A Generic Approach for the Automated Notarization of Cloud Configurations Using Blockchain-Based Trust.

Debido a su escalabilidad, las aplicaciones en la nube tienen una importante ventaja de costes para las empresas. En consecuencia, las empresas quieren tanto externalizar sus datos como obtener servicios de la nube. Sin embargo, dado que la mayoría de las empresas tienen políticas internas y requisitos de cumplimiento para operar y utilizar aplicaciones de software, el uso de aplicaciones en la nube crea un nuevo desafío para las empresas. La inclusión de aplicaciones en la nube equivale a la subcontratación de servicios en el sentido de que las empresas deben confiar en que el proveedor de aplicaciones en la nube aplicará los requisitos de cumplimiento interno en las aplicaciones adoptadas. La investigación ha demostrado que la confianza y el riesgo están estrechamente relacionados y son factores clave que influyen en la utilización de aplicaciones en la nube. Esta tesis pretende desarrollar una arquitectura en la nube que aborde este reto, trasladando la confianza en las configuraciones de cumplimiento del proveedor de aplicaciones en la nube a la cadena de bloques. Así, este trabajo pretende reducir el riesgo de adopción de las aplicaciones en la nube debido a los requisitos de cumplimiento. En esta tesis, la investigación de la ciencia del diseño se utiliza para crear la arquitectura para trasladar la confianza mencionada a la cadena de bloques. Un grupo de discusión determinó el alcance del trabajo. La base de conocimientos de este trabajo se construyó utilizando inteligencia artificial y una revisión sistemática de la literatura, y la arquitectura presentada se desarrolló y prototipó utilizando el método de desarrollo rápido de aplicaciones. Se utilizaron entrevistas guiadas semiestructuradas de método mixto para evaluar el enfoque de la arquitectura presentada y valorar las cualidades de reducción del riesgo de adopción. La tesis demostró que la arquitectura de software desarrollada podía trasladar la confianza del proveedor de la nube a la cadena de bloques. La evaluación de la arquitectura de software propuesta demostró además que el riesgo de adopción debido a las configuraciones de la nube basadas en el cumplimiento podía reducirse de "alto" a "bajo" utilizando la tecnología blockchain. Esta tesis presenta una arquitectura que desplaza la confianza para la implementación de configuraciones basadas en el cumplimiento de la normativa desde el proveedor de la nube a la cadena de bloques. Además, muestra que el cambio de confianza puede reducir significativamente el riesgo de adopción de las aplicaciones en la nube.Administración y Dirección de Empresa

A framework to assess the authenticity of subjective information in the integration of blockchain technology - an application in supply chain management.

Blockchain technology has burgeoned due to the booming value of cryptocurrency capitalisation. It enables financial transactions to be carried out without a bank or a third party regulating them. Aspects such as privacy, trust, security, and transparency of a transaction are ensured by its immutability characteristics. These features of blockchain have resulted in it being used in other domains, such as supply chains. As the adoption of blockchain has expanded, it is currently being applied in domains where there is an equal chance of opinions, facts, and personal commitment being part of the business operation. One such area is proactive supply chain risk management (SCRM). Previous researchers have often highlighted the fraudulent behaviour of supply chain partners who do not disclose information on the risks that impact their operations. Despite this, very few researchers consider subjective information in the processing of blockchain. Those who take this into consideration acknowledge the presence of such information but do not utilize it in the processing of blockchain. Blockchain can address this problem by encoding each partner's commitment to SCRM and achieving consensus. However, before this can be achieved, a key challenge to address is the inability of existing consensus mechanisms such as Proof of Work (PoW), Proof of Authority (PoA) and Proof of Stake (PoS) to deal with information that does not have a digital footprint such as claims, opinions, promises, or communications between supply chain partners when they form a Service Level Agreement (SLA). This type of information is called subjective information. Addressing this research gap is very important if the true potential of blockchain in providing a single source of truth in a domain, irrespective of what type of information is used, is to be achieved. Thus, future research should investigate a new consensus mechanism with a unified framework that not only stores this information but determines its trustworthiness. This thesis addresses this gap by proposing the Proof of Earnestness (PoE) consensus mechanism which accounts for the authenticity, legitimacy and trustworthiness of information that does not have a digital footprint. This thesis also proposes the Subjective Information Authenticity Earnestness Framework (SIAEF) as the overarching framework that assists PoE in achieving its aim. SIAEF comprises four modules, namely the Identification module, the Mapping module, the Data collection & Impact determination module and Local consensus & Global legitimacy module. These modules provide a complete solution to identify subjective information in an SLA, detect the potential operational risk term which may potentially impact a responsible partner who commits to the subjective information, collate its real-world occurrences in the geographic region of interest, then determine the responsible partner's adherence to what it had recommitted. SIAEF assists in achieving PoE's aim of generating a digital footprint of a responsible partner’s earnestness in communicating subjective information. Once this footprint is generated, existing consensus mechanisms such as PoW, PoS or PoA are used to encode this information in blockchains. Each module is computed in the application of machine learning and natural language processing with recent techniques, metrics and evaluation. The applicability of SIAEF and PoE is tested in a real-world blockchain environment by deploying it as a Decentralized application (Dapp) and applying it in BscScan Testnet which is an official test blockchain network. The thesis will contribute to the existing literature by proposing a new consensus mechanism and its framework to assist the existing blockchain framework in verifying and validating the truthfulness of subjective information. Supply chain partners can use the SIAEF framework as a reference to choose a potential partner with whom to form an SLA, preventing opportunistic and fraudulent behaviours in supply chain management