elasticLM – License as a Service (LaaS)
elasticLM is a novel technology for creating and managing software licenses designed for distributed computing environments like Grids, Clouds or SOA. Of course, the benefits of elasticLM are also available when using elasticLM for applications running on local resources, e.g. workstations or clusters.
elasticLM overcomes the limitations of existing software license management solutions making the use of license protected applications on resources outside of the own administrative domain as easy as running them locally.
License usage is authorised through negotiation of Service Level Agreements between the license service and the user taking into account availability, policies defined locally, policies of the ISV or attributes defined for user in a virtual organisation.
The negotiation allows to inform the user about the price of the license before executing the application. The price information can also be used to check the request against budget constraints defined, e.g. for user or department.
The result of a successful negotiation is a mobile token which can be used e.g. in a IaaS environment to execute an application with the agreed features.
Tokens can move to the environment where needed, can be combined with other tokens or licenses created on the fly by an ASP.
Software licenses are treated and implemented as services, thus providing platform independent access just like any other virtualized resources.
- Licenses as services overcome the limitations of current monolithic licensing models.
- Licenses will be managed as agreements, extending the conventional Service Level Agreements (SLAs) which are made today between sellers and buyers in the market.
- Licenses will be dynamic in order to support agreements that may change over time and where the dynamic negotiation between service provider and consumer is needed.
In addition to licensing and license management elasticLM offers additional capabilities like monitoring the use of applications (license protected or not) and creating usage records for later evaluation.
Moreover, elasticLM may also be used in SaaS or PaaS environments - e.g., where the license is available locally and no tokens are needed for application execution - to create Service Level Agreements with the SaaS user and create usage records for accounting and billing.
Security
Aspects of security have been examined with special care. We identified relevant issues related to both the different actors and the license mechanism itself. These issues relate to
- authentication and authorization of users, services, and servers,
security and confidentiality of the communication between different actors or components, - security of the delegation process, when using a portal or an orchestrator, for example,
- disclosure of sensitive information, e.g. compromise of licenses
- integrity of the process to inhibit non-repudiation
- security of the licensing mechanism itself, e.g. the license generators, manipulation of the executables, or clock tweaking
Sophisticated measures have been taken either employing standards like X.509 certificates or XACML and other state-of-the-art technologies for code protection.