Change search
ReferencesLink to record
Permanent link

Direct link
Information Security Guidelines for Organizations Intending to Adopt Cloudsourcing
KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
2012 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

Change is constant and computing paradigm is no exception. It has witnessed major shifts right from centralized client server systems to widely distributed systems. This time the locus of change in the computing paradigm is moving towards virtualization, paving way to cloud computing. Cloud computing aims at providing computing services to its users as an utility. It allows its authenticated users to access a wide range of highly scalable computing capabilities and services via the internet on a pay-per-usage basis. Organisations not only view these benefits as cost-saving strategies, but also aim at improving the competitive advantages using cloud computing. Hence, this has given rise to a new horizon in IT/IS outsourcing. With a collaboration of cloud computing and outsourcing emerged a new concept called cloudsourcing. Cloudsourcing can be termed as the next generation outsourcing and the next phase of cloud computing promising benefits from both the areas. Cloudsourcing is outsourcing traditional business via the cloud infrastructure. Though there is pompous popularity surrounding this new technology, there is much hesitation in adopting it due to the inherent security issues. This paper discusses in detail the security issues and possible solution to the same. As this is a new concept, not much work is identified to be done in providing a set of guidelines to adopt cloudsourcing that are very specific to information security. This work intends to fill this aperture by building a set of well-defined information security guidelines, which can be termed as a novel. For this purpose, design science research method proposed by Hevner et al is used so as to accomplish this goal. Initially, a literature study is done after which an exploratory study comprising of interviews is done to gather qualitative data. The results of the exploratory interview is tested for correctness and evaluated based on an evaluation study comprising a survey based questionnaire. The analysis of the evaluation study results provides the final results. In such an attempt, the identified countermeasures to risks are classified into three groups namely, organisational, technical and regulatory and compliance guidelines. Hence the end results constituting the set of information security guidelines are classified into the above mentioned groups. This work is assumed to contribute to our understanding of information security in cloudsourcing and in supporting IT decision makers, IT project managers and security executives of organisations for a smooth and secure transition towards cloudsourcing their business.

Place, publisher, year, edition, pages
2012. , 93 p.
Keyword [en]
Cloud computing, outsourcing, cloudsourcing, information security risks, cloudsourcing information security guidelines
National Category
Engineering and Technology
URN: urn:nbn:se:kth:diva-155453OAI: diva2:761205
Subject / course
Computer Technology, Program- and System Development
Educational program
Master of Science - Information and Communication Systems Security
2012-03-29, 10:25
Available from: 2015-01-08 Created: 2014-11-05 Last updated: 2015-01-08Bibliographically approved

Open Access in DiVA

fulltext(1758 kB)165 downloads
File information
File name FULLTEXT01.pdfFile size 1758 kBChecksum SHA-512
Type fulltextMimetype application/pdf

By organisation
Computer and Systems Sciences, DSV
Engineering and Technology

Search outside of DiVA

GoogleGoogle Scholar
Total: 165 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 498 hits
ReferencesLink to record
Permanent link

Direct link