An enhancement of toe model by investigating the influential factors of cloud adoption security objectives

Cloud computing (CC) is a future technological trend for technological infrastructure development. And it is growing strongly as the backbone of industrial future technological infrastructure. As CC service has a lot to offer, it also has some major downside that clients cannot ignore. For CC service adoption, the potential candidates are SMEs but due to lack of resources, experience, expertise and low financial structure scenario CC can be most helpful. CC faces a major issue in term of cloud security, an organization doesn’t understand the cloud security factors in the organization and data owner doubts about their data. In the research paper, an investigation on the cloud security objectives to find out the influential factors for cloud adoption in SMEs by proposing an enhancement of Technology-Organization-Environment (TOE) model with some positive influential factor like cloud security, relative advantages, cost saving, availability, SLA, capability, top management, organizational readiness, IS knowledge, malicious insiders, government regulatory support, competitive pressure, size and type. Some negative influencing factors like technological readiness, cloud trust and lack of standards in cloud security. Data were collected by questionnaires from a selected IT company based on SaaS and public cloud. Case study method has been used for validating the enhance TOE model. The IBM Statistics SPSS v22 tool was used for data analysis. The results of data analysis support the enhancement as well as all the proposed hypotheses. In summary, the results of the analysis show that all the enhancement factors were found to have a significant cloud security influence on adoption of cloud computing for SMEs

Trusted cloud computing framework for healthcare sector

Cloud computing is rapidly evolving due to its efficient characteristics such as cost-effectiveness, availability and elasticity. Healthcare organizations and consumers lose control when they outsource their sensitive data and computing resources to a third party Cloud Service Provider (CSP), which may raise security and privacy concerns related to data loss and misuse appealing threats. Lack of consumers' knowledge about their data storage location may lead to violating rules and regulations of Health Insurance Portability and Accountability Act (HIPAA) that can cost them huge penalty. Fear of data breach by internal or external hackers may decrease consumers' trust in adopting cloud computing and benefiting from its promising features. We designed a HealthcareTrusted Cloud Computing (HTCC) framework that maintains security, privacy and considers HIPAA regulations. HTCC framework deploys Trusted Computing Group (TCG) technologies such as Trusted Platform Module (TPM), Trusted Software Stack (TSS), virtual Trusted Platform Module (vTPM), Trusted Network Connect (TNC) and Self Encrypting Drives (SEDs). We emphasize on using strong multi-factor authentication access control mechanisms and strict security controls, as well as encryption for data at storage, in-transit and while process. We contributed in customizing a cloud Service Level Agreement (SLA) by considering healthcare requirements. HTCC was evaluated by comparing with previous researchers' work and conducting survey from experts. Results were satisfactory and showed acceptance of the framework. We aim that our proposed framework will assist in optimizing trust on cloud computing to be adopted in healthcare sector

An enhancement of toe model by investigating the influential factors of cloud adoption security objectives

Cloud computing (CC) is a future technological trend for technological infrastructure development. And it is growing strongly as the backbone of industrial future technological infrastructure. As CC service has a lot to offer, it also has some major downside that clients cannot ignore. For CC service adoption, the potential candidates are SMEs but due to lack of resources, experience, expertise and low financial structure scenario CC can be most helpful. CC faces a major issue in term of cloud security, an organization doesn’t understand the cloud security factors in the organization and data owner doubts about their data. In the research paper, an investigation on the cloud security objectives to find out the influential factors for cloud adoption in SMEs by proposing an enhancement of Technology-Organization- Environment (TOE) model with some positive influential factor like cloud security, relative advantages, cost saving, availability, SLA, capability, top management, organizational readiness, IS knowledge, malicious insiders, government regulatory support, competitive pressure, size and type. Some negative influencing factors like technological readiness, cloud trust and lack of standards in cloud security. Data were collected by questionnaires from a selected IT company based on SaaS and public cloud. Case study method has been used for validating the enhance TOE model. The IBM Statistics SPSS v22 tool was used for data analysis. The results of data analysis support the enhancement as well as all the proposed hypotheses. In summary, the results of the analysis show that all the enhancement factors were found to have a significant cloud security influence on adoption of cloud computing for SMEs

Design and Implementation of Legal Protection for Trade Secrets in Cloud Brokerage Architectures relying on Blockchains

Data Protection legislation has evolved around the globe to maximize legal protection of trade secrets. However, in an online cross-jurisdiction environment of cloud computing and blockchains, it is becoming increasingly difficult to maximize retribution for trade secret misappropriation. This multidisciplinary Ph.D. research proposes a model for legal protection for trade secrets in the cloud and over blockchains. Two QoS based datasets were used for evaluation of proposed model. The prior dataset i.e., feedback from customers, was compiled using leading review websites such as Cloud Hosting Reviews, Best Cloud Computing Providers, and Cloud Storage Reviews and Ratings. The later dataset i.e., feedback from servers, was generated from Cloud brokerage architecture that was emulated using high performance computing (HPC) cluster at University of Luxembourg (HPC @ Uni.lu). The simulation runs in the stable environment i.e. when uncertainty is low, show better results of proposed model as compared to its counterparts in the field. In particular, the results have implications for enterprises that view trade secrets misappropriation as a limiting factor for acquisition of Cloud services. For legal validation of the results, questionnaires were sent to law and ICT experts. There were total of six respondents (two from the field of ICT, two from the field of law, and two from the field of ICT and Law). The sample (5 out of 6 respondents) agreed with the findings of this PhD research

Design and Implementation of Legal Protection for Trade Secrets in Cloud Brokerage Architectures relying on Blockchains

Data Protection legislation has evolved around the globe to maximize legal protection of trade secrets. However, it is becoming increasingly difficult to prove trade secret violations in cloud context. Embedding legal protection as a preemptive measure could effectively reduce such burden of proof in a court of law, which can be implemented by an online broker in the cloud. The primary aim of this research was to propose a model for an online broker that embeds le-gal protection as preemptive measure to reduce burden of proof during litigation. This is a novel area of inter-disciplinary research whose body of knowledge is not yet well established. The underlying concept in the proposed model was built upon the notion of factor analysis from the discipline of unsupervised machine learning. For evaluation, two-stage procedure was implemented that showed ap-plication of legal protection as preemptive measure and subsequently, reduced burden of proof in a court of law. A real time quality of service based dataset for cloud storage providers (Carbonite, Dropbox, iBackup, JustCloud, SOS Online Backup, SugarSync, and Zip Cloud) was used for the technical evaluation. The simulation results showed better results of proposed model as compared to its counterparts in the field, which in court of law can be used as a part of evidence to reduce burden of proof. For legal validation of such conclusion, questionnaires were sent to law and ICT experts. There were total of six respondents (two from the field of ICT, two from the field of law, and two from the field of ICT and Law). The sample (5 out of 6 respondents) agreed that results of our model could be used in the court (or judiciary) as a part of evidence to reduce burden of proof. Theoretically, this part of research (focused on primary aim) is a pioneer effort on providing legal protection to trade secrets in the cloud. Practically, it will benefit an enterprise to negotiate contract with service providers to minimize trade secret misappropriation in the cloud. However, for enterprise that is using decentralized architecture in the cloud e.g. blockchains, contracts could emerge towards smart contracts (an autono-mous software program running over blockchains). In this context, a well negoti-ated contract will not be a solution to minimize trade secret misappropriation. In fact, for this case it is particularly relevant to instantiate role of judiciary over a blockchain. The secondary aim of this research was to develop a model that can be implemented over the blockchain to automatically issue preliminary injunc-tion (or temporary restraining order by court of law) for the breach of contract that can potentially lead to trade secret misappropriation. This part of the re-search extended the previously proposed model by using stochastic modeling from the discipline of data science. High performance computing (HPC) cluster at University of Luxembourg (HPC @ Uni.lu) and docker (a software container platform) were used to emulate contractual environment of three service provid-ers: Redis, MongoDB, and Memcached Servers. The results showed that court in-junction(s) was issued only for Redis and MongoDB Servers. Technically, this difference could be attributed to the fact that Memcached is simply used for caching and therefore, it is less prone to breach of contract. Whereas, Redis and MongoDB as databases and message brokers are performing more complex oper-ations and are more likely to cause a breach. For legal validation of the results, questionnaires were sent to law and ICT experts. There were total of six respond-ents (two from the field of ICT, two from the field of law, and two from the field of ICT and Law). The sample (4 out of 6 respondents) disagreed “ONLY” using the results of the model by the court of law (or judiciary) to issues a preliminary injunction (or temporary restraining order) for the breach of contract. Theoreti-cally, this part of the research is a pioneer attempt for providing legal protection over the blockchain. Practically, it will benefit blockchain driven enterprises to control and stop breach of contract that can potentially lead to trade secret mis-appropriation. In addition to above mentioned applied benefits, following list briefly presents research contributions of this multidisciplinary Ph.D. research in the domain of Law. • It is first in-line to focus on legal protection for trade secrets in the cloud. A well-established similar concept is “information security”, which provides technical protection for trade secrets in the cloud e.g. encryption, hashing etc. • In the domain of case law, despite of the jurisdiction constraint i.e. precedents (or court rulings) are binding on all courts within the same jurisdiction, this research is first in-line to use case law together with newly proposed Delphi Sampling method to provide legal protection for trade secrets in borderless online cloud environment. • It is first in-line to implement notion of “confidentiality by design”, which focuses on a legal person or an enterprise. A well-established similar concept is “privacy by design” that focuses on a physical per-son or human being. • By defying the myth that “smart contracts cannot be breached” and in the context of contract law, this research is first in-line to automate role of the court (evidential hearing). In addition to the above mentioned research contribution in the domain of Law, following list briefly presents research contribution in the domain of ICT. • In the context of multi-criteria decision analysis, this research is first in-line to identify and analyze noise in the data and solves related is-sue of structural uncertainty (or misspecification of criteria). • In the context of machine learning, this research is first in-line to propose “self-regulated multi-criteria decision analysis” that operates without decision maker’s interference and hence, it can be used in the context where automation of decision making process is required. • In the context of multidisciplinary research, this study is first in-line to propose a method of Delphi Sampling that seeks inter-disciplinary validation for research results

An Examination of Service Level Agreement Attributes that Influence Cloud Computing Adoption

Cloud computing is perceived as the technological innovation that will transform future investments in information technology. As cloud services become more ubiquitous, public and private enterprises still grapple with concerns about cloud computing. One such concern is about service level agreements (SLAs) and their appropriateness. While the benefits of using cloud services are well defined, the debate about the challenges that may inhibit the seamless adoption of these services still continues. SLAs are seen as an instrument to help foster adoption. However, cloud computing SLAs are alleged to be ineffective, meaningless, and costly to administer. This could impact widespread acceptance of cloud computing. This research was based on the transaction cost economics theory with focus on uncertainty, asset specificity and transaction cost. SLA uncertainty and SLA asset specificity were introduced by this research and used to determine the technical and non-technical attributes for cloud computing SLAs. A conceptual model, built on the concept of transaction cost economics, was used to highlight the theoretical framework for this research. This study applied a mixed methods sequential exploratory research design to determine SLA attributes that influence the adoption of cloud computing. The research was conducted using two phases. First, interviews with 10 cloud computing experts were done to identify and confirm key SLA attributes. These attributes were then used as the main thematic areas for this study. In the second phase, the output from phase one was used as the input to the development of an instrument which was administered to 97 businesses to determine their perspectives on the cloud computing SLA attributes identified in the first phase. Partial least squares structural equation modelling was used to test for statistical significance of the hypotheses and to validate the theoretical basis of this study. Qualitative and quantitative analyses were done on the data to establish a set of attributes considered SLA imperatives for cloud computing adoption