Code Reuse in Open Source Software Development: Quantitative Evidence, Drivers, and Impediments

The focus of existing open source software (OSS) research has been on how and why individuals and firms add to the commons of public OSS code—that is, on the “giving” side of this open innovation process. In contrast, research on the corresponding “receiving” side of the innovation process is scarce. We address this gap, studying how existing OSS code is reused and serves as an input to further OSS development. Our findings are based on a survey with 686 responses from OSS developers. As the most interesting results, our multivariate analyses of developers’ code reuse behavior point out that developers with larger personal networks within the OSS community and those who have experience in a greater number of OSS projects reuse more, presumably because both network size and a broad project experience facilitate local search for reusable artifacts. Moreover, we find that a development paradigm that calls for releasing an initial functioning version of the software early—as the “credible promise” in OSS—leads to increased reuse. Finally, we identify developers’ interest in tackling difficult technical challenges as detrimental to efficient reuse-based innovation. Beyond OSS, we discuss the relevance of our findings for companies developing software and for the receiving side of open innovation processes, in general

The CIO - Hype, Science and Reality

Synnott and Gruber, as well as Stephens, have defined the role of the CIO initially in the early 1980s. Although major changes in the IS industry, society and IT services have taken place since then, theory and scientific work do not reflect this and still cling to more or less the same view as in the early days of CIO research. This work describes at first the state of CIO theory and then the CIO’s actual field of work based on empirical findings. When the traditional theories were tested with a positivistic perspective differences became obvious. The misleading self-assessment of having an important strategic role or the obvious loss of influence of CIOs in the company hierarchy show the need for a changed view on the CIO’s role. We propose a new role model for CIOs combining the objectives of the theoretical work with the empirical findings. This model classifies the CIO’s position in today’s corporate world with the help of two dimensions: strategic importance of running IT and strategic importance of changing IT. Based on these dimensions we identify four generic CIO roles: Enabler, Driver, Supporter and Cost Cutter/Project Manager

Attribute-Based Authentication and Authorisation Infrastructures for E-Commerce Providers

Authentication and authorisation has been a basic and necessary service for internet transactions. With the evolution of e-commerce, traditional mechanisms for data security and access control are becoming outdated. Several new standards have emerged which allow dynamic access control based on exchanging user attributes. Unfortunately, while providing highly secure and flexible access mechanisms is a very demanding task, it cannot be considered a core competency for most e-commerce corporations. Therefore, a need to outsource or at least share such services with other entities arises. Authen-tication and Authorisation Infrastructures (AAIs) can provide such integrated federations of security services. They could, in particular, provide attribute-based access control (ABAC) mechanisms and mediate customers’ demand for privacy and vendors’ needs for information. We propose an AAI reference model that includes ABAC functionality based on the XACML standard and lessons learned from various existing AAIs. AAIs analysed are AKENTI, CARDEA, CAS, GridShib, Liberty ID-FF, Microsoft .NET Passport, PAPI, PERMIS, Shibboleth and VOMS