Secure migration to compliant cloud services: A case study

Alruwaili, Fahad F.; Gulliver, T. Aaron

doi:10.1016/j.jisa.2017.11.004

Cited by 4 publications

(2 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…General security and privacy issues Pearson et al (2009) Rogue employees of cloud computing providers, hackers, and even other customers of the same provider can steal the users' private information from the cloud. Data theft from virtual machines in the cloud is one of the biggest security and privacy challenges in cloud computing Sun et al (2011) Security and privacy issues of cloud computing pertain to control over the private information, safety of transferring information to the cloud, legal requirement responsibility and supervising the cloud subcontractors Takabi et al (2010) Security and privacy concerns about cloud computing are authentication and identity management, access control and accounting, trust management and policy integration, secure-service management, privacy and data protection and organizational security management Zhou et al (2010) Privacy concerns named so far are still scant and more threats can be contemplated in terms of five security features: availability, confidentiality, data integrity, control and audit Security and privacy design and architecture Alruwaili and Gulliver (2014) An information security, privacy and compliance readiness model is proposed to evaluate whether an organization is prepared sufficiently to resolve privacy issues and address compliance violations Pearson (2009) It is recommended that system designers, architects, and developers take into account the following guidelines when designing cloud computing: minimize personal information sent to and stored in the cloud; protect personal information in the cloud; maximize user control; allow user choice; specify and limit the purpose of data usage; provide feedback Sharma and Khiva (2013) A secure architecture to reduce privacy concerns and the secure cloud computing should include four components: the third-party website, the cloud service provider, the user, and the third-party database Security and privacy regulation Kerr and Teng (2012) Traditional contracts and licensing do not provide enough legal resources and protection associated with the cloud computing relationships; thus, terms of use agreements, and service level agreements need to employ new patterns to encompass different cloud computing scenarios Mather et al (2009) Security and privacy concerns about using cloud computing applications and services can be decreased if the following regulations are adopted: Cloud computing has serious risks of privacy and consumer rights, and the current privacy law is insufficient to address the risks. Thus, cloud computing services should be used cautiously Data security and privacy Chen and Zhao (2012) A data life cycle (generation, transfer, use, share, storage, archival and destruction) for cloud computing services is presented and security and privacy of data at each phase of data life cycle are analyzed Khan and Hamlen (2012) A mechanism of anonymizing circuit based on Tor can be implemented by cloud computing providers; this mechanism assists users to safely transfer their personal and sensitive information to the cloud The effect of security and privacy beliefs…”

Section: Research Stream Studies Argument and Findingmentioning

confidence: 99%

Post hoc security and privacy concerns in mobile apps: the moderating roles of mobile apps’ features and providers

Nikkhah

Grover

Sabherwal

2023

ICS

View full text Add to dashboard Cite

Purpose This study aims to argue that user’s continued use behavior is contingent upon two perceptions (i.e. the app and the provider). This study examines the moderating effects of user’s perceptions of apps and providers on the effects of security and privacy concerns and investigate whether assurance mechanisms decrease such concerns. Design/methodology/approach This study conducts a scenario-based survey with 694 mobile cloud computing (MCC) app users to understand their perceptions and behaviors. Findings This study finds that while perceived value of data transfer to the cloud moderates the effects of security and privacy concerns on continued use behavior, trust only moderates the effect of privacy concerns. This study also finds that perceived effectiveness of security and privacy intervention impacts privacy concerns but does not decrease security concerns. Originality/value Prior mobile app studies mainly focused on mobile apps and did not investigate the perceptions of app providers along with app features in the same study. Furthermore, International Organization for Standardization 27018 certification and privacy policy notification are the interventions that exhibit data assurance mechanisms. However, it is unknown whether these interventions are able to decrease users’ security and privacy concerns after using MCC apps.

show abstract

Section: Research Stream Studies Argument and Findingmentioning

confidence: 99%

Post hoc security and privacy concerns in mobile apps: the moderating roles of mobile apps’ features and providers

Nikkhah

Grover

Sabherwal

2023

ICS

View full text Add to dashboard Cite

show abstract

“…According to [7], the legacy applications are usually incompatible with current technology stack of the cloud servers. Many times, the enterprises must refactor and change the legacy code to work on cloud server, which is a very cumbersome work [13]. Therefore, a cloud migration framework must provide suitable integrators and adaptors that facilitates the migration of legacy application without making big changes in the source code [10].…”

Section: Related Studymentioning

confidence: 99%

A Framework for Strategic Cloud Migration

Ahmed

Singh

2019

Proceedings of the 2019 5th International Conference on Computing and Artificial Intelligence

View full text Add to dashboard Cite

This paper presents a novel framework for organisations to carry out a structured feasibility study on Cloud migration and to decide Cloud Migration Strategy. Following the framework helps an organisation to decide whether Cloud migration is a feasible option for them, and if so, the best strategic approach towards Cloud migration. It is a crucial and sensitive part for any organisation to decide whether they should move to Cloud Computing platform. The decision requires strategic approach with proper feasibility study. Several technological, human, security and financial factors are involved in decision making process to move to the Cloud. The proposed framework helps an organisation to carry out a feasibility study to decide whether to move to the Cloud, and if so, what would be the best approach towards Cloud migration. The proposed framework addresses the factors that an organisation must explore to decide on Cloud migration. Cloud Computing has its own pros and cons. A whimsical decision to move to the Cloud may be disastrous for an organisation. Following the proposed framework will help organisations to carry out a structured and integrated feasibility study deal with the decision on Cloud migration. CCS Concepts • Information systems➝Information Systems Applications➝ Computing Platforms • Security and Privacy➝Human and societal aspects of security and privacy.

show abstract

Complexity of the Analysis of Financial Cloud Based on Fuzzy Theory in the Wisdom of Sustainable Urban Development

2021

View full text Add to dashboard Cite

With the rapid growth of our country’s economy, fuzzy theory has become more and more widely used in the financial field. This research mainly explores the application of financial cloud based on fuzzy theory in the sustainable development of smart cities. This research will apply the related knowledge of fuzzy theory, combine the traditional information system risk assessment thought and cloud computing system risk assessment, and propose a series of risk assessment models for the cloud computing system. First, design a smart city model to analyze the potential security issues of the financial cloud computing system. The security level model of cloud computing establishes an index system for evaluation objects based on the level of the security model and uses expert evaluation methods to build models for all levels of the risk profile through the analysis-level process and establish a fuzzy relationship model for each evaluation object value. We objectively evaluate the smart city model based on the designed financial cloud platform. Then, specific statistical analysis is performed on the fuzzy relationship model corresponding to the weight value of the evaluation object, the calculation result is finally obtained, and the risk assessment report of the financial cloud computing system is provided. For every 2% increase in trade dependence, the informatization level of smart cities will drop by about 0.03% on average. The findings have long strengthened the overall coordinated development of the financial system, optimized the financial structure, improved development efficiency, promoted close integration of science and technology and finance, and played the role of government leader it was to fulfill. It shows that we need to maximize it and improve the informatization when building smart cities. The level of development is very important for accelerating urban construction.

show abstract

Secure migration to compliant cloud services: A case study

Cited by 4 publications

References 8 publications

Post hoc security and privacy concerns in mobile apps: the moderating roles of mobile apps’ features and providers

Post hoc security and privacy concerns in mobile apps: the moderating roles of mobile apps’ features and providers

A Framework for Strategic Cloud Migration

Complexity of the Analysis of Financial Cloud Based on Fuzzy Theory in the Wisdom of Sustainable Urban Development

Contact Info

Product

Resources

About