SlideShare a Scribd company logo

weiss

Michael Weiss
Michael Weiss

This document presents a framework for assessing the ex-ante value of open source projects based on resource-based theory. It identifies five levels of engagement (use, contribute, champion, collaborate) that companies can take with open source projects. For each level, it lists the potential value drivers, such as reducing costs, increasing demand or complementarity between products. The document applies this framework to analyze the value of engagement with the Eclipse open source project and argues that open collaboration could help address cybersecurity threats by increasing the sharing of threat intelligence and security expertise between defenders.

1 of 18
Download to read offline
weiss@sce.carleton.ca Licensed under a CC BY-SA license Value of open source projects: 
 A case for open source cybersecurity 2015 ICE Conference, Belfast June 22-24, 2014 Michael Weiss, Tony Bailetti Carleton University, Ottawa www.timprogram.ca www.carleton.ca 1
weiss@sce.carleton.ca Licensed under a CC BY-SA license Objective • Companies understand they need to engage with open source projects as part of their business strategy • No good framework for assessing the (ex-ante) value stakeholders assign to an open source project
 
 
 Goal • Develop tool to assess value of open source projects based on recent advances in resource-based theory • Apply framework to argue that cybersecurity threats are better addressed through open source projects 2
weiss@sce.carleton.ca Licensed under a CC BY-SA license Ex-ante value of resources • Schmidt & Keil (2013) identify the ex-ante conditions under which firms attribute value to a resource:
 1. Firm’s ex-ante market position 2. Its ex-ante resource base, which allows for complementarities 3. Its position in inter-organizational networks 4. Prior knowledge and experience of its managers 3
weiss@sce.carleton.ca Licensed under a CC BY-SA license Open source value drivers 4 Spread (1a) How much engaging in an open source project helps reduce the cost of product development Demand (1b) How many units of a stakeholder's product are sold as a result of engaging in the open source project Complemen- tarity (2) Number of units sold due to the company's product complementing other products Privileged information (3) Volume, variety, velocity, and veracity of privileged information that is accessible Judgement (4) Number of individuals with requisite experience and knowledge to create value attracted
weiss@sce.carleton.ca Licensed under a CC BY-SA license Open source engagement levels 5
weiss@sce.carleton.ca Licensed under a CC BY-SA license Method • We examined six open source projects that we had studied in detail in our previous research, and drew on open source literature to complement findings • For each project, we inferred the actions that were taken to create value from the open source project and classified them by engagement level and value driver • Collapsed classifications for the projects into a single classification to produce the assessment tool • Examined cybersecurity literature and case studies through the lens of the value assessment tool 6
weiss@sce.carleton.ca Licensed under a CC BY-SA license Open source value assessment tool 7 Level of
 engagement Value driver Increase spread Increase demand Increase complemen- tarity Increase privileged information Increase judgement Use Reduce cost of development Develop new features quickly to attract customers Monitor technological trends Contribute Reduce cost of providing standard features Make company's product more attractive by including standard features Create plug-ins into other products Allocate developers to subprojects Champion Attract community contributions to project Reduce cost of acquisition for customers Trial products Attract third party features Define ownership contributions Nurture the community Attract third party features and services Access to a pool of talented developers Collaborate Reduce cost of creating shared assets Create a common platform for products Jointly create new markets Learn from one another Access to a diversity of skills
weiss@sce.carleton.ca Licensed under a CC BY-SA license Open source value assessment tool 8 Level of
 engagement Value driver Increase spread Increase demand Increase complemen- tarity Increase privileged information Increase judgement Use Reduce cost of development Develop new features quickly to attract customers Monitor technological trends Contribute Reduce cost of providing standard features Make company's product more attractive by including standard features Create plug-ins into other products Allocate developers to subprojects Champion Attract community contributions to project Reduce cost of acquisition for customers Trial products Attract third party features Define ownership contributions Nurture the community Attract third party features and services Access to a pool of talented developers Collaborate Reduce cost of creating shared assets Create a common platform for products Jointly create new markets Learn from one another Access to a diversity of skills Monitor technological trends
weiss@sce.carleton.ca Licensed under a CC BY-SA license Open source value assessment tool 9 Level of
 engagement Value driver Increase spread Increase demand Increase complemen- tarity Increase privileged information Increase judgement Use Reduce cost of development Develop new features quickly to attract customers Monitor technological trends Contribute Reduce cost of providing standard features Make company's product more attractive by including standard features Create plug-ins into other products Allocate developers to subprojects Champion Attract community contributions to project Reduce cost of acquisition for customers Trial products Attract third party features Define ownership contributions Nurture the community Attract third party features and services Access to a pool of talented developers Collaborate Reduce cost of creating shared assets Create a common platform for products Jointly create new markets Learn from one another Access to a diversity of skills Create plug- ins into other products
weiss@sce.carleton.ca Licensed under a CC BY-SA license Open source value assessment tool 10 Level of
 engagement Value driver Increase spread Increase demand Increase complemen- tarity Increase privileged information Increase judgement Use Reduce cost of development Develop new features quickly to attract customers Monitor technological trends Contribute Reduce cost of providing standard features Make company's product more attractive by including standard features Create plug-ins into other products Allocate developers to subprojects Champion Attract community contributions to project Reduce cost of acquisition for customers Trial products Attract third party features Define ownership contributions Nurture the community Attract third party features and services Access to a pool of talented developers Collaborate Reduce cost of creating shared assets Create a common platform for products Jointly create new markets Learn from one another Access to a diversity of skills Access to a pool of talented developers
weiss@sce.carleton.ca Licensed under a CC BY-SA license Open source value assessment tool 11 Level of
 engagement Value driver Increase spread Increase demand Increase complemen- tarity Increase privileged information Increase judgement Use Reduce cost of development Develop new features quickly to attract customers Monitor technological trends Contribute Reduce cost of providing standard features Make company's product more attractive by including standard features Create plug-ins into other products Allocate developers to subprojects Champion Attract community contributions to project Reduce cost of acquisition for customers Trial products Attract third party features Define ownership contributions Nurture the community Attract third party features and services Access to a pool of talented developers Collaborate Reduce cost of creating shared assets Create a common platform for products Jointly create new markets Learn from one another Access to a diversity of skills Reduce cost of creating shared assets
weiss@sce.carleton.ca Licensed under a CC BY-SA license Application to Eclipse project 12 Level of
 engagement Value driver Increase spread Increase demand Increase complemen- tarity Increase privileged information Increase judgement Use Contribute Reduce cost of providing standard features Make company's product more attractive by including standard features Allocate developers to subprojects Champion Attract community contributions to project Reduce cost of acquisition for customers Trial products Define ownership Donate initial project code Nurture the community Access to a pool of talented developers Collaborate Reduce cost of creating shared assets Create a common platform for products Jointly create new markets Learn from one another Access to a diversity of skills
weiss@sce.carleton.ca Licensed under a CC BY-SA license Cybersecurity and open source • Open source approaches have not yet been widely applied in cybersecurity — mantra of “security through obscurity” leads to a siloed approach to security • However, there have been calls for more transparency and collaboration such as the “collaborative approach” (Ackerman), “cyber commons” (Schiffman & Gupta), “open security” (Schmidt), and “disclosure” (Swire) • BTW — attackers already know about the benefits of collaboration, so here our focus is on defenders • Example of collaboration in averting cybersecurity threats: Conficker Working Group 13
weiss@sce.carleton.ca Licensed under a CC BY-SA license Tool applied to cybersecurity 14 Level of
 engagement Value driver Increase spread Increase demand Increase complemen- tarity Increase privileged information Increase judgement Use Reduce cost of development Increase security for their products and services Monitor technological trends Contribute Share security expertise Champion Create a platform for sharing intelligence security Nurture the community Attract third party features and services Access to a pool of talented developers Collaborate Reduce cost of creating shared assets Share threat intelligence Access to a diversity of security expertise
weiss@sce.carleton.ca Licensed under a CC BY-SA license Tool applied to cybersecurity 15 Level of
 engagement Value driver Increase spread Increase demand Increase complemen- tarity Increase privileged information Increase judgement Use Reduce cost of development Increase security for their products and services Monitor technological trends Contribute Share security expertise Champion Create a platform for sharing intelligence security Nurture the community Attract third party features and services Access to a pool of talented developers Collaborate Reduce cost of creating shared assets Share threat intelligence Access to a diversity of security expertise Create a plat- form for sharing intelligence
weiss@sce.carleton.ca Licensed under a CC BY-SA license Tool applied to cybersecurity 16 Level of
 engagement Value driver Increase spread Increase demand Increase complemen- tarity Increase privileged information Increase judgement Use Reduce cost of development Increase security for their products and services Monitor technological trends Contribute Share security expertise Champion Create a platform for sharing intelligence security Nurture the community Attract third party features and services Access to a pool of talented developers Collaborate Reduce cost of creating shared assets Share threat intelligence Access to a diversity of security expertise Reduce cost of creating shared assets
weiss@sce.carleton.ca Licensed under a CC BY-SA license Tool applied to cybersecurity 17 Level of
 engagement Value driver Increase spread Increase demand Increase complemen- tarity Increase privileged information Increase judgement Use Reduce cost of development Increase security for their products and services Monitor technological trends Contribute Share security expertise Champion Create a platform for sharing intelligence security Nurture the community Attract third party features and services Access to a pool of talented developers Collaborate Reduce cost of creating shared assets Share threat intelligence Access to a diversity of security expertise Access to a diversity of security expertise
weiss@sce.carleton.ca Licensed under a CC BY-SA license Conclusion • Purpose of tool: help companies increase value they gain from engaging with open source projects • Foundation for the tool was provided by a recent theoretical advance in resource-based theory • Tool helps describe actions to be taken at a given level of engagement to drive value in specific ways • Applied tool to argue for an open source approach to cybersecurity: more transparent & collaborative • Future work is to examine current projects in the still nascent field of open source cybersecurity 18

Recommended

Business models and ecosystems
Business models and ecosystemsBusiness models and ecosystems
Business models and ecosystemsMichael Weiss
 
Lecture 7 partners 120411
Lecture 7 partners 120411Lecture 7 partners 120411
Lecture 7 partners 120411Stanford University
 
Business Model Ontology
Business Model OntologyBusiness Model Ontology
Business Model Ontology
stevendiebold
 
Business Model Canvas Research Report
Business Model Canvas Research ReportBusiness Model Canvas Research Report
Business Model Canvas Research Report
Ghani Kolli
 
Delivering value added services
Delivering value added servicesDelivering value added services
Delivering value added services
Heiko Gebauer
 
Ecommerce Chap 09
Ecommerce Chap 09Ecommerce Chap 09
Ecommerce Chap 09Pimsat University
 
Nsf lecture 2 value prop
Nsf lecture 2 value propNsf lecture 2 value prop
Nsf lecture 2 value propStanford University
 
Designing Digital
Designing DigitalDesigning Digital
Designing Digital
Amelia Green
 

Recommended

Business models and ecosystems
Business models and ecosystemsBusiness models and ecosystems
Business models and ecosystemsMichael Weiss
 
Lecture 7 partners 120411
Lecture 7 partners 120411Lecture 7 partners 120411
Lecture 7 partners 120411Stanford University
 
Business Model Ontology
Business Model OntologyBusiness Model Ontology
Business Model Ontology
stevendiebold
 
Business Model Canvas Research Report
Business Model Canvas Research ReportBusiness Model Canvas Research Report
Business Model Canvas Research Report
Ghani Kolli
 
Delivering value added services
Delivering value added servicesDelivering value added services
Delivering value added services
Heiko Gebauer
 
Ecommerce Chap 09
Ecommerce Chap 09Ecommerce Chap 09
Ecommerce Chap 09Pimsat University
 
Nsf lecture 2 value prop
Nsf lecture 2 value propNsf lecture 2 value prop
Nsf lecture 2 value propStanford University
 
Designing Digital
Designing DigitalDesigning Digital
Designing Digital
Amelia Green
 
Nsf online lecture 8 resources and costs
Nsf online lecture 8 resources and costsNsf online lecture 8 resources and costs
Nsf online lecture 8 resources and costsStanford University
 
New Oem Sales Pitch
New Oem Sales PitchNew Oem Sales Pitch
New Oem Sales Pitch
Thierry Bouffioux
 
Dnd design smartere simon
Dnd design smartere simonDnd design smartere simon
Dnd design smartere simondndwebkom
 
Make money with industrial design. Jukola7 presentation 2014
Make money with industrial design. Jukola7 presentation 2014Make money with industrial design. Jukola7 presentation 2014
Make money with industrial design. Jukola7 presentation 2014
Lauri Aaltio
 
3 d match columbia univ jan 2014
3 d match columbia univ jan 20143 d match columbia univ jan 2014
3 d match columbia univ jan 2014Stanford University
 
Sd logic version_final2.0
Sd logic version_final2.0Sd logic version_final2.0
Sd logic version_final2.0Ashish Aggarwal
 
Business Model Workshop
Business Model WorkshopBusiness Model Workshop
Business Model Workshop
Kristian Krämer
 
Corp Overview 14 Aug2009
Corp Overview 14 Aug2009Corp Overview 14 Aug2009
Corp Overview 14 Aug2009agreeya
 
Business Modeling Starter Kit
Business Modeling Starter KitBusiness Modeling Starter Kit
Business Modeling Starter Kit
Maria del Mar Agudelo
 
Team vogue final
Team vogue finalTeam vogue final
Team vogue finalStanford University
 
Excellent isn't good enough anymore - now you need to deliver the experience,...
Excellent isn't good enough anymore - now you need to deliver the experience,...Excellent isn't good enough anymore - now you need to deliver the experience,...
Excellent isn't good enough anymore - now you need to deliver the experience,...
Chris Parker
 
Modeling Values-Based Business with the Business Innovation Kit
Modeling Values-Based Business with the Business Innovation KitModeling Values-Based Business with the Business Innovation Kit
Modeling Values-Based Business with the Business Innovation Kit
Henning Breuer
 
MakerBot Industries
MakerBot IndustriesMakerBot Industries
MakerBot IndustriesJessica Samph
 
Business Model For Competitive Advantage
Business Model For Competitive AdvantageBusiness Model For Competitive Advantage
Business Model For Competitive Advantage
David L Broussard
 
81 opportunity analysis project (stanford)
81 opportunity analysis project (stanford)81 opportunity analysis project (stanford)
81 opportunity analysis project (stanford)amajtner
 
Workshop Innovation War Room
Workshop Innovation War RoomWorkshop Innovation War Room
Workshop Innovation War Room
Albregts Anke
 
Research & Design Presentation
Research & Design PresentationResearch & Design Presentation
Research & Design PresentationNoel Hatch
 
An Inspired Approach to Business Architecture
An Inspired Approach to Business ArchitectureAn Inspired Approach to Business Architecture
An Inspired Approach to Business ArchitectureGraham McLeod
 
Business Innovation
Business InnovationBusiness Innovation
Business Innovation
Koen Klokgieters
 
Microsoft Bizspark Presentation - Digital Economy Event
Microsoft Bizspark Presentation - Digital Economy EventMicrosoft Bizspark Presentation - Digital Economy Event
Microsoft Bizspark Presentation - Digital Economy Event
Lee Stott
 
Business of Open Source
Business of Open SourceBusiness of Open Source
Business of Open Source
Michael Weiss
 
Cloud webinar final
Cloud webinar finalCloud webinar final
Cloud webinar final
Ness Technologies
 

More Related Content

What's hot

Nsf online lecture 8 resources and costs
Nsf online lecture 8 resources and costsNsf online lecture 8 resources and costs
Nsf online lecture 8 resources and costsStanford University
 
New Oem Sales Pitch
New Oem Sales PitchNew Oem Sales Pitch
New Oem Sales Pitch
Thierry Bouffioux
 
Dnd design smartere simon
Dnd design smartere simonDnd design smartere simon
Dnd design smartere simondndwebkom
 
Make money with industrial design. Jukola7 presentation 2014
Make money with industrial design. Jukola7 presentation 2014Make money with industrial design. Jukola7 presentation 2014
Make money with industrial design. Jukola7 presentation 2014
Lauri Aaltio
 
3 d match columbia univ jan 2014
3 d match columbia univ jan 20143 d match columbia univ jan 2014
3 d match columbia univ jan 2014Stanford University
 
Sd logic version_final2.0
Sd logic version_final2.0Sd logic version_final2.0
Sd logic version_final2.0Ashish Aggarwal
 
Business Model Workshop
Business Model WorkshopBusiness Model Workshop
Business Model Workshop
Kristian Krämer
 
Corp Overview 14 Aug2009
Corp Overview 14 Aug2009Corp Overview 14 Aug2009
Corp Overview 14 Aug2009agreeya
 
Business Modeling Starter Kit
Business Modeling Starter KitBusiness Modeling Starter Kit
Business Modeling Starter Kit
Maria del Mar Agudelo
 
Excellent isn't good enough anymore - now you need to deliver the experience,...
Excellent isn't good enough anymore - now you need to deliver the experience,...Excellent isn't good enough anymore - now you need to deliver the experience,...
Excellent isn't good enough anymore - now you need to deliver the experience,...
Chris Parker
 
Modeling Values-Based Business with the Business Innovation Kit
Modeling Values-Based Business with the Business Innovation KitModeling Values-Based Business with the Business Innovation Kit
Modeling Values-Based Business with the Business Innovation Kit
Henning Breuer
 
Business Model For Competitive Advantage
Business Model For Competitive AdvantageBusiness Model For Competitive Advantage
Business Model For Competitive Advantage
David L Broussard
 
81 opportunity analysis project (stanford)
81 opportunity analysis project (stanford)81 opportunity analysis project (stanford)
81 opportunity analysis project (stanford)amajtner
 
Workshop Innovation War Room
Workshop Innovation War RoomWorkshop Innovation War Room
Workshop Innovation War Room
Albregts Anke
 
Research & Design Presentation
Research & Design PresentationResearch & Design Presentation
Research & Design PresentationNoel Hatch
 
An Inspired Approach to Business Architecture
An Inspired Approach to Business ArchitectureAn Inspired Approach to Business Architecture
An Inspired Approach to Business ArchitectureGraham McLeod
 
Business Innovation
Business InnovationBusiness Innovation
Business Innovation
Koen Klokgieters
 
Microsoft Bizspark Presentation - Digital Economy Event
Microsoft Bizspark Presentation - Digital Economy EventMicrosoft Bizspark Presentation - Digital Economy Event
Microsoft Bizspark Presentation - Digital Economy Event
Lee Stott
 

What's hot (20)

Nsf online lecture 8 resources and costs
Nsf online lecture 8 resources and costsNsf online lecture 8 resources and costs
Nsf online lecture 8 resources and costs
 
New Oem Sales Pitch
New Oem Sales PitchNew Oem Sales Pitch
New Oem Sales Pitch
 
Dnd design smartere simon
Dnd design smartere simonDnd design smartere simon
Dnd design smartere simon
 
Make money with industrial design. Jukola7 presentation 2014
Make money with industrial design. Jukola7 presentation 2014Make money with industrial design. Jukola7 presentation 2014
Make money with industrial design. Jukola7 presentation 2014
 
3 d match columbia univ jan 2014
3 d match columbia univ jan 20143 d match columbia univ jan 2014
3 d match columbia univ jan 2014
 
Sd logic version_final2.0
Sd logic version_final2.0Sd logic version_final2.0
Sd logic version_final2.0
 
Business Model Workshop
Business Model WorkshopBusiness Model Workshop
Business Model Workshop
 
Corp Overview 14 Aug2009
Corp Overview 14 Aug2009Corp Overview 14 Aug2009
Corp Overview 14 Aug2009
 
Business Modeling Starter Kit
Business Modeling Starter KitBusiness Modeling Starter Kit
Business Modeling Starter Kit
 
Team vogue final
Team vogue finalTeam vogue final
Team vogue final
 
Excellent isn't good enough anymore - now you need to deliver the experience,...
Excellent isn't good enough anymore - now you need to deliver the experience,...Excellent isn't good enough anymore - now you need to deliver the experience,...
Excellent isn't good enough anymore - now you need to deliver the experience,...
 
Modeling Values-Based Business with the Business Innovation Kit
Modeling Values-Based Business with the Business Innovation KitModeling Values-Based Business with the Business Innovation Kit
Modeling Values-Based Business with the Business Innovation Kit
 
MakerBot Industries
MakerBot IndustriesMakerBot Industries
MakerBot Industries
 
Business Model For Competitive Advantage
Business Model For Competitive AdvantageBusiness Model For Competitive Advantage
Business Model For Competitive Advantage
 
81 opportunity analysis project (stanford)
81 opportunity analysis project (stanford)81 opportunity analysis project (stanford)
81 opportunity analysis project (stanford)
 
Workshop Innovation War Room
Workshop Innovation War RoomWorkshop Innovation War Room
Workshop Innovation War Room
 
Research & Design Presentation
Research & Design PresentationResearch & Design Presentation
Research & Design Presentation
 
An Inspired Approach to Business Architecture
An Inspired Approach to Business ArchitectureAn Inspired Approach to Business Architecture
An Inspired Approach to Business Architecture
 
Business Innovation
Business InnovationBusiness Innovation
Business Innovation
 
Microsoft Bizspark Presentation - Digital Economy Event
Microsoft Bizspark Presentation - Digital Economy EventMicrosoft Bizspark Presentation - Digital Economy Event
Microsoft Bizspark Presentation - Digital Economy Event
 

Similar to weiss

Business of Open Source
Business of Open SourceBusiness of Open Source
Business of Open Source
Michael Weiss
 
Cloud webinar final
Cloud webinar finalCloud webinar final
Cloud webinar final
Ness Technologies
 
CIS14: NSTIC - Identity and Access Management Collaborative Approaches to Nov...
CIS14: NSTIC - Identity and Access Management Collaborative Approaches to Nov...CIS14: NSTIC - Identity and Access Management Collaborative Approaches to Nov...
CIS14: NSTIC - Identity and Access Management Collaborative Approaches to Nov...
CloudIDSummit
 
Building a Data Streaming Center of Excellence With Steve Gonzalez and Derek ...
Building a Data Streaming Center of Excellence With Steve Gonzalez and Derek ...Building a Data Streaming Center of Excellence With Steve Gonzalez and Derek ...
Building a Data Streaming Center of Excellence With Steve Gonzalez and Derek ...
HostedbyConfluent
 
Vd&P Citec 071911
Vd&P Citec 071911Vd&P Citec 071911
Vd&P Citec 071911
hutchhtr
 
Next generation Cloud Platforms
Next generation Cloud PlatformsNext generation Cloud Platforms
Next generation Cloud Platforms
Zinnov
 
Symphony Software Foundation - Overview for Public Consumption
Symphony Software Foundation - Overview for Public ConsumptionSymphony Software Foundation - Overview for Public Consumption
Symphony Software Foundation - Overview for Public Consumption
Symphony Software Foundation
 
OpenStack 2015 Marketing Plan
OpenStack 2015 Marketing PlanOpenStack 2015 Marketing Plan
OpenStack 2015 Marketing Plan
OpenStack Foundation
 
Converge Leveraging Identity With Professional Open Source Final
Converge Leveraging Identity With Professional Open Source FinalConverge Leveraging Identity With Professional Open Source Final
Converge Leveraging Identity With Professional Open Source Final
Gonow
 
When applications mean business
When applications mean businessWhen applications mean business
When applications mean business
Micro Focus
 
Modernize Development with Agile Engineering Practices
Modernize Development with Agile Engineering PracticesModernize Development with Agile Engineering Practices
Modernize Development with Agile Engineering Practices
CollabNet
 
AbbyBrownAB_Resume
AbbyBrownAB_ResumeAbbyBrownAB_Resume
AbbyBrownAB_ResumeAbby Brown
 
AbbyBrownAB_Resume
AbbyBrownAB_ResumeAbbyBrownAB_Resume
AbbyBrownAB_ResumeAbby Brown
 
Container Technologies and Transformational value
Container Technologies and Transformational valueContainer Technologies and Transformational value
Container Technologies and Transformational value
Mihai Criveti
 
Sendachi | 451 | GitHub Webinar: Demystifying Collaboration at Scale: DevOp...
Sendachi | 451 | GitHub Webinar: Demystifying Collaboration at Scale: DevOp...Sendachi | 451 | GitHub Webinar: Demystifying Collaboration at Scale: DevOp...
Sendachi | 451 | GitHub Webinar: Demystifying Collaboration at Scale: DevOp...
Sendachi
 
DrGanesh-Jan-17-Resume-V1.0
DrGanesh-Jan-17-Resume-V1.0DrGanesh-Jan-17-Resume-V1.0
DrGanesh-Jan-17-Resume-V1.0Dr Ganesh Iyer
 
EOSC Digital Innovation Hub (EOSC DIH)
EOSC Digital Innovation Hub (EOSC DIH)EOSC Digital Innovation Hub (EOSC DIH)
EOSC Digital Innovation Hub (EOSC DIH)
EOSC-hub project
 
Overview of APN Program | AWS Public Sector Summit 2016
Overview of APN Program | AWS Public Sector Summit 2016Overview of APN Program | AWS Public Sector Summit 2016
Overview of APN Program | AWS Public Sector Summit 2016
Amazon Web Services
 
Digital Transformation Templates.ppt
Digital Transformation Templates.pptDigital Transformation Templates.ppt
Digital Transformation Templates.ppt
Olusegun Mosugu
 
CSC - Presentation at Hortonworks Booth - Strata 2014
CSC - Presentation at Hortonworks Booth - Strata 2014CSC - Presentation at Hortonworks Booth - Strata 2014
CSC - Presentation at Hortonworks Booth - Strata 2014
Hortonworks
 

Similar to weiss (20)

Business of Open Source
Business of Open SourceBusiness of Open Source
Business of Open Source
 
Cloud webinar final
Cloud webinar finalCloud webinar final
Cloud webinar final
 
CIS14: NSTIC - Identity and Access Management Collaborative Approaches to Nov...
CIS14: NSTIC - Identity and Access Management Collaborative Approaches to Nov...CIS14: NSTIC - Identity and Access Management Collaborative Approaches to Nov...
CIS14: NSTIC - Identity and Access Management Collaborative Approaches to Nov...
 
Building a Data Streaming Center of Excellence With Steve Gonzalez and Derek ...
Building a Data Streaming Center of Excellence With Steve Gonzalez and Derek ...Building a Data Streaming Center of Excellence With Steve Gonzalez and Derek ...
Building a Data Streaming Center of Excellence With Steve Gonzalez and Derek ...
 
Vd&P Citec 071911
Vd&P Citec 071911Vd&P Citec 071911
Vd&P Citec 071911
 
Next generation Cloud Platforms
Next generation Cloud PlatformsNext generation Cloud Platforms
Next generation Cloud Platforms
 
Symphony Software Foundation - Overview for Public Consumption
Symphony Software Foundation - Overview for Public ConsumptionSymphony Software Foundation - Overview for Public Consumption
Symphony Software Foundation - Overview for Public Consumption
 
OpenStack 2015 Marketing Plan
OpenStack 2015 Marketing PlanOpenStack 2015 Marketing Plan
OpenStack 2015 Marketing Plan
 
Converge Leveraging Identity With Professional Open Source Final
Converge Leveraging Identity With Professional Open Source FinalConverge Leveraging Identity With Professional Open Source Final
Converge Leveraging Identity With Professional Open Source Final
 
When applications mean business
When applications mean businessWhen applications mean business
When applications mean business
 
Modernize Development with Agile Engineering Practices
Modernize Development with Agile Engineering PracticesModernize Development with Agile Engineering Practices
Modernize Development with Agile Engineering Practices
 
AbbyBrownAB_Resume
AbbyBrownAB_ResumeAbbyBrownAB_Resume
AbbyBrownAB_Resume
 
AbbyBrownAB_Resume
AbbyBrownAB_ResumeAbbyBrownAB_Resume
AbbyBrownAB_Resume
 
Container Technologies and Transformational value
Container Technologies and Transformational valueContainer Technologies and Transformational value
Container Technologies and Transformational value
 
Sendachi | 451 | GitHub Webinar: Demystifying Collaboration at Scale: DevOp...
Sendachi | 451 | GitHub Webinar: Demystifying Collaboration at Scale: DevOp...Sendachi | 451 | GitHub Webinar: Demystifying Collaboration at Scale: DevOp...
Sendachi | 451 | GitHub Webinar: Demystifying Collaboration at Scale: DevOp...
 
DrGanesh-Jan-17-Resume-V1.0
DrGanesh-Jan-17-Resume-V1.0DrGanesh-Jan-17-Resume-V1.0
DrGanesh-Jan-17-Resume-V1.0
 
EOSC Digital Innovation Hub (EOSC DIH)
EOSC Digital Innovation Hub (EOSC DIH)EOSC Digital Innovation Hub (EOSC DIH)
EOSC Digital Innovation Hub (EOSC DIH)
 
Overview of APN Program | AWS Public Sector Summit 2016
Overview of APN Program | AWS Public Sector Summit 2016Overview of APN Program | AWS Public Sector Summit 2016
Overview of APN Program | AWS Public Sector Summit 2016
 
Digital Transformation Templates.ppt
Digital Transformation Templates.pptDigital Transformation Templates.ppt
Digital Transformation Templates.ppt
 
CSC - Presentation at Hortonworks Booth - Strata 2014
CSC - Presentation at Hortonworks Booth - Strata 2014CSC - Presentation at Hortonworks Booth - Strata 2014
CSC - Presentation at Hortonworks Booth - Strata 2014
 

weiss

  • 1. weiss@sce.carleton.ca Licensed under a CC BY-SA license Value of open source projects: 
 A case for open source cybersecurity 2015 ICE Conference, Belfast June 22-24, 2014 Michael Weiss, Tony Bailetti Carleton University, Ottawa www.timprogram.ca www.carleton.ca 1
  • 2. weiss@sce.carleton.ca Licensed under a CC BY-SA license Objective • Companies understand they need to engage with open source projects as part of their business strategy • No good framework for assessing the (ex-ante) value stakeholders assign to an open source project
 
 
 Goal • Develop tool to assess value of open source projects based on recent advances in resource-based theory • Apply framework to argue that cybersecurity threats are better addressed through open source projects 2
  • 3. weiss@sce.carleton.ca Licensed under a CC BY-SA license Ex-ante value of resources • Schmidt & Keil (2013) identify the ex-ante conditions under which firms attribute value to a resource:
 1. Firm’s ex-ante market position 2. Its ex-ante resource base, which allows for complementarities 3. Its position in inter-organizational networks 4. Prior knowledge and experience of its managers 3
  • 4. weiss@sce.carleton.ca Licensed under a CC BY-SA license Open source value drivers 4 Spread (1a) How much engaging in an open source project helps reduce the cost of product development Demand (1b) How many units of a stakeholder's product are sold as a result of engaging in the open source project Complemen- tarity (2) Number of units sold due to the company's product complementing other products Privileged information (3) Volume, variety, velocity, and veracity of privileged information that is accessible Judgement (4) Number of individuals with requisite experience and knowledge to create value attracted
  • 5. weiss@sce.carleton.ca Licensed under a CC BY-SA license Open source engagement levels 5
  • 6. weiss@sce.carleton.ca Licensed under a CC BY-SA license Method • We examined six open source projects that we had studied in detail in our previous research, and drew on open source literature to complement findings • For each project, we inferred the actions that were taken to create value from the open source project and classified them by engagement level and value driver • Collapsed classifications for the projects into a single classification to produce the assessment tool • Examined cybersecurity literature and case studies through the lens of the value assessment tool 6
  • 7. weiss@sce.carleton.ca Licensed under a CC BY-SA license Open source value assessment tool 7 Level of
 engagement Value driver Increase spread Increase demand Increase complemen- tarity Increase privileged information Increase judgement Use Reduce cost of development Develop new features quickly to attract customers Monitor technological trends Contribute Reduce cost of providing standard features Make company's product more attractive by including standard features Create plug-ins into other products Allocate developers to subprojects Champion Attract community contributions to project Reduce cost of acquisition for customers Trial products Attract third party features Define ownership contributions Nurture the community Attract third party features and services Access to a pool of talented developers Collaborate Reduce cost of creating shared assets Create a common platform for products Jointly create new markets Learn from one another Access to a diversity of skills
  • 8. weiss@sce.carleton.ca Licensed under a CC BY-SA license Open source value assessment tool 8 Level of
 engagement Value driver Increase spread Increase demand Increase complemen- tarity Increase privileged information Increase judgement Use Reduce cost of development Develop new features quickly to attract customers Monitor technological trends Contribute Reduce cost of providing standard features Make company's product more attractive by including standard features Create plug-ins into other products Allocate developers to subprojects Champion Attract community contributions to project Reduce cost of acquisition for customers Trial products Attract third party features Define ownership contributions Nurture the community Attract third party features and services Access to a pool of talented developers Collaborate Reduce cost of creating shared assets Create a common platform for products Jointly create new markets Learn from one another Access to a diversity of skills Monitor technological trends
  • 9. weiss@sce.carleton.ca Licensed under a CC BY-SA license Open source value assessment tool 9 Level of
 engagement Value driver Increase spread Increase demand Increase complemen- tarity Increase privileged information Increase judgement Use Reduce cost of development Develop new features quickly to attract customers Monitor technological trends Contribute Reduce cost of providing standard features Make company's product more attractive by including standard features Create plug-ins into other products Allocate developers to subprojects Champion Attract community contributions to project Reduce cost of acquisition for customers Trial products Attract third party features Define ownership contributions Nurture the community Attract third party features and services Access to a pool of talented developers Collaborate Reduce cost of creating shared assets Create a common platform for products Jointly create new markets Learn from one another Access to a diversity of skills Create plug- ins into other products
  • 10. weiss@sce.carleton.ca Licensed under a CC BY-SA license Open source value assessment tool 10 Level of
 engagement Value driver Increase spread Increase demand Increase complemen- tarity Increase privileged information Increase judgement Use Reduce cost of development Develop new features quickly to attract customers Monitor technological trends Contribute Reduce cost of providing standard features Make company's product more attractive by including standard features Create plug-ins into other products Allocate developers to subprojects Champion Attract community contributions to project Reduce cost of acquisition for customers Trial products Attract third party features Define ownership contributions Nurture the community Attract third party features and services Access to a pool of talented developers Collaborate Reduce cost of creating shared assets Create a common platform for products Jointly create new markets Learn from one another Access to a diversity of skills Access to a pool of talented developers
  • 11. weiss@sce.carleton.ca Licensed under a CC BY-SA license Open source value assessment tool 11 Level of
 engagement Value driver Increase spread Increase demand Increase complemen- tarity Increase privileged information Increase judgement Use Reduce cost of development Develop new features quickly to attract customers Monitor technological trends Contribute Reduce cost of providing standard features Make company's product more attractive by including standard features Create plug-ins into other products Allocate developers to subprojects Champion Attract community contributions to project Reduce cost of acquisition for customers Trial products Attract third party features Define ownership contributions Nurture the community Attract third party features and services Access to a pool of talented developers Collaborate Reduce cost of creating shared assets Create a common platform for products Jointly create new markets Learn from one another Access to a diversity of skills Reduce cost of creating shared assets
  • 12. weiss@sce.carleton.ca Licensed under a CC BY-SA license Application to Eclipse project 12 Level of
 engagement Value driver Increase spread Increase demand Increase complemen- tarity Increase privileged information Increase judgement Use Contribute Reduce cost of providing standard features Make company's product more attractive by including standard features Allocate developers to subprojects Champion Attract community contributions to project Reduce cost of acquisition for customers Trial products Define ownership Donate initial project code Nurture the community Access to a pool of talented developers Collaborate Reduce cost of creating shared assets Create a common platform for products Jointly create new markets Learn from one another Access to a diversity of skills
  • 13. weiss@sce.carleton.ca Licensed under a CC BY-SA license Cybersecurity and open source • Open source approaches have not yet been widely applied in cybersecurity — mantra of “security through obscurity” leads to a siloed approach to security • However, there have been calls for more transparency and collaboration such as the “collaborative approach” (Ackerman), “cyber commons” (Schiffman & Gupta), “open security” (Schmidt), and “disclosure” (Swire) • BTW — attackers already know about the benefits of collaboration, so here our focus is on defenders • Example of collaboration in averting cybersecurity threats: Conficker Working Group 13
  • 14. weiss@sce.carleton.ca Licensed under a CC BY-SA license Tool applied to cybersecurity 14 Level of
 engagement Value driver Increase spread Increase demand Increase complemen- tarity Increase privileged information Increase judgement Use Reduce cost of development Increase security for their products and services Monitor technological trends Contribute Share security expertise Champion Create a platform for sharing intelligence security Nurture the community Attract third party features and services Access to a pool of talented developers Collaborate Reduce cost of creating shared assets Share threat intelligence Access to a diversity of security expertise
  • 15. weiss@sce.carleton.ca Licensed under a CC BY-SA license Tool applied to cybersecurity 15 Level of
 engagement Value driver Increase spread Increase demand Increase complemen- tarity Increase privileged information Increase judgement Use Reduce cost of development Increase security for their products and services Monitor technological trends Contribute Share security expertise Champion Create a platform for sharing intelligence security Nurture the community Attract third party features and services Access to a pool of talented developers Collaborate Reduce cost of creating shared assets Share threat intelligence Access to a diversity of security expertise Create a plat- form for sharing intelligence
  • 16. weiss@sce.carleton.ca Licensed under a CC BY-SA license Tool applied to cybersecurity 16 Level of
 engagement Value driver Increase spread Increase demand Increase complemen- tarity Increase privileged information Increase judgement Use Reduce cost of development Increase security for their products and services Monitor technological trends Contribute Share security expertise Champion Create a platform for sharing intelligence security Nurture the community Attract third party features and services Access to a pool of talented developers Collaborate Reduce cost of creating shared assets Share threat intelligence Access to a diversity of security expertise Reduce cost of creating shared assets
  • 17. weiss@sce.carleton.ca Licensed under a CC BY-SA license Tool applied to cybersecurity 17 Level of
 engagement Value driver Increase spread Increase demand Increase complemen- tarity Increase privileged information Increase judgement Use Reduce cost of development Increase security for their products and services Monitor technological trends Contribute Share security expertise Champion Create a platform for sharing intelligence security Nurture the community Attract third party features and services Access to a pool of talented developers Collaborate Reduce cost of creating shared assets Share threat intelligence Access to a diversity of security expertise Access to a diversity of security expertise
  • 18. weiss@sce.carleton.ca Licensed under a CC BY-SA license Conclusion • Purpose of tool: help companies increase value they gain from engaging with open source projects • Foundation for the tool was provided by a recent theoretical advance in resource-based theory • Tool helps describe actions to be taken at a given level of engagement to drive value in specific ways • Applied tool to argue for an open source approach to cybersecurity: more transparent & collaborative • Future work is to examine current projects in the still nascent field of open source cybersecurity 18