By John Tomeny, Convener, ISO/IEC 19770-3 Development Group
In a recent blog post, Mathieu Baissac shared some thoughts on the ISO/IEC 19770-3 software entitlement tag. Following is an introduction for everyone in case you are not familiar with the ISO/IEC 19770-2 and -3 software entitlement tag.
The ISO/IEC 19770-3 SAM Standard is a technical specification for software entitlement tags. A software entitlement tag is a digital encapsulation in an XML format of licensing rights and limitations, and optional licensing metrics. The specific information provided by a software entitlement tag can be used to ensure compliance with licensing rights and limits, and to optimize licensing usage and costs.
The software entitlement tag will be delivered through the procurement process of software licences. It applies to both volume and retail procurement processes as well as delivery of open source, shareware, evaluation, and not-for-resale software products. In the volume procurement case, software entitlement tags will typically be received and managed centrally by a customer together with other software asset data.
A software entitlement tag allows for reconciliation of entitlements with software installed and/or used by customers. When a software entitlement tag has been created and electronically signed by a software publisher, it can be used for demonstration of entitlement ownership by a customer.
The following comparison of an ISO/IEC 19770-2 software Identification tag with a software entitlement tag will help to better understand the software entitlement tag:
- ISO/IEC 19770-2 software identification tags typically travel with the software package and are stored on a computer's disk during installation of the software package.
- ISO/IEC 19770-3 software entitlement tags typically travel with the software license ("entitlement") purchasing documents and therefore may have many different delivery methods and timings.
- ISO/IEC 19770-2 software identification tags have no unique instance identifier per instance of tag. If a customer has two copies of the same software product then they have two identical ISO/IEC 19770-2 software identification tags.
- ISO/IEC 19770-3 software entitlement tags usually have a unique identifier per instance of the tag. If a customer acquires entitlements for two copies of the same software product at different times, each instance of the software product will have a unique software entitlement tag with a unique ID.
- ISO/IEC 19770-2 software identification tags do not specify a quantity
- ISO/IEC 19770-3 software entitlement tags contain quantity and units of measure. One instance of a software entitlement tag may entitle many instances of a software package. Additionally, one instance of a software package may have many software entitlement tags – as entitlement rights to use particular features are acquired.
- ISO/IEC 19770-2 software identification tags contain no entitlement, or "right to use", information – ISO/IEC 19770-2 software identification tags contain only "software identification" information.
- ISO/IEC 19770-3 software entitlement tags contain specific details about the entitlement rights granted for a particular software product, as well as details about entitlement limits, and how those rights and limits can be measured.
- ISO/IEC 19770-3 supports software asset management (SAM) processes as defined in ISO/IEC 19770-1. It is also designed to work together with software identification tags as defined in ISO/IEC 19770-2.
Standardization of software entitlements provides uniform, measurable data for both the license compliance, and license optimization, processes of SAM practice. Software entitlement tags benefit all stakeholders involved in the creation, licensing, distribution, releasing, installation, and ongoing management of software and software entitlements.
If you're interested in learning more, just ask...
John Tomeny is a twenty-year veteran of the SAM/ITAM industry, the Convener of the ISO/IEC 19770-3 SAM Standards development group and a co-author of the ISO/IEC 19770-2 Software Identification Tag standard. He is a distinguished recipient of the IAITAM Fellow designation from the International Association of IT Asset Managers, and winner of the CODiE Award for "Best Asset Management Solution". John is VP of Sassafras Software, the publisher of "K2 - KeyAuditor & KeyServer". John serves as chief ITAM consultant and trainer to Sassafras's North American and European customers.