Review of the environmental and organisational implications of cloud computing: final report.

Cloud computing – where elastic computing resources are delivered over the Internet by external service providers – is generating significant interest within HE and FE. In the cloud computing business model, organisations or individuals contract with a cloud computing service provider on a pay-per-use basis to access data centres, application software or web services from any location. This provides an elasticity of provision which the customer can scale up or down to meet demand. This form of utility computing potentially opens up a new paradigm in the provision of IT to support administrative and educational functions within HE and FE. Further, the economies of scale and increasingly energy efficient data centre technologies which underpin cloud services means that cloud solutions may also have a positive impact on carbon footprints. In response to the growing interest in cloud computing within UK HE and FE, JISC commissioned the University of Strathclyde to undertake a Review of the Environmental and Organisational Implications of Cloud Computing in Higher and Further Education [19]

Partly Cloudy, Scattered Clients: Cloud Implementation in the Federal Government

Since the issuance of a federal mandate in 2010 requiring federal government agencies in the United States of America to immediately shift to a “Cloud First” policy, agencies have struggled to adopt cloud computing. Previous research has examined hindrances to cloud computing adoption across industries in the private sector (Raza et al., 2015, Park and Ryoo, 2012, and Bhattacherjee and Park, 2012). While this research provides important insights on cloud computing adoption in the private sector, it devotes scant attention to challenges of cloud computing adoption in the federal government. This study seeks to fill this gap by examining the roles of Top Management Support and Information Security Awareness on cloud computing implementation success in the federal government. Institutional theory serves as the theoretical framework for this study

The silver lining: cloud computing and small and medium enterprises

This paper shows how Australian businesses can get the most out of one of the biggest global innovations: information communications technology. Overview: Innovation – the successful application of new ideas – drives Australia’s productivity. Australia’s biggest innovation opportunity lies in creatively exploiting global innovations. One of the biggest of these is information and communications technology. Small and medium enterprises (SMEs) are an engine of the Australian economy. They employ two-thirds of Australian private sector workers and contribute half of Australia’s private sector GDP. Yet many SMEs have low productivity. Innovations may spread slowly to many smaller firms because they lack the capital or market intelligence that large firms can access. Online innovations – including mobile devices, e-commerce, and cloud computing – offer opportunities for firms of all sizes to become far more productive. This paper explores issues raised at a workshop run by Grattan Institute and Google on how policymakers and business can accelerate the spread of cloud computing among SMEs. It uses cloud computing – the delivery of on-demand information technology services over the Internet – as a case study for how online technologies can benefit smaller firms. Cloud computing can help level the playing field for smaller firms. It allows them to access sophisticated IT services that were previously out of reach. For example, it can allow them to manage and monitor their sales, operations and finances in real time. The cloud also offers capabilities that were previously unavailable to firms of any scale. For example, it allows multiple users to access applications or update documents at the same time from mobile devices. Cloud computing makes it easier for small firms to take new ideas to market. Firms that use cloud computing report more growth in revenue and profit than others do. But many Australian SMEs say they do not use cloud services. Many are not aware of the benefits or believe they do not have skills to capture them. Some are concerned about transition costs, data security and privacy. Networks are too slow or unreliable for cloud services in some areas of the country. Workshop participants agreed that government and industry can remove obstacles to the use of cloud computing and help SMEs capture its benefits. The industry itself should lead the education of SMEs on the case for cloud computing. Yet government can:  Choose policy settings that promote broader productivity growth and innovation;  Ensure interaction with government over the internet is the default for all businesses;  Provide an appropriate policy environment for investment in broadband networks that meet the needs of small business. Information technology’s contribution to productivity is just getting started. Small and medium enterprises should get on board

To Share or Not to Share in Client-Side Encrypted Clouds

With the advent of cloud computing, a number of cloud providers have arisen to provide Storage-as-a-Service (SaaS) offerings to both regular consumers and business organizations. SaaS (different than Software-as-a-Service in this context) refers to an architectural model in which a cloud provider provides digital storage on their own infrastructure. Three models exist amongst SaaS providers for protecting the confidentiality data stored in the cloud: 1) no encryption (data is stored in plain text), 2) server-side encryption (data is encrypted once uploaded), and 3) client-side encryption (data is encrypted prior to upload). This paper seeks to identify weaknesses in the third model, as it claims to offer 100% user data confidentiality throughout all data transactions (e.g., upload, download, sharing) through a combination of Network Traffic Analysis, Source Code Decompilation, and Source Code Disassembly. The weaknesses we uncovered primarily center around the fact that the cloud providers we evaluated were each operating in a Certificate Authority capacity to facilitate data sharing. In this capacity, they assume the role of both certificate issuer and certificate authorizer as denoted in a Public-Key Infrastructure (PKI) scheme - which gives them the ability to view user data contradicting their claims of 100% data confidentiality. We have collated our analysis and findings in this paper and explore some potential solutions to address these weaknesses in these sharing methods. The solutions proposed are a combination of best practices associated with the use of PKI and other cryptographic primitives generally accepted for protecting the confidentiality of shared information