Cloud Computing services are increasingly being made available by the UK Government through the
Government digital marketplace to reduce costs and improve IT efficiency; however, little is known about
factors influencing the decision making process to adopt cloud services within the UK Government. This
research aims to develop a theoretical framework to understand risk perception and risk acceptance of
cloud computing services.
Study’s subjects (N=24) were recruited from three UK Government organizations to attend a semi
structured interview. Transcribed texts were analyzed using the approach termed interpretive
phenomenological analysis. Results showed that the most important factors influencing risk acceptance of
cloud services are: perceived benefits and opportunities, organization’s risk culture and perceived risks.
We focused on perceived risks and perceived security concerns. Based on these results, we suggest a
number of implications for risk managers, policy makers and cloud service providers
FACTORS INFLUENCING RISK ACCEPTANCE OF CLOUD COMPUTING SERVICES IN THE UK GOV...ijccsa
Cloud Computing services are increasingly being made available by the UK Government through the
Government digital marketplace to reduce costs and improve IT efficiency; however, little is known about
factors influencing the decision making process to adopt cloud services within the UK Government. This
research aims to develop a theoretical framework to understand risk perception and risk acceptance of
cloud computing services.
Study’s subjects (N=24) were recruited from three UK Government organizations to attend a semi
structured interview. Transcribed texts were analyzed using the approach termed interpretive
phenomenological analysis. Results showed that the most important factors influencing risk acceptance of
cloud services are: perceived benefits and opportunities, organization’s risk culture and perceived risks.
We focused on perceived risks and perceived security concerns. Based on these results, we suggest a
number of implications for risk managers, policy makers and cloud service providers.
CHALLENGES FOR PUBLIC SECTOR ORGANISATIONS IN CLOUD ADOPTION: A CASE STUDY OF...ijmpict
This research explores critical aspects of procurement of ICT cloud services for South Australian public sector organisations with the case of South Australia Police (SAPOL) for evaluation. SAPOL as one of the state government agencies at the time is initiating this transition to the cloud environment. This exploratory research takes place when this public sector agency is doing its due diligence to ensure a successful implementation. In this study the researcher started off with surfacing the challenges in this journey for a public sector organisation before the actual journey commenced. SAPOL being a public sector organisation operates differently from private enterprises and has certain constraints and limitations that pose additional challenges for the organisation to transition towards the cloud. Interview with the CIO of the organisation responsible for the cloud migration initiative was organised. After detailed literature review, an interview questionnaire was prepared in accordance with the subject of interest. The information gathered in the interviews was recorded for detailed analysis. This paper contains a detailed report on the information analysed highlighting fourteen important challenges faced by the organisation in this cloud migration journey.
Since announcing its “Cloud First” policy in 2010, the Federal government has correctly identified cloud computing as a way to reduce costs and improve the use of existing assets, and has accordingly prioritized its adoption. It has also taken judicious steps to protect Federal networks from nefarious cyber-attacks and promote the dissemination of best practices for cybersecurity. The Federal government has also embraced mobility as a means to conduct work from any location. But until now, the implementation of these initiatives has been fragmented and lacked coordination across Federal agencies. This paper offers a framework for integrating these programs in a way that enables the Federal government to realize the economic, technological, and mission-effectiveness benefits of cloud services while simultaneously meeting current Federal cybersecurity
requirements. It advocates shifting from a compliance-based cybersecurity paradigm to
one that is risk-based and focusing on how to most effectively secure their implementation of cloud services.
Effects of Security and Privacy Concerns on using of Cloud Services in Energy...Eswar Publications
The topic of ‘‘the cloud’’ has attracted significant attention throughout the past few years. It allows resource sharing that includes software, platform and infrastructure by means of virtualization. Cloud Adoption in Oil & Gas companies have approached cloud with caution, but they are increasingly deploying cloud services. Energy companies have carefully weighed whether they should opt for a public cloud versus a private one, and which applications are fit for deployment via the cloud. For the most part, the industry has opted to use cloud for generic purposes. Generic business functions like payroll process and procurement are being run through the cloud, along with customer relationship management, likely through software-as-a-service offerings that have become wellknown. Security is as much of an issue in the cloud as it is anywhere else. Different people share different point of
view on cloud computing. Some believe it is unsafe to use cloud. Cloud vendors go out of their way to ensure security. This paper aims to understand the effects of security and privacy concerns on educational use of cloud services. This proposed a research model based on Ajzen’s (1991) Theory of Planned Behavior (TPB). Following the TPB, the research developed a model, which posits that staff attitudes predicted by security and privacy perceptions and behavioral intentions are predicted by attitudes towards using cloud services. The Model was assess the based on the data collected by means of survey questionnaires. Results supported the proposed model,
validating the predictive power of the TPB.
The Cloudy Future Of Government IT: Cloud Computing and The Public Sector Aro...dannyijwest
Cloud computing is fast creating a revolution in the way information technology is used and procured by
organizations and by individuals. In this article, we examine what cloud computing is and the importance
of this new model of computing. We then examine non-military uses of cloud computing in governments
across the globe, from the Unites States to Europe and Asia. Then, we look at the resource – people and
computing – issues involved in shirting to cloud computing. The author then presents his six-step “Cloud
Migration Strategy” for governmental agencies to shift to cloud computing. Finally, we look “over the
horizon” to the implications for public sector organizations and the information technology community
as the cloud computing revolution progresses
Despite the large investments in the field of e-Government (e-Gov) around the world, little is known about the impact such investment. This is due to the lack of guidance evaluation, absence of appropriate tools to
measure the impact of e-Gov on the private sector, as well as the lack of effective management to resolve or eliminate the barriers to e-Gov services that led to the failure or delay of many projects. This paper is primarily concerned in determining the impact of e-Gov services on the private sector. A combination of Modified Technology Acceptance Model (TAM), DeLone and McLean's of IS success will be utilized as a research model and e-Gov Economics Project (eGEP) framework to measure “Efficiency, Democracy
& Effectiveness impact” for G2B services. The research result will help e-Gov decision makers to recognize the critical factors that are responsible for G2B success, specifically factors they need to pay attention to gain the highest return on their technology investment, hence enabling them to measure the impact for e-Gov on the private sector. The paper has also demonstrated the usefulness of Structural
Equation Modeling (SEM) in analysis of small data sets and in exploratory research.
FACTORS INFLUENCING RISK ACCEPTANCE OF CLOUD COMPUTING SERVICES IN THE UK GOV...ijccsa
Cloud Computing services are increasingly being made available by the UK Government through the
Government digital marketplace to reduce costs and improve IT efficiency; however, little is known about
factors influencing the decision making process to adopt cloud services within the UK Government. This
research aims to develop a theoretical framework to understand risk perception and risk acceptance of
cloud computing services.
Study’s subjects (N=24) were recruited from three UK Government organizations to attend a semi
structured interview. Transcribed texts were analyzed using the approach termed interpretive
phenomenological analysis. Results showed that the most important factors influencing risk acceptance of
cloud services are: perceived benefits and opportunities, organization’s risk culture and perceived risks.
We focused on perceived risks and perceived security concerns. Based on these results, we suggest a
number of implications for risk managers, policy makers and cloud service providers.
CHALLENGES FOR PUBLIC SECTOR ORGANISATIONS IN CLOUD ADOPTION: A CASE STUDY OF...ijmpict
This research explores critical aspects of procurement of ICT cloud services for South Australian public sector organisations with the case of South Australia Police (SAPOL) for evaluation. SAPOL as one of the state government agencies at the time is initiating this transition to the cloud environment. This exploratory research takes place when this public sector agency is doing its due diligence to ensure a successful implementation. In this study the researcher started off with surfacing the challenges in this journey for a public sector organisation before the actual journey commenced. SAPOL being a public sector organisation operates differently from private enterprises and has certain constraints and limitations that pose additional challenges for the organisation to transition towards the cloud. Interview with the CIO of the organisation responsible for the cloud migration initiative was organised. After detailed literature review, an interview questionnaire was prepared in accordance with the subject of interest. The information gathered in the interviews was recorded for detailed analysis. This paper contains a detailed report on the information analysed highlighting fourteen important challenges faced by the organisation in this cloud migration journey.
Since announcing its “Cloud First” policy in 2010, the Federal government has correctly identified cloud computing as a way to reduce costs and improve the use of existing assets, and has accordingly prioritized its adoption. It has also taken judicious steps to protect Federal networks from nefarious cyber-attacks and promote the dissemination of best practices for cybersecurity. The Federal government has also embraced mobility as a means to conduct work from any location. But until now, the implementation of these initiatives has been fragmented and lacked coordination across Federal agencies. This paper offers a framework for integrating these programs in a way that enables the Federal government to realize the economic, technological, and mission-effectiveness benefits of cloud services while simultaneously meeting current Federal cybersecurity
requirements. It advocates shifting from a compliance-based cybersecurity paradigm to
one that is risk-based and focusing on how to most effectively secure their implementation of cloud services.
Effects of Security and Privacy Concerns on using of Cloud Services in Energy...Eswar Publications
The topic of ‘‘the cloud’’ has attracted significant attention throughout the past few years. It allows resource sharing that includes software, platform and infrastructure by means of virtualization. Cloud Adoption in Oil & Gas companies have approached cloud with caution, but they are increasingly deploying cloud services. Energy companies have carefully weighed whether they should opt for a public cloud versus a private one, and which applications are fit for deployment via the cloud. For the most part, the industry has opted to use cloud for generic purposes. Generic business functions like payroll process and procurement are being run through the cloud, along with customer relationship management, likely through software-as-a-service offerings that have become wellknown. Security is as much of an issue in the cloud as it is anywhere else. Different people share different point of
view on cloud computing. Some believe it is unsafe to use cloud. Cloud vendors go out of their way to ensure security. This paper aims to understand the effects of security and privacy concerns on educational use of cloud services. This proposed a research model based on Ajzen’s (1991) Theory of Planned Behavior (TPB). Following the TPB, the research developed a model, which posits that staff attitudes predicted by security and privacy perceptions and behavioral intentions are predicted by attitudes towards using cloud services. The Model was assess the based on the data collected by means of survey questionnaires. Results supported the proposed model,
validating the predictive power of the TPB.
The Cloudy Future Of Government IT: Cloud Computing and The Public Sector Aro...dannyijwest
Cloud computing is fast creating a revolution in the way information technology is used and procured by
organizations and by individuals. In this article, we examine what cloud computing is and the importance
of this new model of computing. We then examine non-military uses of cloud computing in governments
across the globe, from the Unites States to Europe and Asia. Then, we look at the resource – people and
computing – issues involved in shirting to cloud computing. The author then presents his six-step “Cloud
Migration Strategy” for governmental agencies to shift to cloud computing. Finally, we look “over the
horizon” to the implications for public sector organizations and the information technology community
as the cloud computing revolution progresses
Despite the large investments in the field of e-Government (e-Gov) around the world, little is known about the impact such investment. This is due to the lack of guidance evaluation, absence of appropriate tools to
measure the impact of e-Gov on the private sector, as well as the lack of effective management to resolve or eliminate the barriers to e-Gov services that led to the failure or delay of many projects. This paper is primarily concerned in determining the impact of e-Gov services on the private sector. A combination of Modified Technology Acceptance Model (TAM), DeLone and McLean's of IS success will be utilized as a research model and e-Gov Economics Project (eGEP) framework to measure “Efficiency, Democracy
& Effectiveness impact” for G2B services. The research result will help e-Gov decision makers to recognize the critical factors that are responsible for G2B success, specifically factors they need to pay attention to gain the highest return on their technology investment, hence enabling them to measure the impact for e-Gov on the private sector. The paper has also demonstrated the usefulness of Structural
Equation Modeling (SEM) in analysis of small data sets and in exploratory research.
AN OVERVIEW OF THE SECURITY CONCERNS IN ENTERPRISE CLOUD COMPUTINGIJNSA Journal
Deploying cloud computing in an enterprise infrastructure bring significant security concerns. Successful implementation of cloud computing in an enterprise requires proper planning and understanding of emerging risks, threats, vulnerabilities, and possible countermeasures. We believe enterprise should analyze the company/organization security risks, threats, and available countermeasures before adopting this technology. In this paper, we have discussed security risks and concerns in cloud computing and enlightened steps that an enterprise can take to reduce security risks and protect their resources. We have also explained cloud computing strengths/benefits, weaknesses, and
applicable areas in information risk management
THE EFFECT OF THE RESOURCE CONSUMPTION CHARACTERISTICS OF CLOUD APPLICATIONS ...ijccsa
Auto scaling is a service provided by the cloud service provider that allows provision of temporary resources to the subscriber’s systems to prevent overloading. So far, many methods of auto scaling have been proposed and applied. Among them, solutions based on low-level metrics are commonly used in industry systems. Resource statistics are the basis for detecting overloading situation and making additional resources in a timely manner. However, the effectiveness of these methods depends very much on the accuracy of the overload calculation from low-level metrics. Overloading is mentioned in solutions that usually favor a shortage of CPU resources. However, the demand for resources comes from the application running on that each application has the characteristics of demanding different resource types, with different CPU, memory, I/O ratios so it can not just be statistically on CPU consumption. The point of view here is that even though based on low level resources, the source for calculation and forecasting is the characteristic of the resource needs of the application. In this paper, we will develop an empirical model to assess the effect of the application's resource consumption characteristics on the efficiency of the lowmetricauto scaling solutions and propose an auto scaling solution that is calculated based on statistics of different types of resources. The results of the simulations show that the proposed solution based on multiple resources is more positive.
Cloud Computing a leading and getting widely adopted technology in industry, unveils some unprecedented challenges to security of company’s resources such as capital and knowledge based assets. Hither to no much attention has been paid by the governments and there is neither any universal standard adopted, nor any breakthrough to take up these challenges. Traditional contracts and licensing agreements may not provide adequate legal resources and remedies normally associated with the layers of protection for corporations. Intellectual Property, Foreign Direct Investments (FDI) and corporate governance issues have to be fully explored and practiced in domestic and international markets. So this paper discusses the need of establishment of Law and judicial framework of policies to the services embedding cloud computing technology, besides this it also addresses legal issues and existing policies adopted by different countries.
Get the full Cisco Global Cloud Index (GCI) at http://cs.co/GCIss, read the full whitepaper at http://cs.co/GCIWPss or tweet us at @CiscoVNI with questions.
El Quinto Índice Global de la Nube de Cisco® (2014-2019), publicado hoy, prevé que el tráfico global de la nube será más del cuádruple a finales de 2019 pasando de 2.1 a 8.6 zettabytes (ZB). El crecimiento del tráfico en la nube superará el crecimiento del tráfico total de data centers, que se triplicará durante el mismo período a nivel global al pasar de 3.4 a 10.4 ZB.
Strategic, Privacy and Security Considerations for Adoption of Cloud and Emer...Marie-Michelle Strah, PhD
Prepared for Ministers and Senior Officials from the Caribbean and distinguished participants and attendees of the Caribbean Telecommunications Union (CTU), the Commonwealth Secretariat, the Organization of American States (OAS), and the International Telecommunication Union (ITU) on the occasion of the Caribbean Stakeholders’ Meeting: The Importance of ICTs and their Impact on Regional Development, May 26-28, 2014 in Port of Spain, Trinidad.
CLOUD COMPUTING IN EDUCATION: POTENTIALS AND CHALLENGES FOR BANGLADESHIJCSEA Journal
Cloud Computing is an emerging technology. It is a growing technology which can change traditional IT systems. It plays a major role in today’s technology sector. People are using it every day through one way or another. Education sector is not out of this phenomenon. At the present time the teaching method is changing and students are becoming much technology based and therefore it is necessary that we think about the most recent technologies to incorporate in the teaching and learning methods. By sharing Information technology related services in the cloud, educational institutions can better concentrate on offering students, teachers, faculty and staff the essential instruments. Bangladesh is a developing country. So applying this technology on education sector is a huge challenge for Bangladesh. In this paper it is discussed that how Bangladesh can be benefited by applying cloud in education and its challenges followed by some case studies and success stories.
Technology organization environment framework in cloud computingTELKOMNIKA JOURNAL
Cloud Computing is a rapidly emerging technology over the last few years, that has
abolished the burden of purchasing heavy hardware and software. Cloud computing
has been advantageous to Small and Medium-sized Enterprises (SMEs), though many
SMEs have not adopted to delve into its appealing benefits. To increase the cloud
adoption rate in these Enterprises, the most important thing is to understand the
aspects which influence the cloud adoption. The article focuses on these factors, which
influence the use of cloud services by establishing the three layer hierarchical framework
based on the grounded on the Technology Oriented Environmental (TOE)
framework through systematic literature review. Because cloud-based solutions offer
numerous benefits for companies, they have precious cloud determinants. This paper
therefore took into account the Technology Organization Environment TOE model for
Cloud Computing adoption. In addition, the questionaries designed at the end also
indicate the significant connection in the decision of adoption between three context
of TOE. Moreover, the designed questionaries has been used for the analysis of cloud
computing adoption in Bangladeshi SMEs.
Cloud computing has become the mainstream of the emerging technologies for information interchange and accessibility. With such systems, the information accessed from any geographic location on this planet with some decent kind of internet connection. Applying machine learning together with artificial intelligence in dealing with the problem of energy reduction in cloud data center is an innovative idea. A large combination of Artificial intelligence is playing a significant role in cloud environment. For that matter, the Big organization providers like Amazon have taken steps to ensure that they can continue to expand their fast-growing cloud services to commensurate with the fast growth of population. These companies have built large data centers in remote parts of the world to overcome a shortage of information. These centers consume significant amounts of electrical energy. There is often a lot of energy wastage. According to IDC white paper, data centers have tremendously wasted billions of energy regarding billing and cash. Additionally, researchers have argued that by the year 2020 the energy consumption rate would have doubled. Research in this area is still a hot topic. This paper seeks to address the energy efficiency issue at a Cloud Data Center using machine learning methodologies, principles, and practices. This article also aims to bring out possible future implementation methods for artificially intelligent agents that would help reduce energy wastage at a Cloud data center and thus help ameliorate the great big energy problem at hand.
To proposed Smart Cross-Border e-Government (SCBeG) models making full use of ICT innovations in CC, BD and IoT and combine these technologies with platforms available on eID (in conjunction with eAU and e-SIGN).
ADMINISTRATION SECURITY ISSUES IN CLOUD COMPUTINGijitcs
This paper discover the most administration security issues in Cloud Computing in term of trustworthy and gives the reader a big visualization of the concept of the Service Level Agreement in Cloud Computing and it’s some security issues. Finding a model that mostly guarantee that the data be saved secure within setting for factors which are data location, duration of keeping the data in cloud environment, trust between customer and provider, and procedure of formulating the SLA.
Cloud computing technology for egovernment architectureijfcstjournal
The evolution of
cloud computing
has had a significant
effect on our lives and it has brought many benefits.
Cloud computing is a style of computing which is formed from the aggregation and development of
technologies such as grid computing distributed computing, parallel computing and service
-
oriented
archit
ecture
and it
s exciting for governments and private companies, and it has eager them to take
advantage of this technology. Because in this model no needed to additional costs for equipment and
resources to respond to the request of customers, however in t
erms of demand and workload, company
lease and take possession of the required resources, such as servers and virtual sources. In this pa
per, we
studied how to use cloud computing in e
-
government and tried to identify the benefits of the cloud to use in
th
e e
-
government and offer proposals to overcome its shortcomings, encourage and partnership of
governments and people to use this economical
, green
and new technology.
Besides the benefits are there possible challenges government agencies are likely to encounter should they
decide to adopt cloud computing? What strategies should be deployed to overcome the inhibitors of cloud
computing? These are but few questions this paper aims to investigate. Studies have shown that, cloud
computing has become a strategic direction for many government agencies and is already being deployed
in many critical areas of the government's cyber infrastructure. The benefits and the challenges of cloud
adoption have heightened interest of academic research in recent times. We are however uncertain, per
literature factors that hinder successful cloud adoption especially in the Ghanaian context. We posit that,
understanding the challenges of cloud adoption and overcoming them must accompany the use of the
technology in order to prevent unwanted technical consequences, and even greater problems from
government information management. This study is based on unstructured interviews from selected
government agencies in Ghana. The study is grounded on the theory of technology, organization and
environment (TOE) framework. Major inhibiting factors identified include lack of basic infrastructure for
cloud take-off, data security, unreliable internet connectivity, and general lack of institutional readiness
AN OVERVIEW OF THE SECURITY CONCERNS IN ENTERPRISE CLOUD COMPUTINGIJNSA Journal
Deploying cloud computing in an enterprise infrastructure bring significant security concerns. Successful implementation of cloud computing in an enterprise requires proper planning and understanding of emerging risks, threats, vulnerabilities, and possible countermeasures. We believe enterprise should analyze the company/organization security risks, threats, and available countermeasures before adopting this technology. In this paper, we have discussed security risks and concerns in cloud computing and enlightened steps that an enterprise can take to reduce security risks and protect their resources. We have also explained cloud computing strengths/benefits, weaknesses, and
applicable areas in information risk management
THE EFFECT OF THE RESOURCE CONSUMPTION CHARACTERISTICS OF CLOUD APPLICATIONS ...ijccsa
Auto scaling is a service provided by the cloud service provider that allows provision of temporary resources to the subscriber’s systems to prevent overloading. So far, many methods of auto scaling have been proposed and applied. Among them, solutions based on low-level metrics are commonly used in industry systems. Resource statistics are the basis for detecting overloading situation and making additional resources in a timely manner. However, the effectiveness of these methods depends very much on the accuracy of the overload calculation from low-level metrics. Overloading is mentioned in solutions that usually favor a shortage of CPU resources. However, the demand for resources comes from the application running on that each application has the characteristics of demanding different resource types, with different CPU, memory, I/O ratios so it can not just be statistically on CPU consumption. The point of view here is that even though based on low level resources, the source for calculation and forecasting is the characteristic of the resource needs of the application. In this paper, we will develop an empirical model to assess the effect of the application's resource consumption characteristics on the efficiency of the lowmetricauto scaling solutions and propose an auto scaling solution that is calculated based on statistics of different types of resources. The results of the simulations show that the proposed solution based on multiple resources is more positive.
Cloud Computing a leading and getting widely adopted technology in industry, unveils some unprecedented challenges to security of company’s resources such as capital and knowledge based assets. Hither to no much attention has been paid by the governments and there is neither any universal standard adopted, nor any breakthrough to take up these challenges. Traditional contracts and licensing agreements may not provide adequate legal resources and remedies normally associated with the layers of protection for corporations. Intellectual Property, Foreign Direct Investments (FDI) and corporate governance issues have to be fully explored and practiced in domestic and international markets. So this paper discusses the need of establishment of Law and judicial framework of policies to the services embedding cloud computing technology, besides this it also addresses legal issues and existing policies adopted by different countries.
Get the full Cisco Global Cloud Index (GCI) at http://cs.co/GCIss, read the full whitepaper at http://cs.co/GCIWPss or tweet us at @CiscoVNI with questions.
El Quinto Índice Global de la Nube de Cisco® (2014-2019), publicado hoy, prevé que el tráfico global de la nube será más del cuádruple a finales de 2019 pasando de 2.1 a 8.6 zettabytes (ZB). El crecimiento del tráfico en la nube superará el crecimiento del tráfico total de data centers, que se triplicará durante el mismo período a nivel global al pasar de 3.4 a 10.4 ZB.
Strategic, Privacy and Security Considerations for Adoption of Cloud and Emer...Marie-Michelle Strah, PhD
Prepared for Ministers and Senior Officials from the Caribbean and distinguished participants and attendees of the Caribbean Telecommunications Union (CTU), the Commonwealth Secretariat, the Organization of American States (OAS), and the International Telecommunication Union (ITU) on the occasion of the Caribbean Stakeholders’ Meeting: The Importance of ICTs and their Impact on Regional Development, May 26-28, 2014 in Port of Spain, Trinidad.
CLOUD COMPUTING IN EDUCATION: POTENTIALS AND CHALLENGES FOR BANGLADESHIJCSEA Journal
Cloud Computing is an emerging technology. It is a growing technology which can change traditional IT systems. It plays a major role in today’s technology sector. People are using it every day through one way or another. Education sector is not out of this phenomenon. At the present time the teaching method is changing and students are becoming much technology based and therefore it is necessary that we think about the most recent technologies to incorporate in the teaching and learning methods. By sharing Information technology related services in the cloud, educational institutions can better concentrate on offering students, teachers, faculty and staff the essential instruments. Bangladesh is a developing country. So applying this technology on education sector is a huge challenge for Bangladesh. In this paper it is discussed that how Bangladesh can be benefited by applying cloud in education and its challenges followed by some case studies and success stories.
Technology organization environment framework in cloud computingTELKOMNIKA JOURNAL
Cloud Computing is a rapidly emerging technology over the last few years, that has
abolished the burden of purchasing heavy hardware and software. Cloud computing
has been advantageous to Small and Medium-sized Enterprises (SMEs), though many
SMEs have not adopted to delve into its appealing benefits. To increase the cloud
adoption rate in these Enterprises, the most important thing is to understand the
aspects which influence the cloud adoption. The article focuses on these factors, which
influence the use of cloud services by establishing the three layer hierarchical framework
based on the grounded on the Technology Oriented Environmental (TOE)
framework through systematic literature review. Because cloud-based solutions offer
numerous benefits for companies, they have precious cloud determinants. This paper
therefore took into account the Technology Organization Environment TOE model for
Cloud Computing adoption. In addition, the questionaries designed at the end also
indicate the significant connection in the decision of adoption between three context
of TOE. Moreover, the designed questionaries has been used for the analysis of cloud
computing adoption in Bangladeshi SMEs.
Cloud computing has become the mainstream of the emerging technologies for information interchange and accessibility. With such systems, the information accessed from any geographic location on this planet with some decent kind of internet connection. Applying machine learning together with artificial intelligence in dealing with the problem of energy reduction in cloud data center is an innovative idea. A large combination of Artificial intelligence is playing a significant role in cloud environment. For that matter, the Big organization providers like Amazon have taken steps to ensure that they can continue to expand their fast-growing cloud services to commensurate with the fast growth of population. These companies have built large data centers in remote parts of the world to overcome a shortage of information. These centers consume significant amounts of electrical energy. There is often a lot of energy wastage. According to IDC white paper, data centers have tremendously wasted billions of energy regarding billing and cash. Additionally, researchers have argued that by the year 2020 the energy consumption rate would have doubled. Research in this area is still a hot topic. This paper seeks to address the energy efficiency issue at a Cloud Data Center using machine learning methodologies, principles, and practices. This article also aims to bring out possible future implementation methods for artificially intelligent agents that would help reduce energy wastage at a Cloud data center and thus help ameliorate the great big energy problem at hand.
To proposed Smart Cross-Border e-Government (SCBeG) models making full use of ICT innovations in CC, BD and IoT and combine these technologies with platforms available on eID (in conjunction with eAU and e-SIGN).
ADMINISTRATION SECURITY ISSUES IN CLOUD COMPUTINGijitcs
This paper discover the most administration security issues in Cloud Computing in term of trustworthy and gives the reader a big visualization of the concept of the Service Level Agreement in Cloud Computing and it’s some security issues. Finding a model that mostly guarantee that the data be saved secure within setting for factors which are data location, duration of keeping the data in cloud environment, trust between customer and provider, and procedure of formulating the SLA.
Cloud computing technology for egovernment architectureijfcstjournal
The evolution of
cloud computing
has had a significant
effect on our lives and it has brought many benefits.
Cloud computing is a style of computing which is formed from the aggregation and development of
technologies such as grid computing distributed computing, parallel computing and service
-
oriented
archit
ecture
and it
s exciting for governments and private companies, and it has eager them to take
advantage of this technology. Because in this model no needed to additional costs for equipment and
resources to respond to the request of customers, however in t
erms of demand and workload, company
lease and take possession of the required resources, such as servers and virtual sources. In this pa
per, we
studied how to use cloud computing in e
-
government and tried to identify the benefits of the cloud to use in
th
e e
-
government and offer proposals to overcome its shortcomings, encourage and partnership of
governments and people to use this economical
, green
and new technology.
Besides the benefits are there possible challenges government agencies are likely to encounter should they
decide to adopt cloud computing? What strategies should be deployed to overcome the inhibitors of cloud
computing? These are but few questions this paper aims to investigate. Studies have shown that, cloud
computing has become a strategic direction for many government agencies and is already being deployed
in many critical areas of the government's cyber infrastructure. The benefits and the challenges of cloud
adoption have heightened interest of academic research in recent times. We are however uncertain, per
literature factors that hinder successful cloud adoption especially in the Ghanaian context. We posit that,
understanding the challenges of cloud adoption and overcoming them must accompany the use of the
technology in order to prevent unwanted technical consequences, and even greater problems from
government information management. This study is based on unstructured interviews from selected
government agencies in Ghana. The study is grounded on the theory of technology, organization and
environment (TOE) framework. Major inhibiting factors identified include lack of basic infrastructure for
cloud take-off, data security, unreliable internet connectivity, and general lack of institutional readiness
Economist Intelligence Unit: Preparing for Next-Generation CloudHitachi Vantara
Preparing for next-generation cloud: Lessons learned and insights shared is an Economist Intelligence Unit (EIU) research programme, sponsored by Hitachi Data Systems. In this report, the EIU looks at companies’ experiences with cloud adoption and assesses whether the technology has lived up to expectations. Where the cloud has fallen short of expectations, we set out to understand why. In cases of seamless implementation, we gather best practices from firms using the cloud successfully.
Over the last decade, cloud computing has transformed the market for IT services. But the journey to cloud adoption has not been without its share of twists and turns. This report looks at lessons that can be derived from companies' experiences implementing cloud computing technology.
THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...csandit
Cloud computing promises good opportunities for economies around the world, as it can help reduce capital expenditure and administration costs, and improve resource utilization. However there are challenges regarding the adoption of cloud computing, key amongst those are security and privacy, reliability and liability, access and usage restriction. Some of these challenges lead to a need for cloud computing policy so that they can be addressed. The purpose of this paper is
twofold. First is to discuss challenges that prompt a need for cloud computing policy. Secondly, is to look at South African ICT policies and regulatory laws in relation to the emergence of cloud computing. Since this is literature review paper, the data was collected mainly through literature reviews. The findings reveals that indeed cloud computing raises policy challenges that needs to be addressed by policy makers. A lack of policy that addresses cloud computing challenges can
negatively have an impact on areas such as security and privacy, competition, intellectual property and liability, consumer protection, cross border and juridical challenges.
Cloud computing has sweeping impact on the human productivity. Today it’s used for Computing, Storage, Predictions and Intelligent Decision Making, among others. Intelligent Decision-Making using Machine Learning has pushed for the Cloud Services to be even more fast, robust and accurate. Security remains one of the major concerns which affect the cloud computing growth however there exist various research challenges in cloud computing adoption such as lack of well managed service level agreement (SLA), frequent disconnections, resource scarcity, interoperability, privacy, and reliability. Tremendous amount of work still needs to be done to explore the security challenges arising due to widespread usage of cloud deployment using Containers. We also discuss Impact of Cloud Computing and Cloud Standards. Hence in this research paper, a detailed survey of cloud computing, concepts, architectural principles, key services, and implementation, design and deployment challenges of cloud computing are discussed in detail and important future research directions in the era of Machine Learning and Data Science have been identified.
Student Number: Sxxxxxxx
Email:
Assignment 3
Due Date: 2 May 2014
Lecturer:
Course Coordinator:
Executive Summary
Cloud computing promises a transformation in the provision of IT services to businesses and other organisations. Along with many advantages to the business that include easy scalability and ubiquitous access to resources, there are many risks that a business must consider before deploying a cloud solution. These risks include a loss of control over service restoration in case of failure and possible security risks due to attack via the Internet. To mitigate against those risks businesses need to have well-written contracts, develop strict and easily understood polices to ensure the appropriate storage of information and have multi-factor authentication to access sensitive information via the Internet.
This report considers the situation of GlobDev, who are an Aid and Development organisation headquartered in Melbourne with staff in many developing countries. Using recent research, the report analyses the advantages and disadvantages of Cloud Computing, associated security risks and mitigation, and examines using cloud services to enable secure mobile computing. The report proposes a possible path to the transformation in the delivery of IT services in GlobDev through the migration to cloud based services. The report supports the use of cloud computing through mobile devices provided to field staff. The engagement in technology through social media applications and mobile technology should improve donor engagement and expand GlobDev’s opportunity for growth by increasing its supporter base.
Table of Contents
1.0 Introduction 4
1.1 Organisational Context 4
1.2 Objective and Methodology 4
1.3 Report Outline 5
2.0 Definitions of Cloud Computing 5
3.0 Advantages and Issues with Cloud Computing 6
3.1 Advantages of Cloud Computing 6
3.2 Issues with Cloud Computing 7
4.0 Security Risks in Cloud Computing 7
5.0 Opportunities for growth through Cloud Services 9
6.0 Conclusions 9
7.0 Recommendations 11
8.0 Reference list 13
1.0
Introduction
1.1 Organisational Context
Cloud computing is an increasingly popular method for delivery of software services and storing data. GlobDev is a not for profit large organisation, headquartered in Melbourne, that runs aid and development programs in underdeveloped nations. The projects are organised by people from developed nations including Australians who are part of this organisations staff. National staff in each country are also employed by the organisation. There are currently 2150 people employed in Projects across 38 nations with a further 50 people employed in administration in 10 donor countries plus a further 70 staff in the head office in Melbourne. Projects and administration costs are funded through personal and corporate donations along with contributions from the foreign aid budgets of some G-20 major economies. The company has a central server located in the Melbourne H.
MEASURING TECHNOLOGICAL, ORGANIZATIONAL AND ENVIRONMENTAL FACTORS INFLUENCING...csandit
The main objective of this research is to identify the factors influencing the intentions to adopt
the public computing by the private sector firms. In this research the researcher examined the
ten factors influencing the cloud computing adoption using a proposed integrated model which
incorporates aspects of the Technology, Organization and Environment factors such as
Complexity, Compatibility, Security Concerns, Trialability, Cost Saving, Top Management
Support, Prior IT Experience, Organizational Readiness, Competitive Pressure and External
Support. In order to test influencing factors a survey was conducted and one hundred and
twenty two valid responses were received from IT decision makers from forty firms in different
industries. The results revealed that the Compatibility, Cost Saving, Trialability and External
Support are the main influential factors in the adoption intentions of public cloud computing.
Future research could be built on this study by developing different model for each industry
because each industry has unique characteristics that can influence the adoption of the
technological innovations.
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...Zac Darcy
Cloud computing is an emerging model of service provision that has the advantage of minimizing costs
through sharing and storage of resources combined with a demand provisioning mechanism relying on
pay-per-use business model. Cloud computing features direct impact on information technology (IT)
budgeting but pose detrimental impacts on privacy and security mechanisms especially where sensitive
data is to be held offshore by third parties. Even though cloud computing environment promises new
benefits to organizations, it also presents its fair share of potential risks. It is considered as a double edge
sword considering the privacy and security standpoints. However, despite its potential to offer a low cost
security, customer organizations may increase the risks by storing their sensitive information in the cloud.
Therefore, this study focuses on privacy and security issues that pose a challenge in maintaining a level of
assurance that is sufficient enough to sustain confidence in potential users.
In this study, survey questions were sent to different non-profit and government organizations, which
assisted in collecting fundamental information. The data was acquired by conducting surveys in OpenStack
Company to identify the critical vulnerabilities in the cloud computing platform in order to provide the
recommended solutions.
So, analysis will be made on how the cloud’s characteristics such as the nature of the architecture,
attractiveness, as well as, vulnerability are tightly related to privacy and security issues. Privacy and
security are complex issues for which there is no standard and the relationship between them is necessarily
complicated. The study also highlight on the inherent challenge to data privacy because it typically results
in data to be presented in an encryption from the data owner. Thus, the study aimed at obtaining a common
goal to provide a comprehensive review of the existing security and privacy issues in cloud environments,
and identify and describe the most representative of the security and privacy attributes and present a
relationship among them.
Finally, in order to ensure that the standard measure of validity is achieved, validity test was conducted in
order to ensure that the study is free from errors. Various recommendations were provided. The study also
explored various areas that require future directions for each attribute, which comprise of multi-domain
policy integration and a secure service composition to design a comprehensive policy-based management
framework in the cloud environments.
Lastly, the recommendations will provide the potential for security and privacy approaches that can be
implemented to improve the cloud computing environment to ensure that a level of trust is achieved
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...Zac Darcy
Cloud computing is an emerging model of service provision that has the advantage of minimizing costs
through sharing and storage of resources combined with a demand provisioning mechanism relying on
pay-per-use business model. Cloud computing features direct impact on information technology (IT)
budgeting but pose detrimental impacts on privacy and security mechanisms especially where sensitive
data is to be held offshore by third parties. Even though cloud computing environment promises new
benefits to organizations, it also presents its fair share of potential risks. It is considered as a double edge
sword considering the privacy and security standpoints. However, despite its potential to offer a low cost
security, customer organizations may increase the risks by storing their sensitive information in the cloud.
Therefore, this study focuses on privacy and security issues that pose a challenge in maintaining a level of
assurance that is sufficient enough to sustain confidence in potential users.
RAMEWORKS FOR CLOUD COMPUTING: A CRITICAL REVIEWijcsit
Cloud computing technology has experienced exponential growth over the past few years. It provides many
advantages for both individuals and organizations. However, at the same time, many issues have arisen due
to the vast growth of cloud computing. Organizations often have concerns about the migration and
utilization of cloud computing due to the loss of control over their outsourced resources and cloud
computing is vulnerable to risks. Thus, a cloud provider needs to manage the cloud computing environment
risks in order to identify, assess, and prioritize the risks in order to decrease those risks, improve security,
increase confidence in cloud services, and relieve organizations’ concerns on the issue of using a cloud
environment. Considering that a conventional risk management framework does not fit well with cloud
computing due to the complexity of its environment, research in this area has become widespread. The aim
of this paper is to review the previously proposed risk management frameworks for cloud computing and to
make a comparison between them in order to determine the strengths and weaknesses of each of them. The
review will consider the extent of the inv
USERS’ PERCEPTION TOWARDS CLOUD COMPUTING: A CASE OF DEPARTMENT STATISTIC SOU...ijccsa
This study was initiated as a result of the researcher’s concerns regarding computing infrastructure at the
Department of statistic South Africa (Stats-SA). The concerns arise from issues observed on the physical
infrastructure platform currently deployed within the organisation. It is therefore proposed to investigate
the attitude and perceptions of users working in Stats-SA on cloud computing and their willingness to
migrate from physical infrastructure to cloud. The issue of user behavior during the transition from
traditional IT services to cloud services has been addressed in a lot of studies, but the perceptions of
employees at Stats-SA have never been investigated. The study expounds on the technology acceptance
model by incorporating factors such as availability, accessibility, security and reliability by investigating
the perception of end-users. The investigation took the mixed research approach. A questionnaire was
developed using three technology acceptance instruments: perceived ease of use, usefulness and attitude to
measure the end-user’s intention to move to the cloud.
USERS’ PERCEPTION TOWARDS CLOUD COMPUTING: A CASE OF DEPARTMENT STATISTIC SOU...ijccsa
This study was initiated as a result of the researcher’s concerns regarding computing infrastructure at the
Department of statistic South Africa (Stats-SA). The concerns arise from issues observed on the physical
infrastructure platform currently deployed within the organisation. It is therefore proposed to investigate
the attitude and perceptions of users working in Stats-SA on cloud computing and their willingness to
migrate from physical infrastructure to cloud. The issue of user behavior during the transition from
traditional IT services to cloud services has been addressed in a lot of studies, but the perceptions of
employees at Stats-SA have never been investigated. The study expounds on the technology acceptance
model by incorporating factors such as availability, accessibility, security and reliability by investigating
the perception of end-users. The investigation took the mixed research approach. A questionnaire was
developed using three technology acceptance instruments: perceived ease of use, usefulness and attitude to
measure the end-user’s intention to move to the cloud.
ADVANCES IN HIGHER EDUCATIONAL RESOURCE SHARING AND CLOUD SERVICES FOR KSAIJCSES Journal
Cloud represents an important change in the way information technology is used. Cloud makes it possible
to access work anywhere anytime and to share it with anyone [1]. It is changing the way people
communicate, work and learn [2]. In this changing environment, it is important to think about the
opportunities and risks of using the cloud in the education field, and the lessons we can learn from the
previous uses of this technology in the education field. In order to gain the benefits of the cloud to be used
in educational system in KSA, a comprehensive study on scientific literatures in this paper. This paper also
presents the significant information such as the findings, the case studies, related frameworks and
supporting also the tools associated to the migration of organizational resources to cloud
The Riisk and Challllenges off Clloud ComputtiingIJERA Editor
Cloud computing is a computing technology aiming to share storage, computation, and services transparently
among a massive users. Current cloud computing systems pose serious limitation to protecting the confidentiality
of user data. Since the data share and stored is presented in unencrypted forms to remote machines owned and
operated by third party service providers despite it sensitivity (example contact address, mails), the risks of
disclosing user confidential data by service providers may be quite high and the risk of attacking cloud storage
by third party is also increasing. The purpose of this study is to review researches done on this technology,
identify the security risk and explore some techniques for protecting users‟ data from attackers in the cloud.
A Survey on Security Risk Management Frameworks in Cloud Computing csandit
Cloud computing technology has experienced exponential growth over the past few years. It
provides many advantages for both individuals and organizations. However, at the same time,
many issues have arisen due to the vast growth of cloud computing. Organizations often have
concerns about the migration and utilization of cloud computing due to the loss of control over
their outsourced resources and cloud computing is vulnerable to risks. Thus, a cloud provider
needs to manage the cloud computing environment risks in order to identify, assess, and
prioritize the risks in order to decrease those risks, improve security, increase confidence in
cloud services, and relieve organizations’ concerns on the issue of using a cloud environment.
Considering that a conventional risk management framework does not fit well with cloud
computing due to the complexity of its environment, research in this area has become
widespread. The aim of this paper is to review the previously proposed risk management
frameworks for cloud computing and to make a comparison between them in order to determine
the strengths and weaknesses of each of them. The review will consider the extent of the
involvement and participation of consumers in cloud computing and other issues.
A SURVEY ON SECURITY RISK MANAGEMENT FRAMEWORKS IN CLOUD COMPUTINGcscpconf
Cloud computing technology has experienced exponential growth over the past few years. It
provides many advantages for both individuals and organizations. However, at the same time,
many issues have arisen due to the vast growth of cloud computing. Organizations often have
concerns about the migration and utilization of cloud computing due to the loss of control over
their outsourced resources and cloud computing is vulnerable to risks. Thus, a cloud provider
needs to manage the cloud computing environment risks in order to identify, assess, and
prioritize the risks in order to decrease those risks, improve security, increase confidence in
cloud services, and relieve organizations’ concerns on the issue of using a cloud environment.
Considering that a conventional risk management framework does not fit well with cloud
computing due to the complexity of its environment, research in this area has become
widespread. The aim of this paper is to review the previously proposed risk management
frameworks for cloud computing and to make a comparison between them in order to determine
the strengths and weaknesses of each of them. The review will consider the extent of the
involvement and participation of consumers in cloud computing and other issues.
Similar to Factors Influencing Risk Acceptance of Cloud Computing Services in the UK Government (20)
ANALYSIS OF ATTACK TECHNIQUES ON CLOUD BASED DATA DEDUPLICATION TECHNIQUESneirew J
ABSTRACT
Data in the cloud is increasing rapidly. This huge amount of data is stored in various data centers around the world. Data deduplication allows lossless compression by removing the duplicate data. So, these data centers are able to utilize the storage efficiently by removing the redundant data. Attacks in the cloud computing infrastructure are not new, but attacks based on the deduplication feature in the cloud computing is relatively new and has made its urge nowadays. Attacks on deduplication features in the cloud environment can happen in several ways and can give away sensitive information. Though, deduplication feature facilitates efficient storage usage and bandwidth utilization, there are some drawbacks of this feature. In this paper, data deduplication features are closely examined. The behavior of data deduplication depending on its various parameters are explained and analyzed in this paper.
SUCCESS-DRIVING BUSINESS MODEL CHARACTERISTICS OF IAAS AND PAAS PROVIDERSneirew J
ABSTRACT Market analyses show that some cloud providers are significantly more successful than others. The research on the success-driving business model characteristics of cloud providers and thus, the reasons for this performance discrepancy is, however, still limited. Whereas cloud business models have mostly been examined comprehensively, independently from the distinctly different cloud ecosystem roles, this paper takes a perspective shift from an overall towards a selective, role-specific and thereby ecosystemic perspective on cloud business models. The goal of this paper is specifically to identify the success-driving business model characteristics of the so far widely neglected cloud ecosystem’s core roles, IaaS and PaaS provider, by conducting an exploratory multiple-case study. 21 expert interviews with representatives from 17 cloud providers serve as central data collection instrument. The result is a catalogue of generic as well as cloud-specific, subdivided into role-overarching and role-specific, business model characteristics. This catalogue supports cloud providers in the initial design, comparison and revision of their business models. Researchers obtain a promising starting and reference point for future analysis of business models of various cloud ecosystem roles.
Strategic Business Challenges in Cloud Systemsneirew J
For the past few years, the evolution of cloud computing has been potentially becoming one of the major
advances in the history of computing. But is cloud computing the saviour of business? Does it signal the
demise of the corporate IT functionality entirely? However, if cloud computing has to achieve its potential,
there is a need to have a clear understanding of various issues involved, both from the perspectives of the
providers and the consumers related to the technology, management and business aspects. Objective of this
research is to explore the strategic business, management and technical challenges existing in cloud
systems. It is believed that adopting a methodology and suggesting a corresponding architectural
framework would serve as a potential comprehensive conceptual tool, which shows path for mitigating
challenges and hence effort are put in bringing in by mentioning a suitable methodology and its brief
description. It concludes that International Business Machine Common Cloud Management Platform is one
way to realize the combined features of various models such as Hub & Spoke Model as a quality of
Governance model; Gen-Spec Research Methodology design for semantic and quality research studies into
one in the form of Reference Architecture. However in order to realize the full potential of the CustomerRespond-Adapt-Sense-Provider
(conceptual) methodology for dealing with semantics, it is important to
consider Internet of Things Architecture Reference Model where in the resources are translated into
Services.
Laypeople's and Experts' Risk Perception of Cloud Computing Services neirew J
Cloud computing is revolutionising the way software services are procured and used by Government
organizations and SMEs. Quantitative risk assessment of Cloud services is complex and undermined by
specific security concerns regarding data confidentiality, integrity and availability. This study explores how
the gap between the quantitative risk assessment and the perception of the risk can produce a bias in the
decision-making process about Cloud computing adoption.
The risk perception of experts in Cloud computing (N=37) and laypeople (N=81) about ten Cloud
computing services was investigated using the psychometric paradigm. Results suggest that the risk
perception of Cloud services can be represented by two components, called “dread risk” and “unknown
risk”, which may explain up to 46% of the variance. Other factors influencing the risk perception were
“perceived benefits”, “trust in regulatory authorities” and “technology attitude”.
This study suggests some implications that could support Government and non-Government organizations
in their strategies for Cloud computing adoption.
A Cloud Security Approach for Data at Rest Using FPE neirew J
In a cloud scenario, biggest concern is around security of the data. “Both data in transit and at rest must
be secure” is a primary goal of any organization. Data in transit can be made secure using TLS level
security like SSL certificates. But data at rest is not quite secure, as database servers in public cloud
domain are more prone to vulnerabilities. Not all cloud providers give out of box encryption with their
offerings. Also implementing traditional encryption techniques will cause lot of changes in application as
well as at database level. This paper provides efficient approach to encrypt data using Format Preserving
Encryption technique. FPE focuses mainly on encrypting data without changing format so that it’s easy to
develop and migrate legacy application to cloud. It is capable of performing format preserving encryption
on numeric, string and the combination of both. This literature states various features and advantages of
same.
Error Isolation and Management in Agile Multi-Tenant Cloud Based Applications neirew J
Management of errors in multi-tenant cloud based applications remains a challenging problem. This
problem is compounded due to (i) multiple versions of application serving different clients, (ii) agile nature
in which the applications are released to the clients, and (iii) variations in specific usage patterns of each
client. We propose a framework for isolating and managing errors in such applications. The proposed
framework is evaluated with two different popular cloud based applications and empirical results are
presented.
Locality Sim : Cloud Simulator with Data Localityneirew J
Cloud Computing (CC) is a model for enabling on-demand access to a shared pool of configurable
computing resources. Testing and evaluating the performance of the cloud environment for allocating,
provisioning, scheduling, and data allocation policy have great attention to be achieved. Therefore, using
cloud simulator would save time and money, and provide a flexible environment to evaluate new research
work. Unfortunately, the current simulators (e.g., CloudSim, NetworkCloudSim, GreenCloud, etc..) deal
with the data as for size only without any consideration about the data allocation policy and locality. On
the other hand, the NetworkCloudSim simulator is considered one of the most common used simulators
because it includes different modules which support needed functions to a simulated cloud environment,
and it could be extended to include new extra modules. According to work in this paper, the
NetworkCloudSim simulator has been extended and modified to support data locality. The modified
simulator is called LocalitySim. The accuracy of the proposed LocalitySim simulator has been proved by
building a mathematical model. Also, the proposed simulator has been used to test the performance of the
three-tire data center as a case study with considering the data locality feature.
Benefits and Challenges of the Adoption of Cloud Computing in Businessneirew J
The loss of business and downturn of economics almost occur every day. Thus technology is needed in
every organization. Cloud computing has played a major role in solving the inefficiencies problem in
organizations and increase the growth of business thus help the organizations to stay competitive. It is
required to improve and automate the traditional ways of doing business. Cloud computing has been
considered as an innovative way to improve business. Overall, cloud computing enables the organizations
to manage their business efficiently. Unnecessary procedural, administrative, hardware and software costs
in organizations expenses are avoided using cloud computing. Although cloud computing can provide
advantages but it does not mean that there are no drawbacks. Security has become the major concern in
cloud and cloud attacks too. Business organizations need to be alert against the attacks to their cloud
storage. Benefits and drawbacks of cloud computing in business will be explored in this paper. Some
solutions also provided in this paper to overcome the drawbacks. The method has been used is secondary
research, that is collecting data from published journal papers and conference papers.
Intrusion Detection and Marking Transactions in a Cloud of Databases Environm...neirew J
The cloud computing is a paradigm for large scale distributed computing that includes several existing
technologies. A database management is a collection of programs that enables you to store, modify and
extract information from a database. Now, the database has moved to cloud computing, but it introduces at
the same time a set of threats that target a cloud of database system. The unification of transaction based
application in these environments present also a set of vulnerabilities and threats that target a cloud of
database environment. In this context, we propose an intrusion detection and marking transactions for a
cloud of database environment.
A Survey on Resource Allocation in Cloud Computingneirew J
Cloud computing is an on-demand service resource which includes applications to data centers on a
pay-per-use basis. In order to allocate these resources properly and satisfy users’ demands, an efficient
and flexible resource allocation mechanism is needed. Due to increasing user demand, the resource
allocating process has become more challenging and difficult. One of the main focuses of research
scholars is how to develop optimal solutions for this process. In this paper, a literature review on proposed
dynamic resource allocation techniques is introduced.
An Approach to Reduce Energy Consumption in Cloud data centers using Harmony ...neirew J
Fast development of knowledge and communication has established a new computational style which is
known as cloud computing. One of the main issues considered by the cloud infrastructure providers, is to
minimize the costs and maximize the profitability. Energy management in the cloud data centers is very
important to achieve such goal. Energy consumption can be reduced either by releasing idle nodes or by
reducing the virtual machines migrations. To do the latter, one of the challenges is to select the placement
approach of the migrated virtual machines on the appropriate node. In this paper, an approach to reduce
the energy consumption in cloud data centers is proposed. This approach adapts harmony search
algorithm to migrate the virtual machines. It performs the placement by sorting the nodes and virtual
machines based on their priority in descending order. The priority is calculated based on the workload.
The proposed approach is simulated. The evaluation results show the reduction in the virtual machine
migrations, the increase of efficiency and the reduction of energy consumption.
Data Distribution Handling on Cloud for Deployment of Big Dataneirew J
Cloud computing is a new emerging model in the field of computer science. For varying workload Cloud
computing presents a large scale on demand infrastructure. The primary usage of clouds in practice is to
process massive amounts of data. Processing large datasets has become crucial in research and business
environments. The big challenges associated with processing large datasets is the vast infrastructure
required. Cloud computing provides vast infrastructure to store and process Big data. Vms can be
provisioned on demand in cloud to process the data by forming cluster of Vms . Map Reduce paradigm can
be used to process data wherein the mapper assign part of task to particular Vms in cluster and reducer
combines individual output from each Vms to produce final result. we have proposed an algorithm to
reduce the overall data distribution and processing time. We tested our solution in Cloud Analyst
Simulation environment wherein, we found that our proposed algorithm significantly reduces the overall
data processing time in cloud.
Cloud Computing is an attractive research area for the last few years; and there have been a tremendous
grows in the number of educational institutions all over the world who have either adopted or are
considering migrating to cloud computing. However, there are many concerns and reservations about
adopting conventional or public cloud based solutions. A new paradigm of cloud based solution has been
proposed, namely, the private cloud based solutions, which becomes an attractive choice to educational
Institutions. This paper presents the adjustment and implementation of private-based cloud solution for
multi-campus educational institution, namely, Al-Balqa Applied University (BAU) in Jordan.
Implementation of the Open Source Virtualization Technologies in Cloud Computingneirew J
The “Virtualization and Cloud Computing” is a recent buzzword in the digital world. Behind this fancy
poetic phrase there lies a true picture of future computing for both in technical and social perspective.
Though the “Virtualization and Cloud Computing are recent but the idea of centralizing computation and
storage in distributed data centres maintained by any third party companies is not new but it came in way
back in 1990s along with distributed computing approaches like grid computing, Clustering and Network
load Balancing. Cloud computing provide IT as a service to the users on-demand basis. This service has
greater flexibility, availability, reliability and scalability with utility computing model. This new concept of
computing has an immense potential in it to be used in the field of e-governance and in the overall IT
development perspective in developing countries like Bangladesh.
A Broker-based Framework for Integrated SLA-Aware SaaS Provisioning neirew J
In the service landscape, the issues of service selection, negotiation of Service Level Agreements (SLA), and
SLA-compliance monitoring have typically been used in separate and disparate ways, which affect the
quality of the services that consumers obtain from their providers. In this work, we propose a broker-based
framework to deal with these concerns in an integrated mannerfor Software as a Service (SaaS)
provisioning. The SaaS Broker selects a suitable SaaS provider on behalf of the service consumer by using
a utility-driven selection algorithm that ranks the QoS offerings of potential SaaS providers. Then, it
negotiates the SLA terms with that provider based on the quality requirements of the service consumer. The
monitoring infrastructure observes SLA-compliance during service delivery by using measurements
obtained from third-party monitoring services. We also define a utility-based bargaining decision model
that allows the service consumer to express her sensitivity for each of the negotiated quality attributes and
to evaluate the SaaS provider offer in each round of negotiation. A use-case with few quality attributes and
their respective utility functions illustrates the approach.
Comparative Study of Various Platform as a Service Frameworks neirew J
Cloud computing is an emerging paradigm with three basic service models such as Software as a Service
(SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). This paper focuses on
different kinds of PaaS frameworks. PaaS model provides choice of cloud, developer framework and
application service. In this paper, detailed study of four open PaaS frameworks like AppScale, Cloud
Foundry, Cloudify, and OpenShift are explained with the architectural components. We also explained
more PaaS packages like Stratos, mOSAIC, BlueMix, Heroku, Amazon Elastic Beanstalk, Microsoft Azure,
Google App Engine and Stakato briefly. In this paper we present the comparative study of PaaS
frameworks.
Neuro-Fuzzy System Based Dynamic Resource Allocation in Collaborative Cloud C...neirew J
Cloud collaboration is an emerging technology which enables sharing of computer files using cloud
computing. Here the cloud resources are assembled and cloud services are provided using these resources.
Cloud collaboration technologies are allowing users to share documents. Resource allocation in the cloud
is challenging because resources offer different Quality of Service (QoS) and services running on these
resources are risky for user demands. We propose a solution for resource allocation based on multi
attribute QoS Scoring considering parameters such as distance to the resource from user site, reputation of
the resource, task completion time, task completion ratio, and load at the resource. The proposed algorithm
referred to as Multi Attribute QoS scoring (MAQS) uses Neuro Fuzzy system. We have also included a
speculative manager to handle fault tolerance. In this paper it is shown that the proposed algorithm
perform better than others including power trust reputation based algorithms and harmony method which
use single attribute to compute the reputation score of each resource allocated.
A Proposed Model for Improving Performance and Reducing Costs of IT Through C...neirew J
Information technologies are affecting the big business enterprises of todays from data processing and
transactions to achieve the goals efficiently and effectively, affecting creates new business opportunities
and towards new competitive advantage, service must be enough to match the recent trends of IT such as
cloud computing. Cloud computing technology has provided all IT services. Therefore, cloud computing
offers an alternative to adaptable with technology model current , creating reducing cost (Fixed costs and
ongoing), the proliferation of high speed Internet connections through Rent, not acquisitions, cheaper
powerful computing technology and effective performance. The public and private clouds are characterized
by flexibility, operational efficiency that reduces costs improve performance. Also cloud computing
generates business creativity and innovation resulted from collaborative ideas of users; presents cloud
infrastructure and services; paving new markets; offering security in public and private clouds; and
providing environmental impact regarding utilizing green energy technology. In this paper, the main
concentrate the cloud computing.
Secure cloud transmission protocol (SCTP) was proposed to achieve strong authentication and secure
channel in cloud computing paradigm at preceding work. SCTP proposed with its own techniques to attain
a cloud security. SCTP was proposed to design multilevel authentication technique with multidimensional
password generations System to achieve strong authentication. SCTP was projected to develop multilevel
cryptography technique to attain secure channel. SCTP was proposed to blueprint usage profile based
intruder detection and prevention system to resist against intruder attacks. SCTP designed, developed and
analyzed using protocol engineering phases. Proposed SCTP and its techniques complete design has
presented using Petrinet production model. We present the designed SCTP petrinet models and its
analysis. We discussed the SCTP design and its performance to achieve strong authentication, secure
channel and intruder prevention. SCTP designed to use in any cloud applications. It can authorize,
authenticates, secure channel and prevent intruder during the cloud transaction. SCTP designed to protect
against different attack mentioned in literature. This paper depicts the SCTP performance analysis report
which compares with existing techniques that are proposed to achieve authentication, authorization,
security and intruder prevention.
Attribute Based Access Control (ABAC) for EHR in Fog Computing Environmentneirew J
Cisco recently proposed a new computing environment called fog computing to support latency-sensitive
and real time applications. It is a connection of billions of devices nearest to the network edge. This
computing will be appropriate for Electronic Medical Record (EMR) systems that are latency-sensitive in
nature. In this paper, we aim to achieve two goals: (1) Managing and sharing Electronic Health Records
(EHRs) between multiple fog nodes and cloud, (2) Focusing on security of EHR, which contains highly
confidential information. So, we will secure access into EHR on Fog computing without effecting the
performance of fog nodes. We will cater different users based on their attributes and thus providing
Attribute Based Access Control ABAC into the EHR in fog to prevent unauthorized access. We focus on
reducing the storing and processes in fog nodes to support low capabilities of storage and computing of fog
nodes and improve its performance.
# Internet Security: Safeguarding Your Digital World
In the contemporary digital age, the internet is a cornerstone of our daily lives. It connects us to vast amounts of information, provides platforms for communication, enables commerce, and offers endless entertainment. However, with these conveniences come significant security challenges. Internet security is essential to protect our digital identities, sensitive data, and overall online experience. This comprehensive guide explores the multifaceted world of internet security, providing insights into its importance, common threats, and effective strategies to safeguard your digital world.
## Understanding Internet Security
Internet security encompasses the measures and protocols used to protect information, devices, and networks from unauthorized access, attacks, and damage. It involves a wide range of practices designed to safeguard data confidentiality, integrity, and availability. Effective internet security is crucial for individuals, businesses, and governments alike, as cyber threats continue to evolve in complexity and scale.
### Key Components of Internet Security
1. **Confidentiality**: Ensuring that information is accessible only to those authorized to access it.
2. **Integrity**: Protecting information from being altered or tampered with by unauthorized parties.
3. **Availability**: Ensuring that authorized users have reliable access to information and resources when needed.
## Common Internet Security Threats
Cyber threats are numerous and constantly evolving. Understanding these threats is the first step in protecting against them. Some of the most common internet security threats include:
### Malware
Malware, or malicious software, is designed to harm, exploit, or otherwise compromise a device, network, or service. Common types of malware include:
- **Viruses**: Programs that attach themselves to legitimate software and replicate, spreading to other programs and files.
- **Worms**: Standalone malware that replicates itself to spread to other computers.
- **Trojan Horses**: Malicious software disguised as legitimate software.
- **Ransomware**: Malware that encrypts a user's files and demands a ransom for the decryption key.
- **Spyware**: Software that secretly monitors and collects user information.
### Phishing
Phishing is a social engineering attack that aims to steal sensitive information such as usernames, passwords, and credit card details. Attackers often masquerade as trusted entities in email or other communication channels, tricking victims into providing their information.
### Man-in-the-Middle (MitM) Attacks
MitM attacks occur when an attacker intercepts and potentially alters communication between two parties without their knowledge. This can lead to the unauthorized acquisition of sensitive information.
### Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesSanjeev Rampal
Talk presented at Kubernetes Community Day, New York, May 2024.
Technical summary of Multi-Cluster Kubernetes Networking architectures with focus on 4 key topics.
1) Key patterns for Multi-cluster architectures
2) Architectural comparison of several OSS/ CNCF projects to address these patterns
3) Evolution trends for the APIs of these projects
4) Some design recommendations & guidelines for adopting/ deploying these solutions.
This 7-second Brain Wave Ritual Attracts Money To You.!nirahealhty
Discover the power of a simple 7-second brain wave ritual that can attract wealth and abundance into your life. By tapping into specific brain frequencies, this technique helps you manifest financial success effortlessly. Ready to transform your financial future? Try this powerful ritual and start attracting money today!
1.Wireless Communication System_Wireless communication is a broad term that i...JeyaPerumal1
Wireless communication involves the transmission of information over a distance without the help of wires, cables or any other forms of electrical conductors.
Wireless communication is a broad term that incorporates all procedures and forms of connecting and communicating between two or more devices using a wireless signal through wireless communication technologies and devices.
Features of Wireless Communication
The evolution of wireless technology has brought many advancements with its effective features.
The transmitted distance can be anywhere between a few meters (for example, a television's remote control) and thousands of kilometers (for example, radio communication).
Wireless communication can be used for cellular telephony, wireless access to the internet, wireless home networking, and so on.
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC
Ellisha Heppner, Grant Management Lead, presented an update on APNIC Foundation to the PNG DNS Forum held from 6 to 10 May, 2024 in Port Moresby, Papua New Guinea.
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBrad Spiegel Macon GA
Brad Spiegel Macon GA’s journey exemplifies the profound impact that one individual can have on their community. Through his unwavering dedication to digital inclusion, he’s not only bridging the gap in Macon but also setting an example for others to follow.
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Factors Influencing Risk Acceptance of Cloud Computing Services in the UK Government
1. International Journal on Cloud Computing: Services and Architecture (IJCCSA) ,Vol. 5,No. 2/3, June 2015
DOI : 10.5121/ijccsa.2015.5301 1
FACTORS INFLUENCING RISK ACCEPTANCE OF
CLOUD COMPUTING SERVICES IN THE UK
GOVERNMENT
Gianfranco Elena1
and Christopher W. Johnson1
1Computing Science, University of Glasgow, Glasgow, UK
ABSTRACT
Cloud Computing services are increasingly being made available by the UK Government through the
Government digital marketplace to reduce costs and improve IT efficiency; however, little is known about
factors influencing the decision making process to adopt cloud services within the UK Government. This
research aims to develop a theoretical framework to understand risk perception and risk acceptance of
cloud computing services.
Study’s subjects (N=24) were recruited from three UK Government organizations to attend a semi
structured interview. Transcribed texts were analyzed using the approach termed interpretive
phenomenological analysis. Results showed that the most important factors influencing risk acceptance of
cloud services are: perceived benefits and opportunities, organization’s risk culture and perceived risks.
We focused on perceived risks and perceived security concerns. Based on these results, we suggest a
number of implications for risk managers, policy makers and cloud service providers.
KEYWORDS
Government cloud computing, e-government, SaaS, cyber security, perceived risk, risk acceptance
1. INTRODUCTION
Cloud computing represents a new model to create and distribute scalable software and
infrastructure services.While cloud services such as Dropbox, Gmail or Netflix have been used by
millions of individuals, it is quite recent that Government organizations have begun to use cloud
services as a solution for their IT needs.
In 2011, the UK Government published the “Government Cloud Strategy” to promote the
adoption of Cloud services as a way to improve the cost efficiency, flexibility and interoperability
of the IT services. Until today, an online catalogue of 13,000 cloud services, including email,
enterprise resource planning, learning management, office productivity, polls/surveys and
analytics, is available on the Government digital marketplace[1].
Despite the adoption of the “Cloud First policy”, the adoption of Government cloud services still
represent just 1% of the central UK Government ICT bill. Little is known about factors that
influence risk acceptance of cloud computing services within the UK Government organizations.
2. International Journal on Cloud Computing: Services and Architecture (IJCCSA) ,Vol. 5,No. 2/3, June 2015
2
The rational decision-making process for evaluating cloud computing risks has to take into
consideration the actual risk or “objective” risk and the “perceived” risk, based on the judgements
of those assessing the risk [2]. It is hard to distinguish between “objective” risk and “perceived”
risk of cloud computing. For relatively new technology like cloud services, objective measures of
the risks are very hard to achieve and “objective” risks must be predicted by using complex
techniques which usually requires subjective judgments of experts [3]. The difference between
“objective” risks, estimated by technical experts, and public “perceived” risks can create some
difficulties for decision and policy makers. In fact, if public “perceived” risk is higher than
“objective” risk, it becomes a challenge to adopt new digital innovations [4].
Understanding how risk perception and risk attitude influence risk acceptance of cloud services
within Government departments may help risk managers and policy makers to prevent either that
an overly cautious risk culture results in a failure to seize important opportunities or taking
exaggerated risk without regard to the potential risk. In that regard, this study represents a
contribution to support actions that aim to align risk exposure to risk appetite in order to
maximize the efficiency and improve business services innovation taking acceptable risks.
This study aims to draw a map of the factors that are likely to influence the adoption of cloud
computing services [5]. By using grounded theory analysis [6], a descriptive theoretical
framework of the factors influencing risk acceptance of cloud services is formulated. We used a
semi-structured interview to examine Government professionals’ behavioral intention formation
when assessing cloud computing services risks and benefits.
The aim of this research, therefore, is to explore the following issues:
- Which factors influence risk acceptance of Cloud computing services?
- What are the most important perceived risks of Cloud computing services?
This paper is structured as follows: first, we revise the state of the art for adoption of Cloud
services in Government organizations. Second, we review the literature on organization’s risk
culture, and perceived benefits and risks of cloud software as a service. Third, we present our
methodology, based on grounded theory, to investigate the opportunity-risk framework for the
adoption of Cloud services within Government organizations. Next, we present our empirical
analysis of the results, and we conclude with a discussion of our findings, the theoretical and
practical contributions of our work, its shortcomings, and future research directions.
2. CLOUD COMPUTING ADOPTION IN GOVERNMENT ORGANIZATIONS
Recently, many EU countries have developed a Cloud national strategy,according to the
recommendationsof the European Commission’s Cloud Strategy, but only a few of them have
developed a Governmental Cloud infrastructureto support the public administration. Previous to
the study of the Cloud risk acceptance framework, it is important to understand the state of cloud
adoption inthe European Member States and the main benefits and concerns for the adoption of
Government Cloud services.
According to Z wattendorfer [7], eight European countries have already planned to use Cloud
Computing (see Table 1). Despite three countries (UK, Spain, and Denmark) have already
implemented a Cloud infrastructure, the full implementation of their national Cloud Computing
strategy will still take another few years [8].
3. International Journal on Cloud Computing: Services and Architecture (IJCCSA) ,Vol. 5,No. 2/3, June 2015
3
Table 1. Comparison of Cloud computing adoption in e-Government across eight European countries made in [7]
Country National
Strategy
Cloud
Adoption
Deployment
Models
Cloud
Services
Examples of Cloud
services
Austria Yes Planned Public
Private
Community
IaaS
PaaS
SaaS
Backup
Collaboration Services
Identity as a service
Denmark No Planned
Executional
Public
Private
Community
SaaS Email
Procurement
Finland No Planned
France Yes Development Community IaaS
Germany Yes Planned
Ireland Yes Planned Public
Private
Community
IaaS
PaaS
SaaS
Open Data
Collaboration Services
Email
Spain No Planned
Executional
Public
Private
Community
Hybrid
IaaS
PaaS
SaaS
Open Outsourcing
Email
Storage/Backup
Office
Collaboration
UK Yes Planned
Development
Private
Community
IaaS
PaaS
SaaS
Email
Office
CRM
The adoption of Cloud Computing in the Governmental organizations offers many potential
benefits. First, the savings obtained from operating and maintaining their hardware and software
infrastructures [9]. Second, an increased capability to test and procure IT capacities that they
may not have been able to afford in the past [10]. Third, the flexibility to manage IT resources
allows scaling up and down capacity on demand and only pay for the actual usage. Also, cloud
platforms enable to use an agile development environment that makes it easier for IT
professionals to develop applications quickly and to adopt them instantly[11][12].
On the other hand, recent studies have grouped the cloud risks into four categories [13]: policy
and organizational risks (e.g. data lock-in, loss of governance), technical risks (e.g. cyber-attacks,
loss of data), legal risks (e.g. data protection and legal jurisdiction), and other risks (e.g. network
problems, internet connection).
First, theinteroperability of different cloud platforms it is still hard to achieve. A lack of
standardization means that government organizations would not be able to shareeasily
information with other organizations as well as transfer their data from a cloud service providerto
another [14].
Second, security and privacy issues are considered as key factors for the adoption of cloud
services [15]. The main security challenges are data protection and compliance, identity and
access management, auditing, as well as risk management and detailed security SLA
formalization [16].
Third, government organizations have concerns about privacy and data confidentiality a lack of
control over the physical infrastructure [14][17] and for the IT performance which it is controlled
4. International Journal on Cloud Computing: Services and Architecture (IJCCSA) ,Vol. 5,No. 2/3, June 2015
4
not by their staff but by off-premises cloud providers; and that they may not be able to make
necessary changes in application features easily and when needed[18][19].
Fourth, there is a concern about service availability and reliability especially regarding the
unexpected cloud system downtime and disruption [9].
In summary, cloud computing offers many advantages and challenges for government
organizations [19]. Some of these challenges are technical while some are related to the
uncertainties derived from engaging with a recent innovation. An objective of this study was to
identify perceived factors that may discourage IT government professionals from adopting cloud
computing [20].
3. THEORETICAL FRAMEWORK
3.1 Organization’s Risk Culture
“Organization’s risk culture consists of the norms and traditions of behaviour of individuals and
of groups within an organization that determine the way in which they identify, understand,
discuss and act on the risk the organization confronts and takes” [21]. Many factors influencing
risk-related behaviours have been studied by psychologists and sociologists. Main components
include risk perception and risk propensity [22], decision-making process [23] and personal
characteristics of risk takers [24][25].
The question if public risk managers are more risk averse than private risk managers has been
debated in the last decades [26]. It is a common view that public risk managers have little
incentive to take risks and that risk aversion could undermine effective decision making process.
Despite many studies investigated the differences between risk aversion of private and public risk
managers and the effect of risk aversion on managerial decisions [24][25], none of them proved
systematically differences between public and private organizations [27][22]. We identified some
reasons that could influence risk aversion in public risk managers and decision makers. First, the
lack proprietary property of rightsis a disincentive to take managerial risky decisions in the public
sector. Second, public risk manager are due to the stringent supervision of their decisions and risk
taking behaviour could be hard to explain in the case of poor results. Third, the bureaucratic
process and the higher degree of formalism to change the “status quo”introducingnew processes
and digital innovation can be discouraging [28][29][30].
Since little is known about risk aversion in public organizations and their managers about the
adoption of cloud computing services, it would be useful to have a better understanding of risk
taking by public managers.
Given the importance of these issues, this research investigates factors influencing public
managers’ risk-taking about the adoption of digital innovation like cloud computing services.
Government organizations may have different ranges of risk attitudes towards different risks.
Perceived risks that are acceptable for one department could be not acceptable for another one.
Risk attitude depends on the perceived opportunities gained in comparison to the related potential
losses.
5. International Journal on Cloud Computing: Services and Architecture (IJCCSA) ,Vol. 5,No. 2/3, June 2015
5
3.2 Perceived Benefit and Risk
The theory of riskdefinessix main dimensions of perceived risk: performance, financial, time,
psychological, social, privacy [5][31][32][33][34].Consumers perceptions of risks involved in the
adoption of SaaS services have been studied in the past years [35][36][37] (Table 1).
On one hand, the main benefits are the pay-per-usage, end-user convenience and ease in installing
and managing software, improved software quality. On the other hand, the most frequently
mentioned risks are data security and system integration with the legacy system.
Table2. Benefits and risks of Cloud services adoption.This table is based on a meta-analysis of[35]
Authors Perceived Benefit Perceived Risk
Research
content
Main result Research
content
Main result
[35] Investigated the
perceived
benefits of SaaS
- Cost advantages
- Strategic flexibility
- Focus on core
competencies
- Access to specialized
resources
- Quality improvements
Investigated
the
perceived
risks of SaaS
- Performance risk
- Economic risk
- Strategic risk
- Security risk
- Managerial risk
[36] Explored
perceived
benefits from
the
perspective of
(SaaS)
customers
- Pay only for what is used
- Easy and fast deployment
to end users
- Monthly payments
- Encourages standard
systems
- Requires fewer in-house IT
staff members and lower
costs
- Always offers latest
functions
Explored the
perceived
risks from
the
perspective
of (SaaS)
customers
- Data locality and
security
- Network and web
application security
- Data integrity and
segregation
- Authentication and
authorization
- Virtualization
vulnerability
- Data access and
backup
[37] Examined the
benefits of
deploying
cloud-based
systems (SaaS)
- No installation and
maintenance of software
- No software expertise
necessary
- Eliminates the need for an
ICT department
- No complicated license
management
- Access to software without
a need for upfront
investments
Examined
the
problems
associated
with
deploying
cloud-based
systems
(SaaS)
- Need for contractual
expertise
- Quality assurance
- Ensuring the
accountability of
service providers
- Problems shift to
composing and its
integration with legacy
systems
- Assurance that data
are backed up and can
be recovered
The analysis of this qualitative study was based on the review of factors influencing risk
acceptance and risk attitude of cloud services. We used these factors, in the post interview, as part
of the conceptual framework to derive our themes and the subsequent analysis.
6. International Journal on Cloud Computing: Services and Architecture (IJCCSA) ,Vol. 5,No. 2/3, June 2015
6
4. METHODOLOGY
The aim of this research is to explore the factors influencing the risk acceptance of cloud
computing services in the UK Government organizations. We conducted a number of semi-
structured interviews to collect relevant information. In that regard, we paid attention to select the
relevant sources of information, avoid indications of causal relationships, define variables for
building a model, and take into consideration contextual factors like organizational risk attitudes
and culture. Transcribed texts of the interviews were then analyzed and coded according to the
grounded theory methodology [38]. Grounded theory analysis was successfully used in other
similar studies for generating ideas’ frameworks, not connected a priori to pre-existing theories,
by empirical data. In this sense, “using the grounded theory methodological framework it is
possible to ensure that the theoretical description appropriately reflects the empirical setting and
that the theoretical framework is actually generated by the data description”[39].
4.1 Data collection
A pilot study on four individuals was used to test the interview process. Study subjects were then
recruited from three UK Government organizations. An email providing background information
of the research was sent to all participants through their chief division, seeking voluntary
participation in the research. Potential participants who expressed interest in the research were
provided additional information through email in the form of an information sheet providing
background information about the planned interviews. Upon confirmation to assist with the
research, a mutually suitable time was arranged to conduct the interview. Twenty-four
Government professionals (twenty males) took part in this study between January and March
2014 (named P1,…, P24). Subjects were unknown to the researcher before the interview. All
interviews were digitally recorded and on average each interview took approximately thirty
minutes. The number of participants was deemed satisfactory according to “theoretical
saturation” principle [40].Data was collected through semi-structured interviews that consisted of
a series of open-ended questions. The interview was structured in four main parts. First, we
collected general information on the participant and his role in the organization. Second, we
elicited predictors of intention to adopt cloud-services as seen by the professionals working in
government organizations. We aimed to obtain insight into their views about benefits and barriers
of adopting a cloud computing technology. Specifically, question one reads “If handled digital
innovation within your organization, what would influence your decision to adopt cloud services
and why?” The second question reads “What are the benefits and barriers that you would consider
about adopting cloud services in your organization?”. Third, we investigate the perceived risk of
cloud-services. Question three reads “What are the most important perceived risks about using
cloud computing services in your organization?”, Question four reads “Can you describe these
risks and explain why they are so important?”. In the end, as a result of the first two iterations, we
focused on “security risk” by asking “How important is security risk about using cloud services
within your organization and why?”. Question six reads “What are the most important security
risks for adopting cloud services and why?”.
Eighteen of the interviewees had a managerial role within the organization. The average work
experience was 18 years (SD 6.8), and the average age was 44 years (SD=7.8).
4.2 Data Analysis
Transcribed texts were analyzed “using the approach termed interpretive phenomenological
analysis” [41] which aims to understand the participant’s point of view by interpreting his
7. International Journal on Cloud Computing: Services and Architecture (IJCCSA) ,Vol. 5,No. 2/3, June 2015
7
answers. First, all the interviews were printed out and carefully examined to make sense of the
general content and meaning of the texts. Then, we conducted two main activities: open coding
for the identification and labelling of concepts and axial coding for the definition of the
relationships between concepts. The qualitative data handling program Atlas (Visual Qualitative
Data Analysis-Management-Model Building) was used to assist analysis [42]. Data were
analyzed and discussed by two researchers, “taking notes and writing memos along the lines”
[38]. Open and axial coding generated a list of main categories (i.e. families of concepts) and
concepts which allowed drawing a network of concepts and categories. The outcome of both data
collection and data analysis was validated. In the rest of the paper selected outcomes from this
empirical study are presented. The process is described in figure 1.
Figure 1.Transcribed texts analyzed using the “termed interpretive phenomenological analysis”.
5. RESULTS
The result of the grounded theory analysis is basically a list of concepts grouped into categories
and connected by hierarchical levels. The most significant networks of concepts generated
through the empirical analysis of collected information were: a. Factors influencing adoption of
cloud services; b. Perceived risks of adopting cloud services; c. Perceived security risks. These
three core areas will now be shown in some detail focusing on the most important
concepts/properties, where the importance is expressed in terms of so-called ‘‘groundedness’’,
i.e. the number of citations (the number of times a concept/property was mentioned during
interviews) [38].In order to analyze participants’ responses, the data were coded in themes (i.e.
concepts, properties) and grouped into categories based on underlying principles. In total, 331
coding themes and 22 concepts were formed and labeled as described in figure 2. These
categories were created based on words or phrases used by respondents, which were attributed to
the object under examination.
The responses to the six questions were summarized and described below. As the format of the
study involved open-ended questions, this often resulted in participants providing more than one
response to each question. As a result, the percentage value indicates the importance of the
network connection based on the number of times a concept/property was mentioned during
interviews [43].
5.1 Reliability
The results appeared reliable, as themes from the pilot study and both organizations were similar,
and an independent assessment of pilot transcripts revealed consistency in derived concepts [38].
Agreement rate amongst the three specialist independent raters was 92%.
8. International Journal on Cloud Computing: Services and Architecture (IJCCSA) ,Vol. 5,No. 2/3, June 2015
8
5.2 Validity
Data triangulation
This study employed data triangulation, in that data were collected from two differing
organizations and professionals with a reasonably wide experience background. The data did not
significantly vary between the organizations or participants [43].
Respondent validation
Respondent validation involved the comparison of the investigator’s account with the pilot
subjects’ answers. The level of concordance was tested by asking participants if the interpretation
by the researcher was accurate in terms of what they were trying to communicate. This was
carried out using a linear score where 10 represented total agreement and zero represented no
agreement [6]. The mean scores ranged from 7.5 to 8.6 for the pilot subjects. This suggests a high
degree of respondent validity.
Figure 2.N=24. Description of the three families of concepts and their relationships.
6. DISCUSSION
Previous studies explored factors affecting the adoption of cloud computing services, including
the technical, process, and economic factors [44] as well as perceived risks and perceived benefits
[37][45]. But little is known about the factors that inhibit or enable the adoption of cloud services
in Government organizations. The primary goal of this study is to gain a deeper understanding of
the components that influence risk acceptance of cloud computing services in the UK
9. International Journal on Cloud Computing: Services and Architecture (IJCCSA) ,Vol. 5,No. 2/3, June 2015
9
Government. In that regard, we used a grounded theory approach [43]to elicit factors influencing
cloud computing adoption and build a theoretical framework generated from the data description.
We used qualitative analysis to interpret the data applying the principle of theoretical saturation to
discover concepts and linkages between concepts [6]. Based on the results of the interpretative
data analysis we conducted a literature review to define better derived concepts and families of
concepts.
This in-depth interview study highlights that the most important factors influencing risk
acceptance of cloud computing services within the UK Government organizations are: perceived
benefits/opportunities, organization’s risk culture, perceived risks, lack of
knowledge/understanding, lack of trust and ease of use (see figure 2). Risk concern was a
consistent issue raised by all professionals without prompting. Our findings about perceived risks
are in line with the previous studies[32][5][33][34][31] and indicated the following perceived risk
facets: security risk, economic risk, social/reputational risk, performance risk and time risk. In
particular, security risk resulted to be the main concern. Participants reported a higher level of
risk perception for the possible loss of data control and data protection, lack of cyber security and
personnel security, loss of privacy and confidentiality, loss of availability and integrity.
Cost savings [44][45] on software procurement and maintenance are usually one of the strongest
determinants to start using cloud services in the private sector.An interesting finding about
perceived benefits of cloud services in Government organizations was that our participants
focused on the importance to increase the flexibility and the interoperability of the IT services
provided: “I believe that cloud services could help to easily share information within the
organization and with citizens” P1; “It should reduce the time to procure and upgrade software
application services”, P5; “It will facilitate information access from multiple locations and
devices”, “it can improve interoperability with other organizations”, P8; “it makes easier to
collaborate and exchange data with other departments” , P10. At the same time, participants
confirmed that cost advantages play an important role in the decision to adopt cloud services: “it
can improve economies of scale and produce relevant cost savings”, P3; “it could reduce the
need for multiple data centers and software maintenance”, P9; “it should help to have fewer data
centers saving on hardware and energy costs”, P13; “it can save time and improve
organization’s productivity”, P19.This result suggests that Government organizations primarily
need to be more efficient by improving their interoperability and flexibility. There is a need to
collect, share, visualize, analyze, store and retrieve information more efficiently. With thousands
of different IT systems and services available, it is a challenge to collaborate easily and share
information with other organizations and citizens.
Organization’s risk culturehas an influence on how government professionals identify,
understand, discuss and act on the risk their organization confronts and takes [21]. In that regard,
participants indicated that cloud service adoption could be influenced by the following
aspects:“Government organizations must follow their IT security policy which specifies how to
procure and use available IT services”, P14; “a top-bottom approach is used to define what kind
of IT services are necessary and should be available to end users. End users can represent their
needs or suggest upgrades, but they are rarely implemented…”, P18;“there is a hierarchical
structure for taking decisions but often the top management is not aware of the needs of the end
users…”, P6; “I feel a different sense of responsibility for taking personal decisions or decisions
affecting the Government organization in which I work…”, P8; “I have little or no incentive to
take risks on my work. If something wrong happens it would be hard to justify and motivate risky
choices”, P17; “it is easier to take risky decisions that are in line with the objectives fixed by the
top management”, P21. These results suggest that Government professionals are more risk averse
than private risk managers [26] and more reluctant to adopt cloud services within their work
10. International Journal on Cloud Computing: Services and Architecture (IJCCSA) ,Vol. 5,No. 2/3, June 2015
10
environment. First, they have little interest to introduce cloud services especially if there is no
clear communicationof the senior management to enhance digital innovation.Participants
suggested that they usually trust and follow the directives they receive from their security
department. A second reason is that the hierarchical structure of government organizations
usually requiresa long bureaucratic process to approve the use of new technology or procedure.
Many risky decisions are not taken just because it is easier and quicker to go with the old solution
[29][30].
In line with other studies about perceived risks[5][31], our findings confirmed that most
important perceived risks of cloud services are: social/reputational risk,financial risk, and security
risk. Participants defined social risk as: “social risk for using cloud services is very high because
of the potential damage and loss of reputation in case of leakage of personal data and
unavailability of the cloud services”, P12; “…the negative impact on public opinion in case of
cyber incidents could result in a lack of trust in government authorities”, P9; “…as a risk
manager I avoid taking risky decisions that could have a bad impact on the image of the
organization…”, P19. Results suggest that social risk is perceived as very high especially in
consideration of the effects of the social amplification phenomenon caused by media and social
media coverage in case of cyber incidents [46].
Also, participants defined the financial risk as: “I wonder if using cloud services will replace
legacy IT systems or just add something else to what we have already”, P12; “…sometimes we
are locked into existing contract that will last for years. It is not easy or convenient to replace
these contracts… financial penalties from withdrawing could be applied…”, P23; “cloud
services need to prove efficiency and effectiveness before spending money on new IT systems…”,
P24; “High legal fees to personalise terms and conditions of use should be taken into
consideration to evaluate the economic convenience of using cloud services...”, P14; “…Costs
higher than expected shouldn’t be a bad surprise…”, P20. It is clear that cost savings are an
important perceived benefit. Government professionals are attracted by the economic
convenience of using cloud services but are not confident about the total cost of replacing their
legacy systems with cloud services. They are worried that hidden costs would affect the economic
convenience of their decision.
Finally, participants described security risk as the most important concern to adopt cloud services.
A number of factorsrelated to security risk were described as follows:
Loss of service control: “…our technical staffs administer and have full control onall IT systems.
It is hard to imagine what could happen if something wrong happens with cloud services as we
need to have quick answers and solutions…”,P2; “…cloud service providers have full control of
the cloud infrastructure and could change the rules without our consent or enforce new terms of
use”, P14.
Data security and protection: “how can we know how cloud service providers will store and
protect our data if we use cloud services?...” P3; “…will cloud service provider provide a report
of major and minor data security incidents? It is important to know what happens in real time in
order to react appropriately…”,P22; “what is the level of data protection provided for data
stored in the cloud data centre? What are the data security standards for governmental
clouds?...”, P21; “…are data stored with adequate level of protection and secured from the data
centre to the user?”, P15; “…UK law is very cautious about personal data and there are legal
issues if data is not stored in the UK. It is important to know where data are stored and
protected…”, P19.
11. International Journal on Cloud Computing: Services and Architecture (IJCCSA) ,Vol. 5,No. 2/3, June 2015
11
Cybersecurity: “…using cloud services could improve the risk of cyber-attacks. If data are
concentrated in one place it could be easier to attack…”, P11; “…such a concentration of
sensitive data in the same place could trigger lots of interest and potential threats”, P15;
“protecting a government cloud infrastructure from cyber-attacks is a bigger challenge…what is
the responsibility of the end users and the cloud service provider?, P18.
Personnel security: “…how do we know who has access to the data centre infrastructure? What
happens if malicious insiders have access to the data?”,P4; “…what kind of controls, policies,
standards, security procedures are in place in the cloud service provider…”, P5; “…How cloud
service provider can avoid leakage of information? How can they ensure that their personnel
respects the highest security standards?”, P15.
Loss of privacy: “…every year many portable devices are stolen or lost…. using cloud services in
a government organization could improve problems of privacy…”, P7; “with so many personal
data there is a risk that unauthorized persons could access personal information of ….”, P24.
Loss of confidentiality and integrity: “…many data exchanged within and outside the UK
government are to be considered sensitive and, using cloud services, the risk of losing data
confidentiality and integrity could improve…”, P19.
Loss of availability: “…there are many examples of cloud services that were not available for
days due to technical problems. Services provided by the Government shouldalways be
available…I am not sure that using cloud services can improve resilience of IT services…”, P5;
“…if the internet connection is not available than cloud services will not work…”, P3; “there are
many examples of incidents that made unavailable cloud services for the day. Since Government
critical infrastructures need to be extremely resilient, it is a challenge to plan the adoption of
cloud computing services within a Government organization…”, P18.
These results suggest that security concerns are one of the most important perceived risks for
using cloud computing services in Government organizations. There could be many reasons for
this common risk perception. First, there is a need to increase the level of trust in the quality of
service provided by Cloud service providers. Second, term and conditions of the Service Level
Agreements are not known or unclear. Third, Government Cloud services available through the
UK Cloud store were unknown to the majority of the participants. Fourth, it is unclear how cloud
service providers willadequately protect the privacy and confidentiality of data stored in their
cloud infrastructures. Fifth, it is hard, if not impossible, to supervise the security activities
performed by the personnel of the cloud service providers.
In summary, this study contributes to build a conceptual framework that describes the linkages
between different factors that influence risk acceptance of adopting cloud computing services in
Government organizations. We focused on main perceived risks discovering the importance of
security risk and its contributing factors.
7. CONCLUSIONS AND FUTURE RESEARCH
Based on the previous considerations we suggest someactions that could support the adoption of
cloud computing services in Government organizations.
Implications for National and Member Statespolicy makers
- Cloud Computing strategy should be part of the national ICT strategy, enabling central
Government to quickly procure and deliver digital service innovations to citizens;
12. International Journal on Cloud Computing: Services and Architecture (IJCCSA) ,Vol. 5,No. 2/3, June 2015
12
- Cloud Computing strategy should define clear objectives, timetables and managers’
responsibilities within each Government organization taking into account the implications for
security;
- Should promote a centralized Governmental cloud store to procure all IT services across
Government organizations;
- Provide case studies of successful implementation detailing pros cons and total costs
- Should define a plan of incentives for Government risk managers and decision makers
who are responsible to introduce digital innovation
- Should assess the results achieved and lesson learned annually;
- Should define a generic security framework for governmental clouds [47];
- Manage appropriately risk communication in case of cyber incidents to avoid the effects
of the social amplification factor [48];
Implications for Government’ risk managers and IT decision makers
- Should definedesired risk exposure and risk tolerance for using cloud services within
different organizations
- Should improve services efficiency and innovation by taking acceptable risks
- Should prioritize the procurement of cloud services to enhance IT services
interoperability inter and intra organizations
- Should effectively communicate the benefits and opportunities provided by new cloud
services
- Should define clear objectives and managerial responsibilities to achieve adoption of
cloud computing services
- Should enable end users to learn and use efficiently the new cloud services
Implications for Cloud Service Providers
- Should provide clear information about Service Level Agreements, specifying level of
responsibility and time of intervention;
- Should provide a flexible pricing plan that enables government organizations to pay as
per use;
- Should provide an Incident Response service to enable customers identify and react
quickly to potential cyber-attacks;
- Should protect consumer data against physical tampering, loss, damage or seizure;
- Should ensure that all the staff be subject to personnel security screening and security
education for their role;
- Should provide consumers with the tools required to enable them securely manage their
service;
- Should allowaccess to all service interfaces only to authenticated and authorised
individuals.
- Should provide secure service administration mitigating any risk of exploitation that
could undermine the security of the service;
- Should provideconsumers with the audit records they need to monitor access to their
service and the data held within it.
The present research aimed to identify factors influencing the adoption of cloud computing
services within Government organizations. The results revealed six main drivers that require to be
interpreted in context. Specifically, the selected sample originated from only two UK
Government organizations, which bears the risk that their views on cloud computing adoption
could be biased by a common previous experience with legacy IT systems. While there is no
13. International Journal on Cloud Computing: Services and Architecture (IJCCSA) ,Vol. 5,No. 2/3, June 2015
13
evidence to suggest that this sample was not representative of the wider Government
organizations population, future research should include samples from various Government
organizations to confirm the validity of the current findings.
Additionally, [49] it needs to be remembered that the sample size included 24 participants. From
both a theoretical and applied perspective, future research should also investigate the applicability
and predictive validity of the new key variables identified in the present research. Moreover,
future studies should test if perceived risk can be determined by the identified variables, and how
important is the perceived risk to predict the risk acceptance for adopting cloud computing
services. For future research it would be interesting to evaluate the statistical significance of the
identified variables and the correlation between independent and dependent variables. In
particular this will enable to define a high level algorithmto predict risk acceptance of Cloud
computing services in Government organizations.
Appendix 1
PART 1. 1. “If you were responsible for digital innovation within your organization, what would influence your
decision to adopt cloud services and why?” / 2. “What are the benefits and barriers that you would consider about
adopting cloud services in your organization?
CONCEPTS
PROPERTIES (from Open coding) / NUMBER OF TIMES the property was
mentioned
%
Benefit/Opport
unities
Share information within the organization and with citizens(9), Cost savings (3),
Economies of scale (2), 24/7 support (2), reliability (2), time to procure and implement
new sw (2), easy sw upgrade (2), access from multiple locations and devices (3),
interoperability with other organizations (3), standardization of software and data (2),
improving resilience (2), Data centres more efficient (1), Compatibility (1), Easier
maintenance (1), collaborative functionality (2), more functionality (1), improve
productivity (1), improve accessibility (1)
27,6
Risk Culture
public sector employees are resistant/not willing to change (2), reluctance to
innovation(1), our employees are risk averse(4), there is no incentive to take risks(2),
G-Cloud is not proved(1), top management is not aware/able to weight latest
technologies risk opportunities (2), Government is not an early adopter/prefers to adopt
tested and mature products (6), employees are reluctant to share information(1), IT
Departments take decisions based on risk assessment and Cost Benefit Analysis (1),
information security is devolved to Government(1), there are many different
organizations with different needs and level of IT knowledge (1), complex and
bureaucratic process to change (1), influence of policy, rules and procedures (8)
21.4
Perceived Risks
Loss of control (8), privacy (5), cyber security(3), cybercrime (3),Need to maintain the
legacy systems (3), Locking into existing contracts (1), Reputation could be damaged in
case of security incidents (3), Cloud services could not achieve expectations(1), Time to
understand terms and conditions of use (1)
19
Lack of
Knowledge/
Understanding
lack of knowledge (6), lack of knowledge of Government plans and ambiguity about
G-Cloud (3), lack of understanding of security issues (3), not clear the need for cloud
services (2), cloud term is confusing (1), lack of awareness how to access cloud
services (1), fear of unknown (1), lack of awareness of benefits and services available
(1)
12.4
Lack of Trust
in CSP
lack of trust in CSP (4), concerns about most important Cloud Service Providers (4),
CSP pursue their commercial interests which are not the same of Government (1), CSP
providing private cloud solutions can provide the same solution to other
governments(1), who is providing cyber security? (1), how long does it take to solve a
problem? (1), CSP are reluctant to report incidents (breaches or outages) unless forced
to do that (1), lack of transparency of CSP in reporting incidents (2)
11.7
Ease of Use
Ease of Use (4), easy to learn (4), ease to access (login), facilitate use of Government
services for citizens(4), better user interfaces (2), improved usability(2)
11
Social Norm
large number of users sharing data on a common platform (1), use cases to understand
main issues and how to solve them (1) 1.4
14. International Journal on Cloud Computing: Services and Architecture (IJCCSA) ,Vol. 5,No. 2/3, June 2015
14
PART 2 . 1. “What are the most important perceived risks about using cloud computing services in your
organization?” / 2. “Can you describe these risks and explain why they are so important?”
CONCEPTS
PROPERTIES (from Open coding) / NUMBER OF TIMES the property was
mentioned
%
Security Risk Loss of control (5), privacy (3), data security/protection (3), confidentiality (3), loss of
availability(2), loss of integrity(2), personnel security (3), physical security(3), cyber
security(1), cybercrime (1)
37
Financial Risk
Need to maintain the legacy systems(4), Locking into existing contracts, financial
penalties from with withdrawing(4), new and complex procurement procedures (2),
need to prove efficiency and effectiveness before spending money on new IT
systems(2), Financial risk(2), High legal fees to personalise terms and conditions of
use(1), Costs higher than expected(1)
24.6
Social Risk
Reputation could be damaged in case of security incidents…especially in case of
leakage of personal data, services provided are not available/efficient, cost savings and
IT efficiency is not confirmed (7), social risk (3), must be supported by Government to
lower risk of reputation image (1), media can negatively influence public opinion after
cyber incident (1)
18.5
Performance
Risk
Performance risk (2), cloud services vs legacy systems (more or less risk) (2),
reliability (1), need for a pilot test (1), system does not perform as advertised (1),
Cloud services could not achieve expectations (1)
12.3
Time risk
Time to understand terms and conditions of use (1), compliance with storing personal
data (1), time to research and implement new solutions(1), time to define and agree
SLAs (1), time to learn (1)
7.7
PART 3 . 1. “How important is security risk about using cloud services within your organization and why?” / 2.
“What kind of security risk are important to define the security risk of cloud-services?”.
CONCEPTS
PROPERTIES (from Open coding) / NUMBER OF TIMES the property was
mentioned
%
Loss of service
control
if something happen we need quick answers (7) CSP can change rules without our
consent (6) not marked information sharing risk (2) how to share sensitive info (4)
22.9
Data security/
protection
where is located the CSP?(3) Where are stored the data? (2) who can access? (2) Are
accesses auditable?(1) are data protected from the data centre to the user? (1)
UK law is very cautious about personal data and there are legal issues if data is not
stored in the UK (3) Are logs accessible? (2) Are data securely stored with adequate
level of protection? (2)
19.3
Cyber security
cybercrime (1), cyber-attack (4), data leakage (1), leakage of sensitive information (1),
concentration of data means lots of interests and threats (8)
18.1
Personnel
security
who is the administrator of the system? (2) Who is providing technical support? (2)
Authorizations policies and procedures (2) control to access cloud data and
infrastructure (malicious insiders) (3)
how to ensure the need to know principle? (4) Only authorised people can access some
data (1)
16.9
Loss of privacy stolen pc with access to cloud services (13) 15.7
Loss of
confidentiality
loss of data (4), stolen pc (2), human error (5) 13.2
Loss of
availability
can not access your data if CSP is not working or reachable (5)
outages (2), info availability to the right person (1)
IT infrastructure is a strategic asset and if cloud is not available means to expand the
risk (1)
10.8
Loss of
integrity
loss of integrity (8) 9.6
Physical
security
it is possible to access from difference location and devices (4)
compliance to physical security standard (2)
7.2
Lack of liability
who is liable for poor quality of services provided ? (2)
who is responsible for security incidents? (2)
4.8
Identity
management
many user across different public sector organizations (3) 3.6
15. International Journal on Cloud Computing: Services and Architecture (IJCCSA) ,Vol. 5,No. 2/3, June 2015
15
REFERENCES
[1] European Commission, “European Cloud Computing Strategy | Digital Agenda for Europe,” 2012.
[Online]. Available: http://ec.europa.eu/digital-agenda/en/european-cloud-computing-strategy.
[Accessed: 23-Apr-2015].
[2] R. Kasper, “Perceptions of risk and their effects on decision making,” Soc. Risk Assess., 1980.
[3] G. T. Gardner and L. C. Gould, “Public Perceptions of the Risks and Benefits of Technology ’,” vol.
9, no. 2, 1989.
[4] H. Otway and K. Thomas, “Reflections on Risk Perception and Policy1,2,” Risk Anal., vol. 2, no. 2,
pp. 69–82, Jun. 1982.
[5] S. Bellman, G. L. Lohse, and E. J. Johnson, “Predictors of online buying behavior,” Commun. ACM,
vol. 42, no. 12, pp. 32–38, 1999.
[6] D. Walker and F. Myrick, “Grounded theory: an exploration of process and procedure.,” Qual. Health
Res., vol. 16, no. 4, pp. 547–59, Apr. 2006.
[7] B. Zwattendorfer and K. Stranacher, “Cloud Computing in E-Government across Europe,” Technol.
Innov. Democr. Gov. Governance. Springer Berlin Heidelberg, 181-195., 2013.
[8] T. Haeberlen, D. Liveri, and M. Lakka, “Good Practice Guide for Securely Deploying Governmental
Clouds,” pp. 1–46, 2013.
[9] M. Miller, Cloud Computing: Web-Based Applications That Change the Way You Work and
Collaborate Online. Que Publishing, 2008.
[10] R. L. Grossman, “The case for cloud computing,” IT Prof., vol. 11, no. 2, pp. 23–27, 2009.
[11] M. Greer, “Software as a service inflection point: Using cloud computing to achieve business agility,
iUniverse,” Bloom., 2009.
[12] A. Vile and J. Liddle, TheSavvyGuideTo HPC, Grid, Data Grid, Virtualisation and Cloud Computing.
2008.
[13] J. W. S. Ali Khajeh-Hosseini, David Greenwood and I. Sommerville, “The Cloud Adoption Toolkit:
supporting cloud adoption decisions in the enterprise,” Softw. - Pract. Exp., vol. 42, no. 7, pp. 447–
465, 2012.
[14] M. Armbrust, I. Stoica, M. Zaharia, A. Fox, R. Griffith, A. D. Joseph, R. Katz, A. Konwinski, G. Lee,
D. Patterson, and A. Rabkin, “A view of cloud computing,” Commun. ACM, vol. 53, no. 4, p. 50,
Apr. 2010.
[15] K. K. Smitha, K. Chitharanjan, and T. Thomas, “Cloud based e-governance system : A survey,”
Procedia Eng., vol. 38, pp. 3816–3823, 2012.
[16] S. Paquette, P. T. Jaeger, and S. C. Wilson, “Identifying the security risks associated with
governmental use of cloud computing,” Gov. Inf. Q., vol. 27, no. 3, pp. 245–253, 2010.
[17] Q. Zhang, L. Cheng, and R. Boutaba, “Cloud computing: state-of-the-art and research challenges,” J.
Internet Serv. Appl., vol. 1, no. 1, pp. 7–18, Apr. 2010.
[18] N. Leavitt, “Is cloud computing really ready for prime time?,” Computer (Long. Beach. Calif)., 2009.
[19] A. Tripathi and B. Parihar, “E-Governance challenges and cloud benefits,” Proc. - 2011 IEEE Int.
Conf. Comput. Sci. Autom. Eng. CSAE 2011, vol. 1, pp. 351–354, 2011.
[20] A. Lin and N.-C. Chen, “Cloud computing as an innovation: Percepetion, attitude, and adoption,” Int.
J. Inf. Manage., pp. 1–8, Apr. 2012.
[21] Barry Bozeman, “Culture in Public and Private Organizafions,” vol. 58, no. 2, pp. 109–118, 1998.
[22] S. B. SITKIN and L. R. WEINGART, “DETERMINANTS OF RISKY DECISION-MAKING
BEHAVIOR: A TEST OF THE MEDIATING ROLE OF RISK PERCEPTIONS AND
PROPENSITY.,” Acad. Manag. J., vol. 38, no. 6, pp. 1573–1592, Dec. 1995.
[23] A. Fiegenbaum and H. Thomas, “ATTITUDES TOWARD RISK AND THE RISK-RETURN
PARADOX: PROSPECT THEORY EXPLANATIONS.,” Acad. Manag. J., vol. 31, no. 1, pp. 85–
106, Mar. 1988.
[24] S. Jackson and J. Dutton, “Discerning threats and opportunities,” Adm. Sci. Q., 1988.
[25] K. R. MacCrimmon and D. A. Wehrung, “Characteristics of Risk Taking Executives,” Manage. Sci.,
vol. 36, no. 4, pp. 422–435, Apr. 1990.
[26] A. Gore, From red tape to results: Creating a government that works better & costs less: Report of the
National Performance Review. 1993.
[27] R. Osborn and D. Jackson, “Leaders, riverboat gamblers, or purposeful unintended consequences in
the management of complex, dangerous technologies,” Acad. Manag. J., 1988.
16. International Journal on Cloud Computing: Services and Architecture (IJCCSA) ,Vol. 5,No. 2/3, June 2015
16
[28] H. Rainey, S. Pandey, and B. Bozeman, “Research note: Public and private managers’ perceptions of
red tape,” Public Adm. Rev., 1995.
[29] H. Rainey and B. Bozeman, “Comparing public and private organizations: Empirical research and the
power of the a priori,” J. public Adm. Res. …, 2000.
[30] S. Pandey and P. Scott, “Red tape: A review and assessment of concepts and measures,” J. Public
Adm. Res. Theory, 2002.
[31] M. G. Morgan, M. Henrion, and M. Small, Uncertainty: A Guide to Dealing with Uncertainty in
Quantitative Risk and Policy Analysis. Cambridge University Press, 1992.
[32] D. Grewal, J. Gotlieb, and H. Marmorstein, “The moderating effects of message framing and source
credibility on the price-perceived risk relationship,” J. Consum. Res., 1994.
[33] S. Cunningham, “The major dimensions of perceived risk,” Risk Tak. Inf. Handl. Consum. Behav.
82-108., 1967.
[34] L. Kaplan, G. Szybillo, and J. Jacoby, “Components of perceived risk in product purchase: A cross-
validation.,” J. Appl. Psychol., 1974.
[35] A. Benlian and T. Hess, “Opportunities and risks of software-as-a-service: Findings from a survey of
IT executives,” Decis. Support Syst., vol. 52, no. 1, pp. 232–246, Dec. 2011.
[36] W. Wu, L. Lan, and Y. Lee, “Exploring decisive factors affecting an organization’s SaaS adoption: A
case study,” Int. J. Inf. Manage., 2011.
[37] M. Janssen and A. Joha, “Challenges for Adopting Cloud-Based Software as a Service (SaaS) in the
Public Sector,” Proc. Eur. Conf. Informait. Syst. (ECIS 2011), 2011.
[38] A. Strauss and J. Corbin, “Basics of qualitative research: Procedures and techniques for developing
grounded theory,” ed Thousand Oaks, CA Sage, 1998.
[39] A. Lee and R. Baskerville, “Generalizing generalizability in information systems research,” Inf. Syst.
Res., 2003.
[40] B. Glaser and A. Strauss, “The discovery grounded theory: strategies for qualitative inquiry,” London,
Engl. Wiedenfeld Nicholson, 1967.
[41] M. Larkin, S. Watts, and E. Clifton, “Giving voice and making sense in interpretative
phenomenological analysis,” Qual. Res. Psychol., 2006.
[42] S. Bird, D. Day, and J. Garofolo, “ATLAS: A flexible and extensible architecture for linguistic
annotation,” arXiv Prepr. cs/ …, 2000.
[43] H. Heath and S. Cowley, “Developing a grounded theory approach: a comparison of Glaser and
Strauss,” Int. J. Nurs. Stud., vol. 41, no. 2, pp. 141–150, Feb. 2004.
[44] A. Benlian and T. Hess, “Opportunities and risks of software-as-a-service: Findings from a survey of
IT executives,” Decis. Support Syst., vol. 52, no. 1, pp. 232–246, 2011.
[45] W. W. Wu, “Developing an explorative model for SaaS adoption,” Expert Syst. Appl., vol. 38, no. 12,
pp. 15057–15064, 2011.
[46] C. Czosseck, R. Ottis, and A. Taliharm, “Estonia after the 2007 cyber attacks: Legal, strategic and
organisational changes in cyber security,” Case Stud. Inf. …, 2013.
[47] Marnix Dekker, “Security Framework for Governmental Clouds — ENISA.” 2015.
[48] M. Siegrist, C. Keller, H. Kastenholz, S. Frey, and A. Wiek, “Laypeople’s and experts' perception of
nanotechnology hazards.,” Risk Anal., vol. 27, no. 1, pp. 59–69, Feb. 2007.
[49] L. Rittenberg and F. Martens, “COSO: Understanding and Communicating Risk Appetite,” Comm.
Spons. Organ. Treadw. Comm., pp. 1–32, 2012.
AUTHORS
Gianfranco Elena is a doctoral researcher at Glasgow University. He has been working as
CTO and CIO in the Italian Army and NATO organizations for more than 20 years. His
expertise is in cyber security and risk assessment of cloud computing services. His research
contributes to improve the decision making process about the adoption of Cloud computing
in Government organizations.
Professor Chris Johnson is Head of Computing Science at Glasgow University. His
research increases the resilience of critical infrastructures. He is a software specialist on the
SESAR scientific board advising the European Commission on the future of Air Traffic
Management. He also focuses on the interactions between safety and security - for example,
developing techniques so that we can safely close down a civil nuclear reactor even after
malware has been detected.