Professional Documents
Culture Documents
Adoption of Cloud Computing Model For Managing E-Banking System in Banking Organizations
Adoption of Cloud Computing Model For Managing E-Banking System in Banking Organizations
Abstract
Cloud computing offers a lot of benefits, but today, cloud computing is suffering from
safety hazards. Security is the client's most significant problem these days. This aim of
this study is to propose adoption of cloud computing model for managing e-banking
system. There are 4 stages for success adoption of cloud computing model for managing
e-banking system. The cloud service models include Cloud Banking as a Service, cloud
software as a service, cloud platform as a service, cloud infrastructure as a service. The
cloud deployment models include four items as public cloud, community cloud, private
cloud and hybrid cloud. Cloud computing issues and risks models are classified to
technological factors, organizational factors, environmental factors, and operational
factors. Finally, security control methods are classified to network security controls,
data and storage security controls, application security control and physical security
controls. Furthermore, successful adoption of cloud computing model for managing e-
banking system will greatly improve the probability of cloud e-banking success in
banking organizations.
Keywords: cloud computing, cloud issues, cloud security control, cloud services, cloud
deployment, cloud e-banking
1 Introduction
Cloud computing offers a lot of benefits, but today, cloud computing is suffering
from safety hazards. Security is the client's most significant problem these days. If a
client wants to take complete advantage of cloud computing, then information, facilities
and application safety must be assured for this client (Al-anzi, Yadav and Soni, 2014).
While there is plenty of research and progress in cloud computing, many cloud
computation projects have a very high error frequency, mainly when it goes to the
banking sector (Elzamly, Hussin, S. Naser, et al., 2015; Elzamly et al., 2017).
Nevertheless, cloud technology has become a primary focus for the commercial industries
to depend on cloud-based apps, storage capacities, data centers, etc. The effect of cloud
technology on banks is also vast and useful, as it can provide banks with flexibility and
provide a way to assess and handle services more efficiently (Sattiraju, Mohan and
Mishra, 2013). Cloud risk management has become a prevalent exercise among the
achievement of significant banking organizations today. In the growing attempt to
enhance design procedures and safety; latest surveys have noted a cloud computing threat
region. Risk management enables company managers, and teams to create stronger
choices to mitigate cloud computing hazards. Cloud computing is a lately quickly
advanced large-scale cloud computing technology that possesses big computing and
storage capacity through the inclusion of a significant amount of shared different assets
(Yang, Wu and Yang, 2012). The word cloud computing defines the organization of a
model of a computer network that can satisfy real-time user needs for storage, computing
power, and applications. In their work, they consider cloud computing as a system
consisting of hardware, software, and procedures that a user (in their case an accounting
department) can rent for use in real-time. At any moment, any department employee will
link to the scheme from anywhere using a range of devices (i.e. PCs, laptops, mobile
devices, etc.) (Nikolopoulos and Tzouramanis, 2016). Finally, our paper's objective is to
control methods and solutions for mitigating critical cloud issues in banking
organizations.
2 Literature Review
Cloud computing is usually associated with failures. Risk of failure defined as the
possibility of suffering loss, or exposure in the cloud-computing life cycle. Commonly,
cloud computing risk management consists of the processes, methods and techniques that
are useful to mitigate cloud computing risk failure. Cloud security is a broad topic and
any combination of policies, technologies, and control methods to protect data and cloud
system, infrastructure and services from possible attacks. Furthermore, existing
researches focused on providing security technologies, rather than business features such
as services stability, continuity and availability (Gao et al., 2013). Additionally, the cloud
bank model is a resource management modelling based on economic principles. Its
function is very similar to commercial banks in deposit and loan business (Li, Pu and Lu,
2012). Organizations using cloud infrastructure to provide SaaS have multiple options.
By weighing factors of workload, cost, security, and data interoperability, IT can choose
to utilize their private cloud to mitigate risk and maintain control; use public cloud
infrastructure, platform, or analytics services to further enhance scalability; or implement
a hybrid model that combines private and public cloud resources and services (Sakharkar,
Dande and Mate, 2017). Cloud computing is the process of storing a vast amount of data
to have efficient retrieval for future use. Cloud computing doesn't provide storage
capabilities only; instead, it is capable of having many security features(Sen and Saluja,
2017). Cloud storage got importance because of various benefits: Relief of the burden for
storage management, open access with location independence, and avoidance of capital
expenditure on hardware, software, and personal maintenance, etc. (Navya and
Ramanjaiah, 2017). Cloud system is gaining the importance in public environment. But
319
International Journal of Advanced Science and Technology
Vol. 28, No. 1, (2019)
320
International Journal of Advanced Science and Technology
Vol. 28, No. 1, (2019)
321
International Journal of Advanced Science and Technology
Vol. 28, No. 1, (2019)
and scalability. This communication described cloud computing outlined all cloud
computing business designs and discussed the characteristics of public, private, hybrid
and community cloud computation. (Goyal, 2014). The company will be prepared to
define its vulnerability and power for each variable and then develop and come up with a
plan that can assist them in creating the right choice towards the effective implementation
of cloud computing (Al-shargabi and Sabri, 2016). Risk is not always avoidable, but it is
controllable on software development projects(Elzamly and Hussin, 2014e; Elzamly,
Hussin, S. S. A. Naser, et al., 2015). Cloud risk management includes many phases:
Cloud risk planning phase, cloud risk identification phase, cloud risk prioritization phase,
cloud risk analysis phase, cloud risk evaluation phase, cloud risk treatment (RT) phase
involves four approaches for responding cloud risks: Cloud risk mitigation, cloud risk
avoidance, cloud risk transfer, cloud risk elimination, cloud risk acceptance, cloud risk
controlling (RC) phase and cloud risk communication & documentation phase (Elzamly
and Hussin, 2014a, 2014d, 2014c; Elzamly, Hussin and Salleh, 2016). Critical security
issues and challenges in cloud banking are required to address in this section:
322
International Journal of Advanced Science and Technology
Vol. 28, No. 1, (2019)
1 Security Control methods and solutions for mitigating cloud issues and
risks
Network Security Data and storage Application Security
1- Using of Security Physical Security
cryptography for cloud 1- Shared and
1-Enhancing integrity 1-Application portability
computing. or interoperability. architecting multi-
& privacy data in cloud
2- Build powerful 2- Developing effective tenant and physical
computing.
hypervisor security to authentication security for cloud
2- Cyber security and
control and monitor the mechanism and environments
data encryption.
cloud activities. approaches for cloud 2- Security &
3- Data confidentiality
3- Prevent cloud banking system availability architecture
and audit-ability of
distributed denial-of- 3-Automated software in cloud environments.
administrative access.
service (DDoS) tools. 3- Cost of cloud
4- Predicting the impact
attacks. 4- Analytics and management.
of emerging regulations
4- Cloud virtualization technology solutions to 4-Cloud elasticity and
on strategic direction
technology and virtual optimize compliance rapid scalability.
and business model.
machine. monitoring 5-Develop integrated
5-Best practices for 5-Flexible access
5- Ccompliance and risk risk strategies and
measure cloud service control for cloud data
management processes frameworks across
level agreements. storage.
for cloud systems. compliance, regulatory.
323
International Journal of Advanced Science and Technology
Vol. 28, No. 1, (2019)
split the framework for cloud computing into four five stages, such as cloud services
model, cloud deployment model, cloud issues model, and cloud control security model as
follows in Figure1.
Software as a Application
security
Service (SaaS) Environmental
factors
Platform as a
Service (PaaS) Physical
Operational security
Infrastructure as
Management factors
a Service (IaaS)
8 Conclusions
Cloud risk management has become a prevalent exercise among the achievement
of significant banking organizations today. In the growing attempt to enhance design
procedures and safety; latest surveys have noted a cloud computing threat region. The
concern of the study is to propose adoption of cloud computing model for managing e-
banking system. There are 4 stages for success adoption of cloud computing model for
managing e-banking system. The cloud service models include cloud Banking as a
Service, cloud software as a service, cloud platform as a service, cloud infrastructure as
a service. The cloud deployment models include four items as public cloud, community
cloud, private cloud and hybrid cloud. Cloud computing issues and risks models are
classified to technological factors, organizational factors, environmental factors, and
operational factors. Finally, security control methods are classified to network security
controls, data and storage security controls, application security control and physical
security controls. Furthermore, successful adoption of cloud computing model for
managing e-banking system will greatly improve the probability of cloud e-banking
success in banking organizations.
324
International Journal of Advanced Science and Technology
Vol. 28, No. 1, (2019)
9 Acknowledgements
This project is performed as part of the Palestine-Quebec Science Bridge initiative.
The authors also would like to thank Al-Aqsa University, Gaza, Palestine, University of
Quebec Outaouais (UQO), Canada and Palestine Academy for Science and Technology.
10 References
[1] Al-anzi, F., Yadav, S. and Soni, J. (2014) ‘Cloud Computing: Security Model Comprising Governance,
Risk Management and Compliance’, in 2014 International Conference on Data Mining and Intelligent
Computing (ICDMIC), pp. 1–6.
[2] Al-shargabi, B. and Sabri, O. (2016) ‘A study of Adopting Cloud Computing from Enterprise
Perspective using Delone and Mclean IS Success Model’, International Journal of Computer Science
and Information Security (IJCSIS), 14 S1(February), p. 5500.
[3] Alajmi, Q. et al. (2018) ‘A conceptual model of e-learning based on cloud computing adoption in
higher education institutions’, in 2017 International Conference on Electrical and Computing
Technologies and Applications, ICECTA 2017, pp. 1–6. doi: 10.1109/ICECTA.2017.8252013.
[4] Alzahrani, A., Alalwan, N. and Sarrab, M. (2014) ‘Mobile Cloud Computing: Advantage,
Disadvantage and Open Challenge’, in Proceedings of the 7th Euro American Conference on
Telematics and Information Systems, pp. 4–7.
[5] Arunkumar, G. and Venkataraman., N. (2015) ‘A Novel Approach to Address Interoperability Concern
in Cloud Computing’, in Procedia Computer Science. Elsevier Masson SAS, pp. 554–559. doi:
10.1016/j.procs.2015.04.083.
[6] Beckers, K. et al. (2011) ‘Pattern-Based Support for Context Establishment and Asset Identification of
the ISO 27000 in the Field of Cloud Computing’, in 2011 Sixth International Conference on
Availability, Reliability and Security Pattern-Based, pp. 327–333. doi: 10.1109/ARES.2011.55.
[7] Elzamly, A., Hussin, B., Naser, S., et al. (2015) ‘Classification of Software Risks with Discriminant
Analysis Techniques in Software planning Development Process’, International Journal of Advanced
Science and Technology, 81(2015), pp. 35–48.
[8] Elzamly, A., Hussin, B., Naser, S. S. A., et al. (2015) ‘Predicting Software Analysis Process Risks
Using Linear Stepwise Discriminant Analysis: Statistical Methods’, International Journal of Advanced
Information Science and Technology (IJAIST), 38(38), pp. 108–115.
[9] Elzamly, A. et al. (2017) ‘Predicting Critical Cloud Computing Security Issues using Artificial Neural
Network (ANNs) Algorithms in Banking Organizations’, International Journal of Information
Technology and Electrical Engineering, 6(2), pp. 40–45.
[10] Elzamly, A. and Hussin, B. (2014a) ‘A Comparison of Fuzzy and Stepwise Multiple Regression
Analysis Techniques for Managing Software Project Risks: Implementation Phase’, International
Management Review, 10(1), pp. 43–54.
[11] Elzamly, A. and Hussin, B. (2014b) ‘An Enhancement of Framework Software Risk Management
Methodology for Successful Software Development’, Journal of Theoretical and Applied Information
Technology, 62(2), pp. 410–423.
[12] Elzamly, A. and Hussin, B. (2014c) ‘Evaluation of Quantitative and Mining Techniques for Reducing
Software Maintenance Risks’, Applied Mathematical Sciences, 8(111), pp. 5533–5542.
[13] Elzamly, A. and Hussin, B. (2014d) ‘Identifying and Managing Software Project Risks with Proposed
Fuzzy Regression Analysis Techniques : Maintenance Phase’, in 2014 Conference on Management and
Engineering (CME2014), pp. 1868–1881.
[14] Elzamly, A. and Hussin, B. (2014e) ‘Managing Software Project Risks (Planning Phase) with Proposed
Fuzzy Regression Analysis Techniques with Fuzzy Concepts’, International Journal of Information
and Computer Science (IJICS), 3(2), pp. 31–40. doi: 10.14355/ijics.2014.0302.02.
[15] Elzamly, A., Hussin, B. and Salleh, N. (2015) ‘Methodologies and Techniques in Software Risk
Management Approach for Mitigating Risks: A Review’, Asian Journal of Mathematics and Computer
Research, 2(4), pp. 184–198.
[16] Elzamly, A., Hussin, B. and Salleh, N. (2016) ‘Top Fifty Software Risk Factors and the Best Thirty
Risk Management Techniques in Software Development Lifecycle for Successful Software Projects’,
International Journal of Hybrid Information Technology, 9(6), pp. 11–32.
[17] Gao, Z. et al. (2013) ‘Management Process Based Cloud Service’, in International Conference on
Cyberspace Technology (CCT 2013), pp. 278–281.
325
International Journal of Advanced Science and Technology
Vol. 28, No. 1, (2019)
[18] Gill, A., Bunker, D. and Seltsikas, P. (2011) ‘An Empirical Analysis of Cloud, Mobile, Social and
Green Computing’, in An Empirical Analysis of Cloud, Mobile, Social and Green Computing, pp. 698–
705. doi: 10.1109/DASC.2011.122.
[19] Goyal, S. (2014) ‘Public vs Private vs Hybrid vs Community-Cloud Computing: A Critical Review’,
International Journal of Computer Network and Information Security, pp. 20–29. doi:
10.5815/ijcnis.2014.03.03.
[20] Hadi, M. (2015) ‘Overview of Cloud Computing Towards to Future Networks’, International Journal
of Computer Science and Innovation, 2015(2), pp. 68–78.
[21] Hu, Y., Peng, C. and Bai, G. (2015) ‘Sharing health data through hybrid cloud for self-management’, in
2015 IEEE International Conference on Multimedia and Expo Workshops, ICMEW 2015, p. 6. doi:
10.1109/ICMEW.2015.7169752.
[22] Irfan, M. et al. (2015) ‘A Critical Review of Security Threats in Cloud Computing’, in 2015 3rd
International Symposium on Computational and Business Intelligence (ISCBI), pp. 105–111. doi:
10.1109/ISCBI.2015.26.
[23] Jansen, W. and Grance, T. (2011) Guidelines on Security and Privacy in Public Cloud Computing,
NIST special publication. doi: 10.3233/GOV-2011-0271.
[24] Kai, S. et al. (2012) ‘Development of Qualification of Security Status Suitable for Cloud Computing
System’, in Proceedings of the 4th international workshop on Security measurements and metrics -
MetriSec ’12, p. 17. doi: 10.1145/2372225.2372232.
[25] Li, H., Pu, Y. and Lu, J. (2012) ‘A Cloud Computing Resource Pricing Strategy Research-based on
Resource Swarm Algorithm’, in 2012 International Conference on Computer Science and Service
System, pp. 2217–2222. doi: 10.1109/CSSS.2012.551.
[26] Navya, T. and Ramanjaiah, G. (2017) ‘Protecting and Verifying Integrity of Cloud Data Regenerating
Codes’, International Journal of Advanced Technology and Innovative Research, 09(02), pp. 222–226.
[27] Nikolopoulos, S. D. and Tzouramanis, N. (2016) ‘Data Mining Association Rules of ICT ’ s Adoption
Factors by Greek Accountants’, 11th MIBES Conference – Heraklion, Crete, Greece, 10(June), pp.
348–362.
[28] Sakharkar, V. S., Dande, M. and Mate, S. (2017) ‘Cloud and Big Data : A Compelling Combination’,
IJESC, 7(3), pp. 4867–4870.
[29] Sattiraju, G., Mohan, L. and Mishra, S. (2013) ‘IDRBT Community Cloud for Indian Banks’, in 2013
International Conference on Advances in Computing, Communications and Informatics (ICACCI), pp.
1634–1639.
[30] Sen, N. K. and Saluja, N. K. (2017) ‘Cloud Security Using Homomorphic Encryption.Pdf’,
International Journal of Engineering, Management & Medical Research (IJEMMR), 3(4).
[31] Sendi, A. S. and Cheriet, M. (2014) ‘Cloud Computing: A Risk Assessment Model’, in 2014 IEEE
International Conference on Cloud Engineering, pp. 147–152. doi: 10.1109/IC2E.2014.17.
[32] Singh, A. and Singh, P. (2016) ‘A Hybrid Security Model for Distributed Cloud Management’,
International Journal of Computer Science and Mobile Computing, 5(2), pp. 39–45.
[33] Singh, N. K. (2017) ‘Advanced Security Model for Ensuring Complete Security in Cloud Architecture’,
International Journal of Computational Intelligence Research, 13(5), pp. 663–672.
[34] Wang, F. (2016) ‘Analysis on Safety-related Technology of Cloud Security in University Cloud
Servicing’, in 2016 International Conference on Wireless Communication and Network Engineering
(WCNE 2016).
[35] Xie, F. et al. (2012) ‘A Risk Management Framework for Cloud Computing’, in 2012 IEEE 2nd
International Conference on Cloud Computing and Intelligence Systems, pp. 476–480. doi:
10.1109/CCIS.2012.6664451.
[36] Yang, Y., Wu, L. and Yang, S. (2012) ‘The structure of intelligent grid based on cloud computing and
risk analysis’, 2012 4th International Conference on Intelligent Human-Machine Systems and
Cybernetics, IHMSC 2012, 2, pp. 123–126. doi: 10.1109/IHMSC.2012.126.
326