Open Source Encryption and Export Regulations - The New Compliance Frontier
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore the intersection of open source software, encryption, and export regulations in this 43-minute conference talk by Mark Gisi of Wind River Systems. Delve into the growing importance of software export compliance, particularly concerning encryption in open source components. Learn best practices for identifying encryption in software and discover open source tools that can assist with this task. Gain insights into managing open source policies, processes, and programs to maximize ROI and mitigate risks. Examine topics such as export clearance workflows, crypto detection methods, and the challenges of the "silo effect" in compliance. Understand the role of projects like SPDX and OpenChain in addressing these issues. Benefit from Gisi's extensive experience in managing open source software usage and its impact on innovation, code sharing, product adoption, and talent retention.
Syllabus
Introduction
Disclaimer
Open Source
Busybox
Export Compliance
Export Clearance Workflow
The Chasm
Plan A
Plan B
Plan C
Tooling
Crypto Detector Demo
The Silo Effect
TeeD
Faceology
API Matching
Output File
Demo
Analysis
Delivery
Executive Summary
Report
Summary
Open Chain
Encryption Evidence
Export Trade Groups
New Methods
Multiple Methods
Database
SPDX
The Real Problem
Taught by
Linux Foundation
Tags
Related Courses
SPDX 3.0 Overview - Introduction to Software Package Data ExchangeLinux Foundation via YouTube Software Part Catalog Management for Successful SBOM Creation
Linux Foundation via YouTube Our Journey to Open Source - From a Conservative Japanese Company
Linux Foundation via YouTube SW360 SBOM - Managing Vulnerability Information, SPDX Documents and Dependency Networks
Linux Foundation via YouTube OpenDataology: Fixing Dataset Licensing for AI - A Call to Arms
Linux Foundation via YouTube