010 Peter Vescuso EVP of Marketing and Business Development Black Duck Software, Inc.
Advanced Higher Computing Science The Project. Introduction Worth 60% of the total marks for the course Must include: An appropriate interface using input.
03/01/12Centre For Development Of Advanced Computing Chennai 1 OPEN SOURCE COMPLIANCE PROGRAM.
Centre for Development of Advanced Computing Chennai 103/1/12 Open Source Compliance Program Vidhyalakshmi A CDAC chennai
Advanced Higher Computing Science
Enterprise Vulnerability Management
HUB International: Software & Common Applications
Firewall Technology Planning and Implementation
ONAP security meeting
SW360 Component Management
Testing Tools & Standards
Lei Chen Research institute of general technology
System Design, Implementation and Review
Quick Response Manufacture (QRM)
Documentation.
SonarQube and Sonatype Nexus IQ Server
OpenChain Third Meeting 10/7/14.
Bill Banks | Security Engineer
How To Find Best Quality Assurance Testing for Software.
PREPARED BY: RUMMY MIRANDA
IS3440 Linux Security Unit 9 Linux System Logging and Monitoring
فصل نهم از کتاب طراحی آموزشی تألیف :آر.ام گانیه
Discover and Understand Usage of Mainframe Software Assets
The reference interview
CS5103 Software Engineering
Major Inputs to MRP Process: 1. Bill of Material
Computer Services Business challenge
Colorado “Protections For Consumer Data Privacy” Law
Presentation transcript:

Centre For Development Of Advanced Computing Chennai 1 OPEN SOURCE COMPLIANCE PROGRAM

Centre For Development Of Advanced Computing Chennai 2 Course Outline ● Automation/Tools – Dependency Checker – Code Janitor – BOM – Binary Analysis Tool – Fossology ● Vendors of Commercial Compliance Tools ● Comparison Chart

Centre For Development Of Advanced Computing Chennai 3 Compliance Tools ● Developed by The Linux Foundation and are under the MIT license. ● Dependency Checker Tool – Identifies source code combinations at the dynamic and static link levels – Provides a license policy framework to define combinations of licenses and linkage methods that are to be flagged

Centre For Development Of Advanced Computing Chennai 4 Compliance Tools ● Code Janitor Tool – Provides linguistic review capabilities to make sure developers did not leave comments in the source code – Ensure source code comments are sanitized and ready for public consumption. ● Bill of Material Difference Tool (BoM Diff) – Report differences between BoMs and therefore enabling companies to identify changed source code components

Centre For Development Of Advanced Computing Chennai 5 Other Open Source Compliance Tools 1) Binary Analysis Tool The Binary Analysis Tool is a modular framework that assists with auditing the contents of compiled software. – Helps developers and companies to check binary files – Supply chain management in consumer electronics – Scanner to detect open source in binaries 2) FOSSology is a source code scanning tool which provides a framework for software analysis

Centre For Development Of Advanced Computing Chennai 6 Other Open Source Compliance Tools 3) OSS Discovery is open source scanning tool that finds open source software in workstations and servers. 4) Antepedia allows open source detection, license identification, component description

Centre For Development Of Advanced Computing Chennai 7 Vendors of Commercial Compliance Tools ● Antelink ● Black Duck Software ● OpenLogic ● Palamida ● Protecode

Centre For Development Of Advanced Computing Chennai 8 Comparison chart

Centre For Development Of Advanced Computing Chennai 9 References ● ●

Centre For Development Of Advanced Computing Chennai 10 THANK YOU