SlideShare a Scribd company logo

Open Source and Public Policy

All Things Open
All Things Open

All Things Open 2023 Presented at All Things Open 2023 Presented by Deb Bryant - Open Source Initiative, Patrick Masson - Apereo Foundation, Stephen Jacobs - Rochester Institute of Technology, Ruth Suehle - SAS, & Greg Wallace - FreeBSD Foundation Title: Open Source and Public Policy Abstract: New regulations in the software industry and adjacent areas such as AI, open science, open data, and open education are on the rise around the world. Cyber Security, societal impact of AI, data and privacy are paramount issues for legislators globally. At the same time, the COVID-19 pandemic drove collaborative development to unprecedented levels and took Open Source software, open research, open content and data from mainstream to main stage, creating tension between public benefit and citizen safety and security as legislators struggle to find a balance between open collaboration and protecting citizens. Historically, the open source software community and foundations supporting its work have not engaged in policy discussions. Moving forward, thoughtful development of these important public policies whilst not harming our complex ecosystems requires an understanding of how our ecosystem operates. Ensuring stakeholders without historic benefit of representation in those discussions becomes paramount to that end. Please join our open discussion with open policy stakeholders working constructively on current open policy topics. Our panelists will provide a view into how oss foundations and other open domain allies are now rising to this new challenge as well as seizing the opportunity to influence positive changes to the public’s benefit. Topics: Public Policy, Open Science, Open Education, current legislation in the US and EU, US interest in OSS sustainability, intro to the Open Policy Alliance Find more info about All Things Open: On the web: https://www.allthingsopen.org/ Twitter: https://twitter.com/AllThingsOpen LinkedIn: https://www.linkedin.com/company/all-things-open/ Instagram: https://www.instagram.com/allthingsopen/ Facebook: https://www.facebook.com/AllThingsOpen Mastodon: https://mastodon.social/@allthingsopen Threads: https://www.threads.net/@allthingsopen 2023 conference: https://2023.allthingsopen.org/

1 of 14
Download to read offline
Open Source & Public Policy Let’s open all the things.
Today’s public policy panelists Deb Bryant Open Source Initiative Board Member Emeritus OSI Policy Director - US Former State of Oregon Deputy CIO Greg Wallace Director of Partnerships and Research, FreeBSD Foundation Ruth Suehle Executive Vice-President, Apache Software Foundation & Director of Open Source, SAS Patrick Masson Apereo Foundation Executive Director Formerly… General Manager, OSI CTO, University of Massachusetts CIO, State University of New York Stephen Jacobs Director Open@RIT 2024
The Open Policy Alliance is a new initiative (2023) born out of request from non-profit community members to join together to better understand the changing landscape of public policy where it effects open source stakeholders and to provide a platform from which to constructively contribute to the public dialog. Its members are non-profit organizations with a stake in open domains and intersectional interests in open source software. The Alliance focuses on ● The need to educate public policy-makers on open source to inform their development and deliberation of new policy concepts. ● Assist in the development of good public policy, and to help avoid under-informed policy with unintended consequences due to a lack of understanding of how open collaboration works in practice.
Open@RIT Open@RIT https://openr.it Open Programs Office and Research Center for the Rochester Institute of Technology. Co-creator of Open Work Definition (https://openworkdefinition.com) with Karsten Wade and other contributors. Funded by Alfred P. Sloan Foundation to support Academic Open Work of All kinds. Ran Summit on Open Work in Academia Summit. Founding member Open 3D Engine foundation and International Game Developers Association Open Source SIG. Policy interests include internal policies to academia, science and research civic and federal government and do work in and across those silos. FOSS and Open Work policies have been growing in influence in these spaces. The most recent example of this is the effort to crowd source federal policy for science and research by the Foundation of American Scientists, the Center for Open Science and the Wilson Center. Help shape the next decade of open science
Apache Software Foundation
Cyber Resilience Act “In order not to hamper innovation or research, free and open-source software developed or supplied outside the course of a commercial activity should not be covered by this Regulation. This is in particular the case for software, including its source code and modified versions, that is openly shared and freely accessible, usable, modifiable and redistributable. In the context of software, a commercial activity might be characterized not only by charging a price for a product, but also by charging a price for technical support services, by providing a software platform through which the manufacturer monetises other services, or by the use of personal data for reasons other than exclusively for improving the security, compatibility or interoperability of the software.”
The Source for Open Source in Higher Education… Founded in 2012, with roots dating back to 1999 Fiscal sponsor of 20 open source edtech solutions including: Central Authentication Service (CAS) Bedework enterprise calendar system Opencast video capture, editing, & management Sakai learning management system uPortal enterprise portal framework Xerte content authoring & publishing 300+ participating academic institutions 2500+ contributors: developers, system administrators, faculty, instructional designers, deans, department heads, campus administrators, students, commercial affiliates…
Open Source Policy and Practice Impacting Academic Institutions Higher education technology is extremely distributed. Requirements in public grants for outputs to be “open.” Increased interest and investment in cross-discipline, multi-resourced, “open initiatives.” Open source adoption on campuses tends to be bottom-up. Regulating bodies don’t see universities as digital businesses that use and develop open source. All of the above means many “campus decision makers” are unaware of policy and impacts.
Open Source Policy and Practice: What Apereo is Doing… Contracting with dedicated policy analyst/advisor. Engaging membership: universities, consortia, projects, commercial affiliates, etc. Partnering with subject matter experts: Eclipse, OW2, OSPO.Alliance, OSPO++, etc. Reaching out to higher education organizations, e.g., AXIES, EDUCAUSE, ESUP Portail, German U15.
www.FreeBSDFoundation.org The FreeBSD Foundation is dedicated to supporting the FreeBSD Project, its development, and its community FreeBSD is a complete open source Unix-like operating system. The FreeBSD Project is a welcoming open source community with hundreds of committers and thousands of contributors around the world Descended from UC Berkeley, FreeBSD powers much of the technology we all use daily to stay connected, informed, and entertained
Policy areas ● Sonotype found OSS n 96% of ALL scanned codebases ● This means that virtually every company bidding for govt digital contracts relies on open source ● Can govt. agencies use procurement power to favor software companies that support the open source they use? www.FreeBSDFoundation.org Government procurement Security by design a few areas that every software company should investigate. First, … The Capability Hardware Enhanced RISC Instructions (CHERI) … gives memory unsafe languages like C and C++ protection against many widely exploited vulnerabilities. https://www.cisa.gov/news-events/news/urgent-need-memory-safety-software-products The Urgent Need for Memory Safety in Software Products
Rust & CHERI The One-Two punch for memory safety protection www.FreeBSDFoundation.org ● Millions of applications are written in C / C++ ● Leaving users at risk of memory safety vulnerabilities ● With minimal mods, port C/C++ apps to CHERI ● And users are protected against nearly 70% of memory safety vulnerabilities THE PROBLEM ● Rust for NEW systems apps ● BUT what about all the millions of existing apps written in C / C++? RUST FOR NEW APPS CHERI SECURES EXISTING APPS
Resources ★ Open Policy Alliance announcement and membership application ★ US Office of the National Cyber Director (ONCD) RFI on OSS sustainability ★ EU Cyber Resilience Act and references ★ OpenWork ★ Apero Foundation ★ FreeBSD Foundation ★ Apache Software Foundation
Thanks! Questions?

More Related Content

Similar to Open Source and Public Policy

Open Source Software: Perspectives for Development (World Bank & Paul Dravis)
Open Source Software: Perspectives for Development (World Bank & Paul Dravis)Open Source Software: Perspectives for Development (World Bank & Paul Dravis)
Open Source Software: Perspectives for Development (World Bank & Paul Dravis)
Paul Dravis
 
The Internet of Things & Open Data: New forms of business?
The Internet of Things & Open Data: New forms of business?The Internet of Things & Open Data: New forms of business?
The Internet of Things & Open Data: New forms of business?
Paris Open Source Summit
 
Strategies and Policies for the implementation of Free & and Open Source Soft...
Strategies and Policies for the implementation of Free & and Open Source Soft...Strategies and Policies for the implementation of Free & and Open Source Soft...
Strategies and Policies for the implementation of Free & and Open Source Soft...
Frederik Questier
 
Open Source Basics
Open Source BasicsOpen Source Basics
Open Source Basics
Ross Gardler
 
OpenUK A4 x 8pp Re-use Principles June 2016 FINAL
OpenUK A4 x 8pp Re-use Principles June 2016 FINALOpenUK A4 x 8pp Re-use Principles June 2016 FINAL
OpenUK A4 x 8pp Re-use Principles June 2016 FINAL
Source Code Control Limited
 
Whitepaper For Open Gp
Whitepaper For Open GpWhitepaper For Open Gp
Whitepaper For Open Gp
hansfrisvold
 
Straight talk fahad alsaidi-horizon-2011
Straight talk fahad alsaidi-horizon-2011Straight talk fahad alsaidi-horizon-2011
Straight talk fahad alsaidi-horizon-2011
Fahad Al-Saidi
 
What is Fintech Open Source Foundation_ - Bahaa Abdul Hussein.pdf
What is Fintech Open Source Foundation_ - Bahaa Abdul Hussein.pdfWhat is Fintech Open Source Foundation_ - Bahaa Abdul Hussein.pdf
What is Fintech Open Source Foundation_ - Bahaa Abdul Hussein.pdf
Bahaa Abdul Hussein
 
Open source for academics
Open source for academicsOpen source for academics
Open source for academics
Amol A. Sale
 
OASIS Open Stds and FOSS Nov 2019
OASIS Open Stds and FOSS Nov 2019OASIS Open Stds and FOSS Nov 2019
OASIS Open Stds and FOSS Nov 2019
James Bryce Clark
 
FOSS
FOSS FOSS
FOSS
Dr. Malliga P
 
Open Source Power Point 4.1
Open Source Power Point 4.1Open Source Power Point 4.1
Open Source Power Point 4.1
Henry Briggs
 
FINOS June 2018 Members Meeting - Welcome and Introduction - Gabriele Columbro
FINOS June 2018 Members Meeting - Welcome and Introduction - Gabriele ColumbroFINOS June 2018 Members Meeting - Welcome and Introduction - Gabriele Columbro
FINOS June 2018 Members Meeting - Welcome and Introduction - Gabriele Columbro
FINOS
 
Ijcet 06 08_001
Ijcet 06 08_001Ijcet 06 08_001
Ijcet 06 08_001
IAEME Publication
 
Ijcet 06 08_001
Ijcet 06 08_001Ijcet 06 08_001
Ijcet 06 08_001
IAEME Publication
 
Ijcet 06 08_001
Ijcet 06 08_001Ijcet 06 08_001
Ijcet 06 08_001
IAEME Publication
 
ICISS Newsletter March 14
ICISS Newsletter March 14ICISS Newsletter March 14
ICISS Newsletter March 14
Capt SB Tyagi, COAC'CC*,FISM,CSC,
 
Open Source and Open Innovation - Dr. Sabine Brunswicker - Red Hat Summit 2016
Open Source and Open Innovation - Dr. Sabine Brunswicker - Red Hat Summit 2016Open Source and Open Innovation - Dr. Sabine Brunswicker - Red Hat Summit 2016
Open Source and Open Innovation - Dr. Sabine Brunswicker - Red Hat Summit 2016
Purdue RCODI
 
Digital21 - Open Data and Open Source
Digital21 - Open Data and Open SourceDigital21 - Open Data and Open Source
Digital21 - Open Data and Open Source
Pockey Lam
 
Open source
Open sourceOpen source
Open source
arun nalam
 

Similar to Open Source and Public Policy (20)

Open Source Software: Perspectives for Development (World Bank & Paul Dravis)
Open Source Software: Perspectives for Development (World Bank & Paul Dravis)Open Source Software: Perspectives for Development (World Bank & Paul Dravis)
Open Source Software: Perspectives for Development (World Bank & Paul Dravis)
 
The Internet of Things & Open Data: New forms of business?
The Internet of Things & Open Data: New forms of business?The Internet of Things & Open Data: New forms of business?
The Internet of Things & Open Data: New forms of business?
 
Strategies and Policies for the implementation of Free & and Open Source Soft...
Strategies and Policies for the implementation of Free & and Open Source Soft...Strategies and Policies for the implementation of Free & and Open Source Soft...
Strategies and Policies for the implementation of Free & and Open Source Soft...
 
Open Source Basics
Open Source BasicsOpen Source Basics
Open Source Basics
 
OpenUK A4 x 8pp Re-use Principles June 2016 FINAL
OpenUK A4 x 8pp Re-use Principles June 2016 FINALOpenUK A4 x 8pp Re-use Principles June 2016 FINAL
OpenUK A4 x 8pp Re-use Principles June 2016 FINAL
 
Whitepaper For Open Gp
Whitepaper For Open GpWhitepaper For Open Gp
Whitepaper For Open Gp
 
Straight talk fahad alsaidi-horizon-2011
Straight talk fahad alsaidi-horizon-2011Straight talk fahad alsaidi-horizon-2011
Straight talk fahad alsaidi-horizon-2011
 
What is Fintech Open Source Foundation_ - Bahaa Abdul Hussein.pdf
What is Fintech Open Source Foundation_ - Bahaa Abdul Hussein.pdfWhat is Fintech Open Source Foundation_ - Bahaa Abdul Hussein.pdf
What is Fintech Open Source Foundation_ - Bahaa Abdul Hussein.pdf
 
Open source for academics
Open source for academicsOpen source for academics
Open source for academics
 
OASIS Open Stds and FOSS Nov 2019
OASIS Open Stds and FOSS Nov 2019OASIS Open Stds and FOSS Nov 2019
OASIS Open Stds and FOSS Nov 2019
 
FOSS
FOSS FOSS
FOSS
 
Open Source Power Point 4.1
Open Source Power Point 4.1Open Source Power Point 4.1
Open Source Power Point 4.1
 
FINOS June 2018 Members Meeting - Welcome and Introduction - Gabriele Columbro
FINOS June 2018 Members Meeting - Welcome and Introduction - Gabriele ColumbroFINOS June 2018 Members Meeting - Welcome and Introduction - Gabriele Columbro
FINOS June 2018 Members Meeting - Welcome and Introduction - Gabriele Columbro
 
Ijcet 06 08_001
Ijcet 06 08_001Ijcet 06 08_001
Ijcet 06 08_001
 
Ijcet 06 08_001
Ijcet 06 08_001Ijcet 06 08_001
Ijcet 06 08_001
 
Ijcet 06 08_001
Ijcet 06 08_001Ijcet 06 08_001
Ijcet 06 08_001
 
ICISS Newsletter March 14
ICISS Newsletter March 14ICISS Newsletter March 14
ICISS Newsletter March 14
 
Open Source and Open Innovation - Dr. Sabine Brunswicker - Red Hat Summit 2016
Open Source and Open Innovation - Dr. Sabine Brunswicker - Red Hat Summit 2016Open Source and Open Innovation - Dr. Sabine Brunswicker - Red Hat Summit 2016
Open Source and Open Innovation - Dr. Sabine Brunswicker - Red Hat Summit 2016
 
Digital21 - Open Data and Open Source
Digital21 - Open Data and Open SourceDigital21 - Open Data and Open Source
Digital21 - Open Data and Open Source
 
Open source
Open sourceOpen source
Open source
 

More from All Things Open

Building Reliability - The Realities of Observability
Building Reliability - The Realities of ObservabilityBuilding Reliability - The Realities of Observability
Building Reliability - The Realities of Observability
All Things Open
 
Modern Database Best Practices
Modern Database Best PracticesModern Database Best Practices
Modern Database Best Practices
All Things Open
 
Weaving Microservices into a Unified GraphQL Schema with graph-quilt - Ashpak...
Weaving Microservices into a Unified GraphQL Schema with graph-quilt - Ashpak...Weaving Microservices into a Unified GraphQL Schema with graph-quilt - Ashpak...
Weaving Microservices into a Unified GraphQL Schema with graph-quilt - Ashpak...
All Things Open
 
The State of Passwordless Auth on the Web - Phil Nash
The State of Passwordless Auth on the Web - Phil NashThe State of Passwordless Auth on the Web - Phil Nash
The State of Passwordless Auth on the Web - Phil Nash
All Things Open
 
Total ReDoS: The dangers of regex in JavaScript
Total ReDoS: The dangers of regex in JavaScriptTotal ReDoS: The dangers of regex in JavaScript
Total ReDoS: The dangers of regex in JavaScript
All Things Open
 
What Does Real World Mass Adoption of Decentralized Tech Look Like?
What Does Real World Mass Adoption of Decentralized Tech Look Like?What Does Real World Mass Adoption of Decentralized Tech Look Like?
What Does Real World Mass Adoption of Decentralized Tech Look Like?
All Things Open
 
How to Write & Deploy a Smart Contract
How to Write & Deploy a Smart ContractHow to Write & Deploy a Smart Contract
How to Write & Deploy a Smart Contract
All Things Open
 
Spinning Your Drones with Cadence Workflows, Apache Kafka and TensorFlow
Spinning Your Drones with Cadence Workflows, Apache Kafka and TensorFlow Spinning Your Drones with Cadence Workflows, Apache Kafka and TensorFlow
Spinning Your Drones with Cadence Workflows, Apache Kafka and TensorFlow
All Things Open
 
DEI Challenges and Success
DEI Challenges and SuccessDEI Challenges and Success
DEI Challenges and Success
All Things Open
 
Scaling Web Applications with Background
Scaling Web Applications with BackgroundScaling Web Applications with Background
Scaling Web Applications with Background
All Things Open
 
Supercharging tutorials with WebAssembly
Supercharging tutorials with WebAssemblySupercharging tutorials with WebAssembly
Supercharging tutorials with WebAssembly
All Things Open
 
Using SQL to Find Needles in Haystacks
Using SQL to Find Needles in HaystacksUsing SQL to Find Needles in Haystacks
Using SQL to Find Needles in Haystacks
All Things Open
 
Configuration Security as a Game of Pursuit Intercept
Configuration Security as a Game of Pursuit InterceptConfiguration Security as a Game of Pursuit Intercept
Configuration Security as a Game of Pursuit Intercept
All Things Open
 
Scaling an Open Source Sponsorship Program
Scaling an Open Source Sponsorship ProgramScaling an Open Source Sponsorship Program
Scaling an Open Source Sponsorship Program
All Things Open
 
Build Developer Experience Teams for Open Source
Build Developer Experience Teams for Open SourceBuild Developer Experience Teams for Open Source
Build Developer Experience Teams for Open Source
All Things Open
 
Deploying Models at Scale with Apache Beam
Deploying Models at Scale with Apache BeamDeploying Models at Scale with Apache Beam
Deploying Models at Scale with Apache Beam
All Things Open
 
Sudo – Giving access while staying in control
Sudo – Giving access while staying in controlSudo – Giving access while staying in control
Sudo – Giving access while staying in control
All Things Open
 
Fortifying the Future: Tackling Security Challenges in AI/ML Applications
Fortifying the Future: Tackling Security Challenges in AI/ML ApplicationsFortifying the Future: Tackling Security Challenges in AI/ML Applications
Fortifying the Future: Tackling Security Challenges in AI/ML Applications
All Things Open
 
Securing Cloud Resources Deployed with Control Planes on Kubernetes using Gov...
Securing Cloud Resources Deployed with Control Planes on Kubernetes using Gov...Securing Cloud Resources Deployed with Control Planes on Kubernetes using Gov...
Securing Cloud Resources Deployed with Control Planes on Kubernetes using Gov...
All Things Open
 
Building AlmaLinux OS without RHEL sources code
Building AlmaLinux OS without RHEL sources codeBuilding AlmaLinux OS without RHEL sources code
Building AlmaLinux OS without RHEL sources code
All Things Open
 

More from All Things Open (20)

Building Reliability - The Realities of Observability
Building Reliability - The Realities of ObservabilityBuilding Reliability - The Realities of Observability
Building Reliability - The Realities of Observability
 
Modern Database Best Practices
Modern Database Best PracticesModern Database Best Practices
Modern Database Best Practices
 
Weaving Microservices into a Unified GraphQL Schema with graph-quilt - Ashpak...
Weaving Microservices into a Unified GraphQL Schema with graph-quilt - Ashpak...Weaving Microservices into a Unified GraphQL Schema with graph-quilt - Ashpak...
Weaving Microservices into a Unified GraphQL Schema with graph-quilt - Ashpak...
 
The State of Passwordless Auth on the Web - Phil Nash
The State of Passwordless Auth on the Web - Phil NashThe State of Passwordless Auth on the Web - Phil Nash
The State of Passwordless Auth on the Web - Phil Nash
 
Total ReDoS: The dangers of regex in JavaScript
Total ReDoS: The dangers of regex in JavaScriptTotal ReDoS: The dangers of regex in JavaScript
Total ReDoS: The dangers of regex in JavaScript
 
What Does Real World Mass Adoption of Decentralized Tech Look Like?
What Does Real World Mass Adoption of Decentralized Tech Look Like?What Does Real World Mass Adoption of Decentralized Tech Look Like?
What Does Real World Mass Adoption of Decentralized Tech Look Like?
 
How to Write & Deploy a Smart Contract
How to Write & Deploy a Smart ContractHow to Write & Deploy a Smart Contract
How to Write & Deploy a Smart Contract
 
Spinning Your Drones with Cadence Workflows, Apache Kafka and TensorFlow
Spinning Your Drones with Cadence Workflows, Apache Kafka and TensorFlow Spinning Your Drones with Cadence Workflows, Apache Kafka and TensorFlow
Spinning Your Drones with Cadence Workflows, Apache Kafka and TensorFlow
 
DEI Challenges and Success
DEI Challenges and SuccessDEI Challenges and Success
DEI Challenges and Success
 
Scaling Web Applications with Background
Scaling Web Applications with BackgroundScaling Web Applications with Background
Scaling Web Applications with Background
 
Supercharging tutorials with WebAssembly
Supercharging tutorials with WebAssemblySupercharging tutorials with WebAssembly
Supercharging tutorials with WebAssembly
 
Using SQL to Find Needles in Haystacks
Using SQL to Find Needles in HaystacksUsing SQL to Find Needles in Haystacks
Using SQL to Find Needles in Haystacks
 
Configuration Security as a Game of Pursuit Intercept
Configuration Security as a Game of Pursuit InterceptConfiguration Security as a Game of Pursuit Intercept
Configuration Security as a Game of Pursuit Intercept
 
Scaling an Open Source Sponsorship Program
Scaling an Open Source Sponsorship ProgramScaling an Open Source Sponsorship Program
Scaling an Open Source Sponsorship Program
 
Build Developer Experience Teams for Open Source
Build Developer Experience Teams for Open SourceBuild Developer Experience Teams for Open Source
Build Developer Experience Teams for Open Source
 
Deploying Models at Scale with Apache Beam
Deploying Models at Scale with Apache BeamDeploying Models at Scale with Apache Beam
Deploying Models at Scale with Apache Beam
 
Sudo – Giving access while staying in control
Sudo – Giving access while staying in controlSudo – Giving access while staying in control
Sudo – Giving access while staying in control
 
Fortifying the Future: Tackling Security Challenges in AI/ML Applications
Fortifying the Future: Tackling Security Challenges in AI/ML ApplicationsFortifying the Future: Tackling Security Challenges in AI/ML Applications
Fortifying the Future: Tackling Security Challenges in AI/ML Applications
 
Securing Cloud Resources Deployed with Control Planes on Kubernetes using Gov...
Securing Cloud Resources Deployed with Control Planes on Kubernetes using Gov...Securing Cloud Resources Deployed with Control Planes on Kubernetes using Gov...
Securing Cloud Resources Deployed with Control Planes on Kubernetes using Gov...
 
Building AlmaLinux OS without RHEL sources code
Building AlmaLinux OS without RHEL sources codeBuilding AlmaLinux OS without RHEL sources code
Building AlmaLinux OS without RHEL sources code
 

Recently uploaded

How RPA Help in the Transportation and Logistics Industry.pptx
How RPA Help in the Transportation and Logistics Industry.pptxHow RPA Help in the Transportation and Logistics Industry.pptx
How RPA Help in the Transportation and Logistics Industry.pptx
SynapseIndia
 
What’s New in Teams Calling, Meetings and Devices May 2024
What’s New in Teams Calling, Meetings and Devices May 2024What’s New in Teams Calling, Meetings and Devices May 2024
What’s New in Teams Calling, Meetings and Devices May 2024
Stephanie Beckett
 
How to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptxHow to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptx
Adam Dunkels
 
How Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdfHow Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdf
HackersList
 
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdfBT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
Neo4j
 
20240704 QFM023 Engineering Leadership Reading List June 2024
20240704 QFM023 Engineering Leadership Reading List June 202420240704 QFM023 Engineering Leadership Reading List June 2024
20240704 QFM023 Engineering Leadership Reading List June 2024
Matthew Sinclair
 
Fluttercon 2024: Showing that you care about security - OpenSSF Scorecards fo...
Fluttercon 2024: Showing that you care about security - OpenSSF Scorecards fo...Fluttercon 2024: Showing that you care about security - OpenSSF Scorecards fo...
Fluttercon 2024: Showing that you care about security - OpenSSF Scorecards fo...
Chris Swan
 
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptx
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptxRPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptx
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptx
SynapseIndia
 
Observability For You and Me with OpenTelemetry
Observability For You and Me with OpenTelemetryObservability For You and Me with OpenTelemetry
Observability For You and Me with OpenTelemetry
Eric D. Schabell
 
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - Mydbops
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - MydbopsScaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - Mydbops
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - Mydbops
Mydbops
 
Implementations of Fused Deposition Modeling in real world
Implementations of Fused Deposition Modeling in real worldImplementations of Fused Deposition Modeling in real world
Implementations of Fused Deposition Modeling in real world
Emerging Tech
 
Quality Patents: Patents That Stand the Test of Time
Quality Patents: Patents That Stand the Test of TimeQuality Patents: Patents That Stand the Test of Time
Quality Patents: Patents That Stand the Test of Time
Aurora Consulting
 
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-In
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-InTrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-In
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-In
TrustArc
 
What's New in Copilot for Microsoft365 May 2024.pptx
What's New in Copilot for Microsoft365 May 2024.pptxWhat's New in Copilot for Microsoft365 May 2024.pptx
What's New in Copilot for Microsoft365 May 2024.pptx
Stephanie Beckett
 
20240702 Présentation Plateforme GenAI.pdf
20240702 Présentation Plateforme GenAI.pdf20240702 Présentation Plateforme GenAI.pdf
20240702 Présentation Plateforme GenAI.pdf
Sally Laouacheria
 
BLOCKCHAIN FOR DUMMIES: GUIDEBOOK FOR ALL
BLOCKCHAIN FOR DUMMIES: GUIDEBOOK FOR ALLBLOCKCHAIN FOR DUMMIES: GUIDEBOOK FOR ALL
BLOCKCHAIN FOR DUMMIES: GUIDEBOOK FOR ALL
Liveplex
 
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdfWhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
ArgaBisma
 
UiPath Community Day Kraków: Devs4Devs Conference
UiPath Community Day Kraków: Devs4Devs ConferenceUiPath Community Day Kraków: Devs4Devs Conference
UiPath Community Day Kraków: Devs4Devs Conference
UiPathCommunity
 
20240705 QFM024 Irresponsible AI Reading List June 2024
20240705 QFM024 Irresponsible AI Reading List June 202420240705 QFM024 Irresponsible AI Reading List June 2024
20240705 QFM024 Irresponsible AI Reading List June 2024
Matthew Sinclair
 
The Increasing Use of the National Research Platform by the CSU Campuses
The Increasing Use of the National Research Platform by the CSU CampusesThe Increasing Use of the National Research Platform by the CSU Campuses
The Increasing Use of the National Research Platform by the CSU Campuses
Larry Smarr
 

Recently uploaded (20)

How RPA Help in the Transportation and Logistics Industry.pptx
How RPA Help in the Transportation and Logistics Industry.pptxHow RPA Help in the Transportation and Logistics Industry.pptx
How RPA Help in the Transportation and Logistics Industry.pptx
 
What’s New in Teams Calling, Meetings and Devices May 2024
What’s New in Teams Calling, Meetings and Devices May 2024What’s New in Teams Calling, Meetings and Devices May 2024
What’s New in Teams Calling, Meetings and Devices May 2024
 
How to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptxHow to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptx
 
How Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdfHow Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdf
 
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdfBT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
 
20240704 QFM023 Engineering Leadership Reading List June 2024
20240704 QFM023 Engineering Leadership Reading List June 202420240704 QFM023 Engineering Leadership Reading List June 2024
20240704 QFM023 Engineering Leadership Reading List June 2024
 
Fluttercon 2024: Showing that you care about security - OpenSSF Scorecards fo...
Fluttercon 2024: Showing that you care about security - OpenSSF Scorecards fo...Fluttercon 2024: Showing that you care about security - OpenSSF Scorecards fo...
Fluttercon 2024: Showing that you care about security - OpenSSF Scorecards fo...
 
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptx
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptxRPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptx
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptx
 
Observability For You and Me with OpenTelemetry
Observability For You and Me with OpenTelemetryObservability For You and Me with OpenTelemetry
Observability For You and Me with OpenTelemetry
 
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - Mydbops
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - MydbopsScaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - Mydbops
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - Mydbops
 
Implementations of Fused Deposition Modeling in real world
Implementations of Fused Deposition Modeling in real worldImplementations of Fused Deposition Modeling in real world
Implementations of Fused Deposition Modeling in real world
 
Quality Patents: Patents That Stand the Test of Time
Quality Patents: Patents That Stand the Test of TimeQuality Patents: Patents That Stand the Test of Time
Quality Patents: Patents That Stand the Test of Time
 
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-In
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-InTrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-In
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-In
 
What's New in Copilot for Microsoft365 May 2024.pptx
What's New in Copilot for Microsoft365 May 2024.pptxWhat's New in Copilot for Microsoft365 May 2024.pptx
What's New in Copilot for Microsoft365 May 2024.pptx
 
20240702 Présentation Plateforme GenAI.pdf
20240702 Présentation Plateforme GenAI.pdf20240702 Présentation Plateforme GenAI.pdf
20240702 Présentation Plateforme GenAI.pdf
 
BLOCKCHAIN FOR DUMMIES: GUIDEBOOK FOR ALL
BLOCKCHAIN FOR DUMMIES: GUIDEBOOK FOR ALLBLOCKCHAIN FOR DUMMIES: GUIDEBOOK FOR ALL
BLOCKCHAIN FOR DUMMIES: GUIDEBOOK FOR ALL
 
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdfWhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
 
UiPath Community Day Kraków: Devs4Devs Conference
UiPath Community Day Kraków: Devs4Devs ConferenceUiPath Community Day Kraków: Devs4Devs Conference
UiPath Community Day Kraków: Devs4Devs Conference
 
20240705 QFM024 Irresponsible AI Reading List June 2024
20240705 QFM024 Irresponsible AI Reading List June 202420240705 QFM024 Irresponsible AI Reading List June 2024
20240705 QFM024 Irresponsible AI Reading List June 2024
 
The Increasing Use of the National Research Platform by the CSU Campuses
The Increasing Use of the National Research Platform by the CSU CampusesThe Increasing Use of the National Research Platform by the CSU Campuses
The Increasing Use of the National Research Platform by the CSU Campuses
 

Open Source and Public Policy

  • 1. Open Source & Public Policy Let’s open all the things.
  • 2. Today’s public policy panelists Deb Bryant Open Source Initiative Board Member Emeritus OSI Policy Director - US Former State of Oregon Deputy CIO Greg Wallace Director of Partnerships and Research, FreeBSD Foundation Ruth Suehle Executive Vice-President, Apache Software Foundation & Director of Open Source, SAS Patrick Masson Apereo Foundation Executive Director Formerly… General Manager, OSI CTO, University of Massachusetts CIO, State University of New York Stephen Jacobs Director Open@RIT 2024
  • 3. The Open Policy Alliance is a new initiative (2023) born out of request from non-profit community members to join together to better understand the changing landscape of public policy where it effects open source stakeholders and to provide a platform from which to constructively contribute to the public dialog. Its members are non-profit organizations with a stake in open domains and intersectional interests in open source software. The Alliance focuses on ● The need to educate public policy-makers on open source to inform their development and deliberation of new policy concepts. ● Assist in the development of good public policy, and to help avoid under-informed policy with unintended consequences due to a lack of understanding of how open collaboration works in practice.
  • 4. Open@RIT Open@RIT https://openr.it Open Programs Office and Research Center for the Rochester Institute of Technology. Co-creator of Open Work Definition (https://openworkdefinition.com) with Karsten Wade and other contributors. Funded by Alfred P. Sloan Foundation to support Academic Open Work of All kinds. Ran Summit on Open Work in Academia Summit. Founding member Open 3D Engine foundation and International Game Developers Association Open Source SIG. Policy interests include internal policies to academia, science and research civic and federal government and do work in and across those silos. FOSS and Open Work policies have been growing in influence in these spaces. The most recent example of this is the effort to crowd source federal policy for science and research by the Foundation of American Scientists, the Center for Open Science and the Wilson Center. Help shape the next decade of open science
  • 6. Cyber Resilience Act “In order not to hamper innovation or research, free and open-source software developed or supplied outside the course of a commercial activity should not be covered by this Regulation. This is in particular the case for software, including its source code and modified versions, that is openly shared and freely accessible, usable, modifiable and redistributable. In the context of software, a commercial activity might be characterized not only by charging a price for a product, but also by charging a price for technical support services, by providing a software platform through which the manufacturer monetises other services, or by the use of personal data for reasons other than exclusively for improving the security, compatibility or interoperability of the software.”
  • 7. The Source for Open Source in Higher Education… Founded in 2012, with roots dating back to 1999 Fiscal sponsor of 20 open source edtech solutions including: Central Authentication Service (CAS) Bedework enterprise calendar system Opencast video capture, editing, & management Sakai learning management system uPortal enterprise portal framework Xerte content authoring & publishing 300+ participating academic institutions 2500+ contributors: developers, system administrators, faculty, instructional designers, deans, department heads, campus administrators, students, commercial affiliates…
  • 8. Open Source Policy and Practice Impacting Academic Institutions Higher education technology is extremely distributed. Requirements in public grants for outputs to be “open.” Increased interest and investment in cross-discipline, multi-resourced, “open initiatives.” Open source adoption on campuses tends to be bottom-up. Regulating bodies don’t see universities as digital businesses that use and develop open source. All of the above means many “campus decision makers” are unaware of policy and impacts.
  • 9. Open Source Policy and Practice: What Apereo is Doing… Contracting with dedicated policy analyst/advisor. Engaging membership: universities, consortia, projects, commercial affiliates, etc. Partnering with subject matter experts: Eclipse, OW2, OSPO.Alliance, OSPO++, etc. Reaching out to higher education organizations, e.g., AXIES, EDUCAUSE, ESUP Portail, German U15.
  • 10. www.FreeBSDFoundation.org The FreeBSD Foundation is dedicated to supporting the FreeBSD Project, its development, and its community FreeBSD is a complete open source Unix-like operating system. The FreeBSD Project is a welcoming open source community with hundreds of committers and thousands of contributors around the world Descended from UC Berkeley, FreeBSD powers much of the technology we all use daily to stay connected, informed, and entertained
  • 11. Policy areas ● Sonotype found OSS n 96% of ALL scanned codebases ● This means that virtually every company bidding for govt digital contracts relies on open source ● Can govt. agencies use procurement power to favor software companies that support the open source they use? www.FreeBSDFoundation.org Government procurement Security by design a few areas that every software company should investigate. First, … The Capability Hardware Enhanced RISC Instructions (CHERI) … gives memory unsafe languages like C and C++ protection against many widely exploited vulnerabilities. https://www.cisa.gov/news-events/news/urgent-need-memory-safety-software-products The Urgent Need for Memory Safety in Software Products
  • 12. Rust & CHERI The One-Two punch for memory safety protection www.FreeBSDFoundation.org ● Millions of applications are written in C / C++ ● Leaving users at risk of memory safety vulnerabilities ● With minimal mods, port C/C++ apps to CHERI ● And users are protected against nearly 70% of memory safety vulnerabilities THE PROBLEM ● Rust for NEW systems apps ● BUT what about all the millions of existing apps written in C / C++? RUST FOR NEW APPS CHERI SECURES EXISTING APPS
  • 13. Resources ★ Open Policy Alliance announcement and membership application ★ US Office of the National Cyber Director (ONCD) RFI on OSS sustainability ★ EU Cyber Resilience Act and references ★ OpenWork ★ Apero Foundation ★ FreeBSD Foundation ★ Apache Software Foundation