Furthering the Growth of Cloud Computing by Providing Privacy as a Service

The evolution of Cloud Computing as a viable business solution for providing hardware and software has created many security concerns. Among these security concerns, privacy is often overlooked. If Cloud Computing is to continue its growth, this privacy concern will need to be addressed. In this work we discuss the current growth of Cloud Computing and the impact the public sector and privacy can have in furthering this growth. To begin to provide privacy protection for Cloud Computing, we introduce privacy constraints that outline privacy preferences. We propose the expansion of Cloud Service Level Agreements (SLAs) to include these privacy constraints as Quality of Service (QoS) levels. This privacy QoS must be agreed upon along with the rest of the QoS terms within the SLA by the Cloud consumer and provider. Finally, we introduce Privacy as a Service (PraaS) to monitor the agreement and provide enforcement if necessary

Assessing data breach risk in cloud systems

The emerging cloud market introduces a multitude of cloud service providers, making it difficult for consumers to select providers who are likely to be a low risk from a security perspective. Recently, significant emphasis has arisen on the need to specify Service Level Agreements that address security concerns of consumers (referred to as SecSLAs) - these are intended to clarify security support in addition to Quality of Service characteristics associated with services. It has been found that such SecSLAs are not consistent among providers, even though they offer services with similar functionality. However, measuring security service levels and the associated risk plays an important role when choosing a cloud provider. Data breaches have been identified as a high priority threat influencing the adoption of cloud computing. This paper proposes a general analysis framework which can compute risk associated with data breaches based on pre-agreed SecSLAs for different cloud providers. The framework exploits a tree based structure to identify possible attack scenarios that can lead to data breaches in the cloud and a means of assessing the use of potential mitigation strategies to reduce such breaches

A crowdsource model for quality assurance in cloud computing

Copyright © 2016 Inderscience Enterprises Ltd. Cloud computing has transformed the way businesses manage their IT resources. By uploading IT solution to the cloud, businesses are assured that computational power and storage capacity are available on demand. This makes cloud computing the next phase in the internet\u27s evolution. Businesses that use Cloud Service Providers (CSPs) tend to have Service-Level Agreements (SLAs), which act as a contract and define the level of expected service from the CSP, including availability, performance and security. Third Party Auditors (TPAs) have been suggested by recent research as a means to monitor CSPs. While the use of TPAs may seem sufficient, this paper shows a method where a CSP may deceive the SLA to reduce their cost and become more competitive. The CSP may achieve that while avoiding detection by TPAs. This paper describes two methods that enable CSPs to deceive cloud users. The simulation described in this paper shows that CSPs may save considerable amounts of money. The paper also presents a crowdsourced TPA model that lays the foundation for a solution to the problem. Our model can help TPAs to monitor CSPs and consequently detect any divergence from stated SLAs

Cloud Computing Adoption: A Cross-Continent Overview of Challenges

Cloud computing continues to dominate information and  communication technology (ICT) strategies globally through the provision of remote access to computing resources via the internet. With its inherent pay-per usage model, flexibility,  scalability and other features, cloud computing is also set to transform economic activities around the world. This paper  analyses and compares the challenges facing the adoption of cloud computing from a geo-regional context; Europe and sub-Saharan Africa. An institutional theory perspective is used as framework for analysis. Findings from Norway in Europe and Nigeria in sub-Saharan Africa show that there are several challenges to cloud computing adoption in both places that are similar but impact on adoption decisions in different ways. For instance, the key adoption issues used as bases for comparison in Norway viz.  security, privacy and trust, cost, Service Level Agreements (SLAs), government policies and regulations, and loss of control over data can all inhibit or pose as hindrances to cloud computing adoption. Contrarily, in Nigeria, these issues are not seen as inhibiting cloud computing adoption. Furthermore, the findings show the profound effect of normative and coercive pressures in Norway that can impact negatively on adoption decisions and theabsence of such pressures in Nigeria which seem to have a  positive influence on adoption at present.Keywords: Cloud Computing; Adoption; Europe; Sub-saharan Africa; Institutional Theor