Developing a Trustworthy Cloud Service Framework for Cloud Computing Security

Cloud computing is quickly becoming an essential platform for sharing infrastructure, software, apps, and corporate resources. Cloud computing has many advantages, but users still have a lot of questions about the dependability and safety of cloud services. Concerns about the hazards associated with the possible exploitation of this technology to undertake criminal operations might threaten the undeniable success of cloud computing. To ensure happy customers, the cloud model must prioritize safety, openness, and dependability.Its main purpose is data security, which concerns everyone contemplating cloud services. A cloud-based assault protection system will safeguard data, communications, and information.According to studies, the recommended technique is successful, however updating tags and blocks when data is amended requires computation and communication expenses. Scalability, data secrecy, and decentralized double encryption improve security.The proposed method employs cloud servers for computation-intensive tasks and protects data content by depriving data owners and users of privilege information. Also ensures responsibility. Sharing health data on the cloud is feasible, cost-effective, efficient, adaptive, and better for individuals. This"Advanced Encryption Standard with Lightweight Cipher-text-Identity and Attribute-based Encryption" (AES-lightweight CP-ABE) aims to protect sensitive data

Security measurement as a trust in cloud computing service selection and monitoring

With the increase in the number of cloud service offerings by the cloud service providers nowadays, selecting the appropriate service provider becomes difficult for customers. This is true since most of the cloud service providers offer almost similar services at different costs. Thus, making cloud service selection a tedious process for customers. The selection of the cloud services from the security standpoint needs a distinct consideration from both the academia and the industry. Security is an important factor in cloud computing. Thus, any exploited vulnerability will have a negative effect on cloud computing adoption by customers. Hence, little attention has been paid to cloud service monitoring and selection from a security perspective. To solve this issue, we propose a security measurement as a trust (SMaaT) in the cloud computing selection. Finally, we propose Analytical Hierarchical Process (AHP) for service selection from the customers’ perspective

Comprehensive Framework for Selecting Cloud Service Providers (CSPs) Using Meta synthesis Approach

IntroductionNowadays, cloud computing has attracted the attention of many organizations. So many of them tend to make their business more agile by using flexible cloud services. Currently, the number of cloud service providers is increasing. In this regard, choosing the most suitable cloud service provider based on the criteria according to the conditions of the service consumer will be considered one of the most important challenges. Relying on previous studies and using a meta-synthesis approach, this research comprehensively searches past researches and provides a comprehensive framework of factors affecting the choice of cloud service providers including 4 main categories and 10 sub-areas. Then, using the opinions of experts who were selected purposefully and using the snowball method, and using the Lawshe validation method, the framework is finalized.Research Question(s)This research aims to complete the results of previous studies and answer the following questions with a systematic review of the subject literature:-What are the components of the comprehensive framework for choosing cloud service providers?-What are the effective criteria to choose a cloud service provider?-What is the selected framework of effective factors? Literature ReviewMany researchers have looked at the problem of choosing the best CSP from different aspects and have tried to provide a solution in this field. In this regard, we can refer to "Tang and Liu" (2015) who proposed a model called "FAGI" which defines the choice of a trusted CSP through four dimensions: security functions, auditability, management capability, and Interactivity helps. "Kong et al." (2013) presented an optimization algorithm based on graph theory to facilitate CSP selection. Some researchers have also provided a framework for CSP selection, such as "Gash" (2015) who provides a framework called "SelCSP" with the combination of trustworthiness and competence to estimate the risk of interaction. "Brendvall and Vidyarthi" (2014) suggest that in order to choose the best cloud service provider, a customer must first identify the indicators related to the level of service quality related to him and then evaluate different providers. Some researchers have focused on using different techniques for selection. For example: "Supraya et al." (2016) use the MCDM method to rank based on infrastructure parameters (agility, financial, efficiency, security, and ease of use). They investigate the mechanisms of cloud service recommender systems and divide them into four main categories and their techniques in four features of scalability, accessibility, accuracy, and trustIn this research, it has been tried to use the models and variables of the subject literature in developing a comprehensive framework. The codes, concepts, and categories related to the choice of cloud service providers are extracted from previous studies, and a comprehensive framework of the factors influencing the choice of cloud service providers is presented using the meta-composite method. MethodologyIn this research, based on the "Sandusky and Barroso" meta-composite qualitative research method, which is more general, a systematic review of the research literature was conducted, and the codes in the research literature were extracted. Then the codes, categories, and finally the proposed model are formed. The seven-step method of "Sandusky and Barroso" consists of: formulation of the research question, systematic review of the subject literature, search and selection of suitable articles, extraction of article information, analysis and synthesis of qualitative findings, quality control, and presentation of findings. Lawshe validation method has been used to validate the research findings. ResultsIn the meta-synthesis method, all the factors extracted from previous studies are considered as codes and concepts are obtained from the collection of these codes. Using the opinion of experts and considering the concept of each of these codes, codes with similar concepts were placed next to each other and new concepts were formed. This procedure was repeated in converting the concepts into categories and the proposed framework was identified. This framework consists of 27 codes, 10 concepts, and 4 categories (Table 1).Table 1: Codes, concepts, and categories extracted from the sourcescategoryConceptCodeNo.TrustSecurityHardware Security1Network Security2Software Security3Confidentiality4Control5Guarantee and AssuranceAccessibility6Stability7Facing ThreatsTechnical Risk8Center for Security Measures9TechnologyEfficiencyService Delivery Efficiency10Interactivity11Hardware and Network InfrastructureConfiguration and Change12Capacity (Memory, CPU, Disk)13Functionality Flexibility14Usability15Accuracy16Service Response Time17Ease of use18ManagerialMaintenanceEducation and Awareness19Customer Communication Channels20StrategicLegal Issues21Data Analysis22Service Level Agreement23CommercialCustomer SatisfactionResponsiveness24Customer Feedback25CostSubscription Fee26Implementation Cost27The lack of a common framework for evaluating cloud service providers is compounded by the fact that no two providers are the same, so that this issue complicates the process of choosing the right provider for each organization. Figure 1 shows the proposed comprehensive framework including 4 categories and 10 concepts covering the issue of choosing cloud service providers. These factors are useful in determining the provider that best matches the personal and organizational needs of the service recipient. The main categories are: trust building, technology, management, and business, which will be explained in the following.Figure 1: Cloud service provider selection framework 5- ConclusionBy comprehensively examining the factors affecting the choice, this research introduces specific areas such as trust building, technology, management, and business as the main areas of cloud service provider selection and add to the previous areas. The category of building trust between the customer, and the cloud service provider is of particular importance. In this research, the concepts related to trust building are: security (including hardware security, network security, software security, confidentiality and control), (availability, stability and stability), and facing threats (technical risk). In 36% of the articles, the concept of trust is mentioned, but in each study, only a limited number of factors affecting this category are discussed. This research takes a comprehensive look at the category of technology, the concepts of productivity (including service delivery efficiency, interactivity), hardware and network infrastructure (including configuration and repair, capacity (memory, processor, disk)), and performance (including flexibility, usability, accuracy of operation, service response time, ease of use). Considering the variety of services on different cloud platforms, service recipients must ensure that the provision of services is managed easily and in the shortest possible time by the cloud provider. The commercial aspect of service delivery deals with the two concepts of customer satisfaction (including responsiveness, customer feedback) and service rates (including: subscription cost and implementation cost), which are of interest to many businesses. The results of this research will help the decision makers of using the cloud space (both organizational managers and cloud customers) in choosing the best cloud service provider to have a comprehensive view of the effective factors before choosing and plan according to their needs

Relationship Between Specific Security Concerns and CIO Intention to Adopt Cloud

Cloud computing adoption rates have not grown commensurate with several well-known and substantially tangible benefits such as horizontal distribution and reduced cost, the latter both in terms of infrastructure and specialized personnel. The lack of adoption presents a challenge to both service providers from a sales perspective and service consumers from a usability focus. The purpose of this quantitative correlational study utilizing the technological, organizational, and environmental framework was to examine the relationship between shared technology (ST), malicious insiders (MI), account hijacking, data leakage, data protection, service partner trust (SP), regulatory concerns and the key decision-makers intention to adopt cloud computing. Additionally, the modifiers of firm size and scope were applied to verify any correlative impact. Data were analyzed from 261 participants all executive technology decision-makers across a diverse field of firms in the United States. The binary logistic regression analysis showed that ST, MI, and SP were all significant predictors X2(9, N = 261) = 227.055, p \u3c.001. A key recommendation is that providers should focus on the three primary areas of concern (ST, MI, and SP) for decision-makers, emphasizing mitigation, communication, and education to foster trust in the cloud paradigm, promoting greater adoption. The implication for social change includes the potential for greater adoption of cloud computing, thus providing enterprise-class operations to nonprofit and social agencies that may otherwise be unable to provide these services to their communities