信息通信技术与政策

信息通信技术与政策

信息通信技术与政策 ›› 2020, Vol. 46 ›› Issue (5): 45-48.

上一篇    下一篇

企业级开源风险及治理模式研究

Research on enterprise open source risk and governance model

  

  1. 1. 中国信息通信研究院云计算与大数据研究所,北京 100191 2. 华东师范大学数据科学与工程学院,上海 200062
  • 出版日期:2020-05-15 发布日期:2020-11-10
  • 作者简介:
    郭雪:中国信息通信研究院云计算与大数据研究所云计算部副主任,工程师,主要从事开源、云计算方面的研究工作
    孔松:中国信息通信研究院云计算与大数据研究所云计算部工程师,主要从事云安全方面的研究工作
    王皓月:华东师范大学数据科学与工程学院xlab 实验室,硕士研究生

  1. 1. Cloud Computing and Big Data Research Institute, China Academy of Information and Communications Technology, Beijing 100191, China
    2. School of Data Science and Engineering, East China Normal University, Shanghai 200062, China
  • Online:2020-05-15 Published:2020-11-10

摘要: 开源通过多人协同的开发模式推动信息产业的快速发展,开源软件的引入成为企业数字化转型的重要方式,开源软件应用逐渐成为趋势。开源软件应用过程中会面临诸多风险,包括知识产权风险、技术及运维风险、安全漏洞及数据泄露风险、管理风险等,企业面对开源的风险需要建立完善的开源治理体系,围绕开源软件生命周期建立管理机制。

关键词: 开源风险, 开源治理, 开源软件

Abstract: Open source promotes the rapid development of the information industry through the collaborative development mode of multiple people and becomes an important means of digital transformation of enterprises. The introduction of open source has become an inevitable trend for enterprises. This paper analyzes the open source risks faced by enterprises, including intellectual property and compliance risks, security and data risks, technology and operation and maintenance risks, management risks, etc. Facing the risks of open source, enterprises need to establish a sound open source governance system and establish a management mechanism around the life cycle of open source software.

Key words: open source risk, open source governance, open source software