Using Obstacles for Systematically Modeling, Analysing, and Mitigating Risks in Cloud Adoption

2013 ◽  
pp. 275-296 ◽  
Author(s):  
Shehnila Zardari ◽  
Funmilade Faniyi ◽  
Rami Bahsoon
Keyword(s):  
Cloud Computing ◽  
Cost Effective ◽  
Service Level ◽  
Management Framework ◽  
Cloud Adoption ◽  
Risk Management Framework ◽  
Cost Implications ◽  
Effective Service ◽  
Cloud User

In this chapter, the authors motivate the need for a systematic approach to cloud adoption from the risk perspective. The enormous potential of cloud computing for improved and cost-effective service delivery for commercial and academic purposes has generated unprecedented interest in its adoption. However, a potential cloud user faces numerous risks regarding service requirements, cost implications of failure, and uncertainty about cloud providers’ ability to meet service level agreements. Hence, the authors consider two perspectives of a case study to identify risks associated with cloud adoption. They propose a risk management framework based on the principle of GORE (Goal-Oriented Requirements Engineering). In this approach, they liken risks to obstacles encountered while realising cloud user goals, therefore proposing cloud-specific obstacle resolution tactics for mitigating identified risks. The proposed framework shows benefits by providing a principled engineering approach to cloud adoption and empowering stakeholders with tactics for resolving risks when adopting the cloud.

Using Obstacles for Systematically Modeling, Analysing, and Mitigating Risks in Cloud Adoption

2015 ◽  
pp. 1351-1372
Author(s):  
Shehnila Zardari ◽  
Funmilade Faniyi ◽  
Rami Bahsoon
Keyword(s):  
Cloud Computing ◽  
Cost Effective ◽  
Service Level ◽  
Management Framework ◽  
Cloud Adoption ◽  
Risk Management Framework ◽  
Cost Implications ◽  
Effective Service ◽  
Cloud User

In this chapter, the authors motivate the need for a systematic approach to cloud adoption from the risk perspective. The enormous potential of cloud computing for improved and cost-effective service delivery for commercial and academic purposes has generated unprecedented interest in its adoption. However, a potential cloud user faces numerous risks regarding service requirements, cost implications of failure, and uncertainty about cloud providers' ability to meet service level agreements. Hence, the authors consider two perspectives of a case study to identify risks associated with cloud adoption. They propose a risk management framework based on the principle of GORE (Goal-Oriented Requirements Engineering). In this approach, they liken risks to obstacles encountered while realising cloud user goals, therefore proposing cloud-specific obstacle resolution tactics for mitigating identified risks. The proposed framework shows benefits by providing a principled engineering approach to cloud adoption and empowering stakeholders with tactics for resolving risks when adopting the cloud.

scholarly journals ERMOCTAVE: A Risk Management Framework for IT Systems Which Adopt Cloud Computing

2019 ◽  
Vol 11 (9) ◽  
pp. 195 ◽  
Author(s):  
Masky Mackita ◽  
Soo-Young Shin ◽  
Tae-Young Choe
Keyword(s):  
Cloud Computing ◽  
Risk Management ◽  
Enterprise Risk Management ◽  
Management Framework ◽  
Risk Management Framework ◽  
Vulnerability Evaluation ◽  
It Systems ◽  
Management Processes ◽  
Enterprise Risk

Many companies are adapting cloud computing technology because moving to the cloud has an array of benefits. During decision-making, having processed for adopting cloud computing, the importance of risk management is progressively recognized. However, traditional risk management methods cannot be applied directly to cloud computing when data are transmitted and processed by external providers. When they are directly applied, risk management processes can fail by ignoring the distributed nature of cloud computing and leaving numerous risks unidentified. In order to fix this backdrop, this paper introduces a new risk management method, Enterprise Risk Management for Operationally Critical Threat, Asset, and Vulnerability Evaluation (ERMOCTAVE), which combines Enterprise Risk Management and Operationally Critical Threat, Asset, and Vulnerability Evaluation for mitigating risks that can arise with cloud computing. ERMOCTAVE is composed of two risk management methods by combining each component with another processes for comprehensive perception of risks. In order to explain ERMOCTAVE in detail, a case study scenario is presented where an Internet seller migrates some modules to Microsoft Azure cloud. The functionality comparison with ENISA and Microsoft cloud risk assessment shows that ERMOCTAVE has additional features, such as key objectives and strategies, critical assets, and risk measurement criteria.

An Extensible Identity Management Framework for Cloud-Based E-Government Systems

2016 ◽  
pp. 399-422
Author(s):  
Hirra Anwar ◽  
Muhammad Awais Shibli ◽  
Umme Habiba
Keyword(s):  
Cloud Computing ◽  
Identity Management ◽  
Security Requirements ◽  
Computing Technology ◽  
Management Framework ◽  
Government Organizations ◽  
Domain Specific ◽  
Government Institutions ◽  
Design And Implementation

Numerous Cloud Identity Management (IdM) systems have been designed and implemented to meet the diverse functional and security requirements of various organizations. These requirements are subjective in nature; for instance, some government organizations require security more than efficiency while others prioritize performance and immediate response over security. However, most of the existing IdM systems are incapable of handling the user-centricity, security & technology requirements and are also domain specific. In this regard, this chapter elaborates the need to use Cloud Computing technology for enhancing the effectiveness and transparency of IdM functions and presents a comprehensive and well-structured Extensible IdM Framework for Cloud based e-government institutions. We present the design and implementation details of the proposed framework, followed by a case study which shows how government organizations of Pakistan would use the proposed framework to improve their IdM processes and achieve diverse IdM services.

Research on System Architecture to Provide Maximum Security, End User Device Independency and User Centric Control over Content in Cloud

2013 ◽  
Vol 4 (3) ◽  
pp. 38-52
Author(s):  
Sai Manoj Marepalli ◽  
Razia Sultana ◽  
Andreas Christ
Keyword(s):  
Cloud Computing ◽  
Detection System ◽  
Cloud Service ◽  
Service Level ◽  
Mobile Technologies ◽  
Communication Structure ◽  
Layered Architecture ◽  
Wide Range ◽  
The Impact ◽  
Cloud User

Cloud computing is the emerging technology providing IT as a utility through internet. The benefits of cloud computing are but not limited to service based, scalable, elastic, shared pool of resources, metered by use. Due to mentioned benefits the concept of cloud computing fits very well with the concept of m-learning which differs from other forms of e-learning, covers a wide range of possibilities opened up by the convergence of new mobile technologies, wireless communication structure and distance learning development. The concept of cloud computing like any other concept has not only benefits but also introduces myriad of security issues, such as transparency between cloud user and provider, lack of standards, security concerns related to identity, Service Level Agreements (SLA) inadequacy etc. Providing secure, transparent, and reliable services in cloud computing environment is an important issue. This paper introduces a secured three layered architecture with an advance Intrusion Detection System (advIDS), which overcomes different vulnerabilities on cloud deployed applications. This proposed architecture can reduce the impact of different attacks by providing timely alerts, rejecting the unauthorized access over services, and recording the new threat profiles for future verification. The goal of this research is to provide more control over data and applications to the cloud user, which are now mainly controlled by Cloud Service Provider (CSP).

Teaching Case for Addressing Risks with Strategies in an International Airport Project

2013 ◽  
Vol 2 (1) ◽  
pp. 18-35
Author(s):  
Daly Paulose
Keyword(s):  
Risk Management ◽  
Business Strategy ◽  
Theoretical Models ◽  
Management Framework ◽  
Monetary Value ◽  
International Airport ◽  
Risk Management Framework ◽  
South West ◽  
Management Project

This is a case applying risk management, project management, and business strategy theories. The center piece is a successful build-own-operate (BOO) international airport mega-project completed in south-west India. This case study was applied for teaching a university senior-level course in business strategy. The paper explains the risk management framework, expected monetary value (EMV) calculation, and how the theoretical models can be applied to the BOO project. It then presents worked-out solutions to selected EMV problems.

scholarly journals Analyzing Cloud-based Startups: Evidence from a Case Study in Italy

2017 ◽  
Vol 10 (5) ◽  
pp. 73 ◽  
Author(s):  
Luca Ferri ◽  
Marco Maffei ◽  
Gianluigi Mangia ◽  
Andrea Tomo
Keyword(s):  
Cloud Computing ◽  
Implementation Process ◽  
Entrepreneurial Activity ◽  
Entry Barriers ◽  
Cloud Adoption ◽  
Advantages And Disadvantages ◽  
Managerial Implications ◽  
Entrepreneurial Activities ◽  
Startup Firms

The aim of this study is to analyze the reasons behind the adoption of cloud computing and its implementation process in startup firms as well as to verify the advantages and disadvantages deriving from the adoption of this tool and how it could increase entrepreneurial activities. We applied a research framework developed by previous scholars on cloud adoption within SMEs in an attempt to adapt it to startup firms. In particular, we conducted a case study in an Italian technological startup.Our results show that cloud technology supports and facilitates entrepreneurial activity, especially reducing several entry barriers for new entrepreneurs. This study contributes to the existing literature on cloud computing, and it has several managerial implications. First, it shows that setting up the organizational model on cloud computing allows entrepreneurs to reduce organizational efforts and ICT investments. Furthermore, this technology can reduce diversification costs by eliminating entry barriers, thus opening new markets and opportunities for entrepreneurs.

scholarly journals Multiple Perspective of Cloud Computing Adoption Determinants in Higher Education a Systematic Review

2019 ◽  
Vol 9 (3) ◽  
pp. 89-109 ◽  
Author(s):  
Mohammed Banu Ali
Keyword(s):  
Higher Education ◽  
Cloud Computing ◽  
Effective Means ◽  
Cost Effective ◽  
Teaching Staff ◽  
Multiple Perspectives ◽  
Adoption Studies ◽  
Cloud Adoption ◽  
Cloud Computing Adoption ◽  
Skilled Personnel

Cloud computing has become a major talking point in recent times. An innovation such as cloud computing for higher education institutions (HEI) can be a cost effective means to operate their IT systems effectively without having to spend vast amounts of money on developing their IT infrastructure. HEIs also face the burden of several challenges e.g. limited infrastructure resources and IT budget, as well as limited teaching staff, technical experts, and IT skilled personnel. With support from a systematic literature review approach, this article identifies the key determinants of cloud adoption from a technological, organisational, environmental and personal perspectives. A total of 17 cloud adoption studies in the HEI context and their respected models from the period of 2012 to 2017 are reviewed and discussed. The findings suggest a lack of cloud adoption studies in the HEI domain from multiple perspectives, particularly in relation to the wider socio-technical concerns related to cloud adoption and future studies related to this research gap are deliberated.

Project risk planning in high-tech new product development

2016 ◽  
Vol 29 (2) ◽  
pp. 110-124 ◽  
Author(s):  
Jorge Ayala-Cruz
Keyword(s):  
Risk Management ◽  
New Product Development ◽  
New Product ◽  
High Tech ◽  
Project Risk ◽  
Content Type ◽  
Management Framework ◽  
Risk Management Framework ◽  
Project Risks

Purpose The purpose of this paper is to present the implementation and testing of a modified project risk management framework that integrates PMI’s framework with Monte Carlo simulation to improve the effectiveness in high-tech new product development (NPD) projects. Design/methodology/approach The modified framework considers three bodies of knowledge: project management, risk management, and Monte Carlo simulation to produce an enhance project risk management framework. Its application is shown through a case study. Findings Using the integrated framework in a recent case study project and prior NPD projects measures (as benchmarks), it was shown that it could help to enhance risk responses caused by task durations and costs’ uncertainties. The framework proved to be better than segregated generic best practices and was key in providing insight to the issue of early project risk assessment. Research limitations/implications More experimental replications are required for enhancement effectiveness assertions of the framework, through the application of the framework to similar case studies. Furthermore, this could improve its reliability and soundness. Practical implications Future directions for research could include case and empirical studies that include hypothesis’s testing, and the integration of optimization procedure for improved NPD project’s planning and execution. Originality/value This paper outlines a way to close the gap of project risks management planning in NPD’s initiatives. It was motivated by a relatively new tendency in exploring integrated frameworks to deal with complex project risks issues.

scholarly journals An Analytical Framework of a Deployment Strategy for Cloud Computing Services: A Case Study of Academic Websites

2013 ◽  
Vol 2013 ◽  
pp. 1-14 ◽  
Author(s):  
Chi-Hua Chen ◽  
Hui-Fei Lin ◽  
Hsu-Chia Chang ◽  
Ping-Hsien Ho ◽  
Chi-Chun Lo
Keyword(s):  
Cloud Computing ◽  
Analytical Framework ◽  
Service Level ◽  
Network Behavior ◽  
Analytic Framework ◽  
Deployment Strategy ◽  
Computing Services ◽  
Cloud Computing Services ◽  
Hierarchy Process

Cloud computing has become a popular topic for exploration in both academic and industrial research in recent years. In this paper, network behavior is analyzed to assess and compare the costs and risks associated with traditional local servers versus those associated with cloud computing to determine the appropriate deployment strategy. An analytic framework of a deployment strategy that involves two mathematical models and the analytical hierarchy process is proposed to analyze the costs and service level agreements of services involving using traditional local servers and platform as service platforms in the cloud. Two websites are used as test sites to analyze the costs and risks of deploying services inGoogle App Engine(GAE) (1) the website ofInformation and Finance of Management(IFM) at theNational Chiao Tung University(NCTU) and (2) the NCTU website. If the examined websites were deployed in GAE, NCTU would save over 83.34% of the costs associated with using a traditional local server with low risk. Therefore, both the IFM and NCTU websites can be served appropriately in the cloud. Based on this strategy, a suggestion is proposed for managers and professionals.

Sign in / Sign up

Export Citation Format

Share Document