Migration goals and risk management in cloud computing: A review of state of the art and survey results on practitioners

Organizations are now seriously considering adopting cloud into the existing business context, but migrating data, application and services into cloud doesn’t come without substantial risks. These risks are the significant barriers for the wider cloud adoption. Cloud computing has obtained a lot of attention by both research and industry communities in recent years. There are works that consolidate the existing work on cloud migration and technology. However, there is no secondary study that consolidates the state of the art research and existing practice on risk management in cloud computing. It makes difficult to understand the risks management trend, maturity, and research gaps. This paper investigates the state of the art research and practices relating to risk management in cloud computing and discusses survey results on migration goals and risks. The survey participants are practitioners from both public and private organizations of two different locations, i.e., UK and Malaysia. We identify and classify the relevant literature and systematically compare the existing works and survey results. The results show that most of the existing works do not consider the existing organization and business context for the risk assessment only emphasize on security and privacy risks. Our study results also reveal that risk management in cloud computing research and practice is still not in a mature stage but gradually advancing. Our observation emphasizes the necessity of a comprehensive risk management framework to support the migration decision and to monitor the risks after migration. Finally, we propose a risk assessment approach based on the six prioritized cloud migration goals using analytic hierarchy process and determine the relative importance of these migration goals from two real migration use cases

Business models for software-based services in complex systems

Manufacturing industry has evolved towards the delivery of complex systems, involving equipment, services and software components. Traditional industrial services are connected to the physical equipment, limiting the possibilities of service offering and thus, the financial benefits of them. It is not rare that services are focused on the maintenance of the customer’s equipment or on selling spare parts. Despite this, fiercer competition calls for new differentiation methods and increased customer value. Software-based services enabled by equipment lifecycle data represent a key business opportunity for manufacturing firms in a globalized world. Previous studies on servitization in the manufacturing industry enabled by product lifecycle data have considered the software tools needed to deliver the services, but the conditions and network tasks in the delivery chain are often overlooked. In the manufacturing industry, the increased centrality of information technology calls for cooperation with more specialized suppliers, and this cooperation is poorly understood. Thus this thesis explores alternative business models for software-based services and the tasks related to the service delivery network, considering the cooperation between manufacturing and software firms. The conditions to enable and successfully promote industrial services based on equipment lifecycle data are also described. An exploratory study was conducted with four software firms and two manufacturing companies. Interviews took place with employees with diverse managerial positions in different areas, revealing unexploited opportunities for software-based services enabled by equipment lifecycle data. A framework for a triadic cooperation is presented, clarifying the task division between manufacturing and software firms in service delivery. The customers’ participation specifics were set aside as this thesis had no access to them and their role specification was limited to the firms’ interpretation. It is suggested that a future study is conducted applying the presented suggestions and involving the customer in the process

A Methodology for Internet of Things Business Modeling and Analysis using Agent-Based Simulation

Internet of Things (IoT) is a new vision of an integrated network covering physical objects that are able to collect and exchange data. It enables previously unconnected devices and objects to become connected using equipping devices with communication technology such as sensors and radio frequency identification tags (RFID). As technology progresses towards new paradigm such as IoT, there is a need for an approach to identify the significance of these projects. Conventional simulation modeling and data analysis approaches are not able to capture the system complexity or suffer from a lack of data needed that can help to build a prediction. Agent-based Simulation (ABM) proposes an efficient simulation scheme to capture the structure of this dimension and offer a potential solution. Two case studies were proposed in this research. The first one introduces a conceptual case study addressing the use of agent-based simulations to verify the effectiveness of the business model of IoT. The objective of the study is to assess the feasibility of such application, of the market in the city of Orlando (Florida, United States). The second case study seeks to use ABM to simulate the operational behavior of refrigeration units (7,420) in one of largest retail organizations in Saudi Arabia and assess the economic feasibility of IoT implementation by estimating the return on investment (ROI)

Integration of Blockchain and Digital Twins in the Smart Built Environment Adopting Disruptive Technologies—A Systematic Review

The integration of blockchain and digital twins (DT) for better building-lifecycle data management has recently received much attention from researchers in the field. In this respect, the adoption of enabling technologies such as artificial intelligence (AI) and machine learning (ML), the In-ternet of Things (IoT), cloud and edge computing, Big Data analytics, etc., has also been investigated in an abundance of studies. The present review inspects the recent studies to shed light on the foremost among those enabling technologies and their scope, challenges, and integration potential. To this end, 86 scientific papers, recognized and retrieved from the Scopus and Web of Science databases , were reviewed and a thorough bibliometric analysis was performed on them. The obtained results demonstrate the nascency of the research in this field and the necessity of further implementation of practical methods to discover and prove the real potential of these technologies and their fusion. It was also found that the integration of these technologies can be beneficial for addressing the implementation challenges they face individually. In the end, an abstract descriptive model is presented to provide a better understanding of how the technologies can become integrated into a unified system for smartening the built environment

Viiteraamistik turvariskide haldamiseks plokiahela abil

Turvalise tarkvara loomiseks on olemas erinevad programmid (nt OWASP), ohumudelid (nt STRIDE), turvariskide juhtimise mudelid (nt ISSRM) ja eeskirjad (nt GDPR). Turvaohud aga arenevad pidevalt, sest traditsiooniline tehnoloogiline infrastruktuur ei rakenda turvameetmeid kavandatult. Blockchain näib leevendavat traditsiooniliste rakenduste turvaohte. Kuigi plokiahelapõhiseid rakendusi peetakse vähem haavatavateks, ei saanud need erinevate turvaohtude eest kaitsmise hõbekuuliks. Lisaks areneb plokiahela domeen pidevalt, pakkudes uusi tehnikaid ja sageli vahetatavaid disainikontseptsioone, mille tulemuseks on kontseptuaalne ebaselgus ja segadus turvaohtude tõhusal käsitlemisel. Üldiselt käsitleme traditsiooniliste rakenduste TJ-e probleemi, kasutades vastumeetmena plokiahelat ja plokiahelapõhiste rakenduste TJ-t. Alustuseks uurime, kuidas plokiahel leevendab traditsiooniliste rakenduste turvaohte, ja tulemuseks on plokiahelapõhine võrdlusmudel (PV), mis järgib TJ-e domeenimudelit. Järgmisena esitleme PV-it kontseptualiseerimisega alusontoloogiana kõrgema taseme võrdlusontoloogiat (ULRO). Pakume ULRO kahte eksemplari. Esimene eksemplar sisaldab Cordat, kui lubatud plokiahelat ja finantsjuhtumit. Teine eksemplar sisaldab lubadeta plokiahelate komponente ja tervishoiu juhtumit. Mõlemad ontoloogiaesitlused aitavad traditsiooniliste ja plokiahelapõhiste rakenduste TJ-es. Lisaks koostasime veebipõhise ontoloogia parsimise tööriista OwlParser. Kaastööde tulemusel loodi ontoloogiapõhine turberaamistik turvariskide haldamiseks plokiahela abil. Raamistik on dünaamiline, toetab TJ-e iteratiivset protsessi ja potentsiaalselt vähendab traditsiooniliste ja plokiahelapõhiste rakenduste turbeohte.Various programs (e.g., OWASP), threat models (e.g., STRIDE), security risk management models (e.g., ISSRM), and regulations (e.g., GDPR) exist to communicate and reduce the security threats to build secure software. However, security threats continuously evolve because the traditional technology infrastructure does not implement security measures by design. Blockchain is appearing to mitigate traditional applications’ security threats. Although blockchain-based applications are considered less vulnerable, they did not become the silver bullet for securing against different security threats. Moreover, the blockchain domain is constantly evolving, providing new techniques and often interchangeable design concepts, resulting in conceptual ambiguity and confusion in treating security threats effectively. Overall, we address the problem of traditional applications’ SRM using blockchain as a countermeasure and the SRM of blockchain-based applications. We start by surveying how blockchain mitigates the security threats of traditional applications, and the outcome is a blockchain-based reference model (BbRM) that adheres to the SRM domain model. Next, we present an upper-level reference ontology (ULRO) as a foundation ontology and provide two instantiations of the ULRO. The first instantiation includes Corda as a permissioned blockchain and the financial case. The second instantiation includes the permissionless blockchain components and the healthcare case. Both ontology representations help in the SRM of traditional and blockchain-based applications. Furthermore, we built a web-based ontology parsing tool, OwlParser. Contributions resulted in an ontology-based security reference framework for managing security risks using blockchain. The framework is dynamic, supports the iterative process of SRM, and potentially lessens the security threats of traditional and blockchain-based applications.https://www.ester.ee/record=b551352

Data ethics : building trust : how digital technologies can serve humanity

Data is the magic word of the 21st century. As oil in the 20th century and electricity in the 19th century: For citizens, data means support in daily life in almost all activities, from watch to laptop, from kitchen to car, from mobile phone to politics. For business and politics, data means power, dominance, winning the race. Data can be used for good and bad, for services and hacking, for medicine and arms race. How can we build trust in this complex and ambiguous data world? How can digital technologies serve humanity? The 45 articles in this book represent a broad range of ethical reflections and recommendations in eight sections: a) Values, Trust and Law, b) AI, Robots and Humans, c) Health and Neuroscience, d) Religions for Digital Justice, e) Farming, Business, Finance, f) Security, War, Peace, g) Data Governance, Geopolitics, h) Media, Education, Communication. The authors and institutions come from all continents. The book serves as reading material for teachers, students, policy makers, politicians, business, hospitals, NGOs and religious organisations alike. It is an invitation for dialogue, debate and building trust! The book is a continuation of the volume “Cyber Ethics 4.0” published in 2018 by the same editors

Proceedings ICPW'07: 2nd International Conference on the Pragmatic Web, 22-23 Oct. 2007, Tilburg: NL

Proceedings ICPW'07: 2nd International Conference on the Pragmatic Web, 22-23 Oct. 2007, Tilburg: N