CAPSTONE PROJECT LITERATURE REVIEW ASSIGNMENT 1CAPSTONE PROJEC

CAPSTONE PROJECT: LITERATURE REVIEW
ASSIGNMENT 1
CAPSTONE PROJECT: LITERATURE REVIEW
ASSIGNMENT 8
LITERATURE REVIEW ASSIGNMENT
Jerry L. Quarles
School of Engineering & Computer Science, Liberty University
Author Note
Jerry L. Quarles
I have no known conflict of interest to disclose.
Correspondence concerning this article should be addressed to
Jerry L. Quarles.
Email: [email protected]
Table of Contents
Introduction 3
Problem Statement 5
Research Question(s) 8
Literature Review 9
Literature Review Findings and
Gaps……………………………………………………………17

Conclusion 19
References 21
Appendix…..…………………………………………………………
…………………………..26
Error in red – not booked marked correctly
FAILED THIS ASSIGNMENT ALL THE WORK THAT IS
MARKED THRU WAS PLAGARISM COPIED WORK!
Total word count needs to be 4000 words so you can use
anything highlighted in yellow again to get a total of 4000
words!
Introduction
DO NOT USE MARKED THRU WORDS -Rapid advancements
in modern technology have changed the digital landscape and
increased the demand for secure internet and communication
Technology and Cloud computing is one of them. Cloud
computing has grown in popularity as a study and application
field (Rashid, & Chaturvedi, 2019). A growing number of
technology companies and manufacturing industries have started
to implement cloud-based services or are planning to do so.
Nonetheless, there are a few drawbacks to using public and or
private cloud technologies. As a result, quite a few institutions

are already using private cloud technologies. Day by day cloud
computing is in growth as many organizations adopted cloud
technology, but in parallel, several security issues are raised.
Each organization chooses secure infrastructures when they
move its data to remote locations. According to the NIST
security, portability and interoperability are the major obstacles
to the adoption of cloud computing.
Can Use Highlighted words
Our motivation for creating a new design of a hybrid
architecture using key cloud technologies build a new private
cloud platform for Amazon Inc. that requires high data
availability at a low cost. Big data approaches relying on
traditional data warehouses often pose latency problems,
making them unsuitable for new data use cases (Hsu, Fox, and
Min, 2019). Many cloud services are provided by a trusted third
party which arises new security threats. The cloud provider
provides its services through the Internet and uses many web
technologies that arise new security issues. This paper discussed
the basic features of cloud computing, security issues, threats,
and their solutions. Additionally, the paper describes several
key topics related to the cloud, namely cloud architecture
framework, service and deployment model, cloud
technologies, cloud security concepts, threats, and attacks.
When data is stored in remote storage, the cloud user loses
control over the data, at this time consumers may not be
conscious of the details of security policies, vulnerability,
and malware information (Singh and Chatterjee, 2017). For
example, an attacker may achieve the cloud data by applying to
back-channel attack and fixing a kernel-level rootkit. The
community also knows about the physical level attacks such as
reading the cloud-stored data. An important requirement in
resource monitoring of cloud computing platforms is to monitor
malfunctioning problems and/or security-related problems
(Chandra & Neelanarayanan, 2017). In other words, solutions
are needed that provide after-the-fact monitoring of log files for
detecting problems. When these problems are not detected,

issues arise such as leaking information, unauthorized access,
unauthorized modification of data, creation of invalid data, and
seizure of private client files by people with malicious intent.
We present a new hybrid cloud with computing monitoring
software architecture designed to meet these requirements. Our
software architecture employs a facade design pattern that
separates the system from implementations of the underlying
technologies. The software architecture is capable of both real-
time and after-the-fact monitoring. The official name of the
project is Ultihub Networks, which includes the full scope of
the Enterprise-level capabilities represented as Ultihub AWS
Cloud Core Service. The AWS Cloud represents the Cloud
Service Provider (CSP) where the Ultihub Core Services are
planned to be set up. Hence the names Ultihub AWS Cloud Core
Services and Ultihub Core Services are used interchangeably
throughout this review. The Ultihub Network provides various
cloud services for its bureaus to use and intends to use the
Infrastructure as a Service (IaaS) as a suitable cloud service to
set up the Ultihub Core Services to support various workloads
(such as Enterprise Case Management [ECM]). Problem
Statement
Nowadays, organizations widely utilize cloud computing as a
novel technology to achieve promotion by involving a value
from data while reducing the cost (Varghese and Buyya, 2018).
Data processing and sharing can be changed under the influence
of the cloud. Sharing information with different users becomes
easy by keeping data on cloud storage systems (Zheng et al.,
2018). End-users gain many advantages through cloud services.
First, cost reduction is the main benefit of cloud services for
users. Immediate computing and accessibility to storage
resources for any user is another one. Furthermore, the available
resources should be adapted to users' needs; they can add
resources if necessary (Hung et al., 2012). Cloud computing has
progressed due to all these qualities.
Over the last decade, with the expansion of a range of cloud
services over the Internet, finding and proposing highly

efficient and most accurate services based on users' specific
requirements has become a controversial issue (Pourghebleh et
al., 2020). In this regard, numerous studies have been
conducted, and diverse approaches have been developed to
assist cloud users in making appropriate choices. These
mechanisms mainly aim at solving two main problems. The need
for standard interfaces and specification formats of cloud
services is the first problem. Efforts are made to build a
commoditized market infrastructure for the trade of services
among different types of Internet users. To address this
problem, cloud market systems have been designed to provide a
uniform platform to publish services for providers and locate
services for service users. Choosing appropriate services based
on decision-making techniques is the second problem (Sun et
al., 2014a, b). Cloud computing services are an exponentially
growing field of business in the modern world. Many companies
around the globe are utilizing it for many purposes like storage,
extensive data analysis, disaster recovery, as a platform, etc.
Hence, it has been able to sustain itself, grow, and diversify its
technology in several directions over the years.
Different service resource types are provided by cloud
computing; the industry will be divided into three service
categories: platform as a service (PaaS), software as a service
(SaaS), and infrastructure as a service (IaaS) (Pan, Xu, Cai,
Wen, and Yuan, 2021). There are many open issues are present
that is needed to be solved for providing secure cloud
infrastructure. The first and more important open issue is to
design an extensive and integrated security solution that may
fulfill all major security requirements in the cloud.
The workloads of social computing are tremendous, burst, and
unpredictable. A hybrid cloud, which combines a private cloud
and a public cloud, is a promising solution to processing the
workloads. (Liu, Luo & Niu, 2017). Most corporations, leverage
one public cloud. However, with fierce competition among
public cloud providers, public cloud services change frequently,
which may lead to service unavailability and a less cost-

effective hybrid cloud solution. As a result, leveraging multiple
public clouds in the hybrid cloud is a potential solution. The
private cloud, which is supported by dedicated datacenters or
server clusters, can provide enhanced security and ultimate
control. However, the private cloud has a limited capacity and
low scalability. When workloads increase, it is difficult to
address the overload problem with the private cloud. As the
public cloud can provision elastic computing resources. It can
help the private cloud process excessive workloads flexibly
with low costs. Hence, a hybrid cloud, which combines a private
cloud and a public cloud, is a promising solution to processing
the burst and tremendous workloads generated by social
applications. The state of the cloud report from Right Scale
points out that, among all the enterprise respondents, 55 % of
them expect to use hybrid clouds (Web End, 2015).
Cloud computing also needs a security solution against insider
threats. There are many solutions are available and still
applicable to the cloud. But the available solutions are not
sufficient to solve the insider threat. In these phenomena
identification of the insider attack in cloud computing is an
open area of research. In this scenario, develop an indicator that
helps to find the insider attacks. This indicator will increase the
potential of securing the cloud system. Similarly, another open
issue is to identify who is the normal user and who is the
malicious user, still have a problem in a cloud environment.
Some security and privacy concerns, such as data manipulation,
data loss, and theft, arise from using any device to load and
retrieve data from the cloud providers’ facilities (Islam, S.M.J.;
Chaudhury and Islam, S. A, 2019).
New cloud capabilities also open new cost-savings strategies as
long as these opportunities are recognized, incorporated into
daily practice, and displace more expensive practices (Kahn,
Mui, Ames, Yamsani, Pozdeyev, and Rafaels, 2022). The cost
difference between the 2 ETL designs is significant, but cost
savings were only realized after the new design was analyzed,
approved, and implemented and the old design was retired.

Cloud-based resources are usually charged on a pay-as-you-use
basis. Services can be turned on as needed, but also can be
inadvertently kept active when not in use. Many services use
different metrics to determine usage charges.
Lastly, the legal aspect related to SLA is still an open unsettled
issue in cloud computing. The issue of auditing, whether the
service level is met as was promised in SLA or not, needs to be
explored. Run time assurance mechanisms provide a facility to
deliver the services as per requirement. The current auditing
mechanisms provided by the CSP itself might not be a
satisfactory option for many cloud users. Moreover, the pricing
of the usage service depends upon the CSP. The work in this
area will greatly help the user to the adoption of the cloud.
Research Question(s)
Organizations have various technologies involved in cloud
computing, cloud-based change and configuration management
is one the companies do not have the people, processes, or tools
to effectively perform technical cloud change monitoring
operations to manage technological change and configuration
management activities. Backup and recovery operations in cloud
environments are also very important, such operations are vital
to protect critical data and ensure continuity of operations;
Businesses are finding issues with backup and recovery and
don’t have the means to integrate backup and recovery activities
across a hybrid-cloud environment; such a capability will be
needed to ensure backup and recovery operations can seamlessly
occur between on- and off-premises components of the hybrid
clouds.
· What are the various technologies involved in cloud
computing? What are its multiple uses?
· This question aims to address the different cloud technologies
and procedures depending on the metrics of the particular cloud
environment setup.
· How can we enhance data security and maintain privacy in
cloud computing environments?
· This question aims to address issues with security and privacy

and maintaining both in a cloud environment.
· How do you provide migration support/ backup and recovery
(data, design, and architecture) from existing solutions?
· This question aims to assess technology support with the cloud
infrastructure.
· To resolve security and privacy challenges how are security
policies applied across the cloud infrastructure?
· This question aims to look into security and privacy policies
to see challenges and address them.
Literature Review
The services of cloud computing are scalable to the needs of the
users (Maryam, Sardaraz, and Tahir, 2018). There has been a
rapid growth in the cloud computing industry since many
businesses recently have been turning to them. However, there
are several cloud computing service providers available in the
market presently, and hence, for businesses, it becomes a
significantly tough job to select among these and choose the
most suitable one for their particular needs. This paper has tried
to solve this problem by providing a neuromorphic multi-
criteria decision analysis (NMCDA) approach for the decision-
making process for businesses to evaluate the many cloud
computing service providers. This approach is usually used for
estimation processes where ambiguity and inconsistency exist
among the users, and hence a productive model of decision-
making evolves through the same.
The evaluation of cloud computing services has become a
significant issue for the common public and businesses, mainly
because of its rapid growth and expansion. As a result, there are
hundreds of cloud computing services available in the market,
and enterprises face considerable difficulty to choose among
these. Cloud services are based on user requirements, a user
may require Quality of Service (QoS), usability, data storage,
the complexity of applications, middleware, scalability,
programming language, etc. A single cloud cannot meet all the
requirements. The term multi-cloud, states that just like a
cloudy sky has different colors and shapes, similarly cloud

computing shouldn't be finalized with a single cloud which
leads to different implementations and administrative domains.
Multi-cloud is the usage of autonomous cloud platforms with
one interface which may clue to different administrative and
implementation domains (Imran, 2020). Multi-cloud computing
accumulates the usage of stand-alone, multiple cloud
environments, which assume no prior agreement between cloud
providersor third-party owners. The particular study was
conducted to formulate this problem as Multi-Criteria Decision
Making (MCDM) problem and aim at developing a decision-
making model based on Aggregated Sum-Product Assessment
(WASPS) and Fuzzy Analytic Hierarchy Process (FAHP)
Weighted methods. The model structured through the study
consisted of 9 primary and 30 secondary evaluation factors. The
model ultimately helps to evaluate and rank the various cloud
services.
Multi-tenancy provides a sharing environment in cloud
computing that enables the sharing of resources among multiple
users. The sharing environment in cloud computing may pose
new security threats. Security and privacy of the multi-tenancy
in the cloud are still one of the most open security issues. The
privacy of the computation is another open issue in cloud
computing. In the storage, most of the data are in an encrypted
form. But, in the storage, all the operations are not perfor med
over the encrypted data. Most of the operations required plain
text data during computation. The memory is assigned to the
within or outside processor used for storing temporary data that
may be the target of attack.
· Trust Factors in selecting a cloud service
Authors (Chiregi & Navimipour, 2018) have a similar
perception of the evaluation process of cloud computing
services. According to the authors, as much as the confusion to
choose the best-suited cloud computing services is an issue for
businesses, the problem of trusting them is equally shared,
regardless of the strong security policies provided by the
service providers. Hence, the study analyzes trust evaluation

state of the art mechanisms that have been used in the cloud
environment to date. Their comparison was based on integrity,
security, reliability, dynamicity, dependability, safety
confidentiality, and scalability. The study also provides a
comprehensive literature review of 28 articles significantly
chosen from 224 leading articles and aims to directly help
researchers, academics, and professionals as they try to
understand the changes in the evaluation of trust mechanisms in
the cloud environment.
Many recent network fraud incidents have severely affected the
trust factor among clients and service providers (Sun, 2020).
Therefore, to rebuild the trust between both parties, the project
constructs a trust access control model for the cloud services.
First, the authors primarily proposed this method based on
direct confidence, feedback trust, trust risk, obligation trust,
and reward penalty to express the nature of the trust
relationship. Secondly, the authors propose a weighted
algorithm and trust evaluation through information entropy.
Finally, as the authors make a comparative study of three
models, it proves that their research performance has been quite
superior. Trust management is inevitable in the field of cloud
computing in the present scenario due to the increasing levels of
network fraud, data breaches, and data confidentiality (Mehraj
& Banday,2020). The authors emphasize the growing popularity
of cloud computing services as well as the level of trust that
needs to be established at an equal pace among the customers
and service providers.
Now, since the requirements of the cloud computing services
are dynamic, the traditional static approach of trust management
falls short in catering to those needs. Hence, the authors suggest
a concept of zero trust strategy in the study, which offers quite
some type of perceptions as well as philosophies to establish
trust in cloud services. Moreover, the importance and
challenges of trust establishment in cloud computing have also
been explored in the study. The authors in the above-mentioned
studies point out the crucial factor of trust among consumers

regarding their data with the service providers being safe or not.
The studies emphasize how there has been a fall in the
confidence of the consumers in the service providers due to the
increasing networking frauds and scams. Therefore, there is an
acute need among the service providers to earn back customer
confidence through proper data protection technology.
· Evaluation of performance by customers
There has been an exponential growth in the cloud computing
industry within a very short period, and it has equally
diversified its technology over the years In the words of
(Papadopoulos et al.,2019). However, having so many
technologies in hand, and so many providers ready to provide
the services, the customers at times fail to evaluate their
performances against each other. For this reason, the study
investigates and reports the performance of various cloud
computing services and ultimately proposes eight principles and
best practices, and concepts applicable to the cloud computing
field. The authors analyze the latest benchmark of SPEC Cloud
IaaS and also showcase real-world experimental studies. The
study also has covered a huge portion of existing literature from
recent years and has investigated whether or not those studies
have followed these particular methodologies of reporting.
However, the study ends with the conclusion that however basic
and simple these methodologies might be, the cloud computing
community is yet to adopt them on a broader scale.
There has been a potential rise in the industry of cloud
computing services over the internet and customers stand
baffled on which one to pick as per their requirements (Simmon,
2018). There is a lack of evaluation standards, which leads to
customers choosing the wrong technology or the wrong service
provider for their requirements. This study aims at providing a
clear picture of the standards that the cloud computing services
should align with i.e., the NIST definition of cloud computing
as well as categorizes the cloud computing services according to
the various needs of the customers as per the service model
most widely accepted Software as a Service (SaaS), Platform as

a Service, (PaaS), and Infrastructure as a Service (IaaS).
As per the authors (Mesbahi, Rahmani & Hosseinzadeh, 2018),
trust and reliability have always been critical aspects of
distributed systems like cloud computing. To earn and maintain
customer confidence, the provision of reliable and trustworthy
service is necessary for the service providers. The study aims to
cover all the potential aspects of the topic of availability and
reliability of cloud services. The study broadly proposes four
questions 'Where?', 'Which?', ‘When?,’ ‘How?.’ The authors
propose that a highly reliable and available cloud computing
service can be chosen by answering these few questions by the
customers. Therefore, they try to establish certain frameworks
and methodologies through which the customers can evaluate
the performance of their service providers and choose the most
suitable technology for their requirement purposes (Jiao, Wang
& Ding, 2020). The authors have a unanimous opinion that due
to the existence of a huge number of service providers in the
market, the consumers are mostly unable to evaluate the level of
their performance and hence cannot choose the best suited
among them.
· Data Security
In the words of the author (Lee., Dewi, & Wajdi, 2018) a new
subdomain of computer and network security is data security. It
is an important aspect of cloud computing services over the
internet and a lot of customer confidence depends on it. Now,
this is done through cryptography methods. One of the common
methods of data encryption in this process is the Advanced
Encryption Standard (AES). In the paper, the authors have
implemented the Advanced Encryption Standard (AES) on a
cloud platform known as Heroku and evaluated its performance
over time. the authors conclude the study with the opinion that
the Advanced Encryption Standard (AES) is a good method of
data encryption and that the size of the data is directl y
proportional to the time taken for its encryption.
According to the authors (Kumar, Raj, & Jelciana,2018), cloud
computing is a rapidly growing industry with a lot of

advantages and some security issues. This paper dedicates itself
to solely finding the different security issues and the methods to
overcome them, as well as exploring a few cloud computing
models like deployment models and the service delivery models.
As many businesses are using cloud computing today, a data
breach can affect the business to a huge extent, and hence data
security has come up to be an issue of great importance. It will
affect the business as well as customer confidence in the service
provider. Hence the service providers should take good care of
the data that the businesses have let them access and maintain
overall security.
Both these authors think that data security is a hugely important
aspect for the service providers to cater to the consumers. It
impacts customer confidence in them and any harm to data of a
business will hugely affect its reputation in the field. The data
of most businesses are extremely sensitive and hence access to
such sensitive information expects an increased security level.
Therefore, the authors try to find the loopholes in maintaining
data security from the end of the service providers and try to
develop and establish methods to overcome these. The authors
also try to explore several data encryption frameworks and
standards through which the service providers can ensure proper
protection of the data of the consumers.
The basic purpose is to develop and deploy a decision-making
system that helps to narrow down appropriate cloud providers
and also the ability to change among multiple providers
transparently and effectively. Presence of many different types
of multi-clouds causes hindrance in one's ability to choose what
is best for his needs. To tackle this issue (Kritikos and
Plexousakis, 2015) introduce a multi-cloud selection tool that
has not yet been introduced to literature and helps to choose the
cloud-based on traits such as deployment, quality, placement,
security, and cost-effectiveness. The cloud computing paradigm
is emerging as a reliable service delivering autonomous and
smart behavior from virtualized storage technology-based data
centers (Zhong, Xu, Klotz, and Newman, 2017). The cloud

architecture enables ensures data security as well as inter -
application flows. Wherever the data are located, the cloud
architecture provides end-users with visibility on the location or
status of data transfer. Despite this pervasive development,
critical challenges affect the reliability of this ongoing concept.
Many cloud providers such as Google and Amazon offer
different IoT solutions. AWS IoT and Google Cloud IoT include
several managed and integrated services enabling secure links,
flexible manageability as well ensuring real-time data analysis
and visualization. They offer a secure way to connect devices
and store and analyze data such as sensors and microcontrollers
to the cloud via tablets or phones (Kurniawan, 2018). The
adoption and dissemination of cloud computing architectures
are constrained by emerging concepts and the heterogeneity of
existing solutions.
In recent years, many cloud computing monitoring systems have
been developed. Amazon CloudWatch (Patel, S., Patel, R &
Shah, 2017) is a good example of such a system. It is capable
of analyzing Amazon Web Service resources and applications
running in real-time and allows users to implement structures
termed alarms to monitor certain metrics. An alarm sends
notifications when a specified threshold value is exceeded or
makes automatic changes in selected resources according to
predefined rules. For example, a variety of metrics such as CPU
usage and disk read-write activities of Amazon EC2 virtual
machines can be monitored. It is also possible to make decisions
on starting extra samples to process the increased workload.
However, CloudWatch does not support complex event
processing of different types of events, and it only can monitor
a single event at a time. The redesign uses a new data
orchestration managed service that dynamically instantiates an
array of inexpensive preemptible virtual machines which
terminate in hours. The cost difference between the 2 ETL
designs is significant, but cost savings were only realized after
the new design was analyzed, approved, and implemented and
the old design was retired.

One reason that stops users to use the public cloud is the high
cost to afford it. Many enterprises would rather struggle for
building their private cloud other than totally move their
applications onto the public cloud. However, it’s hard for a
private cloud to procure a known amount of hardware and
software. Even more, there will inevitably be IT accidents or
flash crowds like The Shopping Day, private cloud can’t meet
such unforeseen emergencies. A hybrid cloud load balancer
must provision cost-effective services to solve this problem. For
the sake of cloud users, we desire to add or delete a cloud for a
certain application at will when we don’t think it is cost-
effective. Therefore, which clouds are more cost-effective for
the current application becomes a problem. Flexibility With the
rapid development of the cloud computing market, services
provisioned by public cloud providers change quite frequently.
As such, cloud users need to change their strategies for
leveraging public clouds.
Virtualization was developed gradually to perform different
capabilities. It allows us to execute many applications in
parallel or onto heterogeneous systems and to move the running
applications to other physical servers (Kafhali and Salah, 2018).
Before the data center will be ready to be commercially used,
virtualization is a fundamental step to set because it makes it
easy to share the resources in data centers and assures the high
performance, reliability, confidentiality, and security of cloud
infrastructure which is the result of a big collection and
management of bare-metal hardware. This system is designed to
help hybrid cloud users provision cost-effective services,
especially for those who deploy multiple public clouds. Based
on the fact that different types of applications require different
computing resources, we classify all the applications into three
representative types roughly:
· CPU-intensive application. In these applications, CPU
resource is more eagerly needed than another computing
resource. For example, video processing, scientific computing,
and so on.

· Memory-intensive application. High IO throughput
applications such as large Map-Reduce tasks depend on
sufficient memory for data shuffling.
· Disk-intensive application. NoSQL databases (e.g., Cassandra,
MongoDB) or Distributed File systems (e.g., HDFS) have a high
demand for storage.
Our design prefers processing workloads in the private cloud
and outsourcing excessive workloads to the public clouds. Since
prices and performance of public clouds vary among cloud
providers, we need to maintain high-quality services as well as
save costs. Before the load-balanced system starts working, we
select the most suitable type of instances on each cloud in
advance for the application. Compare VMs of multiple cloud
providers to find out which are the most suitable.Literature
Review Findings and Gaps
Most of the studies are dedicated to the evaluation process, data
security, and trust factor among the customers regarding cloud
computing and virtualization. For example, researcher (Kumar,
Raj, & Jelciana,2018) works on data security and explains its
need, consequences, and the various issues it might lead to if
not taken care of properly. Researcher (Simmon, 2018) works
on the performance evaluation of the various cloud computing
services by the customers and the various critical aspects of the
same. Authors (Chiregi & Navimipour, 2018) have provided
their work on the trust factor among consumers regarding the
service providers and how that has been affected over the years
due to the various networking frauds.
However, none of them have been able to properly dedicate
work to the customer awareness and motivation among them
about cloud computing and virtualization. Hence, this study
focuses on the particular subject matter and dedicates entirely to
the same. When leveraging multiple public clouds, we face the
following challenges. First, since cloud users can leverage
multiple clouds, it is challenging to distribute workloads among
private and public clouds to obtain a cost-effective solution.
Second, as cloud computing platforms sometime break down or

update, it may lead to service unavailability or perfor mance
degradation. Such maintenance makes it more difficult to derive
a cost-effective solution. Third, cloud computing price changes
with time. Cloud users always want to use the most cost-
effective cloud products. Deploying applications on unsuitable
cloud products may cost more money and make applications
inefficient.
To address these problems, we propose a cost-effective service
for hybrid cloud applications, which selects the best public
cloud for outsourcing and adapts cloud price changes
dynamically, along with provisioning global load balancing.
The system uses a two-tier load balancing mechanism,
provisioning virtual machine (VM) and cloud level load
balancing. The load balancing problem for hybrid cloud
applications is different from the cloud selection problem.
Heterogeneous workload characteristics, as well as divergent
cloud instance types, complicate the problem of identifying the
best suitable cloud provider and instance for a specific
application. Furthermore, a cloud user may have several
applications and every application has many choices in cloud
selection, which makes the scheduling more complex. The
system firstly chooses the best instance on each cloud for
certain applications using CloudCmp (Liu, Luo, & Niu, 2017).
Then the system uses the proposed Least Connection per Cost
(LCC) algorithm to distribute job requests among public clouds.
At last, the system scales up or down automatically according to
the price and performance of each cloud.
To achieve this goal, the design of the system is guided by the
asynchronous message-driven paradigm through the RESTful
design principle. We use RESTful API to reduce the
interdependency of tightly coupled interfaces, generally
lowering the complexity of integration. Specifically, the system
allows cloud users to choose on which clouds to deploy their
applications, which leads to a many-to-many relationship.
different technologies, such as web services, Internet
technologies, and hardware virtualization methods, are the main

development issues in cloud computing (Mavridis and Karatza,
2019). This design provides a thorough review of multi-cloud
technology and the prototypes that have been developed to
minimize the gap between the same services provided by cross-
vendor singular clouds.Conclusion
Cloud computing provides the benefit of quick deployment, cost
efficiency, large storage space, and easy access to the system
anytime and anywhere. So, cloud computing is very much
evident rapidly emerged technology and widely accepted
computing environment around the world. However, there are
many security and privacy concerns that are an obstacle to the
adoption of cloud computing. All cloud users should be well
aware of the vulnerabilities, threats, and attacks existing in the
cloud. The awareness of security threats and attacks will help
the organizations to carry out fast rate adoption of the cloud.
Cloud computing utilizes many traditional as well as novel
technologies. This emerging technology can create many cloud-
specific security issues. Multi-tenancy and virtualization
features of the cloud give its users access to the same physical
resources from different locations.
This project provided a newly created cloud infrastructure that
would allow a customer to maintain complete control over its
data and have cost savings with a secure network. Ultithub
Networks would also allow companies to get more for their
money, minimize bureaucracy, and lower the total cost of
operating their network system. This proposed cloud
infrastructure will make it much easier for customers like
Amazon, AWS, Google, or any other organizations to make use
of the enterprise applications, storage, and data settings, and
most of all the security structure, to fall into the footprint of
their information system and be tailored for its essential
services by integrating the versatility and dependability of
virtualization technology with the simplicity of administration
and deployment of cloud technology (Luo, Zhang, & Litvinov,
2018). Technology has both benefits and challenges. Some
particular challenges and benefits have been mostly explored in

this study and looked through thoroughly. We gift a fixed of
tactics and methods that describe the secure control manner
within the cloud environment to minimize threat and
vulnerability. These worries consist of facts and carrier
protection on cloud structures. We categorize protection threats
and conduct a comparative examination of safety troubles and
proposed countermeasures to address them.
Reference
Abdel-Basset, M., Mohamed, M., & Chang, V. (2018). NMCDA:
A framework for evaluating
cloud computing services. Future Generation Computer
Systems, 86, 12-29.
AES under HEROKU cloud. At the 2018 27th wireless and
optical communication conference
(WOCC) (pp. 1-5). IEEE.
Alam, K. A., Ahmed, R., Butt, F. S., Kim, S. G., & Ko, K. M.
(2018). An uncertainty-aware
integrated fuzzy AHP-WASPS model to evaluate public cloud
computing services. Procedia computer science, 130, 504-509.
Asadi, Z., Abdekhoda, M., & Nadrian, H. (2020). Cloud

computing services adoption among
higher education faculties: development of a standardized
questionnaire. Education and Information Technologies, 25(1),
175-191.
Ashish Singh, Kakali Chatterjee, Cloud security issues and
challenges: A survey, Journal of
Network and Computer Applications, Volume 79, 2017, Pages
88-115, ISSN 1084-8045,
https://doi.org/10.1016/j.jnca.2016.11.027.
Chandra, K. N., & Neelanarayanan, V. (2017). A survey on
cloud application
portability. International Journal of Innovative Research in
Computer and Communication Engineering (IJIRCCE), 5(1),
1039-1046.
Chiregi, M., & Navimipour, N. J. (2018). Cloud computing and
trust evaluation: A systematic
literature review of the state-of-the-art mechanisms. Journal of
Electrical Systems and Information Technology, 5(3), 608-622.
El Kafhali S, Salah K (2018) Performance analysis of multi -core
VMs hosting cloud SaaS
applications. Comput Stand Interfaces 55:126–135
https://doi.org/10.1016/j.csi.2017.07.001
H. A. Imran et al., "Multi-Cloud: A Comprehensive
Review," 2020 IEEE 23rd International
Multitopic Conference (INMIC), 2020, pp. 1-5, doi:
10.1109/INMIC50486.2020.9318176.
Hsu CH, Fox G, Min G, et al (2019) Advances in big data
programming, system software and
HPC convergence. J Supercomput 75:489–
493. https://doi.org/10.1007/s11227-018-2706-x
Hung, C.-L., Wang, H.-h. and Hu, Y.-C. (2012), “Efficient load
balancing algorithm for cloud
computing network,” International Conference on Information
Science and Technology (IST 2012), April.
Islam, S.M.J.; Chaudhury, Z.H.; Islam, S. A Simple and Secured
Cryptography System of Cloud

Computing. Proceedings of the 2019 IEEE Canadian Conference
of Electrical and Computer Engineering (CCECE); Edmonton,
AB, Canada, 5–8 May 2019; pp. 1-3. [DOI:
https://dx.doi.org/10.1109/CCECE.2019.8861845]
Jiao, H., Wang, X., & Ding, W. (2020). Service-oriented cloud
computing trusted evaluation
model. Journal of Information Processing Systems, 16(6), 1281-
1292.
K. Kritikos and D. Plexousakis, "Multi-cloud Application
Design through Cloud Service
Composition," 2015 IEEE 8th International Conference on
Cloud Computing, 2015, pp. 686-693, DOI:
10.1109/CLOUD.2015.96.
K. Maryam, M. Sardaraz and M. Tahir, "Evolutionary
Algorithms in Cloud Computing from the
The perspective of Energy Consumption: A Review," 2018 14th
International Conference on Emerging Technologies (ICET),
2018, pp. 1-6, DOI: 10.1109/ICET.2018.8603582.
Kumar, P. R., Raj, P. H., & Jelciana, P. (2018). Exploring data
security issues and solutions in
cloud computing. Procedia Computer Science, 125, 691-697.
Kurniawan A (2018) Learning AWS IoT: effectively manage
connected devices on the AWS
cloud using services such as AWS Greengrass, AWS button,
predictive analytics, and machine learning. Packt Publishing Ltd
Lee, B. H., Dewi, E. K., & Wajdi, M. F. (2018, April). Data
security in cloud computing using
Sun, P. (2020). Research on cloud computing services based on
trust access control. International
journal of engineering business management, 12,
1847979019897444.
Liu, F., Luo, B., & Niu, Y. (2017). Cost-Effective Service
Provisioning for Hybrid Cloud
Applications. Mobile Networks and Applications, 22(2), 153-
160. http://dx.doi.org/10.1007/s11036-016-0738-0
Web End =http://www.openstack.org/ 5. (2015) State of the

cloud report. Report
Liu, F., Luo, B. & Niu, Y. Cost-Effective Service Provisioning
for Hybrid Cloud Applications.
Mobile Netw Appl 22, 153–160 (2017).
https://doi.org/10.1007/s11036-016-0738-0
Mavridis, I. and Karatza, H. (2019), “Combining containers and
virtual machines to enhance
isolation and extend functionality on cloud computing,” Future
Generation Computer Systems, Vol. 94, pp. 674-696
https://doi.org/10.1016/j.future.2018.12.035
Mehraj, S., & Banday, M. T. (2020, January). Establishing a
zero-trust strategy in a cloud
computing environment. In 2020 International Conference on
Computer Communication and Informatics (ICCCI) (pp. 1-6).
IEEE.
Mesbahi, M. R., Rahmani, A. M., & Hosseinzadeh, M. (2018).
Reliability and high availability
in cloud computing environments: a reference roadmap. Human-
centric Computing and Information Sciences, 8(1), 1-31.
Michael G Kahn, Joyce Y Mui, Michael J Ames, Anoop K
Yamsani, Nikita Pozdeyev, Nicholas
Rafaels, Ian M Brooks, Migrating a research data warehouse to
a public cloud: challenges and opportunities, Journal of the
American Medical Informatics Association, Volume 29, Issue 4,
April 2022, Pages 592–
600, https://doi.org/10.1093/jamia/ocab278
N.H.A. Rahman, W.B. Glisson, Y. Yang, K.K.R. Choo Forensic-
by-design framework for cyber-
physical cloud systems IEEE Cloud Computing, 3 (2016), pp.
50-59, 10.1109/MCC.2016.5
Papadopoulos, A. V., Versluis, L., Bauer, A., Herbst, N., Von
Kistowski, J., Ali-Eldin, A., ... &
Iosup, A. (2019). Methodological principles for reproducible
performance evaluation in cloud computing. IEEE Transactions
on Software Engineering, 47(8), 1528-1543.
Paraiso, F., Merle, P. & Seinturier, L. SoundCloud: a service-

oriented component-based PaaS for
managing portability, provisioning, elasticity, and high
availability across multiple clouds. Computing 98, 539–565
(2016). https://doi.org/10.1007/s00607-014-0421-x
Park DS (2018) Future computing with IoT and cloud
computing. J Supercomput 74:6401–
6407. https://doi-org.ezproxy.liberty.edu/10.1007/s11227-018-
2652-7Return to ref 4 in the article
Patel, S., Patel, R., & Shah, P. (2017). Optimal RP Based
Dynamic Load Balancing in Amazon
EC2 Environment. J. Comput., 12(4), 354-361. DOI:
10.17706/jcp.12.4.354-361
Rashid, A., & Chaturvedi, A. (2019). Cloud computing
characteristics and services: a brief
review. International Journal of Computer Sciences and
Engineering, 7(2), 421-426.
Sharma MA, Joshi MO. Openstack ceilometer data analytics &
predictions. Paper presented at:
2016 IEEE International Conference on Cloud Computing in
Emerging Markets (CCEM); 2016; Bangalore, India.
Simmon, E. (2018). Evaluation of cloud computing services
based on NIST SP 800-145. NIST
Special Publication, 500, 322.
Varghese, B. and Buyya, R. (2018), “Next-generation cloud
computing: new trends and research
directions,” Future Generation Computer Systems, Vol. 79, pp.
849-861.
X. Pan, S. Xu, X. Cai, Y. Wen, X. Yuan, "Survey on deep
learning-based natural language
interface to database[J]," Journal of Computer Research and
Development, vol. 58 no. 09, pp. 1925-1950, 2021.
Zheng, X., Mukkamala, R.R., Vatrapu, R. and Ordieres-Mere, J.
(2018), “Blockchain-based
personal health data sharing system using cloud storage,” 2018
IEEE 20th International Conference on e-Health Networking,

Applications and Services (Healthcom), IEEE.
Zhong RY, Xu X, Klotz E, Newman ST (2017) Intelligent
manufacturing in the context of
industry 4.0: a review. Engineering 3(5):616–630. https://doi-
org.ezproxy.liberty.edu/10.1016/J.ENG.2017.05.015
APPENDIX
TABLE 1. The Abbreviation Table
State
Abbreviations
Information Technology
IT
Software as a Service
SaaS
Platform as a Service
PaaS
Infrastructure as a Service
IaaS
Intrusion detection system
IDS
Intrusion detection and prevention system
IDPS
Collaborative smart IDPs
CSIDPS
Distributed Denial-of-Service
DDoS
Software-Defined Networking
SDN
Virtual machine

VM
Cloud-oriented IDS
CIDS
Systematic literature review
SLR
Moving target defense
MTD
Knowledge discovery data
KDD
Defense advanced research projects agency
DARPA's
K-nearest neighbor
KNN
Linear regression
LR
Random forest
RF
Network-based intrusion detection systems
NIDS
Hybrid intrusion detection systems
HIS
Distributed IDS
DIDS
Wireless sensor networks
WSN
Cloud Service Provider
CSP
Enterprise Resource Planning
ERP
Information and Communication Technologies
ICT
Source Code Management
SCM

BMIS 690
Capstone Project: Literature Review Assignment Instructions
Overview
Title - Ultihub a new design of a hybrid Cloud architecture
using key cloud technologies and Shared Security
Responsibility Model, DevOps, and Zero Trust Architecture
Using AI Based Techniques
The objective of the final capstone thesis project is to evaluate
you on your ability to apply the program learning outcomes to a
final, all-encompassing information systems (IS) or information
technology (IT) thesis project. Successful capstones will follow
an objective research methodology to collect or generate data
that informs the analysis and design of a new computing system
related to the primary domains identified by the Association for
Computing Machinery (ACM): cloud architecture and/or
computing, cybersecurity systems, databases and/or data
analytics systems, enterprise architecture, information systems,
integrated systems, internet of things systems, networks,
platform systems, software development, user interfaces, virtual
systems, and/or web and mobile applications.
You will have 3 separate Thesis Capstone projects to complete
but for now just complete Phase 1
Subject Title for Capstone is Ultihub - a new design of a hybrid
Cloud Architecture
Phase 1 - Capstone Project: Literature Review Assignment
Phase 2 - Capstone Project: Methods Assignment
Phase 3 - Capstone Project: Final Results Assignment
NOTE: Phase 2 and Phase 3 will be on my next assignment
Instructions
Phase I of the project consists of the following main headings at
the minimum:
Introduction, 375 words & 5 ref Combined with Conclusions

Problem Statement, 250 words& 5 ref Combined with
Research questions
Research Question(s), with
Literature Review, 1500 words 7 ref …….
Literature Review Findings and Gaps 400 words 2 ref
Conclusion.
References and appendixes are also necessary.
2500 words total & 20 ref total
A primary goal is to develop new knowledge and contribute this
knowledge to the computing field. A subsequent goal is to work
toward a Master’s thesis that could one day be published in a
respectable industry or academic publication to share this new
knowledge with others.
The capstone project will be based upon a feasible gap and
problem in scholarly literature that can be addressed in the
timeframe of the capstone course. You must be familiar enough
with the problem that you are able to perform a comprehensive
research design and novel prototype design to solve the
problem. Thus, it should be a specific computing domain where
you consider yourself to have the most expertise. You must
also have access to the applications, servers, systems, networks,
and/or data necessary for data collection, programming, design
prototyping, and/or configuration.
The outcome of the research should contribute to a new artifact
and/or statistical result. It should not be based upon and/or
replicate in any form an existing contribution in industry or
literature. It also should not repeat well known solutions. For
example, designing a new enterprise resource planning (ERP)
module for finance is not an acceptable project given thousands
of these ERP modules already exist. Examples of new
contributions in the final rubric accepted include either new
code as an artifact and testing this in some form or a statistical
analysis:
· New code/script/or configuration

· New application and/or software and testing its performance,
security, etc
· Development of a new algorithm, database, protocol, etc and
testing its efficiency, memory usage, security, etc
· Programming a new network, security, storage, and/or system
script that solves an original problem and testing its level of
automation, performance, etc
· Statistical analysis
· Note, please assure you understand Institutional Review Board
(IRB) requirements if performing this type of capstone
· Statistical analysis using descriptive, correlational, quasi -
experimental and/or experimental designs
· Big data analytics and/or predictive analytics using clustering,
classification, and/or regression trees
How do you know your thesis problem is novel and original?
By performing a comprehensive literature review and
investigating what exists in related industry!
Within the capstone, a comprehensive literature review of
related and relevant concepts, theories, and research results
should exist. This involves study of relevant articles pertaining
to the research question within top ranked peer reviewed
information systems and/or IT journals. Thorough review and
comprehension of this research will lead to the identification of
gaps in the literature that exist and/or future recommendations,
which require further research efforts and contributions to
advance the topical area of study. The research question(s) is
supported by the associated gaps found in literature, indicating
a solution is needed to a problem that does not yet have a
solution.
A research question that is too wide in scope will overwhelm
your efforts. Yet, a research question that is too narrow will
not meet the minimum requirements and quality expected of a
Master’s capstone project. The research question is your anchor
and guide. It provides a clear objective of what your Master’s
thesis project will accomplish.
Refer to the grading rubric in order to ensure successful

completion of the capstone. The minimum proposal in Phase I
will include:
I. Cover Page, Table of Contents, References, and Appendixes
a. Cover page includes your title/position and “in partial
completion of an MSIS”
b. Appendixes will include screenshots of all diagrams and
benchmark data
II. Research from optimal and relevant journal articles
a. Each section of the capstone must be well supported with
scholarly peer reviewed journal articles
b. Although they do not count toward the minimum journal
articles, industry whitepapers are also often relevant to elements
like the prototype design as they provide best practices for the
new software or system
c. Top ranked journals can be searched through the university
library by going to electronic databases.
d. Not all journals are equal or relevant to the capstone. Journal
articles that identify well-supported gaps in research are often
performing new research. These articles will include testing
new theory, hypotheses, and/or frameworks with a parallel
research design that collects data for the test. Because they are
generating new information, they are great sources to find areas
where new research is needed. Journal articles that perform
Meta studies or large literature reviews can also be helpful in
identifying where new research is necessary.
e. Whereas scholarly journal articles often focus on theory that
is not yet implemented in industry, industry whitepapers will
assist with elements like standards and frameworks helpful in
guiding the design of new systems. Both have their place in the
capstone as a result but for different reasons.
III. Introduction & Conclusion
a. An introduction and conclusion of the primary objectives and
outcomes of the master’s thesis project is necessary.
b. The introduction provides the roadmap for the capstone.
c. The conclusion is the last section of the project and provides
a comprehensive overview of how the study was preformed and

the primary outcomes of the results.
i. This also involves synthesizing and analyzing existing results
in the domain of knowledge that the project has contributed.
IV. Statement of the Problem
a. Must be in one of the ACM domains identified for software
or a system
b. What is an information systems or IT problem that needs
resolution?
i. An unmet IT problem is succinctly and accurately defined.
ii. It is supported by a gap in scholarly literature not previously
addressed.
c. The problem can feasibly be addressed in the timeframe of
this course.
d. Sufficient data can be collected or generated to address the
problem.
V. Research Questions (RQs)
a. Between 1–2 research questions must be given that detail
what your thesis will achieve.
b. The research question(s) must:
i. Address all capstone objectives.
ii. Test new programming code/scripting/system configurations
and/or perform some type of statistical analysis through data
generation or collection.
iii. Solve a problem without an existing solution per a gap in
literature.
iv. Include a minimum of one measure.
v. Include a population/sample.
vi. Include the ability to address reliability and validity of the
results.
vii. Have accessible data or metrics to test the RQ measure such
as a log file with comparable metrics (e.g. memory usage) or a
public data set.
c. RQ Example
i. Is there a difference in the CPU performance (measurement)
between an ICT-based KMS feature programmed using the XYZ
framework (prototype or new artifact you create/code) and an

ICT-based KMS feature programmed using the ABC framework
in a Southeastern U.S. College (sample).
ii. New code will be developed for an ICT-based KMS feature
that has not already been programmed (new prototype or
artifact).
iii. The new software can then be benchmarked against
framework ABC and XYZ (hypothetical frameworks).
iv. A measure exists with data that can be collected, CPU
performance from a monitoring tool that is monitoring both
applications in use (e.g. automated simulations of the software
instead of actual users is acceptable for testing). The CPU
measure can determine which framework results in a faster
system.
v. Reliability and validity is possible. The test can be run on
the exact same system, in the same environment, with the same
benchmarks.
vi. A sample exists, a Southeastern U.S. College, where the
CPU performance data will be collected during the automated
simulations on the new code created by the student.
VI. Literature Review
a. Review of related literature in one of the ACM domains
defined.
b. What literature attempts to resolve your problem and research
question(s)?
c. Within relevant literature, how does it address the following:
i. What has literature not resolved in regards to your defined
problem?
ii. What are the primary research problems, questions, and
hypotheses in these relevant articles?
iii. How does this relate to other relevant articles and your
research problem?
iv. What was the population and sample?
v. What research methods were used?
vi. What were the results of the research?
vii. What were the limitations?
viii. What were the recommendations for future research?

d. Peer reviewed research must lead to an appropriate IT
solution that has not yet been solved.
e. This should be exhaustive in the specific domain you are
studying.
i. If it is going to be too lengthy, it is likely that your defined
problem and/or research question(s) are not sufficiently narrow.
ii. If there are not sufficient articles to review in the specific
domain you are studying it is very likely that your problem
statement and/or research question(s) are not feasible.
iii. If either is the case, you need to revise your problem
statement and research question(s).
VII. Literature review findings and gaps
a. What were the primary findings from the literature review?
b. What gaps existed in the literatures that have not been solved
by prior research?
c. How will the author address these gaps in the literature?
i. Performing a sufficient review of literature on your specific
master’s project topic should identify where gaps in literature
exist which need resolution, the literature must justify a feasible
problem statement and the development of an appropriate
research question(s).
ii. The master’s thesis project should solve an IT problem that
does not already have a solution in industry or existing
research.
iii. The exhaustiveness of the literature review is therefore
critical and will determine whether an appropriate and feasible
problem exists to solve.
The assignment submission must have over 4,000 original and
unique words of original student authorship that directly relate
to a feasible IT problem and research question and balanced
properly between the required sections that show excellent
mastery and knowledge of the content and be written in
compliance with the current APA format. The student must
utilize the support from over 20 unique scholarly peer-reviewed
journal articles from well-respected and top ranked IT journals
that directly relate to a feasible IT problem and research

question with at least 5 being published in the last 3 years.
Note: Your assignment will be checked for originality via
Turnitin plagiarism tool.
Page 4 of 5

CAPSTONE PROJECT LITERATURE REVIEW ASSIGNMENT 1CAPSTONE PROJEC

Recommended

Recommended

More Related Content

Similar to CAPSTONE PROJECT LITERATURE REVIEW ASSIGNMENT 1CAPSTONE PROJEC

Similar to CAPSTONE PROJECT LITERATURE REVIEW ASSIGNMENT 1CAPSTONE PROJEC (20)

More from TawnaDelatorrejs

More from TawnaDelatorrejs (20)

Recently uploaded

Recently uploaded (20)

CAPSTONE PROJECT LITERATURE REVIEW ASSIGNMENT 1CAPSTONE PROJEC