7 research outputs found
Taxonomy of Technological IT Outsourcing Risks: Support for Risk Identification and Quantification
The past decade has seen an increasing interest in IT outsourcing as it promises companies many economic benefits. In recent years, IT paradigms, such as Software-as-a-Service or Cloud Computing using third-party services, are increasingly adopted. Current studies show that IT security and data privacy are the dominant factors affecting the perceived risk of IT outsourcing. Therefore, we explicitly focus on determining the technological risks related to IT security and quality of service characteristics associated with IT outsourcing. We conducted an extensive literature review, and thoroughly document the process in order to reach high validity and reliability. 149 papers have been evaluated based on a review of the whole content and out of the finally relevant 68 papers, we extracted 757 risk items. Using a successive refinement approach, which involved reduction of similar items and iterative re-grouping, we establish a taxonomy with nine risk categories for the final 70 technological risk items. Moreover, we describe how the taxonomy can be used to support the first two phases of the IT risk management process: risk identification and quantification. Therefore, for each item, we give parameters relevant for using them in an existing mathematical risk quantification model
Identification and ranking of relevant criteria for the selection of Software as a Service
Software as a Service (SaaS) is a model for the provision of application software that allows them to be seen as a service rather than a product. A main challenge for organizations is to understand which applications in their portfolio are more appropriate to deploy in this way. This paper proposes an approach based on the Delphi method to identify and rank the relevant criteria for the selection of applications. The results show that the Delphi method is a flexible tool that allows the expansion of knowledge, by identifying relevant criteria to the problem not foreseen by the researcher, and by providing a ranking of importance of those criteria.info:eu-repo/semantics/acceptedVersio
Selection Criteria for Software as a Service: An Explorative Analysis of Provider Requirements
Currently, customers can choose among many Cloud providers for enterprise systems. The provider selection involves several challenges to match individual customer requirements and provided service characteristics. Unfortunately, this process is not transparent and characterized by the lack of appropriate selection criteria. Research is mainly concentrated on capabilities and success factors on the customer side. A set of Cloud provider requirements from a customer perspective, especially within the context of an adoption of on-demand enterprise systems, have barely been discussed so far. In this paper we present a set of selection criteria for Software as a Service (SaaS). These criteria are developed to enable a Cloud provider comparison and match the customer requirements with the provider characteristics. We followed a design science approach and conducted a systematic literature review, an extensive market analysis of 651 providers and an evaluation based on expert interviews to develop the presented selection criteria
TAXONOMY OF TECHNOLOGICAL IT OUTSOURCING RISKS: SUPPORT FOR RISK IDENTIFICATION AND QUANTIFICATION
The past decade has seen an increasing interest in IT outsourcing as it promises companies many economic benefits. In recent years, IT paradigms, such as Software-as-a-Service or Cloud Computing using third-party services, are increasingly adopted. Current studies show that IT security and data privacy are the dominant factors affecting the perceived risk of IT outsourcing. Therefore, we explicitly focus on determining the technological risks related to IT security and quality of service characteristics associated with IT outsourcing. We conducted an extensive literature review, and thoroughly document the process in order to reach high validity and reliability. 149 papers have been evaluated based on a review of the whole content and out of the finally relevant 68 papers, we extracted 757 risk items. Using a successive refinement approach, which involved reduction of similar items and iterative re-grouping, we establish a taxonomy with nine risk categories for the final 70 technological risk items. Moreover, we describe how the taxonomy can be used to support the first two phases of the IT risk management process: risk identification and quantification. Therefore, for each item, we give parameters relevant for using them in an existing mathematical risk quantification mode
Uma abordagem Delphi e AHP para selecção de aplicações a disponibilizar em modelo SaaS
O Software as a Service (SaaS) é um modelo integrado no paradigma de computação em
nuvem, que se distingue do modelo convencional, por permitir que as aplicações deixem de
ser encaradas como um produto, passando a ser tratadas como um serviço.
Um dos desafios para as organizações é compreender, quais das aplicações do seu portfólio
são adequadas para este novo modelo, e, delinear uma estratégia de disponibilização dessas
aplicações nesse modelo, de forma a implementar as que trazem mais benefícios.
Este trabalho propõe uma abordagem estruturada, combinando o método Delphi com o
Método de Análise Hierárquica (AHP) para solucionar o problema. O Delphi permite, através
de um processo iterativo e anónimo obter o consenso relativamente a uma questão de
investigação enquanto que o AHP é um método de apoio à decisão que permite decompor um
problema numa estrutura hierárquica reduzindo uma decisão complexa a uma série de
comparações. A utilização de uma ronda inicial semi-estruturada para iniciar o Delphi e a
triagem de critérios na ligação do Delphi com o AHP são aspectos inovadores usados nesta
abordagem integrada.
Todos os pontos críticos do desenho do método são criteriosamente justificados. O método foi
aplicado no cenário de uma organização do mercado segurador, analisando quatro aplicações
do seu portfólio, demonstrando ser uma ferramenta de apoio à decisão estruturada, fácil de
executar, flexível e que permite aos decisores explorar de forma sistemática os factores que
pesam na decisão. A aplicação do método é fundamentada usando múltiplas métricas,
demonstrando que os resultados obtidos por este método são válidos.Software as a Service (SaaS) is an application delivery model integrated in the cloud
computing paradigm, which differs from the traditional model, by allowing applications to be
seen as a service, instead of a product.
The main challenge for organizations is to understand which applications from their portfolio
are suitable for this model, and outline a strategy for the provision of these applications in this
model in order to implement those who deliver more benefits.
This work proposes a structured approach, combining the Delphi method with the Analytic
Hierarchy Process (AHP) to solve the problem. The Delphi method allows, through an
iterative and anonymous process, to reach consensus regarding a research question while the
AHP is a decision support method that allows to decompose a problem into a hierarchical
structure, reducing a complex decision to series of simple comparisons. Novel aspects of this
approach include the use of a semi-structured round to initiate the Delphi method and a
criteria screening strategy in Delphi AHP integration step.
All critical points of the method design are carefully justified and the method validation is
carried out using multiple metrics. The proposed method is applied to a scenario of an
insurance industry organization, analyzing four applications of its portfolio. The analysis of
the results show that the method is a structured, easy to implement and flexible tool to
support decision, that allows decision makers to explore the factors around the problem
Essays on antecedents and consequences of cloud computing capabilities in organizations: an empirical analysis of field data
Cloud computing is widely recognized as a potential disruptive paradigm that changes how IT is consumed and business is conducted in various industries. Managerial and academic literature has shown that cloud computing may benefit firms in various ways such as cost savings, fast project development, and business innovation. Nevertheless, there are many different interpretations and perceptions of cloud computing about how to better prepare for and use it in the information systems (IS) literature. A systematic analysis is necessary to clarify the equivocal issues around cloud computing and guide managers to better understand and utilize cloud computing in practice. This dissertation addresses several important relationships around cloud computing using theoretical models and empirical data as a representation of how the questions about cloud computing may be investigated in the IS literature and how the findings may benefit organizations in using cloud computing. Therefore, the dissertation comprises three connected chapters that address one important antecedent of cloud computing adoption – internal IT modularity within firms and two important consequences – firm performance and strategic alliance formation. It is found that in order to better prepare for cloud computing adoption, firm users can do something themselves by modularizing their internal IT systems. Firms also need to know whether and how cloud computing, after all, can benefit their firm performance or other activities such as strategic alliance formation. The findings show that cloud computing overall and its various specific cloud services may promote firm performance directly or complementarily with internal enterprise resources. Cloud computing and its specific cloud services may also exert different effects on strategic alliance formation. This dissertation systematically addresses the issues around cloud computing in the IS literature and sheds lights on how such a study can be applied to help managers and decision makers in industries to better understand and use cloud computing to achieve their business goals
Modelo de interoperabilidad para plataformas de cloud computing basado en tecnologías del conocimiento
La Internet de los servicios ha ido modificando la Web desde un mero repositorio de
información hasta convertirse en una plataforma para servicios y transacciones donde las
organizaciones ofertan servicios de todo tipo, incrementando sus procesos de negocio
exponiéndolos a través de la Web. Unido a esta transformación surgen nuevos paradigmas,
como el Software-as-a-Service y el Cloud Computing, cuyos modelos se adaptan a esta nueva
concepción y prometen crear nuevos niveles de eficiencia mediante la compartición de
funcionalidades y recursos a gran escala. Con todo ello, las tecnologías relacionadas con el
Cloud Computing han ido incrementando su presencia e importancia en el mundo de las
tecnologías de la información y han evolucionado hasta convertirse en un conjunto maduro de
innovaciones tecnológicas capaces de proporcionar una sólida infraestructura para el
paradigma SaaS. El Cloud Computing y el SaaS abren las puertas a economías de gran escala y
también a nuevos horizontes pero se encuentran con un importante número de retos que
afrontar entre los que se encuentran:
La falta de modelos contrastados para determinar bajo qué condiciones es rentable
para las organizaciones el proceso de migración hacia estos modelos.
La falta de métodos probados (por ejemplo, guías de arquitecturas) para facilitar dicha
migración.
La falta de métodos de integración a diferentes niveles, hecho que dificulta el proceso
de desarrollo y entrega de un software capaz de comunicarse con otros elementos de
la plataforma cloud, perdiendo una de sus características más importantes.
Relacionado con el último aspecto comentado se encuentra el concepto de la
interoperabilidad. La interoperabilidad siempre se ha considerado como una de las asignaturas
pendientes de los sistemas de información, ya que la heterogeneidad de los sistemas eleva la
complejidad de los medios necesarios para alcanzarla. Este problema se está acrecentando con
la creciente proliferación de sistemas de información construidos de forma independiente que
dificultan o impiden los intercambios de información entre ellos. Debido a esto se pierde una
de las propiedades más interesantes de los sistemas de computación en nube pero además se
limita el avance hacia la posibilidad de un mundo completamente interoperable donde el
acceso a la información sería prácticamente infinito.
El problema de la interoperabilidad se ha afrontado desde diversas perspectivas, pero resultan
especialmente interesantes los enfoques realizados por las tecnologías semánticas, donde
alcanzar la interoperabilidad a distintos niveles es históricamente uno de sus objetivos
principales. La Web Semántica fue concebida principalmente para solucionar los problemas de
sobrecarga y heterogeneidad de los datos en la Web, hecho que trae como consecuencia la
ausencia de interoperabilidad. Su enfoque es el de añadir semántica a los datos de manera que
las máquinas sean capaces de procesarlos, razonar con ellos, combinarlos y realizar
deducciones lógicas de manera muy similar a como lo haría un ser humano, proporcionando
para ello una serie de herramientas útiles.
Dentro de este ámbito, esta tesis doctoral reúne los conceptos más relevantes y emergentes
en la actualidad como Cloud Computing, SaaS, tecnologías semánticas, modelado de procesos
de negocio, interoperabilidad entre sistemas, etc. El objetivo es fomentar la evolución de
nuevas plataformas orientadas en torno a la interoperabilidad y la reducción de costes que
puede suponer un impacto significativo en la industria. La investigación realizada, toma estas
tecnologías y paradigmas como base para poder definir un estándar o lenguaje común que
permita la interoperabilidad entre aplicaciones dentro de un entorno de Cloud Computing. Con
esto se consigue dar un paso importante en las áreas de las tecnologías mencionadas,
suponiendo un enfoque claramente innovador y cuyos resultados resultarán de gran
relevancia dentro del ámbito de los sistemas de información.
Por todo ello, la solución enmarcada dentro de esta tesis doctoral está orientada al diseño de
un lenguaje semántico basado en ontologías y de un sistema global que trabaja a su alrededor
capaz de capturar el conocimiento de las aplicaciones alojadas en una estructura de Cloud
Computing habilitando la realización de procesos de intercambio de información entre
aplicaciones heterogéneas de forma automática. Esta tesis doctoral plantea, por tanto, la
combinación del Cloud Computing y la Semántica para afrontar el problema de la
interoperabilidad a nivel de aplicación. Este enfoque no se encuentra extendido en la
actualidad debido a la “reciente” explosión de los sistemas cloud, pero los beneficios que
pueden aportarse mutuamente suponen una gran motivación para trabajar e investigar en
profundidad sobre ello.
La metodología de investigación seguida en esta tesis doctoral para alcanzar los objetivos y
demostrar las hipótesis planteadas ha consistido en:
Estudio del estado de arte. Mediante el estudio de los trabajos relacionados se pueden
conocer los métodos y tecnologías necesarios para alcanzar los objetivos planteados.
Este estudio se ha dividido en cinco bloques principales:
o Cloud Computing.
o Web Semántica.
o Servicios Web.
o Servicios Web Semánticos.
o Interoperabilidad.
Análisis de los aspectos más representativos de la literatura. El análisis de los
diferentes conceptos tratados en el estado del arte, permite realizar una toma de
decisiones correcta y sólidamente fundamentada para utilizar las tecnologías y
herramientas más adecuadas al problema.
Presentación de una primera aproximación de la solución. Esta etapa permitirá sentar
las bases y requisitos que se deben cumplir para cubrir los objetivos propuestos. Esta
parte de la investigación emplea las conclusiones extraídas del análisis previo y
permitirá concluir la viabilidad de la investigación y también si las herramientas
seleccionadas son suficientes para alcanzar la solución deseada.
Diseño final de la solución. En esta fase se concluye el proceso de diseño. Todos los
requisitos han de quedar cubiertos y debe presentar un nivel de detalle suficiente para
poder comenzar la implementación del entorno para su validación.
Implementación del lenguaje y configuración de la plataforma de Cloud Computing.
Esta fase marca el inicio de la validación que permitirá comprobar que el diseño
cumple con los objetivos marcados y que se encuentra en la línea de las hipótesis
propuestas. La configuración de la plataforma de computación en nube permitirá
evaluar y validar la investigación en un entorno real.
Validación. En esta fase se comprueba que toda la funcionalidad diseñada y
desarrollada permite representar el conocimiento relativo al problema y la
interoperabilidad de las aplicaciones en la nube sin necesidad de intervención por
parte del usuario.
Evaluación de hipótesis y análisis de resultados. Tras validar las hipótesis propuestas,
se analizan los resultados para extraer las consiguientes conclusiones de toda la
investigación realizada.
Documentación. La tarea de documentación se ha llevado a cabo a lo largo de todo el
proceso de elaboración de la presente tesis doctoral. En las primeras fases, la tarea de
documentación registra los resultados del estudio del estado del arte y del análisis del
problema. Durante el desarrollo de las siguientes etapas, se documentaron las
características del diseño realizado y los aspectos relevantes del sistema global. En la
fase de validación, se han documentado los resultados de los procedimientos de
validación seguidos. Finalmente se redactó la documentación definitiva que constituye
la presente memoria, incluyendo las conclusiones extraídas de cada uno de los
aspectos relativos a la tesis doctoral, a partir de la documentación generada a lo largo
de las distintas fases.
La evaluación del lenguaje y del sistema global en el que se enmarca, ha probado la viabilidad
de la solución presentada para alcanzar la interoperabilidad entre aplicaciones heterogéneas a
nivel de datos en entornos de computación en nube de manera automática. Gracias a la acción
conjunta de todos los componentes integrantes de la arquitectura diseñada se han conseguido
resultados satisfactorios en procesos de intercambio de información entre aplicaciones
situadas en una misma estructura de Cloud Computing. El proceso de validación ha permitido
además demostrar cada una de las hipótesis planteadas por la investigación. Por todo ello es
posible afirmar que se han alcanzado los objetivos planteados por la tesis doctoral, resultando
finalmente en un gran éxito y una contribución de relevancia en los diferentes ámbitos
estudiados. Además, las conclusiones extraídas de la totalidad de la investigación permiten
extrapolar aspectos teóricos a otros medios y abrir nuevas líneas de investigación destinadas a
contribuir a la consecución de entornos interoperables que permitan un mejor y más eficaz
aprovechamiento de la información existente. ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------The Internet of services has altered the Web from a simple repository of information to
become a services and transactions platform where organizations offer different kinds of
services, increasing their business processes through the Web. With this transformation, new
paradigm mergers have occurred, such as Cloud Computing and Software-as-a-Service, whose
models are adapted to this new conception and promise the creation of new levels of
efficiency through large scale sharing of functionalities and resources. With all of this, Cloud
Computing related technologies have increased their presence and importance in the world of
information technologies and have evolved to become a mature set of technological
innovations able to provide a strong infrastructure for the SaaS paradigm. Cloud Computing
and Software-as-a-Service open the doors to large scale economies and new horizons, but they
have to face an important number of challenges, among which we can find the following:
The lack of trusted models in order to determine the conditions under which it would
be worthwhile for the organization to start a process of migration to these kinds of
models.
The lack of tested methods (for example, architecture guides) that would facilitate a
potential migration.
The lack of integration methods at different levels. This complicates the development
and delivery processes of software that is able to communicate with other elements in
the cloud platform, therefore causing to lose one of its most important features.
In dealing with this last aspect, it is possible to find the concept of interoperability.
Interoperability has always been considered as one of the major challenges in information
systems given that the heterogeneity of systems raises the complexity of the necessary
methods to achieve it. This problem is growing with the increasing proliferation of
independent-built information systems, which obstruct or impede the information exchange
between them. Due to this, one of the most interesting properties of Cloud Computing
systems is missing and, furthermore, it is restricting the progress towards the possibility of a
completely interoperable world where the access to information would be nearly infinite.
The problem of interoperability has been faced from different perspectives, however the ones
based on semantic technologies, where reaching interoperability is historically one of their
major goals, are especially interesting. The Semantic Web was conceived for in order to solve
the problems of data overloading and heterogeneity in the Web, which causes the absence of
interoperability among other features. The approach of Semantic Web is to add semantic to
the data enabling the machine´s capability to process, reason, combine and make logical
deductions with them in a similar way than a human will do, providing a set of useful tools.
Within this field, this doctoral thesis brings together the current most relevant and rising
concepts like Cloud Computing, SaaS, semantic technologies, business process modeling,
systems interoperability, etc. The goal is to encourage the evolution of new platforms oriented
towards interoperability and cost reduction, which can have a significant impact in the
industry. The research accomplished takes these technologies and paradigms as a base for the
definition of a standard or common language that allows the interoperability between
applications hosted in the same Cloud Computing environment. With this, it is possible to take
a big step forward in the technology areas previously mentioned, creating a clearly innovative
approach with results that will obtain great significance in the world of information systems.
With the information mentioned, the solution framed within this doctoral thesis is oriented
towards the design of a semantic language ontology-based and of a global system that works
around it, able to capture the knowledge of the applications hosted in a Cloud Computing
structure, setting up the development of information exchange processes between
heterogeneous applications in an automatic manner. Therefore, this thesis proposes the
combination of Cloud Computing and Semantics in order to tackle the problem of
interoperability at application level. Currently this approach is not widespread due to the
“recent” explosion of cloud systems, but the benefits that they can mutually provide translate
into a great motivation for working and deeply researching in this field.
The research methodology followed during this doctoral thesis in order to achieve the goals
and provide the formulated hypothesis consists of:
State of the art study. Through the study of related works, it is possible to know the
methods and technologies necessary to achieve the outlined goals. This study is
divided in five main categories:
o Cloud Computing.
o Semantic Web.
o Web Services.
o Semantic Web Services.
o Interoperability.
Analysis of the Literature’s most representative aspects. The analysis of the different
concepts addressed in the state of the art, allows performing a correct and strongly
supported decision process to utilize the most appropriate technologies and tools for
the problem being solved.
First approach of the solution. This stage allows for the layout of the foundations and
requirements that have to be fulfilled in order to reach the proposed objectives. This
researching phase makes use of the conclusions extracted from the previous analysis
and allows to determine the viability of the researching as well as checking whether
the selected tools are good enough to achieve the desired solution.
Final design of the solution. In this phase the design process concludes. The whole set
of requirements have to be fulfilled and it must be detailed enough to be able to start
the implementation of the environment for its validation.
Language implementation and configuration of Cloud Computing platform. This stage
indicates the beginning of the validation process which will allow the testing of
whether the design meets the objectives and is aligned with the proposed hypothesis.
The configuration of the Cloud Computing platform will enable evaluating and
validating the researching in a real environment.
Validation. The whole designed and developed functionality is tested within this phase
in order to ensure that the problem is correctly represented and the system is able to
perform the different tasks to accomplish automatic interoperability.
Hypothesis evaluation and analysis of results. After validating the proposed
hypothesis, results are analyzed to extract the necessary conclusions related to the
implemented research.
Documentation. This task has been developed throughout the whole process of this
doctoral thesis preparation. In the first stages, the documentation registers the results
obtained from the state of the art study and the analysis of the problem. During the
following phases, all the features of the developed design and the relevant aspects
from the global system were documented. Within the validation phase, the results of
the performed procedures have been written. Lastly, the definitive statement that
makes this document was composed, including the conclusions extracted from each of
the aspects relative to this doctoral thesis, arising from the documentation generated
along the different phases.
The evaluation of the language, and the global system where it is framed, has proved the
viability of the proposed solution, achieving automatic interoperability of heterogeneous
applications at data level in Cloud Computing environments. Thanks to the joint action of all
components forming the designed architecture, this research provided satisfactory results in
the information exchange processes between applications hosted in the same Cloud
Computing infrastructure. Moreover, the validation process has allowed for the demonstration
of each of the hypotheses proposed by the research. By the information contained herein, it is
possible to affirm that all the objectives exposed in this doctoral thesis have been
accomplished, resulting in a great success and a relevant contribution to the different areas
analyzed. Furthermore, the conclusions extracted from the whole research allow for the
extrapolation of some theoretical aspects to other environments, as well as open new
research lines that contribute to the achievement of interoperable environments that are able
to provide a better and more efficient use of the vast volume of existing information