This IBM® Redbooks® publication delivers a Site Reliability Engineering (SRE) solution for cloud workloads that uses Red Hat OpenStack for Infrastructure as a Service (IaaS), Red Hat OpenShift for Platform as a Service (PaaS), and IT operations management that uses open source tools. Today, customers are no longer living in a world of licensed software. Curiosity increased the demand for investigating the Open Source world for Community Open Source and Enterprise grade applications. IBM as one of the contributors to the Open Source community is interested in helping the software be maintained and supported. Having companies, such as IBM, support the evolution of Open Source software helps to keep the Open Source community striving for enterprise grade open source solutions. Lately, companies are working on deciphering how to take advantage of Enterprise and Community Open Source to implement in their enterprises. The business case for open source software is no longer a mystery and no surprise that most of the new positions in IT enterprises are related to open source projects. The ability of a large enterprise to manage this sort of implementations is to engage in a hypertrophied cooperation, where the ability to not only cooperate with teams and people outside your organization, but also to find new ways of working together and devise new ways to improve the software and its code. A goal for this publication is to help the client's journey into the open source space and implement a private Cloud Container-based architecture with the ability to manage the entire IT Service Management processes from the open source framework. This publication describes the architecture and implementation details of the solution. Although not every piece of this solution is documented here, this book does provide instructions for what was achieved incorporating open source technologies. Moreover, with this publication, the team shares their collaboration experiences working in a team of technologists, open source developers, Red Hat, and the open source community. This publication is for designers, developers, managers, and anyone who is considering starting a Cloud open source project, or users who started that journey. This book also can be a manual to guide the implementation of a technical viable architecture and help those enterprises participate in an open source project but have not done so before. The reader must be familiar with principles in programming and basic software engineering concepts, such as source code, compilers, and patches.

The Sarbanes-Oxley Act (officially titled the Public Company Accounting Reform and Investor Protection Act of 2002), signed into law on 30 July 2002 by President Bush, is considered the most significant change to federal securities laws in the United States since the New Deal. It came in the wake of a series of corporate financial scandals, including those affecting Enron, Arthur Andersen, and WorldCom. The law is named after Senator Paul Sarbanes and Representative Michael G. Oxley. It was approved by the House by a vote of 423-3 and by the Senate 99-0. This book illustrates the many Open Source cost-saving opportunities that public companies can explore in their IT enterprise to meet mandatory compliance requirements of the Sarbanes-Oxley act. This book will also demonstrate by example and technical reference both the infrastructure components for Open Source that can be made compliant, and the Open Source tools that can aid in the journey of compliance. Although many books and reference material have been authored on the financial and business side of Sox compliance, very little material is available that directly address the information technology considerations, even less so on how Open Source fits into that discussion. The format of the book will begin each chapter with the IT business and executive considerations of Open Source and SOX compliance. The remaining chapter verbiage will include specific examinations of Open Source applications and tools which relate to the given subject matter. * Only book that shows companies how to use Open Source tools to achieve SOX compliance, which dramatically lowers the cost of using proprietary, commercial applications. * Only SOX compliance book specifically detailing steps to achieve SOX compliance for IT Professionals.

Much of the innovative programming that powers the Internet, creates operating systems, and produces software is the result of "open source" code, that is, code that is freely distributed--as opposed to being kept secret--by those who write it. Leaving source code open has generated some of the most sophisticated developments in computer technology, including, most notably, Linux and Apache, which pose a significant challenge to Microsoft in the marketplace. As Steven Weber discusses, open source's success in a highly competitive industry has subverted many assumptions about how businesses are run, and how intellectual products are created and protected. Traditionally, intellectual property law has allowed companies to control knowledge and has guarded the rights of the innovator, at the expense of industry-wide cooperation. In turn, engineers of new software code are richly rewarded; but, as Weber shows, in spite of the conventional wisdom that innovation is driven by the promise of individual and corporate wealth, ensuring the free distribution of code among computer programmers can empower a more effective process for building intellectual products. In the case of Open Source, independent programmers--sometimes hundreds or thousands of them--make unpaid contributions to software that develops organically, through trial and error. Weber argues that the success of open source is not a freakish exception to economic principles. The open source community is guided by standards, rules, decisionmaking procedures, and sanctioning mechanisms. Weber explains the political and economic dynamics of this mysterious but important market development. Table of Contents: Preface 1. Property and the Problem of Software 2. The Early History of Open Source 3. What Is Open Source and How Does It Work? 4. A Maturing Model of Production 5. Explaining Open Source: Microfoundations 6. Explaining Open Source: Macro-Organization 7. Business Models and the Law 8. The Code That Changed the World? Notes Index Reviews of this book: In the world of open-source software, true believers can be a fervent bunch. Linux, for example, may act as a credo as well as an operating system. But there is much substance beyond zealotry, says Steven Weber, the author of The Success of Open Source...An open-source operating system offers its source code up to be played with, extended, debugged, and otherwise tweaked in an orgy of user collaboration. The author traces the roots of that ethos and process in the early years of computers...He also analyzes the interface between open source and the worlds of business and law, as well as wider issues in the clash between hierarchical structures and networks, a subject with relevance beyond the software industry to the war on terrorism. --Nina C. Ayoub, Chronicle of Higher Education Reviews of this book: A valuable new account of the [open-source software] movement. --Edward Rothstein, New York Times We can blindly continue to develop, reward, protect, and organize around knowledge assets on the comfortable assumption that their traditional property rights remain inviolate. Or we can listen to Steven Weber and begin to make our peace with the uncomfortable fact that the very foundations of our familiar "knowledge as property" world have irrevocably shifted. --Alan Kantrow, Chief Knowledge Officer, Monitor Group Ever since the invention of agriculture, human beings have had only three social-engineering tools for organizing any large-scale division of labor: markets (and the carrots of material benefits they offer), hierarchies (and the sticks of punishment they impose), and charisma (and the promises of rapture they offer). Now there is the possibility of a fourth mode of effective social organization--one that we perhaps see in embryo in the creation and maintenance of open-source software. My Berkeley colleague Steven Weber's book is a brilliant exploration of this fascinating topic. --J. Bradford DeLong, Department of Economics, University of California at Berkeley Steven Weber has produced a significant, insightful book that is both smart and important. The most impressive achievement of this volume is that Weber has spent the time to learn and think about the technological, sociological, business, and legal perspectives related to open source. The Success of Open Source is timely and more thought provoking than almost anything I've come across in the past several years. It deserves careful reading by a wide audience. --Jonathan Aronson, Annenberg School for Communication, University of Southern California

Brilliant and engagingly written, Why Nations Fail answers the question that has stumped the experts for centuries: Why are some nations rich and others poor, divided by wealth and poverty, health and sickness, food and famine? Is it culture, the weather, geography? Perhaps ignorance of what the right policies are? Simply, no. None of these factors is either definitive or destiny. Otherwise, how to explain why Botswana has become one of the fastest growing countries in the world, while other African nations, such as Zimbabwe, the Congo, and Sierra Leone, are mired in poverty and violence? Daron Acemoglu and James Robinson conclusively show that it is man-made political and economic institutions that underlie economic success (or lack of it). Korea, to take just one of their fascinating examples, is a remarkably homogeneous nation, yet the people of North Korea are among the poorest on earth while their brothers and sisters in South Korea are among the richest. The south forged a society that created incentives, rewarded innovation, and allowed everyone to participate in economic opportunities. The economic success thus spurred was sustained because the government became accountable and responsive to citizens and the great mass of people. Sadly, the people of the north have endured decades of famine, political repression, and very different economic institutions—with no end in sight. The differences between the Koreas is due to the politics that created these completely different institutional trajectories. Based on fifteen years of original research Acemoglu and Robinson marshall extraordinary historical evidence from the Roman Empire, the Mayan city-states, medieval Venice, the Soviet Union, Latin America, England, Europe, the United States, and Africa to build a new theory of political economy with great relevance for the big questions of today, including: - China has built an authoritarian growth machine. Will it continue to grow at such high speed and overwhelm the West? - Are America’s best days behind it? Are we moving from a virtuous circle in which efforts by elites to aggrandize power are resisted to a vicious one that enriches and empowers a small minority? - What is the most effective way to help move billions of people from the rut of poverty to prosperity? More philanthropy from the wealthy nations of the West? Or learning the hard-won lessons of Acemoglu and Robinson’s breakthrough ideas on the interplay between inclusive political and economic institutions? Why Nations Fail will change the way you look at—and understand—the world.

"... an engaging book that will empower readers in both large and small software development and engineering organizations to build security into their products. ... Readers are armed with firm solutions for the fight against cyber threats."—Dr. Dena Haritos Tsamitis. Carnegie Mellon University"... a must read for security specialists, software developers and software engineers. ... should be part of every security professional’s library." —Dr. Larry Ponemon, Ponemon Institute"... the definitive how-to guide for software security professionals. Dr. Ransome, Anmol Misra, and Brook Schoenfield deftly outline the procedures and policies needed to integrate real security into the software development process. ...A must-have for anyone on the front lines of the Cyber War ..." —Cedric Leighton, Colonel, USAF (Ret.), Cedric Leighton Associates"Dr. Ransome, Anmol Misra, and Brook Schoenfield give you a magic formula in this book - the methodology and process to build security into the entire software development life cycle so that the software is secured at the source! "—Eric S. Yuan, Zoom Video CommunicationsThere is much publicity regarding network security, but the real cyber Achilles’ heel is insecure software. Millions of software vulnerabilities create a cyber house of cards, in which we conduct our digital lives. In response, security people build ever more elaborate cyber fortresses to protect this vulnerable software. Despite their efforts, cyber fortifications consistently fail to protect our digital treasures. Why? The security industry has failed to engage fully with the creative, innovative people who write software. Core Software Security expounds developer-centric software security, a holistic process to engage creativity for security. As long as software is developed by humans, it requires the human element to fix it. Developer-centric security is not only feasible but also cost effective and operationally relevant. The methodology builds security into software development, which lies at the heart of our cyber infrastructure. Whatever development method is employed, software must be secured at the source. Book Highlights: Supplies a practitioner's view of the SDL Considers Agile as a security enabler Covers the privacy elements in an SDL Outlines a holistic business-savvy SDL framework that includes people, process, and technology Highlights the key success factors, deliverables, and metrics for each phase of the SDL Examines cost efficiencies, optimized performance, and organizational structure of a developer-centric software security program and PSIRT Includes a chapter by noted security architect Brook Schoenfield who shares his insights and experiences in applying the book’s SDL framework View the authors' website at http://www.androidinsecurity.com/