TagVault.org is a non-profit organization formed under the structure of IEEE-ISTO. It is a registration and certification authority for software identification tags (SWID tags) based on the ISO/IEC 19770-2:2009 standard. TagVault is a member-driven organization that provides a forum for sharing information and resources about software tags among software publishers, tool providers and SAM practitioners. TagVault provides a shared library of technical knowledge and software tools including consistent cross-vendor, cross-platform APIs.

The software supply chain and management process is a complete mess!

 
The software supply chain and management process is a complete mess and the situation will get worse with the addition of new computing platforms and alternative licensing requirements for virtual and cloud based environments. Unless there is a change in the status quo, everyone in the software ecosystem will end up spending more on management and less on development equating to higher overhead for everyone!
 
There is a better way and it starts with a very simple expectation that software should automatically and consistently provide authoritative identification information for every single title by every publisher across every platform in a consistent fashion. Does authoritative software identification solve the whole problem – no! However, it does fix numerous problems in the supply and management chain that cost excessive money, time and resources today and enables better solutions across the whole industry in the future.
 
Read more about Pat's perspective!

Asking for a Signature Improves IT Security

Do you trust the vendors that supply software to your organization? In most cases, the answer to that question is very likely “yes” – at least in terms of the fact that the software will not purposefully cause harm to your organization’s infrastructure or data. How about the delivery people who handle the shipments – do you trust them? How about all the various systems on the Internet that your electronic distributions travel through – are all your transfers secured using encrypted communications? Is there any way for your organization to know if installation media delivered through any means to your IT group has exactly the files that the publisher created?

Software Purchasers Can Change the Software World!

Tired of the software identification mess?  Software purchasers can make a difference today!


Anyone who tells you that they know exactly what software they have installed, and that they have it all under control, is deceiving someone – themselves or you – or they are spending far too much money doing what they are doing. Software discovery tools have to make educated guesses and generalizations about much of what they find. The tools are much better than nothing – like a horse and cart are better than walking. But they are imperfect, because the publishers do not make it easy to determine exactly what is installed and needs to be paid for. So what happens when you get audited by the software publishers? They find copies, and versions, and violations of licensing terms and conditions which you did not expect, and you have to pay the price of not being able to control the software you have purchased when the publishers have not given you the necessary means for control.

FAQ Check - Cloud Computing & Tags

 
For most people familiar with the Internet, the term FAQ stands for Frequently Asked Questions.  Often these questions are fairly simple and easy to respond to (i.e. what's the phone number, how do I sign up to be a member, how much does membership cost, etc.).  These FAQ Check articles will respond to more complex questions that require more detail than a typical FAQ response requires. 
 
Question: TagVault.org representatives are often asked – why do we need Software Identification Tags when all IT operations are going to be moving to the cloud? 
 
There are three answers to this question – each one focusing on a different segment of the software ecosystem.
 
 

Software Identification Summit - May 4, 2011

The software identification summit is designed to provide a forum for all software ecosystem members to discuss the future of software identification and discuss how these issues can be addressed in an authoritative fashion today with existing tools and technology. We will work through details on how the software community is actively solving this age old problem both for legacy as well as new software products.
 
The summit will be held near Washington DC on May 4th.  Send an e-mail to info@tagvault.org to request an invitation.  There will be a $75 facilities fee for attendees.

 

Symantec Supports ISO/IEC 19770-2:2009 SWID Tags

Symantec has released a public statement regarding the company's support for SWID tagging. It is clear to many in the software industry that an authoritative, definitive and cross-platform structure for software identification has been needed in the industry for some time. The ISO/IEC 19770-2:2009 standard provides the structure the software industry needs and TagVault.org is working with CA Technologies, ModusLink OCS, Symantec and others to increase the speed and consistency of adoption while providing normalization and validity to certified SWID tags. 

TagVault.org Tools Released to Production

TagVault.org has released two tools to production that help with the creation and validation of certified Software Identification (SWID) tags. TagVault.org is the registration and certification authority for SWID tags based on the ISO/IEC 19770-2:2009 standard. The tools allow software publishers and purchasers to:

· Easily and automatically create and validate SWID tags that conform to the 19770-2 standard
· Digitally sign and include trusted timestamps of when they signed a SWID tag
· Validate a digitally signed tag to ensure information has not been modified
 

TagVault.org Makes It Easier, Faster and Less Costly To Identify Software

TagVault.org is a non-profit IEEE-ISTO program providing registration and certification services for ISO/IEC 19770-2:2009 software identification (SWID) tags. The TagVault.org program has updated its membership structure to make it easier and less costly for organizations to identify software they purchase or software they deploy.
At the same time the software market moves towards cloud and virtual computing environments, more devices with new operating systems are entering the market.  The issue of accurate software identification is only going to get more complex.  TagVault.org is working with its membership to change how software is identified and make it easier, faster and less expensive for all members of the software eco-system.  The change to the TagVault.org membership program is a new stage in the effort to rationalize software identification for everyone.
Syndicate content

Software Publishers

By providing the information your customers need to more effectively manage their licenses, the cost of compliance is lowered for everyone.

SAM Tool Vendors

A standardized, publisher-defined method to identify software allows you to focus on helping users maximize their software asset utilization.

SAM Practitioners

Accurate software inventory is critical to managing software assets and eases compliance with purchase contracts.