Cloud Computing Delivery and Delivery Models: Opportunity and Challenges

The rapid growth of Internet and computing field results in several technological advantages. In the meanwhile, security challenges that emerge along with the growth complicate the aspects of cloud based computing. Security is by now one of the most pressing concerns in Internet business where cloud computing lies in. Cloud-based services are evolving each day introducing new business trends. Since cloud computing entails storage of information in remote servers, unauthorized access to such sensitive information becomes a looming concern. The advantages offered by cloud computing, without robust security measures and flexibility, could lead to lose its credibility. This paper reviews various aspects of cloud computing and issues inherent within its contexts. This paper has identified the gap within the topic of study through the creation of the conceptual framework, which is designed as the way of attempting to connect the different concepts. The intention of the theoretical framework is to determine the potential gaps in the research and link the gaps by the present study and its results. The delivery of both, the cloud computing as well as its models is a relatively new phenomenon within the academic libraries where the study is at the stages of nascent. The conceptual framework could not be comprehensive. Instead, it was a progressive work. Thus, this new topic could be added to form the branch within the theoretical framework. This article tries to look at different concepts of cloud computing as well as the issues, which are inherent within its contexts. It analyzes this part due to the advent and growth in the sector of cloud computing, which is developing the platform for the computing in the future

Strategies Used by Cloud Security Managers to Implement Secure Access Methods

Cloud computing can be used as a way to access services and resources for many organizations; however, hackers have created security concerns for users that incorporate cloud computing in their everyday functions. The purpose of this qualitative multiple case study was to explore strategies used by cloud security managers to implement secure access methods to protect data on the cloud infrastructure. The population for this study was cloud security managers employed by 2 medium size businesses in the Atlanta, Georgia metropolitan area and that have strategies to implement secure access methods to protect data on the cloud infrastructure. The technology acceptance model was used as the conceptual framework for the study. Data were collected from semi-structured interviews of 7 security managers and review of 21 archived documents that reflected security strategies from past security issues that occurred. Data analysis was performed using methodological triangulation and resulted in the identification of three major themes: implementing security policies, implementing strong authentication methods, and implementing strong access control methods. The findings from this research may contribute to positive social by decreasing customers\u27 concerns regarding personal information that is stored on the cloud being compromised

Security Risk Issues And Controls For Cloud Computing In Iraqi Government Organisations

Cloud computing is becoming increasingly important in Information Technology (IT) as an enabler for improved productivity, efficiency and cost reduction. It is expected to offer benefits for public sector organisations and government agencies. Cloud computing has the potential to improve the reliability and scalability of IT systems, which in tum allows organisations such as Iraqi governments to focus on their core business and strategy development and implementation. However, governments are still hesitant to adopt cloud computing because of fear for the confidentiality of their data. There are risks and barriers in adopting cloud computing in the Iraqi government whereby the top risk is security. Security issues, classified as the biggest concern, affect the growth of cloud computing technology of Iraqi government organisations. Therefore, this thesis aimed to investigate the Security Risk Issues (SRIs) that affect cloud computing adoption by the Iraqi government organizations. It also intends to investigate the Security Risk Controls (SRCs) that enhance the cloud computing adoption through mitigating the effect of SRIs. Mixed-methods were used to carry out the objectives of this thesis involving two steps; using qualitative and quantitative methods for the initial experiment and the quantitative and intelligent approach methods for the experimental stage. Based on the qualitative and quantitative method, 26 SRIs under 5 domains and 26 SRCs to mitigate the 5 domains were determined that affected the adoption of cloud computing in the Iraq government organisations. The quantitative and intelligent approach methods used in the experimental stage were to develop a conceptual framework security risk management process for identifying the best quality and most accurate SRCs for the 5 domains. In short, the results showed that 26 SRCs mitigate the 5 domains using three intelligent approaches namely SVMR, ANNPSO, ANFIS for easing the cloud computing adoption in the Iraq government organisations. This thesis produced a validated and an effective conceptual of security risks and controls for cloud computing

A conceptual framework for cloud-based collaborative online course provision.

The number of online courses offered worldwide by higher education institutions has been growing rapidly. There are a number of challenges and issues that may affect online course delivery and student learning such as the experience of academic staff and students with online courses, design of course structure, creation of suitable teaching resources, and the study culture. Collaboration between universities for the design and delivery of online courses can have many benefits. They include enriched educational culture, fostering of a collaborative environment, resource sharing, cost reduction, and enhanced quality of courses. Cloud computing can support collaborative environments due to its flexibility, scalability, reliability, availability and mobility, resulting in reduced IT costs. It can provide easy access to resources for both students and university staff. A mixed methods research approach was adopted to collect the views of academics and students with respect to cloud-based collaborative online course provision. Semi- structured interviews were conducted with academics from different universities to explore the issues associated with the cloud-based collaborative online course environment. Two questionnaires collected the views of both academics and students in greater depth from a wider perspective. A number of challenges and issues were identified for consideration and incorporation into a cloud-based framework for a collaborative environment. Such issues related to security, confidentiality, ownership, contract agreement, quality assurance, finance, culture and course development. These issues and others were grouped together into five elements, which are quality, legal, security, operation and education. A novel conceptual framework for a cloud-based collaborative environment was developed, which is based on five main elements, illustrating the relationship between them. A prototype was developed to test parts of the framework to illustrate some of its concepts and its utilisation in a collaborative environment. The framework and the prototype were evaluated by practitioners. The analysis of the views illustrated the appropriateness of the framework structure, grouping of the elements, relationship between the elements and the issues associated with each element

Multi-Cloud Information Security Policy Development

Organizations’ ever lasting desire to utilize new trending technologies for optimizing their businesses have been increasing by the years. Cloud computing has been around for a while, and for many became a vital part of their day-to-day operations. The concept of multi-cloud has allowed organizations to take advantage of every cloud vendor’s best services, hinder vendor lock-in, resulting in cost optimization, and resulting in more available services. With every new technology, there are new vulnerabilities ready to be exploited at any time. As there is little prior research regarding this field, threat actors can exploit an organization’s ignorance on important challenges such as interoperability issues, implementing multiple vendors resulting in losing track of their services, and the lack of expertise in this newly founded field. To alleviate such issues, one approach could be to develop information security policies, hence our research question for the thesis: How to develop information security policies in a multi-cloud environment with considerations of the unique challenges it offers? To uncover the research question, we have conducted a systematic literature review followed up by a qualitative research approach. This has resulted in six semi-structured interviews from respondents with a variety of experience within the multi-cloud realm. The most prominent findings from this exploratory study has been the focus of thoroughly planning the need of a multi-cloud and information security policies, as well as applying a top-down approach for the policy development phase. This gives a more holistic view over the process, and additionally having the right competence is important. An interesting finding was that multi-cloud on paper should prevent the vendor lock-in issue, but in reality may provoke the matter. Using the tools and services provided by the cloud service providers may enhance the development of information security policies, but proves to be difficult in multi-cloud as the problem of interoperability hinders this. Lastly, reviewing policies becomes more timeconsuming and resource heavy in a multi-cloud because of the frequent updates and changes in technology, which has to be monitored. This research presents a conceptual framework, which by no means is a one-size-fits-all solution, but raises discussion for future work in this field

Multi-Cloud Information Security Policy Development

Organizations’ ever lasting desire to utilize new trending technologies for optimizing their businesses have been increasing by the years. Cloud computing has been around for a while, and for many became a vital part of their day-to-day operations. The concept of multi-cloud has allowed organizations to take advantage of every cloud vendor’s best services, hinder vendor lock-in, resulting in cost optimization, and resulting in more available services. With every new technology, there are new vulnerabilities ready to be exploited at any time. As there is little prior research regarding this field, threat actors can exploit an organization’s ignorance on important challenges such as interoperability issues, implementing multiple vendors resulting in losing track of their services, and the lack of expertise in this newly founded field. To alleviate such issues, one approach could be to develop information security policies, hence our research question for the thesis: How to develop information security policies in a multi-cloud environment with considerations of the unique challenges it offers? To uncover the research question, we have conducted a systematic literature review followed up by a qualitative research approach. This has resulted in six semi-structured interviews from respondents with a variety of experience within the multi-cloud realm. The most prominent findings from this exploratory study has been the focus of thoroughly planning the need of a multi-cloud and information security policies, as well as applying a top-down approach for the policy development phase. This gives a more holistic view over the process, and additionally having the right competence is important. An interesting finding was that multi-cloud on paper should prevent the vendor lock-in issue, but in reality may provoke the matter. Using the tools and services provided by the cloud service providers may enhance the development of information security policies, but proves to be difficult in multi-cloud as the problem of interoperability hinders this. Lastly, reviewing policies becomes more timeconsuming and resource heavy in a multi-cloud because of the frequent updates and changes in technology, which has to be monitored. This research presents a conceptual framework, which by no means is a one-size-fits-all solution, but raises discussion for future work in this field

The financial clouds review

This paper demonstrates financial enterprise portability, which involves moving entire application services from desktops to clouds and between different clouds, and is transparent to users who can work as if on their familiar systems. To demonstrate portability, reviews for several financial models are studied, where Monte Carlo Methods (MCM) and Black Scholes Model (BSM) are chosen. A special technique in MCM, Least Square Methods, is used to reduce errors while performing accurate calculations. The coding algorithm for MCM written in MATLAB is explained. Simulations for MCM are performed on different types of Clouds. Benchmark and experimental results are presented for discussion. 3D Black Scholes are used to explain the impacts and added values for risk analysis, and three different scenarios with 3D risk analysis are explained. We also discuss implications for banking and ways to track risks in order to improve accuracy. We have used a conceptual Cloud platform to explain our contributions in Financial Software as a Service (FSaaS) and the IBM Fined Grained Security Framework. Our objective is to demonstrate portability, speed, accuracy and reliability of applications in the clouds, while demonstrating portability for FSaaS and the Cloud Computing Business Framework (CCBF), which is proposed to deal with cloud portability

Developing a Conceptual Framework for Cloud Security Assurance

Postprin

Partly Cloudy, Scattered Clients: Cloud Implementation in the Federal Government

Since the issuance of a federal mandate in 2010 requiring federal government agencies in the United States of America to immediately shift to a “Cloud First” policy, agencies have struggled to adopt cloud computing. Previous research has examined hindrances to cloud computing adoption across industries in the private sector (Raza et al., 2015, Park and Ryoo, 2012, and Bhattacherjee and Park, 2012). While this research provides important insights on cloud computing adoption in the private sector, it devotes scant attention to challenges of cloud computing adoption in the federal government. This study seeks to fill this gap by examining the roles of Top Management Support and Information Security Awareness on cloud computing implementation success in the federal government. Institutional theory serves as the theoretical framework for this study