A contingency lens on cloud provider management processes

AbstractTraditional ways of managing information technology (IT) service providers are no longer applicable as companies use more and more services provisioned in the cloud. Therefore, organizations are looking for new ways to manage their relationship with cloud providers. The shift from IT-as-a-product to IT-as-a-service puts clients in a continued dependency on cloud service providers (CSPs), making provider management a critical factor for companies’ success. In this paper, we (1) identify cloud-specific challenges in managing CSPs, (2) develop a corresponding process framework for CSP management, and (3) discuss and extend this framework. Our final cloud management framework comprises ten processes for effective CSP management based on a literature study and twelve expert interviews. Furthermore, we unpack three major contingency factors, i.e., client–provider ratio, specificity, and service delivery model, which influence the reasonability and configuration of the cloud management processes. Drawing on two specific cases from our interview study, we explicate the contingency factors’ influence. Thus, our paper contributes to cloud sourcing research by deepening the understanding of client–provider relationships and by introducing a viable CSP management instrument contingent on three salient factors of cloud service provisioning.

Download Full-text

Securing Business IT on the Cloud

Cloud Technology ◽

10.4018/978-1-4666-6539-2.ch094 ◽

2015 ◽

pp. 2022-2032

Author(s):

Bina Ramamurthy

Keyword(s):

Large Scale ◽

Service Providers ◽

Cloud Service ◽

Access Point ◽

Cloud Provider ◽

Service Model ◽

Platform As A Service ◽

Security Challenges ◽

Modern Business ◽

Amazon Web Services

In this chapter, the author examines the various approaches taken by the popular cloud providers Amazon Web Services (AWS), Google App Engine (GAE), and Windows Azure (Azure) to secure the cloud. AWS offers Infrastructure as a Service model, GAE is representative of the Software as a Service, and Azure represents the Platform as a Service model. Irrespective of the model, a cloud provider offers a variety of services from a simple large-scale storage service to a complete infrastructure for supporting the operations of a modern business. The author discusses some of the security aspects that a cloud customer must be aware of in selecting a cloud service provider for their needs. This discussion includes the major threats posed by multi-tenancy in the cloud. Another important aspect to consider in the security context is machine virtualization. Securing these services involves a whole range of measures from access-point protection at the client end to securing virtual co-tenants on the same physical machine hosted by a cloud. In this chapter, the author highlights the major offerings of the three cloud service providers mentioned above. She discusses the details of some important security challenges and solutions and illustrates them using screen shots of representative security configurations.

Download Full-text

Privacy enforcement on subscribers data in cloud computing

Nigerian Journal of Technology ◽

10.4314/njt.v40i2.17 ◽

2021 ◽

Vol 40 (2) ◽

pp. 308-320

Author(s):

S.A. Akinboro ◽

U.J. Asanga ◽

M.O. Abass

Keyword(s):

Cloud Computing ◽

Service Providers ◽

Cloud Service ◽

Cloud Provider ◽

Sensitive Information ◽

Secure Socket Layer ◽

Brute Force ◽

User Privacy ◽

Platform As A Service ◽

High Level

Data stored in the cloud are susceptible to an array of threats from hackers. This is because threats, hackers and unauthorized access are not supported by the cloud service providers as implied. This study improves user privacy in the cloud system, using privacy with non-trusted provider (PNTP) on software and platform as a service model. The subscribers encrypt the data using user’s personal Advanced Encryption Standard (AES) symmetric key algorithm and send the encrypted data to the storage pool of the Cloud Service Provider (CSP) via a secure socket layer. The AES performs a second encryption on the data sent to the cloud and generates for the subscriber a key that will be used for decryption of previously stored data. The encryption and decryption keys are managed by the key server and have been hardcoded into the PNTP system. The model was simulated using the Stanford University multimedia dataset and benchmarked with a Privacy with Trusted cloud Provider (PTP) model using encryption time, decryption time and efficiency (brute force hacking) as parameters. Results showed that it took a longer time to access the user files in PNTP than in the PTP system. The brute force hacking took a longer time (almost double) to access data stored on the PNTP system. This will give subscribers a high level of control over their data and increase the adoption of cloud computing by businesses and organizations with highly sensitive information.

Download Full-text

Prototype Planning and Technician Job Report System at PT Visionet Data Internasional

CCIT Journal ◽

10.33050/ccit.v13i2.791 ◽

2020 ◽

Vol 13 (2) ◽

pp. 209-219

Author(s):

Arief Herdiansah ◽

Nora Fitriawati ◽

Erni Rahmawati

Keyword(s):

Data Center ◽

Service Providers ◽

Literature Study ◽

Help Desk ◽

Analysis And Design ◽

It Service ◽

Report System ◽

International Data ◽

Interview Survey ◽

A Company

PT Visionet Data International is a subsidiary of PT. Multipolar tbk, based in lippo Cyber Park, and is engaged in outsourcing IT service providers, serving data center operational services and a company's daily IT operational services (IT Help desk). As a company engaged in services, PT Visionet Data International always strives to run its projects optimally and always maintain the reliability and scalability of computerized infrastructure that supports the customer's main business activities. The prototype planning, control and technician report system is an information system for scheduling, monitoring and reporting the job of technicians in the customer. In this study, researchers conducted an analysis and design of a technician job report system at PT. Data International Data Tangerang. The research method used was interview, survey and literature study methods. The system design process uses UML and the application is developed using PHP. The results of this study are information systems that can improve the services provided by PT. Visionet International Data to customers.

Download Full-text

Flexible Coordination Techniques for Dynamic Cloud Service Collaboration

Adaptive Web Services for Modular and Reusable Software Development - Advances in Web Technologies and Engineering ◽

10.4018/978-1-4666-2089-6.ch009 ◽

2012 ◽

pp. 239-252

Author(s):

Gary Creaner ◽

Claus Pahl

Keyword(s):

Service Providers ◽

Cloud Service ◽

Cloud Services ◽

Service Provisioning ◽

Tuple Space ◽

Service Collaboration ◽

Space Architecture ◽

Open Nature ◽

Limited Scope ◽

The Web

The provision of individual, but also composed services is central in cloud service provisioning. The authors describe a framework for the coordination of cloud services, based on a tuple-space architecture which uses an ontology to describe the services. Current techniques for service collaboration offer limited scope for flexibility. They are based on statically describing and compositing services. With the open nature of the web and cloud services, the need for a more flexible, dynamic approach to service coordination becomes evident. In order to support open communities of service providers, there should be the option for these providers to offer and withdraw their services to/from the community. For this to be realised, there needs to be a degree of self-organisation. The authors’ techniques for coordination and service matching aim to achieve this through matching goal-oriented service requests with providers that advertise their offerings dynamically. Scalability of the solution is a particular concern that will be evaluated in detail.

Download Full-text

Legal problems of using cloud services of foreign providers by Russian banks

Lex Russica ◽

10.17803/1729-5920.2019.148.3.108-115 ◽

2019 ◽

pp. 108-115

Author(s):

V. A. Kanashevskiy

Keyword(s):

Service Providers ◽

Personal Data ◽

Cloud Service ◽

Legal Aspects ◽

Cloud Services ◽

Cloud Provider ◽

Computing Services ◽

Money Transfers ◽

Systems Requirements ◽

The Right

The paper examines the legal aspects of the use of cloud solutions by Russian banks of foreign providers. Despite the obvious advantages, there are many obstacles to such a use in the Russian legislation, including the lack of general regulation of cloud computing services, requirements for information security (licensing of encryption activities, certification of information systems), requirements of legislation on the localization of personal data databases, electronic databases of banks, etc. Based on the analysis of existing regulations, in particular the industry regulators, the author comes to the conclusion that foreign cloud service providers have the right to provide services to Russian financial institutions under certain conditions: cloud solutions should not include outsourcing of business functions entirely and should not involve the production of internal (domestic) money transfers (payments); foreign cloud provider has taken measures to protect the protected information; cross-border transfer of personal data and bank secrecy should be carried out in an impersonal form, etc.

Download Full-text

A RAID-BASED SECURE AND FAULT-TOLERANT MODEL FOR CLOUD INFORMATION STORAGE

International Journal of Software Engineering and Knowledge Engineering ◽

10.1142/s0218194013400111 ◽

2013 ◽

Vol 23 (05) ◽

pp. 627-654 ◽

Cited By ~ 9

Author(s):

DANIEL FITCH ◽

HAIPING XU

Keyword(s):

Service Providers ◽

Formal Model ◽

Fault Tolerant ◽

Cloud Service ◽

Information Storage ◽

Cloud Provider ◽

Security Mechanism ◽

Data Set ◽

Cloud Cluster ◽

Cloud Service Providers

Cloud computing allows for access to ubiquitous data storage and powerful computing resources through the use of web services. There are major concerns, however, with data security, reliability, and availability in the cloud. In this paper, we address these concerns by introducing a novel security mechanism for secure and fault-tolerant cloud information storage. The information storage model follows the RAID (Redundant Array of Independent Disks) concept by considering cloud service providers as independent virtual disk drives. As such, the model utilizes multiple cloud service providers as a cloud cluster for information storage, and a service directory for management of the cloud clusters including service query, key management, and cluster restoration. Our approach not only supports maintaining the confidentiality of the stored data, but also ensures that the failure or compromise of an individual cloud provider in a cloud cluster will not result in a compromise of the overall data set. To ensure a correct design, we present a formal model of the security mechanism using hierarchical colored Petri nets (HCPN), and verify some key properties of the model using model checking techniques.

Download Full-text

Optimizing performance of fuzzy decision support system with multiple parameter dependency for cloud provider evaluation

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i1.2.9044 ◽

2017 ◽

Vol 7 (1.2) ◽

pp. 166

Author(s):

Uma Rani ◽

Surjeet Dalal ◽

Jugnesh Kumar

Keyword(s):

Decision Support ◽

Decision Support System ◽

Support System ◽

Service Provider ◽

Service Providers ◽

Fuzzy Rule ◽

Cloud Service ◽

Cloud Services ◽

Cloud Provider ◽

Parameter Dependency

In today’s world, technological trend offers computing resources as services through the internet in on-demand or pay-as-you-go approach. These services are provided by different cloud service providers. Due to which trust on the any service provider is a choice of any customer. In order to choose a reputed cloud service provider a new method using the concept of fuzzy has proposed in this paper. This method enhanced the customer’s satisfaction level of using cloud services by avoiding ambiguities in fuzzy interface system (FIS) through optimization.Proposed fuzzy rule-based decision support system is collaborating with advanced fuzzy system optimized using a swarm intelligent firefly algorithm that facilitates the consumers in selecting right CSP based upon their rating value. It conducts three different reviews of three different components, i.e. customer review, service provider review and public review. Results are carried out on the basis of both simple and the optimized fuzzy, and it is found that the optimized fuzzy surpasses the simple fuzzy logic.

Download Full-text

Dynamic Service Provisioning and Selection for Satisfying Cloud Applications and Cloud Providers in Hybrid Cloud

International Journal of Cooperative Information Systems ◽

10.1142/s0218843017500058 ◽

2017 ◽

Vol 26 (04) ◽

pp. 1750005 ◽

Cited By ~ 1

Author(s):

Xu Lijun ◽

Li Chunlin

Keyword(s):

Resource Constraints ◽

Cloud Model ◽

Cloud Service ◽

Cloud Provider ◽

Service Provisioning ◽

Hybrid Cloud ◽

Public Cloud ◽

Private Cloud ◽

Cloud Users ◽

Cloud User

The paper presents a hybrid cloud service provisioning and selection optimization scheme, and proposes a hybrid cloud model which consists of hybrid cloud users, private cloud and public cloud. This scheme aims to effectively provide cloud service and allocate cloud resources, such that the system utility can be maximized subject to public cloud resource constraints and hybrid cloud users constraints. The paper makes use of a utility-driven approach to solve interaction among private cloud user, hybrid cloud service provider and public cloud provider in hybrid cloud environment. The paper presents hybrid cloud service provisioning and selection algorithm in hybrid cloud. The hybrid cloud market consists of hybrid cloud user agent, hybrid cloud service agent and hybrid cloud agent, which represent the interests of different roles. The experiments are designed to compare the performance of proposed algorithm with the other related work.

Download Full-text

Cost-enabled QoS aware task scheduling in the cloud management system

Journal of Intelligent & Fuzzy Systems ◽

10.3233/jifs-189881 ◽

2021 ◽

pp. 1-9

Author(s):

Rajkumar Rajavel ◽

Sathish Kumar Ravichandran ◽

Partheeban Nagappan ◽

Sivakumar Venu

Keyword(s):

Task Scheduling ◽

User Satisfaction ◽

Service Providers ◽

Scheduling Algorithm ◽

Scheduling Algorithms ◽

Cloud Service ◽

Cloud Management ◽

Qos Parameters ◽

Cloud Providers ◽

The Cost

Maintaining the quality of service (QoS) related parameters is an important issue in cloud management systems. The lack of such QoS parameters discourages cloud users from using the services of cloud service providers. The proposed task scheduling algorithms consider QoS parameters such as the latency, make-span, and load balancing to satisfy the user requirements. These parameters cannot sufficiently guarantee the desired user experience or that a task will be completed within a predetermined time. Therefore, this study considered the cost-enabled QoS-aware task (job) scheduling algorithm to enhance user satisfaction and maximize the profit of commercial cloud providers. The proposed scheduling algorithm estimates the cost-enabled QoS metrics of the virtual resources available from the unified resource layer in real-time. Moreover, the virtual machine (VM) manager frequently updates the current state-of-the art information about resources in the proposed scheduler to make appropriate decisions. Hence, the proposed approach guarantees profit for cloud providers in addition to providing QoS parameters such as make-span, cloud utilization, and cloud utility, as demonstrated through a comparison with existing time-and cost-based task scheduling algorithms.

Download Full-text

An Efficient Framework for Sharing a File in a Secure Manner Using Asymmetric Key Distribution Management in Cloud Environment

Journal of Computer Networks and Communications ◽

10.1155/2019/9852472 ◽

2019 ◽

Vol 2019 ◽

pp. 1-8 ◽

Cited By ~ 2

Author(s):

K. V. Pradeep ◽

V. Vijayakumar ◽

V. Subramaniyaswamy

Keyword(s):

Cloud Computing ◽

Service Providers ◽

Cloud Service ◽

Third Party ◽

Cloud Provider ◽

Cloud Environment ◽

Security Threat ◽

Distribution Management ◽

Encryption Decryption

Cloud computing is a platform to share the data and resources used among various organizations, but the survey shows that there is always a security threat. Security is an important aspect of cloud computing. Hence, the responsibility underlines to the cloud service providers for providing security as the quality of service. However, cloud computing has many challenges in security that have not yet been addressed well. The data accessed or shared through any devices from the cloud environment are not safe because they are likely to have various attacks like Identity Access Management (IAM), hijacking an account or a service either by internal/external intruders. The cryptography places a major role to secure the data within the cloud environment. Therefore, there is a need for standard encryption/decryption mechanism to protect the data stored in the cloud, in which key is the mandatory element. Every cloud provider has its own security mechanisms to protect the key. The client cannot trust the service provider completely in spite of the fact that, at any instant, the provider has full access to both data and key. In this paper, we have proposed a new system which can prevent the exposure of the key as well as a framework for sharing a file that will ensure security (CIA) using asymmetric key and distributing it within the cloud environment using a trusted third party. We have compared RSA with ElGamal and Paillier in our proposed framework and found RSA gives a better result.

Download Full-text