Strategy for Migrating Legacy Applications to Cloud (SoMLAC)

Mohan, Abhinav

January 2015

Any modern business utilizes a number of IT-solutions for its day to day functions, for example accounting, resource planning and human resource management. This often requires large investment along with high maintenance costs, even after this these systems become obsolete and require to be updated with further capital investment. This also forces businesses to focus on solving problems which are not related to their core business areas. It is because of these problems that businesses wish to move away from managing large data centers of their own and to migrate these legacy applications and operations to the cloud. The few migration methods which exist are insufficient to be used for migration of legacy systems to the cloud infrastructure. There is a lack of research proposals in this field which focus on the problems which an organization encounters and needs to resolve while migrating legacy application to the cloud. Some of these factors are (1) Data segregation and security in a multi-tenant environment, (2) Application availability, (3) Application as well as data portability within cloud, (4) Effectiveness of different architectures (functionality and cost). The goal of this thesis is to develop a cloud migration strategy which shall help an organization to systematically identify the changes which the legacy application requires in its architecture and design before it can be migrated from existing in house IT infrastructure to the cloud. It is to help organizations in planning, decision making and migration of their legacy applications to the cloud. The thesis presents a migration strategy called Strategy for Migrating Legacy Applications to Cloud, SoMLAC. Research made to develop this migration strategy is qualitative and consisted of the development of a preliminary strategy based on interviews, literature study and system observations. The preliminary strategy was later refined with the help of interviews and action research. The final SoMLAC strategy consists of three migration phases where during the first phase organization migrates its legacy application to the cloud infrastructure, while in the second phase the strategy helps the organization to develop a platform for migration other legacy applications. The third and final phase helps an organization to transform these legacy applications so as to become services which can be used by other organizations. SoMLAC also contains SoMLAC compliance checklist which helps an organization during initial planning and decision making process. The checklist can also be used to validate if a cloud application meets the obligations that an organization has towards maintenance of its customer information.

Cloud Computing

Cold turkey

Chicken Little

Computer and Information Sciences

Data- och informationsvetenskap

Exploiting Cloud Resources For Semantic Scene Understanding On Mobile Robots

Bruse, Andreas

January 2015

Modern day mobile robots are constrained in the resources available to them. Only so much hardware can be fit onto the robotic frame and at the same time they are required to perform tasks that require lots of computational resources, access to massive amounts of data and the ability to share knowledge with other robots around it. This thesis explores the cloud robotics approach in which complex compu- tations can be offloaded to a cloud service which can have a huge amount of computational resources and access to massive data sets. The Robot Operat- ing System, ROS, is extended to allow the robot to communicate with a high powered cluster and this system is used to test our approach on such a complex task as semantic scene understanding. The benefits of the cloud approach is utilized to connect to a cloud based object detection system and to build a cat- egorization system relying on large scale datasets and a parallel computation model. Finally a method is proposed for building a consistent scene description by exploiting semantic relationships between objects. / Moderna mobila robotar har begränsade resurser. Det får inte plats hur mycket hårdvara som helst på roboten och ändå förväntas de utföra arbeten som kräver extremt mycket datorkraft, tillgång till enorm mängd data och samtidigt kommunicera med andra robotar runt omkring sig. Det här examensarbetet utforskar robotik i molnet där komplexa beräk- ningar kan läggas ut i en molntjänst som kan ha tillgång till denna stora mängd datakraft och ha plats för de stora datamängder som behövs. The Ro- bot Operating System, eller ROS, byggs ut för att stödja kommunikation med en molntjänst och det här systemet används sedan för att testa vår lösning på ett så komplext problem som att förstå en omgivning eller miljö på ett seman- tiskt plan. Fördelarna med att använda en molnbaserad lösning används genom att koppla upp sig mot ett objektigenkänningssytem i molnet och för att byg- ga ett objektkategoriseringssystem som förlitar sig på storskaliga datamängder och parallella beräkningsmodeller. Slutligen föreslås en metod för att bygga en tillförlitlig miljöbeskrivning genom att utnyttja semantiska relationer mellan föremål.

cloud robotics

semantic reasoning

machine learning

robotics

cloud computing

Computer Engineering

Datorteknik

Information Security Guidelines for Organizations Intending to Adopt Cloudsourcing

Annamalai, Neelambari

January 2012

Change is constant and computing paradigm is no exception. It has witnessed major shifts right from centralized client server systems to widely distributed systems. This time the locus of change in the computing paradigm is moving towards virtualization, paving way to cloud computing. Cloud computing aims at providing computing services to its users as an utility. It allows its authenticated users to access a wide range of highly scalable computing capabilities and services via the internet on a pay-per-usage basis. Organisations not only view these benefits as cost-saving strategies, but also aim at improving the competitive advantages using cloud computing. Hence, this has given rise to a new horizon in IT/IS outsourcing. With a collaboration of cloud computing and outsourcing emerged a new concept called cloudsourcing. Cloudsourcing can be termed as the next generation outsourcing and the next phase of cloud computing promising benefits from both the areas. Cloudsourcing is outsourcing traditional business via the cloud infrastructure. Though there is pompous popularity surrounding this new technology, there is much hesitation in adopting it due to the inherent security issues. This paper discusses in detail the security issues and possible solution to the same. As this is a new concept, not much work is identified to be done in providing a set of guidelines to adopt cloudsourcing that are very specific to information security. This work intends to fill this aperture by building a set of well-defined information security guidelines, which can be termed as a novel. For this purpose, design science research method proposed by Hevner et al is used so as to accomplish this goal. Initially, a literature study is done after which an exploratory study comprising of interviews is done to gather qualitative data. The results of the exploratory interview is tested for correctness and evaluated based on an evaluation study comprising a survey based questionnaire. The analysis of the evaluation study results provides the final results. In such an attempt, the identified countermeasures to risks are classified into three groups namely, organisational, technical and regulatory and compliance guidelines. Hence the end results constituting the set of information security guidelines are classified into the above mentioned groups. This work is assumed to contribute to our understanding of information security in cloudsourcing and in supporting IT decision makers, IT project managers and security executives of organisations for a smooth and secure transition towards cloudsourcing their business.

Cloud computing

outsourcing

cloudsourcing

information security risks

Engineering and Technology

Teknik och teknologier

Automated Control of Elasticity for a Cloud-Based Key-Value Store

Arman, Ala

January 2012

“Pay-as-you-go” is one of the basic properties of Cloud computing. It means that people pay for the resources or services that they use. Moreover, the concept of load balancing has been a controversial issue in recent years. It is a method that is used to split a task to some smaller tasks and allocate them fairly to different resources resulting in a better performance. Considering these two concepts, the idea of “Elasticity” comes to attention. An Elastic system is one which adds or releases the resources based on the changes of the system variables. In this thesis, we extended a distributed storage called Voldemort by adding a controller to provide elasticity. Control theory was used to design this controller. In addition, we used Yahoo! Cloud Service Benchmark (YCSB) which is an open source framework that can be used to provide several load scenarios, as well as evaluating the controller. Automatic control is accomplished by adding or removing nodes in Voldemort by considering changes in the system such as the average service time in our case. We will show that when the service time increases due to increasing the load, as generated by YCSB tool, the controller senses this change and adds appropriate number of nodes to the storage. The number of nodes added is based on the controller parameters to decrease the service time and meet Service Level Objectives (SLO). Similarly, when the average service time decreases, the controller removes some nodes to reduce the cost of using the resources and meet “pay-as-you-go” property.

Cloud Computing

Elastic Computing

Control Theory

Voldemort

YCSB

Key-Value Store

Engineering and Technology

Teknik och teknologier

Analys av marknadsetablerade aktörers nyttjande av cloud computings möjligheter

Wedelin, Axel, Glaas, David

January 2016

No description available.

Cloud computing

as-a-Service

switching cost

intäktsmodeller

telekom

Telecommunications

Telekommunikation

Computer Systems

Datorsystem

Easy Encryption for Email, Photo, and Other Cloud Services

Koh, John Seunghyun

January 2021

Modern users carry mobile devices with them at nearly all times, and this likely has contributed to the rapid growth of private user data—such as emails, photos, and more—stored online in the cloud. Unfortunately, the security of many cloud services for user data is lacking, and the vast amount of user data stored in the cloud is an attractive target for adversaries. Even a single compromise of a user’s account yields all its data to attackers. A breach of an unencrypted email account gives the attacker full access to years, even decades, of emails. Ideally, users would encrypt their data to prevent this. However, encrypting data at rest has long been considered too difficult for users, even technical ones, mainly due to the confusing nature of managing cryptographic keys. My thesis is that strong security can be made easy to use through client-side encryption using self-generated per-device cryptographic keys, such that user data in cloud services is well protected, encryption is transparent and largely unnoticeable to users even on multiple devices, and encryption can be used with existing services without any server-side modifications. This dissertation introduces a new paradigm for usable cryptographic key management, Per-Device Keys (PDK), and explores how self-generated keys unique to every device can enable new client-side encryption schemes that are compatible with existing online services yet are transparent to users. PDK’s design based on self-generated keys allows them to stay on each device and never leave them. Management of these self-generated keys can be shown to users as a device management abstraction which looks like pairing devices with each other, and not any form of cryptographic key management. I design, implement, and evaluate three client-side encryption schemes supported by PDK, with a focus on designing around usability to bring transparent encryption to users. First, I introduce Easy Email Encryption (E3), a secure email solution that is easy to use. Usersstruggle with using end-to-end encrypted email, such as PGP and S/MIME, because it requires users to understand cryptographic key exchanges to send encrypted emails. E3 eliminates this key exchange by focusing on storing encrypting emails instead of sending them. E3 transparently encrypts emails on receipt, ensuring that all emails received before a compromise are protected from attack, and relies on widely-used TLS connections to protect in-flight emails. Emails are encrypted using self-generated keys, which are completely hidden from the user and do not need to be exchanged with other users, alleviating the burden of users having to know how to use and manage them. E3 encrypts on the client, making it easy to deploy because it requires no server or protocol changes and is compatible with any existing email service. Experimental results show that E3 is compatible with existing IMAP email services, including Gmail and Yahoo!, and has good performance for common email operations. Results of a user study show that E3 provides much stronger security guarantees than current practice yet is much easier to use than end-to-end encrypted email such as PGP. Second, I introduce Easy Secure Photos (ESP), an easy-to-use system that enables photos tobe encrypted and stored using existing cloud photo services. Users cannot store encrypted photos in services like Google Photos because these services only allow users to upload valid images such as JPEG images, but typical encryption methods do not retain image file formats for the encrypted versions and are not compatible with image processing such as image compression. ESP introduces a new image encryption technique that outputs valid encrypted JPEG files which are accepted by cloud photo services, and are robust against compression. The photos are encrypted using self-generated keys before being uploaded to cloud photo services, and are decrypted when downloaded to users’ devices. Similar to E3, ESP hides all the details of encryption/decryption and key management from the user. Since all crypto operations happen in the user’s photo app, ESP requires no changes to existing cloud photo services, making it easy to deploy. Experimental results and user studies show that ESP encryption is robust against attack techniques, exhibits acceptable performance overheads, and is simple for users to set up and use. Third, I introduce Easy Device-based Passwords (EDP), a password manager with improvedsecurity guarantees over existing ones while maintaining their familiar usage models. To encrypt and decrypt user passwords, existing password managers rely on weak, human-generated master passwords which are easy to use but easily broken. EDP introduces a new approach using self-generated keys to encrypt passwords, and an easy-to-use pairing mechanism to allow users to access passwords across multiple devices. Keys are not exposed to users and users do not need to know anything about key management. EDP is the first password manager that secures passwords even with untrusted servers, protecting against server break-ins and password database leaks. Experimental results and a user study show that EDP ensures password security with untrusted servers and infrastructure, has comparable performance to existing password managers, and is considered usable by users.

Cloud computing

Data encryption (Computer science)

Computer security--Computer programs

Yahoo! Inc.

Gmail (Electronic resource)

Cloud-based open-source enterprise content management model at a SME operating in the manufacturing sector

Montesinos-Rosales, Andrea, Salas-Villacorta, Sebastian, Mauricio-Sanchez, David, Raymundo-Ibañez, Carlos

12 November 2019

El texto completo de este trabajo no está disponible en el Repositorio Académico UPC por restricciones de la casa editorial donde ha sido publicado. / Every year, small- and medium-sized enterprises (SMEs) expand their participation in the Peruvian market, while facing high internal disorganization issues that stifle their growth. This problem is rooted on the fact that the contents generated by these companies are not usually adequately recorded, managed, and exploited, and thus negatively affecting the organization and their competitiveness levels. Now, although most of this issue may be solved through enterprise content management (ECM) solutions, they are not affordable for most SMEs because of their high prices. Within this context, this study proposes the implementation of a cloud-based open-source ECM model at a manufacturing SME in Peru. Through this model, the company was able to access the benefits of an ECM to restructure the way they manage content, gaining 67% more efficiency, establishing a collaboration channel between employees, suppliers, and customers, and reporting a 93% model adaptation rate among staff members. / Revisión por pares

Cloud Computing

CMS

ECM

Enterprise Content Management

Open Source

Small- and Medium-sized Enterprises

SMEs

Modelo y arquitectura para la provisión en la nube de servicios y aplicaciones heterogéneas

Albentosa Mora, José Luis

25 September 2017

En un mundo donde la transformación digital avanza a un ritmo veloz y aparecen de forma exponencial nuevas soluciones y capacidades tecnológicas, las grandes compañías necesitan sacar más y mejores productos al mercado. Sin embargo, sus pesadas arquitecturas tecnológicas legadas y sus capacidades de integración y escalabilidad no les permiten llegar al mercado en el tiempo y forma deseado. En este contexto, la investigación se centra en la creación de una arquitectura en la nube que permita habilitar, implantar, desarrollar e integrar servicios, soluciones y sistemas transaccionales de distinta naturaleza de forma segura, escalable, resiliente y ágil. La validación de la misma con el desarrollo de 3 patentes en explotación que implementan casos prácticos, ofrece veracidad al modelo propuesto para resolver el problema.

Cloud computing

PCI

e-payments

Seguridad

SaaS

PaaS

IaaS

Cloud BI : Utmaningar vid implementation av Cloud BI / Cloud BI : Challenges when implementing Cloud BI

Sprangers, William

January 2021

Business Intelligence (BI) möjliggör för bättre och effektivare beslutsfattande genom att förse beslutsfattare med rätt data vid rätt tid. Ny teknik kommer ständigt inom BI området och att tillämpa Cloud Computing (CC) tillsammans med BI ger många fördelar och ett flertal nya utvecklingsområden. Kombinationen av BI och CC skapar Cloud BI och denna teknologi har fortfarande en relativt låg mognadsnivå men den är under konstant utveckling och i denna rapport diskuteras vilka tekniska och organisatoriska utmaningar som kan tillkomma vid införandet av Cloud BI i en organisation. Det har genomförts intervjuer för att samla in kvalitativ data som kan beskriva detta fenomen och ge en djupare insikt i hur dessa utmaningar påverkar organisationer som vill implementera Cloud BI. Genom att utföra semistrukturerade intervjuer med rum för diskussion så har frågeställningen besvarats. Totalt deltog fem respondenter som arbetar med BI och har kunskap om Cloud BI. Resultatet visar att de tekniska utmaningarna som organisationer stöter på när dom implementerar Cloud BI är (1) tillgång, (2) säkerhet och (3) arkitektur och transport av data. Organisatoriska utmaningar som kan uppkomma är (4) resistans, (5) lagar och regler samt (6) arbetssätt och metod.

Business Intelligence

Cloud Computing

Cloud BI

Tekniska och organisatoriska utmaningar

Information Systems

Factors impeding the usage of elearning at a telecommunication organization in South Africa: bridging the gap with cloud services

Mere, Phoebus

09 1900

With the enormous competition in the industry, organizations must frequently find better ways to embrace organizational learning. This research study advocates eLearning to be one of the best methods for organizational learning, and this is the study’s main area of interest. This research explored a case at a telecommunication organization named ComTek (pseudonym). The research study addressed a problem of eLearning low usage rate, which resulted in ComTek not meeting their set learning targets during the time of the study. The usage rate was measured using the number of enrolled assessments. The study uses qualitative methods to propose a conceptual framework to understand the causes of low eLearning usage. This conceptual framework illustrated the use of the activity theory elements to understand the problem of eLearning low usage, paired with the use of cloud computing services to access eLearning, and the use of content delivery techniques to help understand eLearning low usage. This conceptual framework took advantage of cloud services like Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). This research study focused on the periods from 2016 to 2017 for collecting data and creating an understanding of the research setting, while other data was derived from historical documents about the phenomenon studied. During this period, there was inadequate literature about cloud computing and other aspects to consider within the domain of telecommunication organizations. The literature study, therefore, comprised of literature from different domains. During the study, ComTek used eLearning with the aid of learning management systems (LMS) to manage learning and leverage employee skills. During the period of the study compared to other years, about 50% of assessments had a usage rate of below 80%, a standard target established by ComTek as a benchmark, placing compliance and training at a low rate. Of the 50% of assessments, some were just above 40% in usage rate, were of a high stake, and were in the categories of compliance and training iv assessments. While this was the case, this study did not consider the technical implementation of the application systems involved, and did not create any form of intervention, but focused on understanding the activities that were involved in the learning environment. This research study used a paradigm that was constructive and interpretive in nature, using qualitative methods with the belief that there were multiple realities in understanding the situation at ComTek and possible solutions to it. To unpack the multiple realities, an exploratory case study was conducted as a research approach. In this study, the researcher used multiple data collection methods, including open-ended questionnaires and unstructured interviews. / School of Computing

eLearning

LMS

Moodle

Learning Styles

Cloud Computing

Cloud Service

IaaS

PaaS

SaaS

Learning Objects