Governance a management služeb cloud computingu z pohledu spotřebitele / Cloud computing governance a management from consumer point of view

Karkošková, Soňa

January 2017

Cloud computing brings widely recognized benefits as well as new challenges and risks resulting mainly from the fact that cloud service provider is an external third party that provides public cloud services in multi-tenancy model. At present, widely accepted IT governance frameworks lack focus on cloud computing governance and do not fully address the requirements of cloud computing from cloud consumer viewpoint. Given the absence of any comprehensive cloud computing governance and management framework, this doctoral dissertation thesis focuses on specific aspects of cloud service governance and management from consumer perspective. The main aim of doctoral dissertation thesis is the design of methodological framework for cloud service governance and management (Cloud computing governance and management) from consumer point of view. Cloud consumer is considered as a medium or large-sized enterprise that uses services in public cloud computing model, which are offered and delivered by cloud service provider. Theoretical part of this doctoral dissertation thesis identifies the main theoretical concepts of IT governance, IT management and cloud computing (chapter 2). Analytical part of this doctoral dissertation thesis reviews the literature dealing with specifics of cloud services utilization and their impact on IT governance and IT management, cloud computing governance and cloud computing management (chapter 3). Further, existing IT governance and IT management frameworks (SOA Governance, COBIT, ITIL and MBI) were analysed and evaluated in terms of the use of cloud services from cloud consumer perspective (chapter 4). Scientific research was based on Design Science Research Methodology with intention to design and evaluate artifact methodological framework. The main part of this doctoral dissertation thesis proposes methodical framework Cloud computing governance and management based on SOA Governance, COBIT 5 and ITIL 2011 (chapter 5, 6 and 7). Verification of proposed methodical framework Cloud computing governance and management from cloud consumer perspective was based on scientific method of case study (chapter 8). The main objective of the case study was to evaluate and verify proposed methodical framework Cloud computing governance and management in a real business environment. The main contribution of this doctoral dissertation thesis is both the use of existing knowledge, approaches and methodologies in area of IT governance and IT management to design methodical framework Cloud computing governance and management and the extension of Management of Business Informatics (MBI) framework by a set of new tasks containing procedures and recommendations relating to adoption and utilization of cloud computing services.

IT-systemleverantörers transformation från produkt till tjänst : - En granskning av hinder och fördelar / The transformation of IT-system suppliers from product to service : - A review of barriers and benefits

Elisson, Filip, Sjunfors, Joakim

January 2016

Tjänstefierade IT-system (Software as a Service) växer kraftigt med 50 % per år samtidigt som produktifierade IT-system (Software as a Product) håller på att dö ut. Nya tjänster etableras på ett effektivt sätt för att möta fler behov med färre resurser och leverantören blir delaktig under hela produktens livscykel. Tjänstefierade IT-system förknippas ofta med molntjänster där både lagring och mjukvara erbjuds över nätverk. Dessa tjänster kan erbjudas från datacenter där leverantören sköter driften av IT-infrastruktur. Tjänstesystem säljs främst via två olika intäktsmodeller, användarbaserad intäktsmodell eller uthyrning av mjukvara. Genom att sälja IT-systemet som en tjänst kan leverantören bredda sin kundbas till kunder som inte har det finansiella kapitalet som krävs för att köpa ett IT-system via en mjukvarulicens. Mycket tyder på att en transformation från produkt till tjänst behöver ske för IT-systemleverantörer då efterfrågan inom detta segment ökar. Sveriges näringsliv består till 99 % av små och medelstora företag men det finns ingen tidigare forskning om vilka problem som kan uppkomma under transformationen och vad en liten eller medelstor IT-systemleverantör kan uppnå med ett tjänstesystem. Intresset ligger i att undersöka små och medelstora IT-systemleverantörers erfarenheter kring transformationen och dess hinder och fördelar. Studien har genomfört en teoretisk undersökning för att få en förståelse kring tjänstefierade IT-system och produktifierade IT-system, denna förståelse har legat till grund för den empiriska undersökningen. Eftersom tidigare forskning kring små och medelstora IT-systemleverantörer saknas har studien utgått från empiri för att ta reda på vilka huvudsakliga hinder och fördelar som bör beaktas. Insamling av empiriskt material skedde genom kvalitativa intervjuer och teoretiska underlaget via litteraturstudier. Studien har därefter besvarat vilka huvudsakliga hinder och fördelar en liten eller medelstor IT-systemleverantör bör beakta vid transformation från produktsystem till tjänstesystem. / Software as a Service is growing fast by 50 % per year, while Software as a Product is dying. New services are established in an effective way to meet more needs with fewer resources and suppliers become involved during the entire product life cycle. Software as a Service is often associated with cloud services, where both storage and software are offered through network. These services can be offered from data centers where the provider operates IT-infrastructure. Service systems are sold primarily through two different revenue models, Pay as you Go-model or rental-model. By selling IT-system as a service, providers can expand their customer base to customers who do not have the financial power needed to purchase an IT-system software license. A lot suggests that a transformation from product to service is needed for IT-system suppliers, as demand in this segment is increasing. Swedish trade and industry consists of 99 % of small and medium-sized enterprises, but there is no previous research on the problems that may arise during the transformation and what a small or medium-sized IT-system vendor can achieve with a service system. The interest lies in investigating small and medium-sized IT-systems vendors' experiences of the transformation, including its barriers and benefits. The study conducted a theoretical study to get an understanding of Software as a Service and Software as a Product, this understanding has been the basis for the empirical study. Since previous research on small and medium-sized IT-systems suppliers are missing the study has been based on empirical data to find out what the main barriers and benefits that should be considered. Collection of empirical material was done through interviews and theoretical material through literature studies. The study subsequently responded to the main barriers and benefits a small or medium sized IT-system supplier should take into consideration before the transformation from product system to service system.The thesis is written in Swedish.

Software as a Service

Software as a Product

cloud service

IT-system

IT-system supplier

system delivery

Tjänstefierade IT-system

produktifierade IT-system

molntjänst

transformation

produkt till tjänst

IT-system

IT-systemleverantör

systemleverans

Computer and Information Sciences

Data- och informationsvetenskap

Current cloud challenges in Germany: the perspective of cloud service providers

Hentschel, Raoul, Leyh, Christian, Petznick, Anne

07 June 2018

Cloud computing has a significant impact on information and communication technology (ICT) and is one of the most important technological drivers of the digitalization of enterprises. However, due to the increasing dissemination of cloud services and the growing number of cloud service providers (CSPs), the uncertainty and risks for user companies in adopting cloud services have also increased. In this paper, we address those aspects from the perspective of the CSPs. We identified relevant literature and studies and conducted interviews with business experts from 16 German CSPs. In our results, we present current customer requirements and barriers to using cloud services from a provider’s viewpoint and identify the actions of and obstacles for CSPs in meeting the needs and constraints of the customers. Finally, we identify current and future challenges for CSPs in dealing with customer requirements and barriers by addressing their root causes. One of the main challenges from the CSPs’ perspective is addressing customers appropriately and building relationships of trust. This also “forces” changes in the sales processes. In this process, the essential challenges can be identified as an increase in complexity and a simultaneous simplification of specific sales activities. Therefore, the necessity arises for the continuous support of business relationships through value-adding and additional services. However, this results in another challenge for the CSPs – Namely, to find the right balance between standardization and meeting customer-specific requirements. In our paper, we show that the perspective of the CSPs is rarely discussed in the literature. Nevertheless, understanding the perceptions of the providers and their actions and measures is essential for future research activities in the field of cloud service selection. Comparing the customers’ perspectives and viewpoints with the CSPs’ actions will enhance the development of a holistic selection approach for future cloud projects. Therefore, our paper’s contribution to research is also the identification of this missing integration.

info:eu-repo/classification/ddc/004

ddc:004

The Modeling and Management of Computational Sprinting

Morris, Nathaniel Joseph

22 November 2021

No description available.

Computer Science

Den digitalt suveräna staten : En undersökning av inställningen till nationell datalagring av personuppgifter hos statliga myndigheter / The digitally sovereign state : An investigation into the attitude towards national data storage of personal data within Swedish public authorities

Gordon Hultsjö, Joel

January 2021

The number of scandals during the past years regarding the use and misuse of digital storage of personal infor-mation in combination with the implementation of the General Data Protection Regulation (GDPR) within the EU member states, has resulted in a resurfaced discussion of sovereignty within the public sphere in relation to the storage of digital information. This master thesis examines the attitudes towards national data storage of personal data within twenty Swedish public agencies in the context of the analytical term Digital sovereignty.The thesis uses semi-structured interviews with employees working with data protection and qualitative con-tent analysis of internal documents connected to personal data management, in order to examine Swedish govern-ment agencies attitudes towards national data storage of personal information. The responses of the interviews and the internal policy documents in the area of personal data protections is viewed through the analytic term Digital sovereignty. The government agency the Swedish social security agency’s definition of Digital sovereignty is used in the thesis, which focuses on national governments ability to have control over both the technical and geograph-ical processing and storage of their citizen’s personal data.The thesis concludes that Swedish authorities takes the risk of transfer of personal data to third countries outside of the EU very seriously, while they also see the need to find legal ways to transfer personal data to these same countries. The thesis also concludes that Swedish government agencies try to avoid cloud services and are cautious in their use due to the implications they have for information and data security, while other research have shown that cloud services are used extensively within Swedish government agencies. The thesis also concludes that there is a lack of interest in national data storage of personal information within Swedish government, which can partially be attributed to the relationship between the General Data Protections Regulation and data storage regulation on a national level in Sweden. This leads to the final conclusion in this thesis, which is that there is some indication that the future of storage of personal data with the EU member states lies not in nationally managed cloud services, but rather in a federated cloud service on EU-level such as the currently ongoing project Gaia-X. This is a two years master's thesis in Archival science.

Digital Sovereignty

Cloud Service

Data storage

GDPR

Government Agencies

Information security

Digital suveränitet

Molntjänst

Datalagring

Dataskyddsförordningen

GDPR

Personuppgifter

Statliga myndigheter

Informationssäkerhet

Tredjelandsöverföring.

Other Humanities not elsewhere specified

Övrig annan humaniora

Ethical hacking of a Smart Wi-Fi Plug

Newton Hedelin, Markus, Samuelsson, Marcus

January 2022

This bachelor’s thesis paper investigates the security of a smart Wi-Fi plug a power outlet remotely controlled by a smart phone, the Deltaco Smart Home SH-P01. In order to raise the security standards of the numerous new digital products produced every year, the possible security flaws of these devices must be exposed and made official to the general public. Especially since these flaws could be exploited by an adversary. By the means of ethical hacking, this paper aims to contribute with a security assessment of a device with components from a globally leading actor, Tuya. This is done by picking up where a previous study of the same device left off; penetration testing of the smart plug’s Android mobile application and its related cloud service, following the guidelines based on years of previous tests in the field. The final security assessment is that Tuya has made a real effort to securing the smart plug’s systems. The Android app, Tuya Smart, does contain some sensitive information and lacks two-factor authentication, but this did not allow for critical exploits. The cloud is deemed well-protected, and overall, there were no severe security flaws exposed by this investigation. Through more extensive penetration testing and by targeting the device’s firmware, future work could perhaps render an even more substantial assessment. / Det här kandidatexamensarbetet undersöker säkerheten hos ett smart Wi-fi-uttag - ett eluttag som styrs trådlöst av en mobiltelefon, uttaget Deltaco Smart Home SH-P01. För att kunna höja säkerhetsstandarden hos de otaliga nya digitala produkter som produceras varje år, måste de eventuella säkerhetsbristerna inom dessa enheter exponeras och offentliggöras för allmänheten. Framför allt då dessa brister kan utnyttjas av någon med fientlig agenda. Genom användning av etisk hackning är avsikten med denna rapport att bidra med en säkerhetsbedömning av en enhet innehållandes komponenter från en världsledande aktör, Tuya. Utförandet påbörjades där ett tidigare arbete avslutades; med penetrationstestning av det smarta uttagets Android-mobilapplikation och enhetens relaterade molntjänst, utfört i riktlinjer baserat på flera år av tidigare tester inom området. Den slutgiltiga säkerhetsbedömningen är att Tuya verkligen har satsat på säkerheten hos det smarta uttaget. Mobilappen, Tuya Smart, visades innehålla känslig information och saknade två-stegs-autentisering, men detta möjliggjorde inte någon kritisk exploatering. Molntjänsten bedöms vara väl skyddad, och överlag hittades inga allvarliga säkerhetsbrister under undersökningen. Ytterligare mer omfattande penetrationstestning, samt undersökning av enhetens mjukvara, skulle kunna bidra till en ännu mer gedigen säkerhetsbedömning i framtida arbeten.

Bachelor’s thesis

Ethical hacking

Penetration testing

Internet of things

Smart plug

Mobile application

Cloud service

Kandidatexamensarbete

Etisk hackning

Penetrationstestning

Sakernas internet

Smart uttag

Mobilapplikation

Molntjänst

Computer and Information Sciences

Data- och informationsvetenskap

Improving the adoption of cloud computing by Small & Medium Scale Enterprise (SMEs in Nigeria

Young, Destiny Assian

08 1900

In a traditional business environment, companies set up their organisation’s IT data infrastructure, install their applications and carry out the maintenance and management of their infrastructures. Whereas Cloud computing removes the need for companies to set up own data centers and run enterprise applications. Cloud computing technology provides businesses with the advantage of on-demand access, agility, scalability, flexibility and reduced cost of computing. An appreciable increase is being observed in the acceptance and migration to this new IT model in developing economies. In Nigeria, it has been observed that there is a somewhat unimpressive rate of adoption of Cloud computing by the microfinance operators. This research investigates the reason for the slow adoption of Cloud computing by SMEs in Nigeria with special consideration to the Microfinance subsector and to develop a model for improving the adoption of cloud computing by microfinance organisations. The research was conducted using a qualitative research design method. Interview was the main data collection instrument and data collected was analysed using thematic content analysis method. The analysis of the study revealed that SMEs in Nigeria, with particular reference to microfinance subsector in Akwa Ibom State are yet fully to embrace cloud technology. It was discovered that most of the SMEs studied, has some level of reservation about cloud computing arising from not having appropriate education and enlightenment about the cloud economic offerings and potentials. From the outcome of the research, the researcher identified that most people’s concerns are as a result of lack of knowledge about cloud computing and so the researcher concluded that appropriate enlightenment by industry stakeholders, cloud service providers, cloud enthusiasts and even the government on the risks and overwhelming economic incentives of cloud computing as well as the provision of a monitored free trial services will encourage the adoption of cloud computing by SMEs. / College of Engineering, Science and Technology / M.Tech. (Information Technology)

ATU

BIU

Cloud Adoption

Cloud Computing

Cloud End-user

Cloud Service Providers

Data Security

Microfinance

PU

PEOU

IT

Nigeria

SMEs

Vendors

004.67820338709669

SMEs (Small business)

Microfinance -- Nigeria -- Case studies

Data Security

Improving the adoption of cloud computing by small & medium scale enterprise (SMEs) in Nigeria

Young, Destiny Assian

08 1900

In a traditional business environment, companies set up their organisation’s IT data infrastructure, install their applications and carry out the maintenance and management of their infrastructures. Whereas Cloud computing removes the need for companies to set up own data centers and run enterprise applications. Cloud computing technology provides businesses with the advantage of on-demand access, agility, scalability, flexibility and reduced cost of computing. An appreciable increase is being observed in the acceptance and migration to this new IT model in developing economies. In Nigeria, it has been observed that there is a somewhat unimpressive rate of adoption of Cloud computing by the microfinance operators. This research investigates the reason for the slow adoption of Cloud computing by SMEs in Nigeria with special consideration to the Microfinance subsector and to develop a model for improving the adoption of cloud computing by microfinance organisations. The research was conducted using a qualitative research design method. Interview was the main data collection instrument and data collected was analysed using thematic content analysis method. The analysis of the study revealed that SMEs in Nigeria, with particular reference to microfinance subsector in Akwa Ibom State are yet fully to embrace cloud technology. It was discovered that most of the SMEs studied, has some level of reservation about cloud computing arising from not having appropriate education and enlightenment about the cloud economic offerings and potentials. From the outcome of the research, the researcher identified that most people’s concerns are as a result of lack of knowledge about cloud computing and so the researcher concluded that appropriate enlightenment by industry stakeholders, cloud service providers, cloud enthusiasts and even the government on the risks and overwhelming economic incentives of cloud computing as well as the provision of a monitored free trial services will encourage the adoption of cloud computing by SMEs. / College of Engineering, Science and Technology / M.Tech. (Information Technology)

ATU

BIU

Cloud adoption

Cloud computing

Cloud end-user

Cloud service providers

Data security

Microfinance

PU

PEOU

IT

Nigeria

SMEs

Vendors

004.67820338709669

Digital communication -- Nigeria

Small business -- Nigeria

Microfinance -- Nigeria