The Refugee Problem: An International Legal Tangle

Change is constant and computing paradigm is no exception. It has witnessed major shifts right from centralized client server systems to widely distributed systems. This time the locus of change in the computing paradigm is moving towards virtualization, paving way to cloud computing. Cloud computing aims at providing computing services to its users as an utility. It allows its authenticated users to access a wide range of highly scalable computing capabilities and services via the internet on a pay-per-usage basis. Organisations not only view these benefits as cost-saving strategies, but also aim at improving the competitive advantages using cloud computing. Hence, this has given rise to a new horizon in IT/IS outsourcing. With a collaboration of cloud computing and outsourcing emerged a new concept called cloudsourcing. Cloudsourcing can be termed as the next generation outsourcing and the next phase of cloud computing promising benefits from both the areas. Cloudsourcing is outsourcing traditional business via the cloud infrastructure. Though there is pompous popularity surrounding this new technology, there is much hesitation in adopting it due to the inherent security issues. This paper discusses in detail the security issues and possible solution to the same. As this is a new concept, not much work is identified to be done in providing a set of guidelines to adopt cloudsourcing that are very specific to information security. This work intends to fill this aperture by building a set of well-defined information security guidelines, which can be termed as a novel. For this purpose, design science research method proposed by Hevner et al is used so as to accomplish this goal. Initially, a literature study is done after which an exploratory study comprising of interviews is done to gather qualitative data. The results of the exploratory interview is tested for correctness and evaluated based on an evaluation study comprising a survey based questionnaire. The analysis of the evaluation study results provides the final results. In such an attempt, the identified countermeasures to risks are classified into three groups namely, organisational, technical and regulatory and compliance guidelines. Hence the end results constituting the set of information security guidelines are classified into the above mentioned groups. This work is assumed to contribute to our understanding of information security in cloudsourcing and in supporting IT decision makers, IT project managers and security executives of organisations for a smooth and secure transition towards cloudsourcing their business

Information Flow Audit for Transparency and Compliance in the Handling of Personal Data

This is the author accepted manuscript. The final version is available from IEEE via http://dx.doi.org/10.1109/IC2EW.2016.29The adoption of cloud computing is increasing and its use is becoming widespread in many sectors. As the proportion of services provided using cloud computing increases, legal and regulatory issues are becoming more significant. In this paper we explore how an Information Flow Audit (IFA) mechanism, that provides key data regarding provenance, can be used to verify compliance with regulatory and contractual duty, and survey potential extensions. We explore the use of IFA for such a purpose through a smart electricity metering use case derived from a French Data Protection Agency recommendation.This work was supported by UK Engineering and Physical Sciences Research Council grant EP/K011510 CloudSafetyNet: End-to-End Application Security in the Cloud. We acknowledge the support of Microsoft through the Microsoft Cloud Computing Research Centre

Information Flow Audit for Transparency and Compliance in the Handling of Personal Data

Abstract—The adoption of cloud computing is increasing and its use is becoming widespread in many sectors. As the proportion of services provided using cloud computing increases, legal and regulatory issues are becoming more significant. In this paper we explore how an Information Flow Audit (IFA) mechanism, that provides key data regarding provenance, can be used to verify compliance with regulatory and contractual duty, and survey potential extensions. We explore the use of IFA for such a purpose through a smart electricity metering use case derived from a French Data Protection Agency recommendation.Engineering and Applied Science

End User Satisfaction With Cloud Computing: The Case of Hamad Medical Corporation in Qatar

Cloud computing assures a faster, cheaper and more efficient rendering of resources, which leads to huge popularity among businesses and specifically the health sector. The major objective of this research is to identify the benefits of cloud computing (CC) and the factors influencing users satisfaction. Utilizing a survey collected from 219 employees, the research model was tested. Results indicated that employee compliance issues, security and privacy issues, economic benefits, operational benefits, functional benefits, and trust are all significant predictors of satisfaction. Management issues and private cloud risks were not significant predictors of satisfaction. The coefficient of determination R2 = 0.81. This study conducted comparisons between different categories of the sample based on their satisfaction level and concluded that age and education were significant discriminators, while gender, experience, and department were not. Conclusions and future research are stated in the last section

Data Privacy and Security in Cloud Computing Environments

The globe has adopted the cloud computing environment, which organizes data and manages space for data storage, processing, and access. This technical development has brought up questions regarding data security and privacy in cloud computing environments, though. The purpose of this abstract is to offer a thorough review of the issues, solutions, and future developments related to data privacy and security in cloud computing. Keeping data private and secure while it is being processed and stored in outside data centres is the main difficulty in cloud computing systems. The abstract discusses the dangers of insider threats, data breaches, and illegal access to sensitive information. It digs further into the legal and compliance criteria that businesses must follow in order to protect user data in the cloud. In result, data privacy and security in cloud computing environments remain critical concerns for organizations and individuals alike. In the survey the overview of how to use cloud storage globally and its challenges, solution and future innovation is well explained. It underscores the importance of robust encryption, access controls, user awareness, and emerging technologies in safeguarding data in the cloud. By addressing these concerns, organizations can leverage the power of cloud computing while maintaining the confidentiality, integrity, and availability of their data

An assessment model for Enterprise Clouds adoption

Context: Enterprise Cloud Computing (or Enterprise Clouds) is using the Cloud Computing services by a large-scale organisation to migrate its existing IT services or use new Cloud based services. There are many issues and challenges that are barrier to the adoption of Enterprise Clouds. The adoption challenges have to be addressed for better assimilation of Cloud based services within the organisation. Objective: The aim of this research was to develop an assessment model for adoption of Enterprise Clouds. Method: Key challenges reported as barrier in adoption of Cloud Computing were identified from literature using the Systematic Literature Review methodology. A survey research was carried out to elicit industrial approaches and practices from Cloud Computing experts that help in overcoming the key challenges. Both key challenges and practices were used in formulating the assessment model. Results: The results have highlighted that key challenges in the adoption of Enterprise Clouds are security & reliability concerns, resistance to change, vendor lock-in issues, data privacy and difficulties in application and service migration. The industrial practices to overcome these challenges are: planning and executing pilot project, assessment of IT needs, use of open source APIs, involvement of legal team in vendor selection, identification of the processes to change, involvement of senior executive as change champion, using vendor partners to support application/service migration to Cloud Computing and creating employee awareness about Cloud Computing services. Conclusion: Using the key challenges and practices, the assessment model was developed that assesses an organisation’s readiness to adopt Enterprise Clouds. The model measures the readiness in four dimensions: technical, legal & compliance, IT capabilities and end user readiness for the adoption of Enterprise Clouds. The model’s result can help the organisation in overcoming the adoption challenges for successful assimilation of newly deployed or migrated IT services on Enterprise Clouds

Partly Cloudy, Scattered Clients: Cloud Implementation in the Federal Government

Since the issuance of a federal mandate in 2010 requiring federal government agencies in the United States of America to immediately shift to a “Cloud First” policy, agencies have struggled to adopt cloud computing. Previous research has examined hindrances to cloud computing adoption across industries in the private sector (Raza et al., 2015, Park and Ryoo, 2012, and Bhattacherjee and Park, 2012). While this research provides important insights on cloud computing adoption in the private sector, it devotes scant attention to challenges of cloud computing adoption in the federal government. This study seeks to fill this gap by examining the roles of Top Management Support and Information Security Awareness on cloud computing implementation success in the federal government. Institutional theory serves as the theoretical framework for this study