The dissertation must be a minimum of 50 pages. The dissertation must follow the dissertation structure in the document, and must use all of the same references/sorces that are listed (included) in it. References/sources can also be added. The “theoretical baselines” need to be rewritten, as it is just an example for the context of the project and full of quotes, so it cannot be used. The “review of literature” also needs to be rewritten, and it is only for the most important references/sources (at least five). The whole dissertation needs to be done from scratch using the all same sources (plus more can be added) and the same table of contents/structure that is in the document.
Thesis
Cloud as a Hosting Environment for Enterprise Information Systems
Research questions
Objective
The purpose of this thesis is to:
Partial objectives:
Hypothesis/Predictions
Based on the theoretical knowledge gained through the study, on the perception of the issue in practice and on the determination of the main objective of the work, we have drawn the following hypotheses / predictions of research:
H1 Cloud computing services are cheaper than the existing systems (for example ERP system– enterprise resource planning)
H2 Cloud computing services are more secure.
H3 Cloud computing is applicable in all IT and educational sectors.
Preliminary table of contents
INTRODUCTION
1 THEORETICAL BASELINES
1.1 Cloud computing definition
1.1.1 Cloud computing architecture
1.1.2 Cloud computing evolution
1.1.3 Cloud computing adoption
1.2 Cloud computing and costs
1.2.1 Cost in consumer perspective
1.3.2 Cost in provider´sperspective
1.3.3 Cloud computing´s pros and cons
1.4 Cloud computing and data security
1.4.1 Data security in cloud
1.4.2 Security benefits of cloud computing
2 OBJECTIVE AND THESIS METHODOLOGY
2.1 Method selection
2.2 Objective
2.3 Data analysis
3 EMPIRICAL STUDY
3.1 Interviews
3.1.1 Cloud computing and costs
3.1.2 Cloud computing and data security
3.1.3 Cloud computing and provider´s perspective
3.2 Interview discussion
3.3 Results, evaluation, recommendations for practice
CONCLUSION
REFERENCES
Theoretical baselines
Nowadays, computerization affects practically every branch of society with increasing demands on the speed, availability and quality of information technology. On the side of both suppliers and consumers of information services, the development is heading towards new trends in the way of providing information services and obtaining information. One of them is the use of cloud computing services.
In the past, the basic pillars of time management were devices such as PDA (Personal Digital Assitant), electronic diaries, mobile phones or sophisticated watches. They were irreplaceable helpers especially for managers. They helped to organize their working time, to keep track of important dates or ideas. Fifteen years ago it was possible to synchronize these devices when connected to a PC. Due to the high cost of these devices and the partly limited possibilities, these devices were rather managers. Today, advanced calendar, note and document synchronization solutions are available to any smart device owner.
One of the first milestones in the history of cloud computing is the arrival of Salesforce.com in 1999, which brought the use of enterprise applications through a simple web interface. These were the first beginnings of the SaaS (software as a service) cloud solution, where the customer does not have to deal with application updates, but does not pay for the application itself, but for its use. In 2006, Amazon introduced a further shift in the development of cloud solutions with the introduction of their Elastic Compute Cloud (EC2). EC2 is a commercial web service that offers small businesses and individual customers the benefit of hiring computers that can run their own software solutions. In 2009, cloud users saw another milestone when Google introduced solutions to web-based enterprise applications, also known as Google Apps (Google Docs, Google Sheets, and Google Drive).
Although the definition of cloud computing is not yet strictly defined, in principle the cloud refers to applications and services running on a distributed network using virtualized resources and accessible through Internet protocols and network standards.
Based on Mr. Odd Steen in his master´s thesis Cloud computing´s effect on enterprise “Enterprises have been striving to reduce computing costs and for that reason most of them start consolidating their IT operations and later using virtualization technologies. For the good of the enterprises there is a new technology to help them in this i.e. Cloud Computing. Cloud Computing claims to take enterprises search to a new level and allows them to further reduce costs through improved utilization, reduced administration and infrastructure cost and faster deployment cycles (Boss et al., 2007, p2).”
Mr. Odd also recalls that “Cloud Computing is a term used to describe both a platform and type of application. As a platform it supplies, configures and reconfigures servers, while the servers can be physical machines or virtual machines. On the other hand, Cloud Computing describes applications that are extended to be accessible through the internet and for this purpose large data centers and powerful servers are used to host the web applications and web services (Boss et al., 2007, p2).”
The word cloud itself refers to two basic concepts:
Many people believe that cloud computing is nothing but the Internet called another name. Indeed, the Internet has many characteristics of what is rightly called the cloud – it provides abstraction, runs on a set of protocols and standards, and uses the same applications and operating systems. But the cloud is much more. To put it simply, cloud is an abstraction based on the idea of sharing physical resources presenting itself as a virtual resource. It is a new model for delivering resources, staging, and platform-independent user access to services. Client access is provided from any location, directed to available resources. The technology used to distribute resource requirements is called load balancing. It can be implemented directly in hardware such as F5 BigIP servers or in software (Pound load balancer or Squid proxy and cache daemon).
The transition of companies to the cloud is probably the greatest evolution (if not a revolution) since the boom of the Internet. International Data Corporation (IDC) predicts that IT spending on cloud-based solutions will be expected to grow in the future. 2013 at $ 44.2bn compared to $ 17.3bn. U $ spent in year 2009. (Hugos. M, 2011).
The three basic factors supporting the adoption of cloud forms are:
The main advantages of the cloud can be summarized in two basic areas: economic, respectively. business and technical-personnel. However, given the short-term existence of the cloud (in terms of the development of information technologies as such), no advantage is not only a one-sided advantage, but also brings more or less latent disadvantages or risks, and this break-point may not be conditions of a particular cloud user) manifest. (In this context, it is more appropriate to discuss the possibilities of the cloud than the benefits.
Technical advantage, respectively technological is evident from what has been mentioned so far. Thanks to the scalability and elasticity of the cloud, the worries about setting up own technical units (server rooms, data centers, etc.), which require constant technical maintenance and development. The organization does not have to deal with the new IT technology market so intensively, because the infrastructure management provider takes care of providing powerful, up-to-date modern computing resources for its own sake.
Cloud elasticity enables an organization to adapt the size of an IT department to its requirements and, above all, to concentrate staff resources where it is most needed. In this context, however, it should be noted that the impact on IT staff is mainly reflected in a shift in focus and the need to develop entirely new skills. A company that runs its applications as a SaaS solution will not need as many IT analysts, developers and programmers as in-house application development, but will need experts who are able to understand business requirements and compare them to market offer market offer to choose the most appropriate alternative, they will also need more skills in negotiating SLAs and so on. Generally speaking, the skills of IT staff in relation to the use of cloud are moving more into the area of process management, resp. projects in an effort to achieve the best possible compliance between the cloud capabilities and the necessary business support. There is also a greater need for enterprise architects who are able to understand and take advantage of available technical solutions and SOA. (Gantz, J.F., 2012).
Like all evolving technologies, the cloud has to face certain challenges such as guaranteeing data integrity and security, smooth running of services and establishing standards that allow the customer to switch from one cloud provider to another. There are many open questions about cloud solutions, especially between CIOs and their teams, who consider themselves target customers and who are ultimately responsible for the solution.
The risks of moving to a cloud solution can be divided into the following areas:
CLOUD COMPUTING DEFINITION
There have been many definitions of Cloud Computing by different researchers. Barkley RAD defines Cloud Computing as:
„Cloud Computing refers to both the applications delivered as services over the Internet and the hardware and systems software in the datacenters that provide those services. The services themselves have long been referred to as Software as a Service (SaaS). The datacenter hardware and software is what we will call a Cloud. When a Cloud is made available in a pay-as-you-go manner to the general public, we call it a Public Cloud; the service being sold is Utility Computing. We use the term Private Cloud to refer to internal datacenters of a business or other organization, not made available to the general public. Thus, Cloud Computing is the sum of SaaS and Utility Computing, but does not include Private Clouds. People can be users or providers of SaaS, or users or providers of Utility Computing.” (Armbrust et al., 2009, p6)“.
Wozniak and Stanoevska-Slabeva described the features of Cloud computing as follows:
“• Cloud computing is a new computing paradigm.
“Cloud computing represents a fundamental shift in how businesses pay for and access IT services. It has created new opportunities for IT service providers and the outsourcing vendors. Cloud computing is having a big impact on outsourcing vendors, who have had to develop new approaches to include Cloud services as part of their offerings to keep up with profound changes in the IT service industry.” (García, et al., 2015) (Subhankar Dhar, 2012)
Most companies agree that there are many benefits to using the cloud, however, not all are in a position to take advantage of cloud computing and the SaaS model in particular. Many companies have what are described as legacy applications, these are typically in-house developed or customized applications where the development skills are either, scarce and expensive or in some cases non-existent.
Cloud computing and cost
Cloud accesses information technology and services with minimal or no considerably lower initial costs than in developing an IT center and its own services. Traditionally, the cost advantage of the cloud is to change the cost structure from CapEx to OpEx on a pay per use basis. This may not be the case in case of uneven system load. The choice of investment method also depends on the specific type of service. Especially in SaaS solutions, the so-called hidden costs. According to James Staten, chief analyst at Forester Research, it’s all about casting the solution and integrating with inhouse applications, data centers, or other SaaS solutions. (Damoran, 2013)
As stated in thesis “Cloud computing´s effect on enterprises”: “The economic appeal of Cloud Computing is often mentioned as “converting capital expenses to operating expenses” (Armbrust et al., 2009, p12). Enterprises using Cloud Computing pay differently depending on the agreement between them and the Cloud Computing providers. Usually Cloud Computing providers have detailed costing models which are used to bill users on pay per use basis (Khajeh-Hosseini et al., 2010b, p4). There are different cost models available in the market for Cloud Computing. However, the most used model is discussed by Armbrust, which is a short term billing model. Armbrust describes the short term billing model as one of the most interesting and novel feature of Cloud Computing. Researchers have discussed the economics of Cloud Computing in two respects i.e. Consumer Perspective and Provider Perspective. Both the perspectives have different cost/price models.”
When comparing the costs of an in-house operated system and a cloud solution, it is necessary to take into account the estimated length of use of the system. Rick Pittard, a senior enterprise architect of several dozen corporations, even claims that the cost of hiring hardware for short-term projects within two years is lower than buying their own hardware. According to him, a system that is supposed to work for more than two years is more efficient to develop as an in-house solution and not as a cloud solution. (Hugos, M., Hulitzky,D. 2011).
Cloud computing and data security
Already before the cloud era, businesses were protecting themselves from unwanted access to their data with a perimeter control consisting of installed firewalls and secure access. Nowadays, when the cloud model works with data outside the company’s traditional security measures, and when professional hackers continually improve methods to detect and exploit the weaknesses of security practices, companies need a new perspective on security strategy.
Unlike the classical client / server architecture, where a firewall can be considered a network security perimeter, there is no physical system with such a function in the cloud. Therefore, one of the basic tasks of data protection is to isolate data from client direct access. The first option is to create a layered data access, where two layers are inserted between the client and the storage – broker server and proxy server. The broker has full access to the data but does not have access to the client and the proxy has no access to the data but has a connection to both the client and broker. The localization of these interstitial layers is not important (they can be located locally in the cloud), and the important thing is that both servers must be on a direct data link between the client and the server. In such a model, if the client makes a request for data, it will come to the external interface of the proxy server, the proxy will forward the request via the internal interface to the broker, who will direct it to the data store. From there, the processed request is returned to the client via the broker and proxy, of course after the client’s identity has been verified.
In addition, the use of multiple encryption keys can separate the proxy server zone from the data store. If, for example, they will use two different keys to create two different data zones – one for unsecured communication between the proxy and broker server and the other between the broker and the data store – separation between these embedded layers will occur so that if the proxyserver is compromised, it will not have access to the data store. (Sonisky B., 2011)
Mr. Odd summed it up: “Mostly the security issues which arise in Cloud Computing are the result of users/enterprises lack of control on the physical infrastructure. Enterprises mostly don’t know where their data is physically stored and which security mechanisms are in place to protect data i.e. whether the data is encrypted or not and if yes, which encryption method is applied also if the connection used for data to travel in the cloud is encrypted and how the encryption keys are managed (Window Security, 2010).”
Research strategy
In order to properly understand the methodology of the work, we used the knowledge from Mr. Design and methods of work: “As I have already identified my subject and my research question, it is now important to match the design and methods with the problem statement and the research questions, in other words, a research strategy. The research strategy is the scientific method that helps answering the research questions. I will first observe an overall presentation of the strategy, with the research methods, the data collection analysis tools, investigating tools, ethics and so on. As mentioned, I have to identify what kind of research questions I have, to choose the right research strategy.”
Method selection
“The method is a tool to generate solutions to problems and to derive new knowledge (Lekwall & Wahlbin, 2001). As Marshall & Rossman present three conditions to choose any strategy either experiment, survey, archival analysis, history or case studies, I have followed those three conditions i.e. a) the type of research questions posed, b) the extent of control an investigator has on actual behavioral events and c) degree of focus on contemporary events to choose my strategy. “(Marshall & Rossman, 1989, p5)
My plan is to conduct interviews/ questionnaire in my case study as interview/ questionnaire will help me in getting the desire information. According to Kvale (1996) an interview is a conversation that has a structure and a purpose. According to Cambridge dictionary “questionnaire is a list of questions that several people are asked so that information can be collected about something.”
According to Preece (2002), there are four types of interviews structure: “unstructured, structured, semi-structured and group interviews. The first three relate to how much control interviewer has on the conversation by following a predetermined set of questions, while the fourth consists of a small group which is guided by an interviewer who facilitates a discussion of a specified set of topics (Preece et al., 2002).” To decide the most appropriate approach the most important factors will evaluation goals, the questions to be addressed and the method of research adopt. If the goal is to gain an overall impression of a subject, then an informal, unstructured interview is often the best approach. However, if the goal will be to get feedback about a specific issue then structured interview will be better (Preece et al., 2002).
I will follow “the seven stages of interview research which include Thematizing (formulating the purpose of an investigation and describe the concept of topic to be investigated before the interview starts), Designing (plans the design of the study keeping in mind all the seven stages of investigation before the interview starts), Interviewing (conduct the interview based on an interview guide), Transcribing (prepare the interview material for analysis i.e. from oral speech to written text ), Analyzing (choosing the appropriate method for analysis based on purpose and topic of investigation and the nature of interview material), Verifying ( ascertain the generalizability, reliability and validity of interview findings) and Reporting (having the result in readable form).” (Kvale, 1996, p88)
Also I will select the questions into the questionnaire precisely after deeper research of the issue so that we can use them to throw out the research questions we set at the beginning of the thesis.
Data analysis
According to research from business dictionary we can characterize data analysis as “the process of evaluating data using analytical and logical reasoning to examine each component of the data provided. This form of analysis is just one of the many steps that must be completed when conducting a research experiment. Data from various sources is gathered, reviewed, and then analyzed to form some sort of finding or conclusion. There are a variety of specific data analysis method, some of which include data mining, text analytics, business intelligence, and data visualizations.”
Also we will need in our thesis the basics of case study:
The case study analysis’ goal will be to make a very precise description of the case and its setting. In my case, effects of Cloud Computing in enterprises, the benefits and drawbacks in respect with the cost enterprises have to pay and their data security. I will study all the data of the company I choose, as I collect it, to be able to establish an outline, concerning each step in the processes describe in the thesis.
Direct interpretation of Creswell (2007, p.156-157): “the principle of this tool is to select a precise instance, a single one, and try to find out the meaning of it, without cross checking or having multiple sources available to help.” In my study, this process will help me to establish a stronger meaning to my issue, when I place back together all the understanding that I found.
According to Yin (2002) I will try to establish patterns among my different cases ( I will try to do the case study on at least 2 companies).
In my case studies I will try to find similarities and differences, on the basis of which I will be able to evaluate the case study from different points of view. I believe that on the basis of such a comparison I can bring new results useful for the evaluation of our hypotheses.
In interviews / questionnaires I will focus on questions related to the perspective of cloud computing in companies, its advantages and disadvantages in reducing costs, costs associated with using the cloud. I will also try to focus on companies that have just started the cloud, respectively they’re just thinking about it. I believe that in this way I can find real pros and cons for using the cloud in companies in Slovakia.
In the thesis I will describe the whole and concrete approach and procedure of obtaining this data, also in what form they were processed. I will also try to translate the data processing into graphical form by means of the Excel program in order to give the reader a clearer picture of this issue.
Interviews
I would like to find company in Slovakia, an enterprise which is using Cloud Computing and will can give answers of what benefits and drawbacks they are obtaining by adopting Cloud Computing. I will conduct couple of interviews and at least a few dozen questionnaires there with an employee responsible for Cloud Computing. So I try to get the most realistic sample for my research.
The first thing which I will focus on during my empirical study (interviews/ questionnaires) will be what is Cloud Computing for enterprises and cloud providers, what are the pros and cons of the Cloud computing (more perspectives for example costs, data security etc.).
So based on the interviews/ questionnaires and answers from them, I will characterize the cloud computing even better and from the new perspectives. I will try to carry out such research in more than one company so that I can compare the obtained data and draw new conclusions from several points of view.
Cloud computing has emerged to be the next big thing in the modern corporate world. Apart from the present day software and technologies, cloud computing will have a growing impact on enterprise IT and business activities in many large and small organizations. Researching in this area in Slovakia will provide an insight to how businesses would strategically adapt cloud computing to gain the competitive edge. Again a discussion of various peculiar issues that confronts organizations in developing countries with regards to cloud computing would help remove some of the obstacles and pave way for future research.
REVIEW OF LITERATURE
Researchers has done extensive literature review on various aspects of cloud computing and their services models. Few of them are as follows:
Daniel D. Sunil (2011): According to him, cloud can be unsecure due to some issues like attack from unauthorized users. The attack can be of two type’s viz. targeting the whole cloud or targeting single service. In both the cases, the security issues are needed to be handled. This can be done with the help of Access Control List (ACL). ACL (Access Control List). It contains the set of access rules, which can be assigned to the authorized user. The ACL works along with the Security manager in order to avoid unauthorized access to the Cloud.
REFERENCES
Assessing the Risks and Opportunities of Cloud Computing – Defining Identity Management Systems and Maturity Models. Available at: http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-sme-survey/
Boss, G., Malladi, P., Quan, D., Legregni, L., Hall, H. (2007), Cloud Computing. ww.ibm.com/developerworks/websphere/zones/hipods/. Retrieved on 20th May, 2010.
Catteddu, D. and Hogben, G. (2009). Cloud Computing: benefits, risks and recommendations for information security. Technical Report. European Network and Information Security Agency.
Damoran, D. The seven „hiden costs“ of cloud computing. 2013
https://www.ciol.com/ciol/features/174551/the-hidden-costs-cloud-computing
Fellowes, W. (2008). Partly Cloudy, Blue-Sky Thinking About Cloud Computing. Whitepaper. 451 Group.
Gantz, J.F. Climate changes: Cloud´s impact on IT organizatons and staffing. [online], November 2012.
http://www.microsoft.com/en-us/news/download/presskits/learning/docs/IDC.pdf
Gens, F. “IDC on ‘the Cloud’: Get Ready for Expanded Research”, 2010, http://blogs.idc.com/ie/?p=189 . Accessed May 10, 2010.
HUGOS, M., HULITZSKY, D. Business in the Cloud. Hoboken, New Jersey: John Wiley and Sons, Inc., 2011. 203p. ISBN 978-0-470-61623-9.
Khajeh-Hosseini, A., Sommerville, I., Sriram, I., (2010b). Research Challenges for Enterprise Cloud Computing. Submitted to the 1st ACM Symposium on Cloud Computing, SOCC 2010.
Sullivan, T. (2009). “The ways cloud computing will disrupt IT,” http://www. cio.com.au/article/296892/nick_carr_ways_cloud_computing_will_disrupt_it.
Yin, R. K. (2003): Case study research: design and methods. 3rd ed., Sage Publications, California: Thousand Oaks.
Youseff, L., Butrico, M. and Da Silva, D. (2008). Toward a Unified Ontology of Cloud Computing. In Grid Computing Environments Workshop (GCE ’08), Austin, Texas, USA, November 2008, 1-10.