+ All Categories
Home > Documents > Master Thesis - Yemi Adesida

Master Thesis - Yemi Adesida

Date post: 22-Jan-2018
Category:
Upload: yemi-adesida
View: 353 times
Download: 0 times
Share this document with a friend
111
COMPARATIVE ANALYSIS OF CLOUD AND TRADITIONAL COMPUTING by Yemi Adesida Student No: 11068461 Department: Faculty of Computing A thesis submitted in partial fulfillment of the requirements for the degree of Masters in Professional Engineering and Technology London Metropolitan University 2015 Supervisor: Dr. Vassil Vassilev
Transcript
Page 1: Master Thesis - Yemi Adesida

COMPARATIVE ANALYSIS OF CLOUD AND TRADITIONAL

COMPUTING

by

Yemi Adesida

Student No: 11068461

Department: Faculty of Computing

A thesis submitted in partial fulfillment of the requirements for the degree of

Masters in Professional Engineering and Technology

London Metropolitan University

2015

Supervisor: Dr. Vassil Vassilev

Page 2: Master Thesis - Yemi Adesida

LONDON METROPOLITAN UNIVERSITY

ABSTRACT

Comparative Analysis of Cloud Computing and Traditional Computing

by Yemi Adesida

Chairperson of the Supervisory Committee:

Dr Vassil Vassilev

Faculty of Computing

This thesis is presented on the comparative analysis of cloud and traditional

computing taking into consideration differences in societies. The thesis delved into

challenges and advantages of cloud computing. The last part of this thesis explored

the clod-based mobile payment that is currently becoming more and more

popular. It discussed the advantages of NFC Payments over traditional payments

methods. It presented the issue of competition between traditional banks and

digital companies that might become more intense and alarming. Lastly It

demonstrates an example of cloud-based NFC mobile payment with emphasis on

performance, privacy and security.

Page 3: Master Thesis - Yemi Adesida

2

Table of Contents Page Number

Acknowledgments 3

Definition Of Terms 5

C h a p t e r O n e : ................................................................................................ 14 Introduction 14

C h a p t e r T w o .................................................................................................. 19 Literature Review 19

Challenges In The Implementation Of Cloud Computing 31

Enterprise Collaboration And Communication 32

C h a p t e r T h r e e : ........................................................................................... 38 Methodlogy 38

C h a p t e r F o u r : .............................................................................................. 44 Emperical Result 44

C h a p t e r F i v e : ............................................................................................... 60 Cost-Benefit Analysis Of Cloud Computing Versus Traditional (On-Premises) Computing 60

C h a p t e r S i x : ................................................................................................. 69 Case Study One: Comparative Analysis Of Tradition Email Server To Cloud Email Services 69

C h a p t e r S e v e n .............................................................................................. 85 Case Study Two: Cloud-Based Mobile Nfc Payment (Ipay) 85

C h a p t e r E i g h t ............................................................................................ 105 Conclusion And Recomendation 105

References 108

Page 4: Master Thesis - Yemi Adesida

3

List of figures Page Number

Figure 1 - Evolution of Computing .............................................................................................................. 20

Figure 2 - Comparison between Traditional and cloud computing ............................................................ 22

Figure 3 - Cloud computing service models ................................................................................................ 25

Figure 4 - Public Cloud ................................................................................................................................ 26

Figure 5 - Private Cloud ............................................................................................................................... 27

Figure 6 - Community Cloud ....................................................................................................................... 28

Figure 7 - Hybrid Cloud ............................................................................................................................... 28

Figure 8 - Drivers and Challenges of cloud computing ............................................................................... 32

Figure 9: No of Participants per sector ....................................................................................................... 46

Figure 10: Awareness Of Cloud Computing ................................................................................................ 47

Figure 11: % of Cloud computing users in sampled sectors ....................................................................... 48

Figure 12- System Architecture .................................................................................................................. 62

Figure 13 - Simulation Model for Cloud Computing ................................................................................... 68

Figure 14 - Simulation Model For Traditional In-House Infrastructure ...................................................... 68

Figure 15 - Secure Embedded Element ....................................................................................................... 88

Figure 16 - Embedded secure element in sim card .................................................................................... 89

Figure 17 - The Proposed Protocol ............................................................................................................. 93

Figure 18 - Proposed Architecture ............................................................................................................ 100

Page 5: Master Thesis - Yemi Adesida

4

ACKNOWLEDGMENTS

The author wishes to express sincere appreciation to Dr Vassil Vassilev for his assistance in the

preparation of this manuscript. In addition, special thanks to Federal Ministry of ICT and Abuja

University as well as Ecobank and United Bank for Africa, whose familiarity with the needs and ideas

of the class was helpful during the early programming phase of this undertaking. Thanks also to the

members of the school council for their valuable input.

Page 6: Master Thesis - Yemi Adesida

5

DEFINITION OF TERMS

MCP application An application residing in a secure environment

performing the payment functions related to a

Mobile Contactless Payment, as specified by the

Mobile Contactless Payment application issuer in

accordance with the payment scheme.

Mobile device Personal device with mobile communication

capabilities such as a telecom network connection,

Wi-Fi, Bluetooth … which offers connections to

internet.

Examples of mobile devices include mobile phones,

smart phones, tablets ...

Mobile Network Operator (MNO) A mobile phone operator that provides a range of

mobile services, potentially including facilitation of

NFC services. The MNO ensures connectivity Over

the Air (OTA) between the consumer and its PSP

using its own or leased network (the latter are

sometimes referenced as MVNOs - Mobile Virtual

Network Operators).

Mobile payment service Payment service made available by

software/hardware through a mobile device.

Mobile payment service issuer A PSP providing the mobile payment application

(Mobile Contactless Payment or Mobile Remote

Payment), authentication application and/or

credentials to the consumer/payer.

Page 7: Master Thesis - Yemi Adesida

6

Mobile proximity payment A mobile payment where the communication

between the mobile device and the Point of

Interaction device takes place through a proximity

technology (e.g., NFC, QR code, etc.).

Mobile Remote Payment (MRP) A payment initiated by a mobile device whereby the

transaction is conducted over a mobile

telecommunication network (e.g., GSM, mobile

internet, etc.) and which can be made independently

from the payer’s location (and/or his/her

equipment).

Mobile Remote Payment (MRP) application An application residing in a secure environment

performing the payment functions related to a

Mobile Remote Payment, as specified by the Mobile

Remote Payment application issuer in accordance

with the payment scheme.

Mobile service Service such as identification, payment, ticketing,

loyalty, etc., made available through a mobile device.

Mobile service issuer The provider of a mobile service.

Mobile wallet A digital wallet accessed through a mobile device.

This service may reside on a mobile device owned

by the consumer (i.e. the holder of the wallet) or

may be remotely hosted on a secured server (or a

combination thereof) or on a merchant website.

Typically, the so-called mobile wallet issuer provides

the wallet functionalities but the usage of the mobile

wallet is under the control of the consumer.

Page 8: Master Thesis - Yemi Adesida

7

Mobile wallet gateway A service operated by the mobile wallet issuer or a

trusted third party acting on its behalf, which

establishes for mobile transactions a link between

the consumer/payer and its mobile wallet and

between the mobile wallet and the payment

gateways.

During the payment transaction, it allows the

payment gateway to receive authentication data

directly from the mobile wallet.

For life cycle management, it establishes a link

between the mobile wallet and the mobile wallet

issuer to download credentials, payment and/or

authentication applications from the PSP.

Mobile wallet issuer The service provider that issues mobile wallet

functionalities

Mobile wallet passcode A code entered by the consumer/payer4 via his/her

mobile device that may be required to activate a

mobile wallet. It is sometimes referred to as

"mobile wallet credentials".

Network operator The provider of data connectivity to the consumer

and potentially other services. MNOs and ISPs are

examples of network operators.

NFC (Near Field Communication) A contactless protocol specified by ISO/IEC 18092

.

On-line passcode Secret data known by the consumer/payer and used

for remote financial services, such as on-line

Page 9: Master Thesis - Yemi Adesida

8

banking, SCT payments, etc., to verify its identity.

Payer A natural or legal person who holds a payment

account and allows a payment order from that

payment account, or, where there is no payment

account, a natural or legal person who gives a

payment order.

Payment account Means an account held in the name of one or more

payment service users which is used for the

execution of payment transactions.

Payment component Either a dedicated mobile payment/authentication

application and/or a set of credentials.

Payment component User Interface (UI) Enables the consumer/payer to manage a specific

mobile payment service through a dedicated user

interface. Depending on the payment component

type, it may be a mobile payment/authentication

application UI (provided by the PSP) or a

credentials manager UI.

Payment gateway A service operated by a beneficiary’s PSP or a

trusted third party that manages the authorisation

of payments for merchants.

It facilitates the transfer of information between the

payment portal (such as a website or mobile device)

and the beneficiary’s PSP.

Payment scheme A single set of rules, practices, standards and/or

implementation guidelines agreed between PSPs for

the execution of payment transactions and which is

Page 10: Master Thesis - Yemi Adesida

9

separated from any infrastructure or payment

system that supports its operation

Payment Service Provider The bodies referred to in Article 1 of the and legal

and natural persons benefiting from the waiver

under Article 26 of the

Payment system A funds transfer system with formal and

standardised arrangements and common rules for

the processing, clearing and/or settlement of

payment transactions .

Payment transaction An act, initiated by the payer or by the beneficiary,

of placing, transferring or withdrawing funds,

irrespective of any underlying obligations between

the payer and the beneficiary (as defined in [9]).

POI device “Point of Interaction” device; the initial point

where data is read from a consumer device (such as

a PC or mobile phone) or where consumer data is

entered. As an electronic transaction-acceptance

product, a POI consists of hardware and software

and is hosted in acceptance equipment to enable a

consumer to perform a payment transaction. The

merchant controlled POI may be attended or

unattended. Examples of POI devices are Point of

Sale (POS), vending machine, Automated Teller

Machine (ATM) or merchant website (a so-called

“virtual POI”).

Secure Element (SE) A certified tamper-resistant platform (device or

component) capable of securely hosting

applications and their confidential and

Page 11: Master Thesis - Yemi Adesida

10

cryptographic data (e.g., key management) in

accordance with the rules and security requirements

set forth by a set of well-identified trusted

authorities. Examples include universal integrated

circuit cards (UICC), embedded secure elements,

chip cards and secure digital cards.

Secure environment A system which implements the controlled storage

and use of information. A secure environment is

used to protect personal and/or confidential data. It

may be located in the mobile device, such as a

Secure Element or a Trusted Execution

Environment, or located in a remote Secured

Server.

Secured Server A web server with secure remote access that

enables the secure storage and processing of

payment related data.

Static authentication An authentication method that uses always the

same authenticator (e.g., card data).

Strong authentication A dynamic authentication method which involves at

least two independent authenticators. This means

that at least one of them is dynamic.

Trusted Execution Environment (TEE) An execution environment that runs alongside, but

isolated from a main operating system. A TEE has

security capabilities and meets certain security-

related requirements: it protects TEE assets from

general software attacks, defines rigid safeguards as

to data and functions that a program can access,

Page 12: Master Thesis - Yemi Adesida

11

and resists a set of defined threats.

Trusted Service Manager (TSM) A trusted third party acting on behalf of the secure

element issuers and/or the mobile

payment/authentication application issuers in the

case where a secure element is involved, or on

behalf of the mobile wallet issuers.

Trusted Third Party (TTP) An entity which facilitates interactions between

stakeholders of the ecosystem who all trust this

third party. Examples of TTPs include TSMs and

payment gateway providers.

Umbrella UI Mobile wallet user interface component managing

the portfolio of mobile payment services accessed

through the mobile device. The umbrella UI is

located in the mobile device.

User Interface (UI) An application enabling the user interactions.

Examples are umbrella UI, mobile

payment/authentication application UI and

credentials manager UI.

User Verification Method A method for checking that a user (consumer) is

the one claimed.

ABBREVIATIONS

Abbreviation Term

Page 13: Master Thesis - Yemi Adesida

12

C2B Consumer-to-Business

C2C Consumer-to-Consumer

CSM Clearing and Settlement

Mechanism

CVM Cardholder Verification Method

ETSI European Telecommunications

Standards Institute

GP GlobalPlatform

GSMA The GSM Association

HSM Hardware Security Module

IBAN International Bank Account

Number

ISP Internet Service Provider

MCP Mobile Contactless Payment

MNO Mobile Network Operator

MRP Mobile Remote Payment

MVNO Mobile Virtual Network Operator

NFC Near-Field Communications

OS Operating System

Page 14: Master Thesis - Yemi Adesida

13

OTA Over the Air

PAN Primary Account Number

PC Personal Computer

POI Point of Interaction

PSD Payment Services Directive

PSP Payment Service Provider

QR code Quick Response code

SCP SEPA Card Payment

SCT SEPA Credit Transfer

SDD SEPA Direct Debit

SE Secure Element

TEE Trusted Execution Environment

TSM Trusted Service Manager

TTP Trusted Third Party

UI User Interface

Page 15: Master Thesis - Yemi Adesida

14

C H A P T E R O N E :

INTRODUCTION

This chapter will introduce the background of the topic and provide information about the knowledge

gap, which this thesis is about to fill by discussing the previous research about this subject. Providing

the research questions, objective and motivation for the thesis will enhance the argumentation and

further practical analysis.

Background

Information technology has become pervasive in organizations and an inevitable key success factor in

business. Organizations can create, communicate and collaborate faster, more efficient and reliable

than ever before.

John McCarty, a computer scientist in the late 1960’s, once brought the concept of utility computing -

as a foundation of cloud computing into the technology world, predicting that the life cycle of

technology will not stick as tangible products. As a matter of fact, he took the conceptual leap to

predict that computer resources will be provided like nowadays electricity and water – as a service.

(McCarthy, 1961).

Services are not new there have been network services since the invention of the Internet in the 1970’s

(Martin, 2003). People were able to login remotely, access files in a remote location, transfer files using

ftp protocol in the early years. However, Internet services offered online took on an even new

dimension.

Cloud computing has recently emerged as a new computing paradigm. These new ways of computing

diverges from the traditional way of computing whereby local servers or traditional data centers host-

computing resources, and are installed in business premises. With cloud computing, computer power,

data storage, application development platforms and software applications are offered on demand as

services over the internet and users only pay for the resources (such as CPU time or storage space)

Page 16: Master Thesis - Yemi Adesida

15

they use. These computing resources are hosted on large pools of virtualized machines located in large

distributed data centers.

Businesses, governments and individuals alike are migrating to the cloud because of its attractive

feature. Because of the ever-increasing need for computing and storage resources, cloud computing

offers the attractive solution. With an illusion of infinite computing resources, the cloud can flexibly

adjust to online applications resource requirements.

A business that wishes to implement a cloud-computing infrastructure needs no upfront capital

investment in infrastructure, as resources are rented out on a-as-needed basis, just like public utilities

such as water and electricity. Cloud computing companies manage the cost of hardware infrastructure

and software. Users do not need to buy hardware such as servers for data centers, pay for electricity to

power, or buy software licenses.

There is a need evaluate whether or not cloud computing is worth the investment, it is now assumed

that the focus is first of all not about cloud computing but about the traditional way of computing.

It is now very important as well as interesting to go back one step in time before cloud computing,

find literature about evaluating traditional computing. It is also important to understand the theories,

methodologies, and concepts that play a role in the traditional computing framework. With that

information, alongside the current realities of cloud computing concepts, we can narrow in the

benefits of one to the other as it affects cost of implementation and effects on project success in the

life of an enterprise or business organization.

Motivation

Cloud computing features can be exploited to build highly scalable, reliable and fault tolerant business

application and infrastructure. One of the benefits of the cloud is the ability to automate the

Page 17: Master Thesis - Yemi Adesida

16

provisioning of resources, scalability of resources, and low initial capital investment and cost of

maintenance of a cloud-computing infrastructure.

For this project, we exploit the prospects of implementing and managing a cloud computing

infrastructure, as compared to the traditional computing, using a typical business in Nigeria as a case

study. We also study the effect of cloud computing on enterprise architecture and project success.

Finally, the cloud computing is very new to the Nigerian Technology Ecosystem, the study further

plunged into the factors that affects the adoption, and the current rate of adoption of cloud computing

technology among majority of IT businesses in Nigeria.

After the study and analysis, a report and conclusion is drawn based on data gathered from interviews

and surveys from organizations in Nigeria. The report communicates in comparative details, the

different between traditional computing and cloud computing with respect to:

Cost of Implementation,

Technology Framework

Lead set up time,

Maintenance and Management,

Mobility

Productivity

Objectives

The main objective of this project is to study, evaluate, and compare the traditional computing

framework and cloud-computing infrastructure. The two frameworks are compared in terms of

technology, cost of implementation, and others. This is done by researching related literatures,

analyzing difference between both frameworks, interview companies currently implementing or

Page 18: Master Thesis - Yemi Adesida

17

interested in implementing cloud computing, and drawing up a conclusion based on the research

finding.

Research Question

To provide an answer to enterprises those that are playing with the idea of using cloud computing, but

are discouraged by the feeling that there is little knowledge available about the economic and

organizational impact. This study will assess the difference between the traditional computing

framework and that of cloud computing, detail the impact of cloud computing on the architecture of

an enterprise, which then assures the coherence of a function within an organization’s IT policy. One

of the big promises of cloud computing next to cost and time to market is the implementation result,

which will be better (Joint, 2009) due to a clearer view and a shorter time to market. To research if this

promise is true, the results of the implementation’s success are also investigated.

The big question here is:

What is the difference between cloud computing and traditional computing?

What is the impact of the usage of cloud computing on enterprise that the use of traditional computing?

What is traditional computing and cloud computing?

What is the cost of implementing traditional computing?

What is the cost of implementing cloud computing?

How can the long-run success of cloud computing be measured in an enterprise?

Research Methodology

The Author choose exploratory studies to find what is happening with the hope of getting new

insights in the field of cloud computing, its differences from other computing architectures, and its

impacts on enterprise. Of the different principle ways of finding the data, in order to obtain detailed

information, I consulted and interviewed various businesses and IT vendors who have currently

implemented or are providing cloud computing services. I have also collected data from different

Page 19: Master Thesis - Yemi Adesida

18

websites and existing research. Through different companies/vendor/websites in the market in

Nigeria, I came to discover the various devices used in an office. They also provided the information

about various resources’ (hardware, software and licenses) cost and their implementation.

Page 20: Master Thesis - Yemi Adesida

19

C H A P T E R T W O

LITERATURE REVIEW

The objective of this chapter is the elaboration and the response to the scientific concepts within the

upcoming chapters.

First, it will be necessary to get a fundamental overview of traditional computing, its architecture,

merits and demerits, and then navigate towards cloud computing, explaining the process of evolution

from traditional to cloud. It is inevitable to clearly clarify what cloud computing is, which concepts it

involves and how it distinguishes from all the other concepts that will be explained in the chapter.

Therefore, the convergence of both technology framework and the main concepts involving cloud

computing are the foundation to understand the whole picture of this study and pave the way to

answer the research question at hand.

IT Evolution

The idea of computing dated back to late 1960s. In 1961, a renowned computer scientist John

McCarthy predicted that time-sharing technology will lead to a future in which computing power and

even specific applications could be sold through the utility based model (McCarthy, 1961). Each

decade, since the 1970s, has seen the evolution IT into a whole new era. First was the Mainframes

(1970s), Rise of the Personal Computing (1980s), The Client Server Architecture (1990s), are a few

well-known era. Meanwhile, the major driver that led to the adoption of these advances in IT was the

need for business to improve efficiency level and increase profitability. As a result, businesses and

individual users rapidly adopted the modern era of IT with the objective of realizing their benefits.

Recently, the world has gone through an economic downturn and there is an even stronger need for

organizations to improve efficiencies by using collaborative solutions and real time information

exchange. The cloud therefore is the next big thing with it gaining prominence during the recent credit

Page 21: Master Thesis - Yemi Adesida

20

crisis. The promise of the Cloud possibly lies in the flexibility, scalability and cost benefits made

available through the ‘as-a-a-service’ paradigm.

Figure 1 - Evolution of Computing

IT in Business: Traditional Computing Model

Business environments are becoming increasingly complex and competitive. At the same time, the

expectations of customers are also increasing. With companies now looking for new ways to enhance

the quality of their products and services through IT, the traditional model seems to be inadequate

sourcing and deployment of IT systems and solutions, using the traditional model, may not result in

the optimal utilization of resources while requiring large investments to continue functioning.

Businesses not only have to setup an in-house (On-premise / Hosted) computing environment but

they also have to build / Source IT teams to manage the same – thus adding on to capital investment

and operational cost.

Some of the key challenges that are associated with the traditional model of providing IT services are

as follows:

Page 22: Master Thesis - Yemi Adesida

21

Limited IT Budget

Initially, the IT budgets of organizations were limited as IT was looked upon as a support function.

The recent economic downturn has put a strain on the IT budget. Setting up an On-premise

computing environment or upgrading existing systems requires a substantial amount of initial capital

investment.

Scalability of Systems

Current IT framework and design principles are not very flexible and could result in a design overhaul

of existing solutions, or a complete overhaul of hardware resources, to accommodate drastic changes

to user requirements. E.g. system administrators manage peak demand for server access by investing in

additional hardware and software resources, which are under-utilized during non-peak loads.

Lead Time on Set-up

The traditional process of designing, developing, installing/deployment of solutions is time consuming

and iterative. Consequently, this could negatively affect the execution of various business processes or

functions especially when there is an urgent need.

Infrastructure Management

Management of the entire IT function requires investment in form of time, Professional expertise, and

financial investments. Moreover, Managing IT infrastructure might not be the core competence of a

company. In Nigeria, this is a constant challenge in most organization.

Need for Mobility

Owing to the need to stay connected round the clock, 365 days a year, business people are now

demanding a well-connected environment that caters to real-time information interchange. The

traditional environment needs a significant overhaul to be able to meet the expectations of a

virtualized / connected environment.

Page 23: Master Thesis - Yemi Adesida

22

Figure 2 - Comparison between Traditional and cloud computing

Cloud Computing

Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of

configurable computing resources (e.g., networks, servers, storage, applications, and services) that can

be rapidly provisioned and released with minimal management effort or service provider interaction.

This cloud model promotes availability and is composed of five essential characteristics, three service

models, and four deployment models. (NIST, 2009)

Cloud computing delivers services dynamically over the Internet. Storage Systems, Operating Systems

Hardware, Software and other resources helps in keeping IT budget to bare minimum cost. Cloud

computing also refers to both the application delivered as a service over the Internet and the hardware

and software systems in the data centers. Cloud computing resources are hosted in large data centers

that are typically distributed across geographically separate region of the world. Distribution of the data

centers in different places provides fault isolation, since if one data center fails, the other data center

will not be affected. This also offers flexibility to application owners in terms of the location of the

location of their application. For example consumers can choose to locate their applications in data

centers near their locations to reduce network latency.

Page 24: Master Thesis - Yemi Adesida

23

Elasticity is a key characteristic of cloud computing. Because computing resources can be rapidly

provisioned and relinquished in an automated manner, cloud applications can now rapidly grow or

decrease in terms of computing capacity, thus making scalability easy. This means that businesses and

application owners no longer need to provision infrastructure for future needs in anticipation of

increases in system demand and usage. Likewise, system resources are not underutilized when usage

and demand decreases. Elasticity is a desirable feature in on-line applications such as social networks

where system peak loads and load growth cannot be predetermined.

Virtualization is an important aspect of cloud computing as it enables easy, scalable, efficient, and

flexible management and provisioning of resources on loud-based platforms. A cloud computing data

center consists of large pools of abstracted virtualized servers, thus providing an illusion of computing

resources.

It abstracts the coupling between the operating system and underlying hardware, such that raw

compute network and storage resources can be unified as a large pool of resources. By using

virtualization, cloud computing data centers are able to serve a large number of people with different

needs as it is possible to dynamically configure and provision resources for different applications from

the unified pool of resources. Virtualization distinguishes cloud computing from traditional data

centers as the latter offers raw physical hardware resources that cannot be configured dynamically.

Evolution Of Cloud Computing

Cloud computing is not a completely new concept but a combination of new and already existing

technology. Cloud computing is not a revolution in information technology but an evolution of

existing technologies as the main revolution occurred long before the advent of cloud computing

[Anjomshoaa, Tjoa (2011)].

Cloud computing has grown out of and uses the same infrastructure support as GRID computing.

Grid computing refers to geographically distributed, parallel, complete computers that work together

to provide computing resources such as compute power and storage for solving large scientific or

Page 25: Master Thesis - Yemi Adesida

24

technical problems. Distributed computing is a key characteristic of both grid and cloud computing

and the latter makes use of computing’s standard protocols for aggregation of distributed resources

and transparent access to the resources to manage distributed data centers. However, grid computing

and cloud computing are different as they were developed to address different problems and have

different assumptions. For example, Grid computing does not rely on virtualization to manage the

provisioning of resources as in cloud computing.

In addition to virtualization and grid computing, Service-Oriented Architecture (SOA) is another

technology that is used in the design of cloud computing services. SOA is a software design

architectural style which presents business functionalities as a set of self-contained modules called

services. The modules (services) have well-defined interfaces and are invoked through messages. Cloud

computing makes use of SOA to provide computing resources and software applications as a set of

services called Web Services. The behavior of WEB SERVICE is governed by a collection of

standards that are designed to support inter-operable machine-to-machine interaction over a network.

Web services expose their capabilities through a web services interface.

Service Models In Cloud Computing

In this section, the different service models of cloud computing are distilled. There are three different

levels of service models. It starts from the lowest service model which is called the Infrastructure-as-a-

Service (IaaS) and builds up via Platform-as-a-Service (PaaS) to software as a service (SaaS). Each level

adds extra functionality and abstraction of the technical details of services which are offered.

Page 26: Master Thesis - Yemi Adesida

25

Figure 3 - Cloud computing service models

Infrastructure-As-A-Service

Infrastructure-as-a-Service (IaaS) is the lowest layer where users use computing resources such as

databases, CPU power, memory and storage from an IaaS provider and use the resources to deploy

and run their applications. IaaS model allows users to access the underlying infrastructure through the

use of virtual machines which automatically can scale up and down. IaaS gives users more flexibility

than other service models as it allows the user to deploy any software stack on top of the operating

system. However, the flexibility comes with a cost and users are responsible for updating and patching

the operating system at the IaaS Level. Popular examples of IaaS are Amazons Web Services’ EC2 and

S3 (Murphy, Abraham, Fenn, & Goasguen, 2009)

Platform-As-A-Service

Platform-as-a-Service (PaaS) is the layer where applications are developed, tested, and hosted using a

set of programming languages and tools that are supported and provided by the PaaS provider. PaaS

provides developers with a high level of abstraction that allows them focus on developing applications

easily. Developers can provide their customers with custom developed application without the hassle

of defining and maintaining the infrastructure. In PaaS model, Users do not control or access the

underlying infrastructure being used to develop and host their application, they uses APIs on an

abstracted platform. Google App Engine and Microsoft Azure are popular examples of PaaS

(Boniface, et al., 2009)

Software-As-A-Service

Software-as-a-Service (SaaS) is a cloud computing layer where users simply make use of a web-browser

to access software that others have developed, maintain and offer as a service over the web. At the

SaaS level, users do not have control or access to the underlying platform and infrastructure that is

being used to host the software. Salesforce’s Customer Relationship Management and Google’s Gmail

are popular examples that use the SaaS model of cloud computing (Armbrust, et al., 2009).

Page 27: Master Thesis - Yemi Adesida

26

Deployment Models Of Cloud Computing

The three different service models can be deployed in various ways varying from public Internet to

private data center. The figure 2.2 below shows the different deployment strategist (Joint, 2009) which

are detailed in the following paragraphs.

Public

Public is a deployment strategy which uses publicly available Internet to deliver the services to the

users. A great advantage of this deployment type is that the services are available from any Internet

connection, and down side however is security. The cloud services like Gmail and Azure are services

provided through the public cloud (Armbrust, et al., 2009)

Figure 4 - Public Cloud

Private

This deployment strategy can be compares with the traditional in-house hosting of a service, however

it uses the technologies on which cloud computing is based such as virtualization to provide

advantages to the organization (Armbrust. et al., 2009)

Page 28: Master Thesis - Yemi Adesida

27

Figure 5 - Private Cloud

Community

A community cloud is a bit like a private cloud however, the cloud is shared among a community of

organizations. This is done to divide the cost and risks of running a own cloud. These clouds can be

found in shared services multiple organizations (Buyya, 2009)

Page 29: Master Thesis - Yemi Adesida

28

Figure 6 - Community Cloud

Hybrid

A hybrid cloud is a cloud-computing environment in which an organization provides and manages

some resources in-house and has others provided externally. For example, an organization might use a

public cloud service such as Amazon’s Elastic cloud (EC2) for general computing but store customer

data within its own data center (Cole, 2009)

Figure 7 - Hybrid Cloud

Page 30: Master Thesis - Yemi Adesida

29

Benefits Of Cloud Computing

Cloud computing offer numerous benefits and advantages over other computing architectures. Based

on the detail survey, I have listed some of the benefits below.

Cost and Ease of Implementation: Cloud computing is cheaper and easier to implement than building

new applications and data centers. Moreover, the entire management of the resources provided rests

with the cloud service providers themselves. Cloud computing services can be offered on pay-per-use

model. The user interfaces of cloud computing solutions are also very user-friendly than the interfaces

of traditional software.

Elasticity of Resources:

Services of the cloud are available On-Demand which allows customers to upscale/downscale capacity

without incurring any capital expenditures. Service providers of the Cloud are able to juggle between

servers and data centers to shift resource utilization as per the demand patterns and user specific SLAs.

This provides total flexibility to the users.

Multi-tenancy

The cloud resources run in Multi-tenancy mode which means multiple organization or users can access

the infrastructure simultaneously from different locations. This allows services provides of the cloud to

take significant cost advantages and better profitability, allowing them to make more capital and R&D

investments. The benefits are passed-on to the cloud users making the cloud solution a cost-effective

option.

On-Demand Self-Services

The most important feature of the cloud is that user can use computing resources as and when they

require the same without requiring any human intervention from the service provider of the cloud.

The user would not have to worry about commissioning/decommissioning computing infrastructure

as per utilization / requirements.

Page 31: Master Thesis - Yemi Adesida

30

Pay-As-You-Go Model

Cloud computing reduce the significant upfront capital expenditure which is needed to purchase and

maintain IT infrastructure like hardware and software systems. Pricing in the cloud is done on a usage-

based or subscription-based model which converts fixed into variable costs. The advantage of being

cost-efficient makes cloud computing an attractive option, especially for SMEs. According to a study,

cloud-based services generate high cost differential for smaller companies in comparison to large

enterprises. While the cost savings per employee through usage of the Cloud was nearly ten times for a

company with 10,000 employees, it was as much as 109 times for a company with 10 employees.

(KPMG: The Cloud changing business Ecosystem, 2011)

Factors Fostering The Growth Of The Cloud

Some of the key factors that are driving the acceptance of Cloud services are as follows:

Rising computer Penetration

The past decade has seen the increasing acceptance of the internet as a medium of communication for

businesses. Computers and internet connectivity are the prerequisites for the adoption of the Cloud.

Growing penetration of computers is resulting in an increase in the demand for affordable computing

solutions.

Improvement in Bandwidth Availability

The past decade has seen the rapid rise in the availability of internet bandwidth at increasingly lower

cost. Data transfer rate over wireless networks has now reached 300 Megabytes per seconds (Mbps)

while it stands at a speed of 1 Gigabyte per second (Gbps) for data transfer over wired networks. At

the same time, there has also been a significant improvement in the reliability of the connection

Innovations In Commodity Server Market:

There has been a significant improvement in the quality of servers that are now available, with faster

and powerful processors in place. These servers has become more efficient and less expensive making

them more viable for cloud computing. Moreover, innovations in interconnect technology have made

the use of servers in clustered environments and application execution more feasible and efficient.

Page 32: Master Thesis - Yemi Adesida

31

Improvements In Storage Technology:

The growing need to share data between various application units as terabytes is increasing the

demand for networked storage – a shift away from direct attached storage. Capabilities of servers to

run multiple applications and increased relevance of virtualization have further acted as an impetus for

the growth of network storage.

CHALLENGES IN THE IMPLEMENTATION OF CLOUD COMPUTING

Amongst all the perks and benefits of cloud computing, the virtual concept of computing still

generates several questions in the minds of the users with respect to confidentiality, integrity and

availability. The key challenges for the adoption of cloud computing in Nigeria are given below.

Assurance of Privacy and Security:

Cloud users in Nigeria are wary of the security and privacy of their data. The multi-Tenant

environment of the cloud is causing concerns amongst businesses thereby leading to a lack of trust for

cloud providers and the services they offer. In the research conducted, over 56% of users strongly

agree to the lack of trust for cloud provider. As the same underlying hardware may be used by other

companies and competitors, it may lead to a breach of privacy. Moreover, any data leakage or virus

attack would have a cascading effect on multiple organizations.

Reliability and Availability:

The constant availability and reliability of power and internet services in Nigeria is a constant challenge

for cloud adoption in Nigeria. The cloud services providers may guarantee 99.9 percent uptime,

however, companies could still worry about the loss of control when there is a power outage or loss of

internet connection. In the research carried out in Nigeria, 87% of user’s interviews strongly agreed to

the issue of unreliable and unstable power and internet connection as a major problem affecting the

Page 33: Master Thesis - Yemi Adesida

32

adoption of cloud computing in Nigeria. Also, the cloud service providers cannot give an assurance on

the uptime of the external internet connection, which could shut all access to the cloud.

Cultural resistance:

The implementation and migrating of cloud computing services may face organizational inertia as

shifting to cloud computing may change the role of IT department and operation processes in several

departments and function. Organizations may not be prepared for this transitions as most users are

not well informed on the concept of cloud computing, therefore leading to resistance. The research

conducted to find out the level of awareness within the organizations interviewed, are informed on

cloud computing shows that less than 90% users are poorly aware of the technology. Due to this, the

adoption of cloud computing constantly hit roadblock in Nigeria.

Figure 8 - Drivers and Challenges of cloud computing

ENTERPRISE COLLABORATION AND COMMUNICATION

The time for debating the usefulness of collaboration with email in business has passed. Email, quite

simply, is fundamental to how businesses communicate, either within the office or with external

parties. What is increasingly open to debate, however is, how businesses deploy email, whether

through a self-managed, on-premise arrangement such as Microsoft Exchange Server, or a cloud-based

Page 34: Master Thesis - Yemi Adesida

33

hosting service such as google apps or Office 365. Today, hosted systems and on-premises

management provide IT and business decision-makers with a clear choice of email system deployment.

More enterprise organizations currently implement on-premises solution. It’s been the traditional

approach: A company needs email so it buys the equipment, sets it up and manages it. But with the

increasing adoption of cloud-based services, hosted email messaging has now entered the mainstream

business strategies. The adopters include not only small and medium-size firm, long the main users of

email hosting services because of their affordability, but large enterprises as well. The reasons are

largely economic, but include other factors, including stronger information security and safety

protection.

Survey result revealed that web-based email is the highest cloud service used be both enterprise and

individual users in Nigeria, followed by cloud based collaboration tools. Therefore the research and

case study of this research will is based on the comparative advantage and economic impact of using a

cloud based messaging and collaborative tool compared to the traditional architecture.

In this section, I will be giving a brief review on one example each for both the traditional computing

and cloud computing collaboration tool. Selected tools are:

Microsoft Exchange

Google Apps

On-Premise Microsoft Exchange

Microsoft Exchange is the industry’s leading business-grade messaging and collaborative system.

Exchange’s major features include email, calendaring, contacts, and tasks.

Google Apps:

Google Apps is a web-based messaging and collaboration platform available to businesses for a

flat license fee of $50 per employee, per year. Google’s applications run in any modern browser

without any additional software to buy, install, maintain, or upgrade over time. Google also

Page 35: Master Thesis - Yemi Adesida

34

manages the backend infrastructure in its highly scalable, reliable, and secure data center

infrastructure, so there are no servers for customers to purchase, configure, patch, or upgrade

over time.

Google Apps Include:

Gmail: Includes 25 GB of storage per employee, Google powered email search, industry-leading

span protection, and integrated IM, Voice and Video chat. Workers can access there Gmail from

any computer and on mobile devices including all smartphones and tablet types. Employee who

prefer the Microsoft outlook interface can continue to use outlook as their email client without

the company needing to run Microsoft Exchange.

Google Calendar: Allows employees to manage their schedules, create project calendars, and

easily schedule time with colleagues. Multiple calendars can be overlaid to quickly display a

composite view of multiple people’s schedule. Workers can access Google calendar on any

computer and on Mobile devices. Employee who prefer the Microsoft Outlook interface can

continue to use Outlook as their calendar client without the company needing to run Microsoft

Exchange.

Google Docs brings multi-person real-time collaboration to documents, spreadsheets,

presentations, and drawings. Editors can simultaneously access the same Web-based file from

any computer and contribute while others are also making changes, sparing colleagues the

inconvenience of collaborating over attachments. Google Docs can import traditional office files

and export to those formats as well.

Google Sites allows teams to create and share collaborative team sites without burdening IT for

support. Employees can access sites from any computer, and sites can display rich content such

as embedded documents, spreadsheets, presentations, calendars, and videos.

Google Video is a private, secure platform for sharing internal videos like trainings, corporate

communications, and more. Videos can be viewed or uploaded from any computer.

Page 36: Master Thesis - Yemi Adesida

35

Google Groups allows administrators and end users to create mailing lists and browse or search

discussion archives quickly from any computer. Documents, spreadsheets, presentations, sites,

and other content can also be shared with groups so content owners can easily manage

information permissions.

More Google applications including Google Voice, Google Reader, Blogger, Picasa, Google

Reader, and AdWords are available from Google Apps accounts at no additional charge, and IT

administrators can provide the right set of tools to each group within their organization.

Migration And Integration Capabilities

At no additional cost, Google offers scalable tools to easily migrate email, calendar, and

contacts data from legacy Microsoft Exchange, Lotus Notes, and many IMAP email systems to

Google Apps, so workers can seamlessly switch over to Google Apps with minimal disruption.

Furthermore, Google Apps is designed to integrate seamlessly with existing on-premise

technology including:

• Single Sign-On (SSO) integration

• LDAP directory synchronization

• Integration with local data repositories with the Secure Data Connector

• APIs that allow flexible programmatic access to Google Apps from many other systems

Data Security

Google Apps has successfully completed an SAS 70 Type II audit to ensure that its security

procedures are operating effectively, and Google Apps is the first suite of cloud-based

messaging and collaboration applications to receive the stringent Federal Information Security

Management Act (FISMA) certification and accreditation from the US General Services

Administration.

Page 37: Master Thesis - Yemi Adesida

36

Reliability, Uptime Guarantee, And Support

Google’s Service Level Agreement (SLA) guarantees that Google Apps will be available at least

99.9% of the time, and the actual performance of the system has been significantly higher than

this SLA threshold. Google provides enterprise-grade support to customers including 24/7

telephone support for critical administrative issues.

Message Archiving For Regulatory Compliance

In addition to Google Apps, companies can add Google Message Discovery for $13 per

employee per year for one-year archiving. Google Message Discovery, powered by Postini, is a

Web-based service that provides customers with complete email security, a hosted email

archive, plus powerful message search and recovery tools.

Availability And Other Versions Of Google Apps

Google Apps is available in over 150 countries and in over 40 languages. In addition to Google

Apps for businesses, Google offers free versions of Google Apps for small organizations, non-

profits, and to schools and universities of all sizes.

Page 38: Master Thesis - Yemi Adesida

37

CHAPTER SUMMARY

Traditional Computing Cloud Computing

Initial Startup Capital Initial setup capital is very high

because computing infrastructure

such as servers and storage,

software and installation has to be

paid for.

Set up is very low. No computing

infrastructure is bought. Only cost

of service will be paid for.

Hosting Environment Computing infrastructure like

server, storage hardware are

installed on premises and owned

by the organization

Computing infrastructure are

owned by the cloud provider.

They are virtualized and offered to

organizations as a service over the

internet

Setup Time There is typically a large lead time

for implementation or

development and testing

Set up is instant.

IT Team Businesses require professional

team of IT staff to manage

computing infrastructure

Support is done by the cloud

provider, therefore, businesses

require no IT team for

management.

Software Maintenance Maintenance is carried out by

businesses to ensure high

performance at all time. Either

done by in-house team or

outsources

Maintenance and upgrades are

done by the cloud provider

Scalability Requires additional software

upgrade and hardware purchase

to increase scale

Provides the functionality of

tuning up or customization

Licensing Software licensing is a major cost

in IT procurement. This is paid for

periodically by businesses

Businesses do not pay for any

license at all.

Enterprise Mobility Limits usage to within the

business environment.

Provides access on the move and

across various devices.

Table 1 - Comparison of Traditional and Cloud computing

Page 39: Master Thesis - Yemi Adesida

38

C H A P T E R T H R E E :

METHODLOGY

This chapter describes the research methodologies of the project work. Besides discussing the

methodologies in general, the research procedures, data analysis techniques and the resources

used to conduct this research are also discussed.

Methodology

This master thesis begins with the topic area and research questions. It further provided details

explanation of the literature and area of interest. A literature review forms the basis for this

research and provides information sourced from scientific papers and related works. Besides

scientific papers and related works, there are also several books, research papers and analysis

publishes in the area of the evolution of cloud computing as its affect enterprise organizations.

These publications will help to form the basis for the literature review together with the

scientific papers. Further additions for this thesis are found on websites, journals, and blogs.

Case Study One: One of the main objective of this research is to identify the difference

between traditional computing and cloud computing with respect to its impacts on enterprise

organization, and to give fact-based recommendation derived from the research, on the best

computing architecture the best offers value to and enterprise both in the short and long-run.

Case Study Two: Cloud-based NFC Mobile Payments for developing iPay for Retail Banks, digital

companies, governments and several organisations

This research adopt a mixed method research approach was adopted to realize these

objectives. The rationale behind this method is to have a detailed view of the research

Page 40: Master Thesis - Yemi Adesida

39

problems as well as a generalization of cloud computing trends in Nigeria. The research started

with quantitative method for exploratory purpose, which was immediately followed by a

qualitative method to provide both detailed and generalized analysis of the research problem.

The qualitative data also provided in-depth knowledge of the evolution of computing in

comparison with traditional computing with respect to its impact on cost of implementation,

enterprise architecture, and project success, within an organization in Nigeria.

According to Creswell (1994), qualitative research is a type of research that is explaining

phenomena by collecting numerical data that are analyzed using mathematical based methods.

For this research, data has been collected by surveys targeted at businesses and subject matter

Expert within the IT industry in Nigeria. Kraemer (1991) notes that survey research can be used

to quantitatively describe specific aspects of a given population, collect subjective data from

people and use the data collected from the selected portion of the population for

generalization back to the population. The organizations interviewed are chosen based on their

location in the market and industry. We have mostly IT companies, financial institutions, and

Government ministries currently implementing or about to migrate their IT resources to the

cloud.

The (Sub) research questions are based on the subsequent chapters. These chapters are shaped

with both literature and information gathered from interview.

Cloud computing in Nigeria is currently at its early adoption stage, so it was difficult to find

organizations that already implemented cloud computing. Therefore, this thesis and its

comparative study will be done through a combination of case and descriptive study.

After the chapter based on the research question, a comparative analysis will show and

highlight the major difference between traditional computing and the cloud, it will further

explain how both computing are affecting organizations, and their relative benefits. The

Page 41: Master Thesis - Yemi Adesida

40

analysis of all the combined information will eventually lead to the answers of the research

question and provision of fact based recommendations.

Thesis Outline

This research project begins with explaining both the traditional and cloud computing, and the

evolution process between the two technology architectures. After the explanation of these

phenomena, the literature study follows. All the computing literature is review and looked at

critically. In order to obtain more fact based information, the following chapters contains

information obtained from different interviews and surveys. After this, we take literature

together with empirical data and try to describe the most important cost and benefit of cloud

computing in comparison to traditional computing.

Information Sources

Information are gathered mainly from IT organizations and subject matter experts that are

currently exploring or migrating to cloud computing. Other sources are to be found on the

internet such as scientific papers and seminars. Most interviews and collaboration were done

over the internet via Skype and Emails. However, with some help, the questionnaires were

administered face-to-face.

Data Collection

The main technique used for primary data collection for this research were interviews and

questionnaires. Interviews provided in-depth information based on the interviewee’s

experience and viewpoints of the particular topic (Creswell 2007). The head of IT department in

various companies were selected for this study to establish relationship with them and

schedule appointments for the interviews and questionnaire administration. Data collection

was done in two parts.

Page 42: Master Thesis - Yemi Adesida

41

First, IT managers and Project managers of IT companies were interviewed. This allowed the

extraction of vital and practical information through direct communication. These interview

allowed further in-depth discussion into the experiences and/or knowledge of the participants

in order to gain maximum data from the interview process.

The second part of the data collection process consist of interviews for subject matter experts,

consultants and IT officers, and survey questionnaire for users of cloud computing services

within small businesses in Nigeria. In order to increase quality of response and recovery of

questionnaire, they were administered in the presence of the researchers. The interviews did

not only yield highest cooperation, but provided opportunity for follow up questions and

thereby having in-depth information on the research topic.

Constraints

A lot of roadblocks were met while preparing and during the data collection phase which I did

not initially anticipate. This in a way affected some deliverables and slowed down the research

work. These constraints are explained as follows:

Unavailability of Cloud Users: during the research, I discovered that the populations of

businesses currently using any form of cloud services were insignificant compare to the

traditional method. Hence the reason for a low adoption rate in the research result. As a result,

getting participants to take part in practical interview sessions and answer questionnaire was

difficult. However, I got recommendations to some organizations and subject matter experts

who provided detailed information.

Postponement of Meetings: The business environment is getting more competitive, paces are

moving ever faster, and executives are getting three times busier schedule. On the average,

interviews were postponed at least twice before an opportunity for a “short” one.

Page 43: Master Thesis - Yemi Adesida

42

Lack of Trust: In order not to release vital company information to the public and the inability

to verify the authenticity of the status of the interviewer and the origin of the questionnaire,

most business executives either decline our appointment, or were conservative during

interview. This lack of trust was a major bottleneck against extracting detailed information.

Location and time zone: The major constraint was the difference in time zone. As most

interviews had to be conducted over the internet, I mostly catch my interviewee in a wrong

time. In other to correct this problem, I have my interviewee fix a preferred meeting time, or I

liaise with a trusted party in Lagos, Nigeria to conduct the interviews and mostly the

questionnaire on my behalf.

Data Analysis Techniques

Once data is collected and archived, the next step was to analyze the data. There were many

methods which make the data analysis more meaning ful. These techniques could be used to

manage the interview text, to compress the interview in the form of some short sentences in

order to get the important points mentioned. Depending on the data collection methods and

tools that was used, I decided to select the case study analysis to analyze my data.

It was very important during analysis to understand the textual data. One should highlight and

understand the important part of a text to be able to comprehend the general meaning and

then interpret it to bring coherence and sense. Hence, to achieve that I have pursued a circular

process, I understood the text as a whole, and then interpreted parts of the text so I can have a

better understanding of the whole, and back to the parts, and so on. In my study since I

conducted multiple case studies, I was confronted to different people involved with Cloud

Computing. Therefore, I encountered contradictory, incomplete, cloudy, and confused view on

the interaction issue with information system and Cloud Computing technique. But with this

approach to make sense of the whole picture, that is the relationship between the information

Page 44: Master Thesis - Yemi Adesida

43

system of an enterprise and Cloud Computing, it helped me to understand the textual data in a

better way.

Page 45: Master Thesis - Yemi Adesida

44

C H A P T E R F O U R :

EMPERICAL RESULT

This chapter is dedicated to the result of the survey and interviews conducted in the research. It

presents the quantitative data from the surveys and qualitative data collected from the

interviews. This chapter also contains discussion section, based on the analysis of the results of

the interviews.

Result Of The Survey

The survey conducted in this research consists of 10 questions, which has been prepared based

on the research questions and the requirements where cost, performance, productivity,

flexibility and functionality. Each question in this survey will provide a solution to the

adoption/usage of cloud computing in Nigeria, and also provide information on the reason for

switch to cloud computing from the traditional computing architecture, and factors responsible

for not switching. An excerpt of the survey is shown below.

Screenshot Of Survey

In this survey, questions are formed based on the research questions and with the mindset of

discovering the usage of cloud computing and the reason behind the decision of switching to

the Cloud are staying put on the traditional computing architecture. The survey was done both

online and physically. For the online survey, the link to the questionnaire was distributed to the

participants in Nigeria selected from various organization in different operating sectors, while

the physical survey was handed to the participants on hand using paper. The participants of

the survey includes IT staffs of various companies using one or more cloud computing services,

and about 15 subject matter experts from different organizations. The demography of

participants is shown in the table below. Out of 105 participants, 87 answered the question

completely, while others answered an average of 7 questions each. I suppose the reason for

this is most likely a result of misunderstanding of the questions and the purpose pf the survey.

Page 46: Master Thesis - Yemi Adesida

45

Below are the analyzed results of the survey from different participants representing various

businesses and sectors of the economy.

Demography Of Survey Participants

The survey sampled opinion on the adoption and usage of cloud computing from employees of

different businesses across different sectors. The link to the survey had been posted to the

participants vie email and also published on social networks. With the aid of friendly

recommendations, some part of the survey was done physically in some companies, where

questionnaires were handed to IT staffs of different companies and collected upon completion

of the survey that same day. The Table below shows the demography of the survey

participants.

Table 1: No. of participants per sector

Sectors No of Participants %

IT and Technology 45 42.8

Banking & Finance 10 9.5

Media and Advertising 10 9.5

Medical 4 3.8

Law 8 7.6

Small Businesses 28 26.8

Total 105 100

Page 47: Master Thesis - Yemi Adesida

46

Figure 9: No of Participants per sector

The following research results were provided by the 105 people from this industries as

displayed in the image above.

Survey question: Are you aware of the term cloud computing and its meaning?

Research objective: To investigate the level of perception of workers within these industries,

especially the IT and technology, regarding cloud computing and their knowledge of the

technology architecture. The result of this research was derived by asking the above survey

question and some more. The result of ths research showed that 77.8% were aware of cloud

computing and its capabilities, 14.8% were not aware at all of the concept.

42.8

9.59.53.8

7.6

26.8

Participant of Survey

Sectors IT and Technology Banking & Finance

Media and Advertising Medical Law

Small Businesses

Page 48: Master Thesis - Yemi Adesida

47

Figure 10: Awareness Of Cloud Computing

Survey Question: Is your company currently using Cloud Computing?

Research Objective: To know the extent of cloud computing adoption in Nigeria. The result of

this survey showed that there is a very low adoption of cloud computing in Nigeria, with

approximately 74% of the population disagree to using cloud computing in their company, and

also declaring that the general adoption of cloud computing is low. The chart below gives a

graphical view of the adoption of cloud computing.

77.8

14.8

7.4

Level of Awareness of Cloud Computing

Aware Not Aware Indifferent

Page 49: Master Thesis - Yemi Adesida

48

Figure 11: % of Cloud computing users in sampled sectors

Research Question: Which of the cloud computing services are you currently using?

Research Objective: To know the extent of cloud computing adoption by businesses in Nigeria,

and get a scope of the services mostly used within the cloud-computing framework.

The outcome of the research shows that cloud-based email has the highest patronage

representing 100%, in the figure above. Means the entire respondent agreed to using this

service provided by google, Microsoft, etc. Collaboration tools and application development

services also have a considerable level of usage especially within the IT organizations,

representing, 25.8 and 40% respectively. The usage of cloud based servers and storages are yet

to gain significant patronages in Nigeria.

23.6

74.1

2.3

Do you currently use cloud computing

Yes No I don’t Know

Page 50: Master Thesis - Yemi Adesida

49

All the company represented in the survey using cloud computing agreed to migrating to the

cloud recently, an average of 6 months before the survey. While other companies are currently

planning and evaluating the economic impact in terms of financial, technical and economic

feasibility of migrating to cloud computing.

Although it was difficult to gather detailed information on the factors that motivated the

migration or the factors limiting the migration from the traditional computing model. However,

I was able to identify some major factors that might motivate of limit from interviews

conducted, and these factors were thrown in as options for the survey questions.

In the case study chapter, detailed information and evaluation will be conducted. The economic

impact of cloud computing and the traditional computing will be weighed side by side, using a

business that has transitioned between both worlds as a case study.

In the following research, the factors that motivated or limited the transition to cloud

computing is exposed.

0 20 40 60 80 100 120

CRM & ERP Software

Email and Communication

Collaboration tools

Project Management Application

HR Applications

Photo & Video Editting

Application Development

Servers

Storage

Not Applicable

Cloud Computing Services

Page 51: Master Thesis - Yemi Adesida

50

Cost: 89% of the survey participant strongly agreed that the initial set up cost of cloud

computing compared to traditional computing is very low, if not negligible. And that this factor

solely is a motivation to make the switch to the cloud.

Increase focus on Core Business: 79.5% of the sample size strongly agree that cloud computing

heled their businesses, or any other business focus on their core operation, compare to

traditional computing, which requires in-house support staff to manage its operation and

performance.

0

10

20

30

40

50

60

70

80

90

100

Strongly Agree Agree Neutral Disagree Strongly Disagree

Initial Setup Cost

Page 52: Master Thesis - Yemi Adesida

51

Easy Accessibility: 85.5% of the total population of participants agrees that, compared to

traditional computing, cloud computing allows for easy accessibility of data using any device

and at any time, from anywhere. This was also a major motivating factor for migrating to

computing from traditional computing. 9.1% of the population were neutral and 5.5%

disagreed. This data is shown in the graph below.

Reduce Cost of IT Support and Management: Cloud computing, compare to traditional

computing requires less IT support staff, and lesser or no maintenance cost. 21% of the

0

10

20

30

40

50

60

70

80

90

Strongly Agree Agree Neutral Disagree Strongly Disagree

Increase focus on core Operation

0

10

20

30

40

50

60

70

80

90

Strongly Agree Agree Neutral Disagree Strongly Disagree

Easy Accessibility

Page 53: Master Thesis - Yemi Adesida

52

population strongly disagree that this factor is a motivating factor, while 62% strongly agree it is

a motivation.

Collaboration: 83% strongly agree that cloud computing increase team productivity and

collaboration, while 16.7% of the population was neutral.

Factors Limiting the Adoption of Cloud Computing

0

10

20

30

40

50

60

70

Strongly Agree Agree Neutral Disagree Strongly Disagree

Reduce IT Management Cost

0

10

20

30

40

50

60

70

80

90

Strongly Agree Agree Neutral Disagree Strongly Disagree

Collaboration

Page 54: Master Thesis - Yemi Adesida

53

Research Objective: This research identify current reasons why businesses stick with the

traditional computing, and limits the migration to cloud computing. To achieve this objectives,

many factors were considered and some were considered significant. The result identifies five

major factors that our respondent currently believe is are the advantage that traditional

computing has over cloud computing.

Poor Awareness: Poor awareness of the capabilities and benefits of cloud computing

represented 88.9% of the respondents who strongly agreed, while 1.8% disagreed.

Unstable Internet Services: The high cost and inconsistency of internet supply, which is the back

bone of cloud computing, was a huge factor limiting the migration. A total of 83.6% of the

respondents strongly agree while 16.4% remain neutral.

0

20

40

60

80

100

120

StronglyAgree

Agree Neutral Disagree StronglyDisagree

Poor Awareness

Page 55: Master Thesis - Yemi Adesida

54

Unstable Power Supply: Surprisingly, the issue of unstable power supply was also a factor to

consider in migrating to cloud computing. 65% of the total population strongly agreed, while

41% were neutral.

Privacy: 55% of population claim to be skeptical on the issue of data privacy, while 33.5 percent

disagree to this claim.

0

10

20

30

40

50

60

70

80

90

Strongly Agree Agree Neutral Disagree Strongly Disagree

Inconsistent Internet Service

0

10

20

30

40

50

60

70

Strongly Agree Agree Neutral Disagree Strongly Disagree

Unstaple Power Supply

Page 56: Master Thesis - Yemi Adesida

55

Interview Discussions

Qualitative Data Analysis - Interview

For the interviews, individual emails were sent to fourteen participants describing what the

study entails, plus an invitation letter asking for a suitable date and time for the interview to

take place, together with an informed consent. Their approval of informed consent form and

invitation were delivered back through email. The email also ask for a preferred channel for the

interview to take place, and only two out of fourteen choose one-one-one meeting, while

others chose video-chat through skype. The interviews were conducted between March and

June 2014. The average interview session lasted thirty to forty minutes for each participants.

The context of discussion for the interviews was based on the research questions and

objectives.

Demography of Interview Participants

Respondent Firm Size Position Held

Respondent 1 IT Firm Large Scale IT Manager

Respondent 2 IT Firm Large Scale IT Manager

Respondent 3 IT Firm SME IT Manager

Respondent 4 IT Firm SME Developer

0

10

20

30

40

50

60

Strongly Agree Agree Neutral Disagree Strongly Disagree

Data Privacy

Page 57: Master Thesis - Yemi Adesida

56

Respondent 5 IT Firm SME Support Staff

Respondent 6 Telecommunication Large Scale Engineer

Respondent 7 Telecommunication Large Scale Engineer

Respondent 8 Telecommunication Large Scale IT Officer

Respondent 9 Telecommunication Large Scale Support Staff

Respondent 10 Professional

Association

Large Scale IT Manager

Respondent 11 Online Ecommerce SME Product Manager

Respondent 12 Online Ecommerce SME Developer

Respondent 13 Online Ecommerce Large Scale CTO

Respondent 14 Online Ecommerce SME IT OFFICER

Research Objective One: To Investigate the perception of cloud computing.

Participants were asked their opinion of cloud computing technology, compared to the

traditional computing technology.

All the respondents agreed that cloud computing is the next computing technology. However,

when asked if Nigeria is ready for cloud computing, there were varying responses.

Respondent 4 said: “I don’t think so, because only few people know about the technology”.

Respondent 2 claims that Nigeria isn’t prepared for cloud computing until the factors affecting

cloud-computing adoption is addressed.

Respondent 3 believes Nigeria will be ready for cloud computing full scale in the coming years,

but for now, the answer is NO. However, Respondent 4 said “Yes, because there is an available

market and business, if only providers can show prove of cloud solution’s technological,

economic and financial benefits, and No because, the basic infrastructure needs to be put in

Page 58: Master Thesis - Yemi Adesida

57

place and IT personnel have to be trained to handle the necessary tasks with regards to the use

of those services”. Other respondents believe that, Nigeria is always ready for whatever, but

always too slow to adopt new technology available infrastructure, and also the willingness to

experiment new things.

Research Objective Two: To Know The Extent Of Cloud Computing Service Adoption In

Nigeria.

The respondents were asked of the latest services they migrated to the cloud recently, and any

others usage they are aware of in Nigeria.

All the respondents indicated that they use some form of cloud services in their company. Most

of the respondents also added that the services deployed on the cloud are not beyond the

basic.

Respondent 11 said “we use software as a service, like prodpad – for product management and

collaboration, to manage our product management lifecycle and collaborate with various

stakeholders in Developing and managing the product.” All the respondents indicated that they

use web-based services such as web-email, and other basic collaboration tools such as google

drive. Respondent 10 said “Previously, we used on-premises exchange server for our members

emails, but we had to change that 5 months ago to save cost and increase performance. Now

we use Office 365, but currently exploring migration options to Google App”.

Respondent 14 said “we use services such as Dropbox for storage, and also some cloud base

Enterprise relationship management application to manage some of our highly automated

business processes online”. Respondent 2 said “we are currently working on a project to

provide infrastructure as a service to our clients, but they are the basic cloud service.” She also

indicated that “Only large scale company will be able to afford our intended services”. Finally,

Respondent 12 said “we use amazon server or Microsoft Azure for web and mobile application

Page 59: Master Thesis - Yemi Adesida

58

development. We got it for free through a sponsorship program and even after the free session

expires, we will continue with the service. It is easy, cost effective and gives great flexibility for

scaling. However, we have not tried in-house server, but from our feasibility study, it is nothing

to compare with the ease of the cloud.”

Research Objective Three: To Identify Motivating Factors That Encouraged Migrating To

Cloud Computing

Respondent was asked to compare their former computing architecture to the current cloud

service and highlight major factors that motivated them to switching to the Cloud.

All the respondents agreed that the issue of cost of setup and lead setup time is a major

motivation. They indicated that, businesses of the 21st century is about reducing cost and

maximizing productivity either in profit or performance, and that is the main promise of cloud

computing, among others. Respondent 5 said “Before now, we had big issues with our in-house

systems – servers and storage. As the business grew in an unanticipated way in 2013, we

instantly required more server and space for our applications. Our technical consultant, how

wise they were to give us an option of either an upgrade or total migration to the cloud. We

weighed both solutions in terms of cost, deployment time, and usability, and also return on

investment. The figures and benefit we got from using cloud computing was remarkable. It will

help us save way more that we would have spent and also increase our flexibility and enterprise

mobility”. All respondents believe that, for cloud computing to gain its much-required

momentum, major factors regarding basic infrastructure and awareness need to be addressed.

Research Objective four: To identify the factors affecting the adoption of cloud computing in

Nigeria.

Most respondents indicated that the major factor-limiting people to the traditional computing

are the issue of ignorance and inconsistence in the issue of Internet and Electric Power.

Respondent 13 said, “we still have very expensive and inconsistent internet tariffs. It will be

very difficult to host or use a cloud service effectively with that.” Only a few of the respondent

regarded security and privacy of data as a major threat. Respondent 8 said, “the first major

Page 60: Master Thesis - Yemi Adesida

59

problem is security. If we are going to rely on a third party to secure our data effectively, then

there should be some form of education and assurance on the security level and compliance”

He believes that the guarantee would go a really long way. Respondent 5 said, “Many are very

much aware of the capabilities and benefit of the cloud. However, migrating large data store to

the cloud comes with certain risk. We need professionals who can adequately execute this

project successfully”.

Page 61: Master Thesis - Yemi Adesida

60

C H A P T E R F I V E :

COST-BENEFIT ANALYSIS OF CLOUD COMPUTING VERSUS TRADITIONAL (ON-PREMISES) COMPUTING

For many organizations it is difficult to determine the total costs of implementing cloud

computing solutions as well as to compare them with the cost caused by the traditional

alternative of housing computing infrastructure on-premises. In practice, some models exist

that support the analysis of this cost, but they are mostly static and do not consider the

dynamics of cost development when using cloud computing.

In this chapter of this research work, the objective is to design and develop a simulation model

that covers the dynamic aspects and supports decision makers in analyzing cost benefits of

cloud computing versus traditional on-premises computer infrastructure. This chapter is based

on the theoretical framework of Information system and applies the method of system

dynamics.

Methodology

Using the literature review in chapter two and the case study of Intrinsic Communications, I

identified the major costs component and analysis which will be the basis for the simulation

model. The scope of this project is to account the costs, risks, advantages and disadvantages of

implementing a cloud computing framework or using the traditional in-house datacenters in a

enterprise organization. The proposed simulation model is based on a theoretical framework

for Information system development process proposed by Nunamaker et al, incorporated with

the method of system dynamics. Our simulation method is backed up by the structured

interviews and case study approach documented within this project.

Therefore, having established a detailed literature review in Chapter 2, I can proceed to the

theoretical framework.

Page 62: Master Thesis - Yemi Adesida

61

THEORITICAL FRAMEWORK

The theoretical framework consists of five stages;

In the following sections, the various phases will be discussed in more details.

Development Of The System Architecture

The system architecture consists of two main segments. The first segment represents the

simulation model, where the mathematical formulations of costs computations are

implemented. It is further divided into sub-module: Costing for cloud computing and costing for

in-house datacenter/Server room. The second segment represents the user interface, where

the cost analysis is explained in a visual or graphical format. The modularity of this model

enables us to use test using different case study.

Development of the system architecture

Construction of the

simulation model for

cost analysis

Analyzing and designing the

system

Building the prototype

Evaluating the system

Page 63: Master Thesis - Yemi Adesida

62

Figure 12- System Architecture

Construction of Simulation Model for Costs analysis

A simulation model for cost-benefit analysis for cloud computing and traditional computing

model is constructed and a kernel of the system. In order to achieve this, the various cost

centers of the two computing architecture must be identified.

Identification and Estimation of Costs

To identify and analyze the costs-benefits of cloud computing and traditional computing,

the Total Cost of Ownership (TCO) will be applied. The TCO is chosen as a basis for

identifying and estimating cost because it covers both the investment and on-going

administration cost for both computing framework. Moreover, TCO is generally used as a

means of addressing the real costs attributing to owning and managing an IT infrastructure

in a business.

Cost of Traditional computing

This section explore various cost involved in the management of tradition in-house

computing infrastructure which is independent of any particular project. For most of the

component found here, the Total Cost of Ownership is used. It comprehensively considers

the capital costs, recurring expenses, and cost of operations. The cost identified here

include cost of servers, network cost, power cost, software cost, support and maintenance

Page 64: Master Thesis - Yemi Adesida

63

cost, and finally, real estate cost. For each of these components, the following details are

provided:

1. Variable Explanation

2. Method of Calculating the cost of the component.

Cost of Server

The assumption is that all servers have similar configuration and are mounted in the server.

The cost of server is represented by Cost_Server. Therefore the cost of server can be

computed as follows:

Cost_Server = (No_S * Cost_PS)

Where

No_S = Number of Server owned by the business

Cost_PS = Cost per server incurred in currency value.

Network Cost

Basically, the components that make up the cost of networking include Network Interface

Card (NIC), Switches, Ports, Cables, Software and Maintenance. The cost of NIC is captured

in the cost of server and cost of software, while the cost of maintenance will be treated

independently. Therefore, this section focuses on major cost component of the networking

cost which include: switch, ports, cables and implementation cost.

The total networking cost (Cost_Net) is the summation of the cost of ports, cable, switch,

and implementation.

Cost_Net = Cost of Network

Cost_Sw = Cost of Switch

Cost_imp = Cost of Implementation

Cost_Cable = Cost of Cable

Cost_Port = Cost of Port

Therefore:

Page 65: Master Thesis - Yemi Adesida

64

Cost of Network (Cost_Net) = ∑ (Cost_Sw, Cost_cab, Cost_imp, Cost_Port);

Where:

Cost_Sw = No_Sw (Number of Switch) * Cost_PSW (Cost per Switch)

Cost_cab = No_Cab (Number of Cab) * Cost_PCab (Interconnected Cable Cost)

Cost_imp = H_Imp (Hours of Implementation) * Cost_P_Imp_H (Cost per implementation

Hour)

Cost_Port = No_Ports (Number of Ports) * Cost_P_Port (Cost per Ports)

Software Cost

Managing in-house computing infrastructure requires the installation of software, operating

system, patches and resources for load balancing. The cost of software associated with the

base cost estimation is due to cost of license payment. For the purpose of clarification, the

software is separated into two classes. The Class A software includes operating system

while the class B deals with other base software such as Application Server, Virtual Machine

software, etc.

The total cost of software for an enterprise represented by Cost_tot_Soft is given by:

Cost_tot_Soft = [(No_ClassA * Cost_ClassA * %A) + ((No_ClassB * Cost_ClassB * %B))]

Variable Description Unit

No_ClassA Number of Class A Software

No_ClassB Number of Class B Software

Cost_ClassA Unit Price of Class A Software (Total price, One Time) Currency

Cost_ClassB Unit Price of Class B Software (Total price, One Time) Currency

Page 66: Master Thesis - Yemi Adesida

65

%A Server Utilization Class A (Percentage of Unit price that

account for the annual cost)

Percentage

%B Server Utilization Class B Percentage

Power Cost

Studies have shown that power is a major cost component in managing In-House computing

infrastructure. In Nigeria, though the validity of these statements is debatable, power is clearly one

of the fastest growing cost (Brill, 2009). The IT infrastructure that contributes to power consumption

in organization includes server, switches, workstations, network physical infrastructures, UPS,

cooling.

The total cost of power is computed annually and is represented by Cost_TotPow.

The total cost of power is represented below:

Cost_TotPow = (Size_Pow * Use_Pow * Eff_Pow * 24 * 365) Cost is calculated annually.

Where;

Size_Pow = Size of the facility (Critical Load measure in Kilowatts)

Use_Pow = Average Power Usage (Average percentage of provisioned power used)

Eff_Pow = Effectiveness of power usage.

The monthly cost of Power can be easily derived and it is shown below:

Cost_MonPOw = Cost_TotPow / 12

Support and Maintenance Cost

The cost of administration, support and maintenance is also a major cost component in an

enterprise. After understanding the nature of support and maintenance cost in various

companies, it was discovered that majority of them outsource this job function to

consultants. Therefore, the cost of maintenance is computed based on the number of

service engagements or consultants visits made in a year and the charges incurred for each

of this visits.

Page 67: Master Thesis - Yemi Adesida

66

The total cost of support and maintenance per year represented by; Cost_TotSM Can be

calculated as:

Cost_TotSM = (N_Admin * Sal_Supp) + (N_Consul * Consul_Fee)

Where:

N_Admin = Number of administration staff

Sal_Supp = Salary for Admin Staff

N_Consul = Number of consultants visit per year

Consul_fee = Cost incurred per consultant visit.

Therefore the monthly Support and Maintenance cost can be derived by:

Cost_monSM = Cost_TotSM / 12.

Cost of Cloud Computing

From the Literature reviews in Chapter 2, we discovered that the cost incurred for cloud

computing is far different from the traditional in-house computing infrastructure. For cloud

computing, organization do not spend money on acquiring servers or software, spends way

less in power and virtually no real estate and cooling cost.

The organization can match their server configuration with these instance configurations.

To estimate the costs for cloud computing instance, we first need to estimate how many

virtual server instances offered by the Infrastructure-as-a Service provider equal to a real

server. Assuming that two instances correspond approximately to the power of one physical

server, then We can compute the require number of server instance per hour. In addition to

the cost of server instances, the cost of data transfer needs to be identified and accounted

for. In a Platform-as-a-Service model, the Cost of user license will also be accounted for.

Conclusion

In Summary the cost of cloud computing is shown below:

Page 68: Master Thesis - Yemi Adesida

67

Cost_TotCloud is the summation of the Cost of Server instance, Cost of Incoming and Out

Going Data, cost of User license per Year and the cost of Administration.

That is:

Cost_TotCld = ∑(Cost_ServInst, Cost_Data_In, Cost_Data_Out, Cost_User_Lic, and

Cost_Admin)

Where

Cost of Server Instance = No of Server instance * Cost per Server Instance

Cost of incoming Data (DataIn) = No of incoming Data (GB) * Cost per Unit of Data

Cost of outgoing Data (DataOut) = No of outgoing Data (GB) * Cost per Unit of Data

Cost Per User License (User_Lic) = No of User * Cost Per License

Cost of Administration = (N_Admin * Sal_Staff)

BUILDING THE PROTOTYPE

In this segment, the system architecture is transformed in to a visual prototype model.

Implementation of a prototype system is used to illustrate the feasibility and interrelationship

between the modeled cost components. The simulation approach system dynamics was chosen

as a preferred option because it can be used in identifying key decision factors, fey components

and their interrelationship in a visual way.

Page 69: Master Thesis - Yemi Adesida

68

Figure 13 - Simulation Model for Cloud Computing

Figure 14 - Simulation Model For Traditional In-House Infrastructure

Page 70: Master Thesis - Yemi Adesida

69

C H A P T E R S I X :

CASE STUDY ONE: COMPARATIVE ANALYSIS OF TRADITION EMAIL SERVER TO CLOUD EMAIL SERVICES

Intrinsic Designs – Economic Impact Of Migrating From On-Premises Exchange Server To

Google Drive.

This chapter contains detailed case study information of a comparative analysis of cloud

computing and traditional computing deployment in an organization. The chapter is based on

both qualitative and quantitative data gathering on the research work, provided by interviews

with the executives of the organization, and a limited access to the enterprise data. In the

following sections of this chapter, the background of the company, along side its product and

services, and number of staff, will be provided.

This company was selected because, it recently migrate from the traditional on-premises email

server to a fully hosted email services on the cloud. In order to compare the economic impact,

and therefore a comparative analysis of the traditional and cloud computing architecture, we

will be comparing the values and risks of both architectures side by side, in terms of:

Cost of set up

Technological flexibility

Lead time to setup

Management and Maintenance cost

Productivity ratio, and

Cost Savings and return on Investment.

After this, we summarize the difference between the two architectures both quantitatively and

qualitatively, and also draw on the facts to make conclusion and recommendations.

Page 71: Master Thesis - Yemi Adesida

70

Company Profile

Intrinsic Design is a company with strength and experience in the media industry, providing

creative services for brands, such as marketing and Public Relations management, Advertising,

and brand Management. InDesign was founded in 2001, as a marketing company, however, it

has fast embraced technology to offer creative services to help to brands in Nigeria increase

their market reach, manage their brand reputation across media through content creation and

management, and achieve better positioning using search engine optimization and

management.

Intrinsic, as a company in the creative industry, has a plethora of creative talents and less of

technology staff, provides services for over 50 large and medium scale companies within and

out of Nigeria, and majorly depend on technology for enabling business operations.

Services

Intrinsic prides itself as a think shop, and a hub for creative solutions. The services offered to

clients include: Digital and Social media marketing

Number Of Staff

Intrinsic Communication has a staff strength of over two hundred permanent staff, and over

one hundred freelance writers, photographers, web developers, etc., scattered across different

countries in West Africa.

Previous Technology

Intrinsic Communication previously depends majorly on collaboration with its staff, freelance

and clients. “Communication is of serious importance and it needed be fast” says the managing

Director. Before now, Intrinsic Comm deployed and managed an on-premise Microsoft

Enterprise Server 2003 for messaging and collaboration for over 5 years. The organization had

servers installed in its office complex, totally owned and managed by the company IT staff. The

architecture for the Enterprise solution is shown below.

Page 72: Master Thesis - Yemi Adesida

71

Pain Points

The company required a low-cost messaging and collaboration tool that provides ease of use,

friendly front-end, low-cost of maintenance and scaling, and support mobility. The previous

architecture however had its shortfall. Firstly, the previous architecture is limited to scaling. The

company had the option of upgrading to a more recent release of Exchange server, but the

initial investment was high due to purchase of new hardware and software licensing. Intrinsic

wanted a ‘scale-as-you-grow’ solution that kept the company spending controlled.

Another reason was mobility and collaboration. The company wanted staff and freelancer to

have the freedom of viewing their emails and collaborating with other staff on the go.

The next section of this chapter gives clear differentiation between the deployment of

Microsoft exchange and google apps for 300 users. Intrinsic employed the services of a

technical consultant from South Africa to consider their business requirement and proffer a

viable and cost-effective solution.

Solution - Migrating To Google Cloud

After considering the existing architecture and the business requirement of Intrinsic

Communications, The consulting company proposed a cloud based architecture for the new

messaging and collaboration framework, using Google Apps.

Economic Impact Of The Switch

In this section, I compared the cost of deployment of the on-premise Exchange Server, and the

migration to Google Apps by Intrinsic Communication. Based on the interviews with over 12

staff of Intrinsic Communications, and a broader survey data, I constructed a comparative

analysis for deploying a traditional and cloud computing framework for messaging and

collaboration. Using Intrinsic as a case study, I was able to determine the difference between

the two technology architecture with regards to;

Features

Acquisition Cost

Page 73: Master Thesis - Yemi Adesida

72

Setup Time

Administration

Difference in Performance (Uptime/Downtime)

Mobile Access, and

At the end of this section, intangible benefits for migrating to a cloud service will also be

discussed in details. In the next chapter, conclusions, as well as recommendations will be drawn

from the analysis done in this entire research.

Feature Comparison

Features Google Apps Exchange Server

Email Included Yes Yes

Email Storage 25 GB

Varies by

deployment

(100mb - 1 GB)

Calendar YES YES

Contacts YES YES

Tasks YES YES

Instant Messaging YES YES

Voice and Video Chat YES No

Productivity and Collaboration app YES No

Client Software Required

No (Web

Browser and

mobile) Yes

On-premises Hardware

No (Web

Browser and

mobile) Yes

Number of Users 150 150

Number of Administrators 1 3

Number of IT help desk 2 5

Page 74: Master Thesis - Yemi Adesida

73

Initial Investment/Scaling Cost

The key cost categories associated with the setup of a messaging and collaboration tool

implementation for Intrinsic Communication are:

Acquisition Cost: The acquisition cost is the cost of purchasing both the hardware and software

for the solution deployment. In the case of Exchange Server, Intrinsic had purchased servers,

server software, and client software access. Migrating to Google Apps, however require no

initial investment in acquiring hardware and software.

License Cost: Software license are one of the most expensive commodity to purchase when

setting up an enterprise system. The cost of deploying Ms Exchange cost Intrinsic Comm

$111/User, aside the license for client side software such as Microsoft office. On the other

hand, google Apps offers its services for a flat rate of $50 / User, and client side software are

not required, because emails can be views from any web browser.

Implementation

The cost of pilot and implementation included the cost to transition each user to the new

Google Apps environment. This included the fee for the professionals who executed the

migration, the cost of training users and the cost of initial pilot by some users.

Change Management

In addition to the cost of the licenses, Intrinsic Communication noted several additional cost

were incurred as a part of the migration away from the traditional on-premise environment to

Google Apps. The change management included the time and effort to educate and promote

adoption of Google apps among group of the users.

Page 75: Master Thesis - Yemi Adesida

74

IT Management

Number of Users

300 300

Hardware

Number of Servers

2 0

Servers Cost

9,512 0

Firewall and Security Cost

4,397 0

Three Year 24 x 7 support

8,796 0

Total

22707 0

Software

Server Software

7998 0

Client access License (150)

10,050 0

Software Maintenance for

150

15,750 0

Windows Server

14,796 0

Clients, 150

15,000 0

Total

63,597 0

Implementation

Number of Hours

440 40

Number of people

3 0

Total Fee

30,360 2788

Licensing

Acquisition cost/User

111 50

Software License, 150

16,650 7,500

Training

Page 76: Master Thesis - Yemi Adesida

75

Number of People

3 20

Helpdesk Training 3 3

Training Total

477 7050

IT Management /

Maintenance

Number of People

4 0

Salaries

14,250 0

Total

14,250 0

Lead Set Up Time

The lead time explain the total amount of time used in deploying the system, from the project

initiation phase to the moment the system goes live. This factor was very important to the

implementation of a new system for Intrinsic Communications. The implementation for

Microsoft Exchange took over 6 months end-to-end. Google Apps however provided a faster

0

20,000

40,000

60,000

80,000

100,000

120,000

MS Exchange

Google Apps

Page 77: Master Thesis - Yemi Adesida

76

and easy setup time since most of the requirement, engagement, and installation activities to

be perfomed during implementation has been eliminated completely.

Lead Setup time Microsoft Exchange Google Apps

Project Initiation 1 day 1 Day

Engagement and Requirement

Gatthering

15 days 3 Days

Procurement 7 Days 0 Days

Hardware Installation 4 Days 0 Days

Software Installation 7 Days 0 Days

Setup 1 Day 3 Days

Email Migration 3 Days 5 Days

Testing 3 Days 3 Days

Pilot Phase 20 Days 5 Days

Total 61 Days 20 Days

0

10

20

30

40

50

60

70

Setup Timeline

Ms Exchange Google Apps

Page 78: Master Thesis - Yemi Adesida

77

Setup And Config Cost Google Apps MS Exchange

Total Hours 40 440

Cost 2,760 30,360

Administration

The admin staff of Intrinsic Company were surveyed on how many hours per week they soend

on a variety of on-going administrative tasks. The table below summarizes the response to this

question.

Administration Cost (hours/week) Google Apps Ms Exchange

Adding/deleting Users 1.5 1

Managing User Password 1.5 1

Managing Distribution Lists 0.8 1

Managing Access control 1 0.5

Directory Management 1.8 0

Backup/Restore 4 0

Admin of remote clients 1 0

Admin of Wireless Clients 0.5 0

Admin of Archiving System 1 0

Recovery of Deleted Email 1 0

Admin of Policy/Rules 0 1.5

Admin of AV inc Patches/Update 2 0

Admin of AS inc Patches/Update 2.3 0

Admin of Other Security 1 0

End User Config Support 2.5 2.5

Installing & Config new SW Patches 1 0

Total for all tasks

Page 79: Master Thesis - Yemi Adesida

78

Administrative cost $5,382 $15,339

Administration Cost/User $36 $102

Google Apps administrators are spending an average of 8 hours a week on administrative tasks,

at an average cost of $36/user per year.

Microsoft administrators are spending an average of 22.8 hours a week administering Microsoft

Exchange Server, at an average cost of $102/user per year.

Uptime / Performance

With the previous exchange server, Intrinsic IT support staff was responsible for keeping the

company exchange server running to minimize downtime, and this largely depend on the ability

to resolve issues. Data backup and disaster recovery solutions require additional hardware

purchases and additional IT resources to setup and maintain. Intrinsic Communications

witnessed about 1.5 hrs of unplanned downtime when running on-premises Exchange server.

00.5

11.5

22.5

33.5

44.5

Administration Cost (hours/Secs)

Ms Exchange Google Apps

Page 80: Master Thesis - Yemi Adesida

79

Migrating to Google Apps provided 99.9% uptime service level agreement (SLA) for all Google

Apps products (Gmail. Google Docs, Google Talks, etc). It also provide better security in a better

data / information security. User data is stored securely in multiple, geographically-dispersed

data centers – so even if a server crashes or an entire data center goes offline, user can still

access their mails.

MS Xchange Google

Apps

Downtime / Month 90 mins 15 mins

Uptime 93.70% 99.90%

Productivity and Collaboration

On Microsoft Exchange Server, collaboration tools are not readily available. Intrinsic

Communication mostly subscribe to or purchase additional software like Microsoft Office, and

others which lacks the collaboration features provided in Google Apps. Also, getting instant

messaging, presence, and unified communication with voice needed to run on Microsoft Office

Communication Server which wasn’t available to Intrinsic Communication at that time.

90.00%

91.00%

92.00%

93.00%

94.00%

95.00%

96.00%

97.00%

98.00%

99.00%

100.00%

101.00%

MS Xchange Google Apps

Uptime

Page 81: Master Thesis - Yemi Adesida

80

With the increasing need for in-house teams and freelance staff to collaborate real-time,

Intrinsic Communications required a system that will increase team productivitiy and

productivity.

Google Apps, in addition to Gmail, and calendar, provided Intrinsic with Google Docs, Google

Talk and Google Video. Google Docs lets the staff of Intrinsic Communications collaborate by

sharing, and editing documents, spreadsheet, and presentation over the internet, using the

internet. With Google talk, staff and clients can have meetings from anywhere right from the

web browser, and share videos of products and presentations anytime.

Mobile Access

With the increase in mobile penetration, research shows that people, especially business

people have the tendency of spending more time with their mobile phones than a desktop or

laptop system. Intrinsic Communications noticed this trend among its staff and wanted a

solution that can extend messaging and collaboration to the mobile, accessible from anywhere.

The on-premises Microsoft Exchange supports push-based mobile access for email, calender,

contacts and other data on Exchange ActiveSync enabled devices only. But support for

Exchange Active Sync is built into Windows Mobile based devices and phones from

manufacturers including Apple, Palm, and Nokia. Support for blackberry devices requires the

integration with Blackberry Enterprise Server (BES) which push access to user data through the

native interfaces on this devices.

Google Apps provides a free application for unlimited access on all devices. Its support for IMAP

also allows integration with mail clients on many phones. Therefore, with Google Sync for

mobile, mobile access in not restricted to some staff of the company but every one using a java-

enabled or smartphone device. Google also provided web interfaces optimized for mobile

browsers for all its applications. The result for mobile access of Intrinsic Communication after

migrating to Google Apps is show in the figure below.

Page 82: Master Thesis - Yemi Adesida

81

Mobile user Number of

Users

MS

Xchange

Google

Apps

Android 98 0 100%

Apple 40 100% 100%

Blackberry 120 0 100%

Windows 20 100% 100%

Total Cost Of Ownership

To calculate the Total cost of ownership, I put together all the above categories of cost , as

shown.

The various cost components differs from Google Apps and Microsoft Exchange because Google

apps is Hosted on the cloud and Exchange is implemented on Premises.

Google Apps

The Cost incurred for implementing Google apps over the period of three years are:

User License per year for three years

Setup and Configuration Costs. As well as training cost in the first year.

Storage Costs, Administration and Downtime costs are incurred in all three years.

The total cost of deploying Google Apps at Intrinsic Communications was $227/user in year 1,

and $224/User in each follow-on year.

Microsoft Exchange Server

The cost generally incurred when installing on premises Exchange Server over the period of

three years include:

Acquisition costs in Year 1

Maintenance fee in each following year

Setup and Configuration, as well as training in the first Year.

Storage and Administration and Downtime cost in all three years

Page 83: Master Thesis - Yemi Adesida

82

Google Apps MS Exchange

Google Apps

MS Exchange

Google Apps

MS Exchange

Hardware 0 22707 0 0 0 0

Software 0 63,597 0 0 0 0

Acquisition Cost 7,500 15,650 7,500 15,650 7,500 15,650

Maintenance 0 6,022 0 6,022 0 6,022

Administration 5,382 10500 5,382 10500 5,382 10500

Setup and Config 2,760 10 0 0 0 0

Training Cost 477 7050 0 0 0 0

Total Cost 16119 125536.08 12882 32172 12882 32172

Total Cost Per User 107.46 836.9072 85.88 214.48 85.88 214.48

Benefits Summary

Messaging-specific benefits

End user impact

Improved efficiency within the messaging environment (email search, spam filtering,

message archiving, and message organization).

Improved time to resolution (new contact, existing contact).

Improved response time to customer or partner request.

0

100

200

300

400

500

600

700

800

900

Year 1 Year 2 Year 3

TCO for 3 Years

Google Apps MS Exchange

Page 84: Master Thesis - Yemi Adesida

83

IT impact

Reduced software cost.

Reduced infrastructure cost.

Reduced operations and administration cost.

Collaboration-specific benefits

End user impact

Faster document revision reconciliation.

Timely project tracking information.

Improved ability to quickly incorporate feedback.

Improved meeting efficiency.

Efficient companywide information distribution.

Efficient sharing and processing of feedback.

IT impact

Reduced software cost.

Reduced cost to set up internal sites.

The Big Differnce.

Using the traditional on-premises computing architecture has both its advantages and

disadvantages. Advantage been that, you have power over your data and security of your

enterprise information. However, the capacity and performance of traditional computing is

totally dependent on the deployment of the business.

The traditional computing architecture is rigid, difficult to scale, and distracts businesses away

from their core operations as a result of maintenance.

Page 85: Master Thesis - Yemi Adesida

84

However, using cloud computing helps businesses save lots of money. The system is

customizable to meet current business requirement, is flexible enough for expansion or scaling

when business requirements grow, and allows businesses focus totally on their major

operations while the cloud providers provide computing services to its clients.

Page 86: Master Thesis - Yemi Adesida

85

C H A P T E R S E V E N

CASE STUDY TWO: CLOUD-BASED MOBILE NFC PAYMENT (IPAY)

Review Of Past Literatures: A Survey Of Mobile Cloud Computing: Architecture,

Applications, And Approaches, By Hoang T. Dinh, Chonho Lee, Dusit Niyato, And Ping Wang

This chapter presents a survey of Mobile Cloud Computing, which will assist general readers to

have an overview of the Mobile Cloud Computing including the definition, architecture, and

applications. The issues, existing solutions and approaches are presented. In addition, the

future research directions of Mobile Cloud Computing are discussed. The paper presents a

comprehensive survey on mobile cloud computing providing a brief overview of MCC including

definition, architecture, and its advantages. It also presented several issues that arise in Mobile

payment via Cloud Computing and approaches to address the issues. Some of the open issues

discussed are outlined below.

A. Low Bandwidth

Although many researchers propose the optimal and efficient way of bandwidth allocation, the

bandwidth limitation is still a big concern because the number of mobile and cloud users is

dramatically increasing. We consider that 4G network and Femtocell are emerging as promising

technologies that overcome the limitation and bring a revolution in improving bandwidth.

B. Network Access Management

An efficient network access management not only improves link performance for mobile users

but also optimizes bandwidth usage. Cognitive radio can be expected as a solution to achieve

the wireless access management in mobile communication environment. Cognitive radio

increases the efficiency of the spectrum utilization significantly, by allowing unlicensed users to

access the spectrum allocated to the licensed users. When this technique is integrated into

Page 87: Master Thesis - Yemi Adesida

86

MCC, the spectrum can be utilized more efficiently, the spectrum scarcity can be solved and

thus millions of dollars for network providers can be saved. However, cognitive radio is defined

as wireless communication technology in which each node communicates via an optimal

wireless system based on recognition of radio resource availability in heterogeneous wireless

communication environment. Therefore, mobile users in MCC must be able to detect this radio

resource availability (through spectrum sensing) while ensuring that the traditional services will

not be interfered.

C. Quality of Service

In MCC, mobile users need to access to servers located in a cloud when requesting services and

resources in the cloud. However, the mobile users may face some problems such as congestion

due to the limitation of wireless bandwidths, network disconnection, and the signal attenuation

caused by mobile users’ mobility. They cause delays when users want to communicate with the

cloud, so QoS is reduced significantly. Two new research directions are CloneCloud and

Cloudlets that are expected to reduce the network delay.

D. Pricing

Using services in MCC involves with both mobile service provider (MSP) and cloud service

provider (CSP). However, MSPs and CSPs have different services management, customers

management, methods of payment and prices. Therefore, this will lead to many issues, i.e.,

how to set price, how the price will be divided among different entities, and how the customers

pay. For example, when a mobile user runs mobile gaming application on the cloud, this

involves the game service provider (providing a game license), mobile service provider

(accessing the data through base station), and cloud service provider (running game engine on

data center). The price paid by the game player has to be divided among these three entities

such that all of them are satisfied with the division. It is clear that the business model including

pricing and revenue sharing has to be carefully developed for MCC.

E. Standard Interface

Page 88: Master Thesis - Yemi Adesida

87

Interoperability becomes an important issue when mobile users need to interact and

communicate with the cloud. The current interface between mobile users and cloud are mostly

based on the web interfaces. However, using web interfaces may not be the best option. First,

web interface is not specifically designed for mobile devices. Therefore, web interface may

have more overhead. Also, compatibility among devices for web interface could be an issue.

F. Service Convergence

The development and competition of cloud service providers can lead to the fact that in the

near future these services will be differentiated according to the types, cost, availability and

quality. Moreover, in some cases, a single cloud is not enough to meet mobile user’s demands.

Therefore, the new scheme is needed in which the mobile users can utilize multiple cloud in a

unified fashion. In this case, the scheme should be able to automatically discover and compose

services for user. One of the potential solution of this issue is the sky computing, which will be

the next step of cloud computing. Sky computing is a computing model where resources from

multiple clouds providers are leveraged to create a large scale distributed infrastructure.

Similarly, the mobile sky computing, will enable providers to support a cross-cloud

communication and enable users to implement mobile services and applications. However, to

offer a service to mobile user in a unified way, the service integration (i.e., convergence) would

need to be explored.

A PROPOSED NFC PAYMENT (iPAY) APPLICATION by Pardis Pourghomi, Muhammad

Qasim Saeed, Gheorghita Ghinea(2013) (IJACSA) International Journal of Advanced Computer

Science and Applications, Vol. 4, No. 8, 2013

Near Field Communication (NFC) technology is based on a short range radio communication

channel which enables users to exchange data between devices. With NFC technology, mobile

services establish a contactless transaction system to make the payment methods easier for

people. Although NFC mobile services have great potential for growth, they have raised several

issues which have concerned the researches and prevented the adoption of this technology

within societies.

Page 89: Master Thesis - Yemi Adesida

88

Figure 15 - Secure Embedded Element

Reorganizing and describing what is required for the success of this technology have motivated

the researchers to extend the current NFC ecosystem models to accelerate the development of

this business area. In this paper, they introduce a new NFC payment application, which is based

on their previous “NFC Cloud Wallet” model to demonstrate a reliable structure of NFC

ecosystem. They also described the step by step execution of the proposed protocol in order to

carefully analyze the payment application and the main focus will be on Mobile Network

Operator (MNO) as the main player within the ecosystem.

Page 90: Master Thesis - Yemi Adesida

89

Figure 16 - Embedded secure element in sim card

The execution of the model is described in what follows:

1) Customer waves the NFC enabled phone on the POS terminal to make the payment

2) The payment application is downloaded into customer’s mobile phone SE.

3) The reader communicates with the cloud provider to check whether the customer has

enough credit or not.

4) Cloud provider transfers the required information to the reader.

5) Based on the information which was transferred to the reader, the reader either

authorizes the transaction or rejects customer’s request.

6) Reader communicates with the cloud to update customer’s balance - if customer’s

request was authorised, the amount of purchase will be withdrawn from his account

otherwise customer’s account will remain with the same balance.

Page 91: Master Thesis - Yemi Adesida

90

Proposed Model

The authors proposed an extension to previously proposed NFC Cloud Wallet model. Since

there are multiple options applicable to this model, they designed the model based on the

following assumptions:

SE is part of SIM

Cloud is part of MNO

MNO is managing SE/SIM

Banks, etc. are linked with MNO

These assumptions are appropriate regarding the NFC execution process and its ecosystem. As

mentioned in the previous Section, SE is in the format of UICC therefore SE is part of the SIM.

MNO manages the cloud infrastructure and it is the only party that has full access and

permission to manage confidential data which are stored in the cloud. As MNO is the owner of

the cloud, it fully manages the SIM in terms of monitoring the GSM network and controlling

cloud’s data. From the financial institution’s point of view, they only deal with MNO as MNO is

the single party that has full control over the SIM as well as the cloud.

The Proposed Protocol

This proposal is based on cloud architecture where the cloud is being managed by the Mobile

Network Operator MNO. The cloud and the banking sector are the subsystems of MNO, in

addition to the existing subsystems of an MNO. Assumption is made that the communication is

secure between various subsystems of the MNO. The shop POS terminal, registered with one or

more MNO, shares an MNO specific secret key Kp with the corresponding MNO. This key is

issued once a shop is registered with the MNO. The bank detail of the shopkeeper is also

registered with the MNO for monetary transactions. The communication between the shop POS

terminal and the mobile device is wireless using NFC technology. The mobile device has a valid

SIM. We used the existing feature of GSM network for mutual authentication. We tailored their

model according to our requirement in our proposed architecture.

Page 92: Master Thesis - Yemi Adesida

91

The proposed protocol executes in three different phases: Authentication, Keys generation and

Transaction. The protocol initiates when the customer places his cell phone for the payment

after agreeing to the total price displayed on the shop POS terminal. The details of these phases

are described in what follows:

Phase 1. Authentication

Step 1: As soon as the user places his mobile device, NFC link between the mobile device and

the shop POS terminal is established. The shop POS terminal sends an ID Request message to

the mobile device.

Step 2-3: The mobile device sends TMSI, LAI as its ID. On receipt of the information from the

mobile device, the shop POS terminal determines the user's mobile network. The network code

is available in LAI in the form of Mobile Country Code (MCC) and Mobile Network Code (MNC).

An MNC is used in combination with MCC (also known as a ‘MCC/MNC tuple’) to uniquely

identify a mobile phone operator/carrier.

Step 4-5: The shop POS terminal sends TMSI, LAI, and Shop ID to respective MNO for customer

authentication and shop identification.

Step 5.1: In case of incorrect TMSI, a declined message is sent.

Step 6: In case of correct identification, the MNO generates one set of authentication triplet (R,

S, Kc) and sends R to mobile device through shop POS terminal.

Step 7-8: SIM computes Kc from R as explained in previous Section. SIM generates a random

number Rs and concatenates with R, encrypts with key Kc and sends it to the MNO through

shop POS terminal.

Step 9-10: The MNO checks the validity of the SIM (or mobile device). It receives EKc(R||Rs)

from the mobile device and decrypts the message by Kc, the key it already has in authentication

Page 93: Master Thesis - Yemi Adesida

92

triplet. The MNO compares R in the authentication triplet with the R in the response. In case

they do not match, a ‘Stop’ message is sent to the mobile device and the protocol execution is

stopped. If both R are same, then the mobile is authenticated for a valid SIM. In this case, the

MNO swaps R and Rs, encrypts with Kc and sends it to mobile device.

Step 11-12: This step authenticates the MNO to the mobile device. The mobile device receives

the response EKc (Rs||R) and decrypts it with the key Kc already computed in Step 7. The

mobile device compares both R and Rs. If both are same, then the MNO is authenticated and a

‘successful authentication’ message is sent to the MNO.

C. Phase 2. Key Generation and PIN Verification

Step 13-14: Kp is a shared secret between the MNO and the shop POS terminal. Kc is the shared

secret between the MNO and the customer's mobile device (computed in step 7). There is no

shared secret between the POS terminal and the mobile device till this stage. MNO and mobile

device compute one-way hash function of Kc to generate Kc1, the key that will be used for MAC

calculation. The MNO computes Kc2 from Kc1 using one-way hash function and sends it to shop

POS terminal by encrypting it with Kp. Mobile device also computes Kc2 as it already has Kc1 .

Kc2 is the encryption key between MNO, shop POS terminal and the customer's mobile device.

Page 94: Master Thesis - Yemi Adesida

93

Figure 17 - The Proposed Protocol

Page 95: Master Thesis - Yemi Adesida

94

Step 15-17: The shop POS terminal sends the Total Price (TP) and the Receipt Number

encrypted with Kc2. The user's mobile device decrypts the information and displays to the user.

If he agrees, he enters the PIN. The PIN is an additional layer of security and adds trust between

the user and the shopkeeper. A PIN binds a user with his mobile device, so the shopkeeper is to

believe that the user is the legitimate owner of the mobile device. Moreover, the user feels

more secure as no one else can use his mobile device for transaction without his consent. PIN is

stored in a secure location in the SIM. The SIM compares both PINs and if both are same, the

user is authenticated as the legitimate user of the mobile device. Otherwise, the protocol is

stopped.

D. Phase 3. Transaction

Step 18: The customer's cell phone generates two messages, PI and TRM, such that;

PI= Receipt No, Total Price, Time Stamp (TSU), TRM=PI, Rs, Transaction Counter

Step 19: TSU represents the exact time and date the transaction has been committed by the

user. TC is a counter that is incremented after each transaction and is used to prevent replay

attack. PI is encrypted with Kc2 so that it can be verified by the shop POS terminal. The user

encrypts the TRM with Kc so that it cannot be modified by the shop terminal. The user

computes MAC with Kc1 over the TRM using Encrypt-then-MAC approach for integrity

protection.

Step 20-21: The POS terminal can decrypt only the PI encrypted with by Kc2 to check its

correctness. The POS terminal does not need to verify the MAC (and it cannot do so), as it

already knows the main contents of PI. The Shop POS terminal also verifies the TSU to be in a

defined time window. If PI is correct, the POS terminal relays the encrypted TRM with

corresponding MAC along with the TSU to the MNO.

Step 22: On receipt of the message, the MNO checks the integrity of the message by verifying

the MAC with Kc1. If the MAC is invalid, the transaction execution is stopped. In case of a valid

Page 96: Master Thesis - Yemi Adesida

95

MAC, the MNO decrypts the message. The MNO compares the Rs in the TRM with the Rs

received earlier in the authentication phase. A correct match confirms that the user is the same

who was earlier authenticated. It also verifies the TC and TSU. In case of successful verification,

the MNO communicates with the concerned subsections for monetary transaction. The

concerned subsections of the MNO checks the credit limitations of the user, and if satisfied,

executes the transaction. Once the transaction is executed, the MNO generates Transaction

Information (TI) message as:

TI = Transaction Serial Number, Amount, TSTr

Step 23-25: The MNO encrypts TI with Kc2, digitally signs the message and sends it to the shop

POS terminal. The POS terminal verifies the signature. A valid signature indicates correct TI. The

POS also verifies the TI for the amount mentioned in the TI. In case of successful verification,

the POS terminal appends the message it received from the MNO with the Shopping Details

(SD) and corresponding digital signature.

Step 26: The user verifies both signatures. It verifies the contents of TI and SD.

iPAY: EPAYMENT SYSTEMS DATABASE – TRENDS AND ANALYSIS – ELECTRONIC

PAYMENT SYSTEMS OBSERVATORY (EPSO) MARCH 2002 by Gérard Carat. Institute for

Prospective Technological Studies, Directorate General Joint Research Centre, European Commission

This study analyses the evolution of Internet-based payment solutions offered to consumers in

Europe. It is based on the observation of 100 electronic payment schemes taken from the e-

Payment Systems Inventory, which is one of the deliverables of the electronic Payment Systems

Observatory (ePSO) project.

The main topics monitored by the report are:

the role of non-banks within the payment systems providers;

the positioning of telecommunications operators against banks;

Page 97: Master Thesis - Yemi Adesida

96

the main trends of payment solutions according to their level of deployment;

the increasing importance of mobile networks and virtual wallets as payment platforms;

the comparison between e-purses and pre-paid dedicated accounts;

the reaction of banks with respect to virtual wallets;

the main platforms that allow micro-payments;

how credit cards remain the main Internet payment instrument;

the emerging alternatives to credit cards for cross-border payments;

the role played by consumer costs in the failure of a payment system.

MODELLING, DESIGN, AND ANALYSIS OF SECURE MOBILE PAYMENT SYSTEMS

By Supakorn Kungpisdan Faculty of Information Technology, Monash University(2005)

Mobile payment allows users to perform payment transactions through their mobile devices.

However, it brings up many emerging issues regarding security and performance of mobile

payment systems that can be classified into at least two main problems. The first problem

comes from the limitations of wireless environments that are primarily from mobile devices

which have limited system resources and from wireless networks which have high connection

cost, low bandwidth, and low reliability. In particular, a mobile user may not be able to

efficiently perform highly secure transactions, which require high computational cryptographic

operations, over the wireless network with the above characteristics. The second problem is

the lack of sufficient security of existing mobile payment systems, mainly due to improper

protocol design and the deployment of lightweight cryptographic operations which lead to the

lack of important transaction security properties. Such problems have motivated the research

conducted in this paper.

The main purpose of this paper is to propose methods to enable practical and secure mobile

payment. The results obtained from it may serve as a basis for protocol designers and system

implementers to design and implement secure mobile payment systems and to analyze their

Page 98: Master Thesis - Yemi Adesida

97

existing mobile payment systems. The research conducted here focuses on three different

levels of reasoning and securing mobile payment: formal model, framework, and protocol.

A formal model for a practical and secure mobile payment system was proposed. In this model,

the interactions among engaging parties and properties to be satisfied by the system including

goals and requirements for payment transactions, transaction security properties, and trust

relationships among parties is formalized. The proposed model can be seen as a guideline for

designing and implementing practical and secure mobile payment frameworks and protocols

for both account-based and token-based payment.

At the framework level, the problems of existing mobile payment frameworks was investigated.

Then a framework that not only overcomes the limitations of wireless environments, but also

solves the problems of the existing frameworks was introduced. Particularly, a traditional fixed-

network payment protocol is well operated in this framework, even more efficiently if a

payment protocol specifically designed for wireless environments is applied. In addition, we

show that the proposed framework can be captured by the proposed formal model.

At the protocol level, a lightweight, yet secure cryptographic technique was proposed. This

technique not only reduces the computation at engaging parties, especially at mobile users, but

also satisfies the transaction security properties including the trust relationships among

engaging parties stated in the proposed formal model. Two account-based mobile payment

protocols which deploy the proposed technique was also introduced. We develop a prototype

of one of the proposed protocols to demonstrate its practicability as a real world application.

The results from the implementation show that the implemented protocol itself operates well

in wireless environments, yet has better transaction performance if the proposed mobile

payment framework is applied to it. They also demonstrated that both of the proposed

protocols have better transaction performance than existing protocols.

Page 99: Master Thesis - Yemi Adesida

98

To show that the proposed framework and protocols satisfy the formal model, they developed

a formal logic for analyzing them and successfully prove that they satisfy the goals and

requirements for payment transactions and the transaction security properties, stated in the

formal model. Combining with the analysis results, it can be concluded that either a payment

system based on the proposed framework deploying an existing payment protocol or a

payment system based on the proposed protocol operating on an existing framework is

considered as a practical and secure mobile payment system because it satisfies all the required

properties stated in the model. In addition, they show that the proposed logic is general in that

it is able to analyze any kinds of electronic commerce protocols including mobile payment

protocols.

To enhance the security of the proposed protocols, they introduced a limited-use key

generation technique which eliminates the need of long-term shared key distribution among

engaging parties prior to each transaction. And then applied the proposed key generation

technique to the proposed protocols and discuss its potential applications to other kinds of

Internet applications.

Finally, to emphasize the generality of the mobile payment model, they propose a (token-

based) micropayment protocol for wireless environments that satisfies the proposed model.

The protocol deploys the proposed lightweight cryptographic technique to enhance its

transaction security. The proposed protocol is prepaid-based, yet extensible to postpaid-based

micropayment. This results in a general framework for wireless micropayment. The authors

then demonstrated that their micropayment protocol is more secure and has better transaction

performance compared to existing micropayment protocols.

A ROBUST CLIENT VERIFICATION IN CLOUD ENABLED M-COMMERCE USING

GAINING PROTOCOL by Chitra Kiran N., Dr. G. Narendra Kumar, IJCSI International Journal

of Computer Science Issues, Vol. 8, Issue 6, No 2, November 2011

Page 100: Master Thesis - Yemi Adesida

99

The proposed system highlights a novel approach of exclusive verification process using gain

protocol for ensuring security among both the parties (client-service provider) in m-commerce

application with cloud enabled service. The proposed system in this paper is based on the

potential to verify the clients with trusted hand held device depending on the set of frequent

events and actions to be carried out. The framework of the proposed work is design after

collecting a real time data sets from an android enabled hand set, which when subjected to gain

protocol, will result in detection of malicious behavior of illegal clients in the network.

The Proposed System

The proposed system assumed the attacker or intruder which has an access to the confidential

physical information to the trusted hand held device which the user normally use for mobile

banking or performing very confidential transaction. In the current 3G enabled cell phone,

normally all the phone comes with an inbuilt application of Facebook, Twitter, or some other

application like mCheck of Airtel. Therefore, the intruder might also be interested in other

alternative resource which is connected with the trusted hand held device like accessing the

account details from phone book or message archives etc. Not only this, the presence of a type

of malicious applications could also pose a huge threat towards the device and the premium

services associated with the device. Example of such attack could be cloning attack where the

malicious program will attempt to send information on the victim trusted handheld device to

the colluding user available in the network and then slowly poison the network sending certain

information of services which by default is supposed to create an event after it. Such types of

lethal threat can be prevented by considering the message packets being digitally signed by the

subscriber identity module card which will be most difficult to be duplicated. The consistent

malicious programs on the mobile phones will able to have more lethal effect as the complete

control structure will be robustly created by the attacker for which every event performed from

the device can be monitored by the intruder. It also raises possibility of duplication of the

action performed by the genuine user by the fraudulent user. Not only this various availability

of spy softwares will increase the threat exponentially.

Page 101: Master Thesis - Yemi Adesida

100

The proposed solution against such types of issues is highlighted in this paper as a system

knowledge acquiring algorithm. The proposed system initially acquires knowledge from a

client’s system from their previous actions.

Figure 18 - Proposed Architecture

In order to design a robust verification assessment in real-time scenario, the proposed system

uses a gaining protocol which assess the client system and their recent actions performed in

previous history of transactions or any other activities over the device and then it yields a gain

value identifying the probability that the genuine client is utilizing the trusted hand held device.

The gain value is considered to design a verification decision which characteristically uses a

threshold factor in order to choose whether to accept or to decline the genuine user. Not only

this, the threshold factor can also deflect from diverse application, which is dependent on if the

system is responsive to optimal security measure. The gain value could also be considered for a

dual aspect gauge to supplement conventional secret word based authentication system, which

we use currently.

The actions of the genuine client are characterized by the client system framework. An

immature framework can be discussed where it can be considered about the liberty among the

various diversified sections of user actions. Representing alternatively, it can also be considered

Knowledge

Acquiring protocol

Gaining Algorithm Client Framework

Gain value

Previous Actions Current Actions

Page 102: Master Thesis - Yemi Adesida

101

that the client’s trusted hand held device is free from their location, usage of the service, as

well as any other activities. The framework assumed the client’s actions performed is

completely dependent on the instant of the time in day as well as week, probably can be month

too. To cite an example, it can be said that one client might use both incoming as well as

outgoing calls very frequent in morning but might not work out in outgoing calls in afternoon.

He might get only frequent calls in afternoon. Let F1, F2,…., Fk represents independent arbitrary

feature variable. Let us assume F1 is time elapsed since the previous good calls, F2 is inter

arrival time between bad calls, F3 represents location coordinates etc. The good call represents

the incoming or outgoing calls done from the genuine user phone book and bad calls represents

any incoming or outgoing calls which are not listed in the memory of the phone or a SIM card.

The client’s framework is a multiplication of R probability function trained on the variable T as

instance of time.

Therefore client’s framework is,

[P(F1/T),P(F2/T),. . . P(FR/T]

The knowledge acquiring protocol fundamentally computes such functions structuring client’s

model.

THE GAINING PROTOCOL

With a facilitated client’s framework and previously known set of actions of the client, the

gaining protocol yields a gain value representing the probability that the trusted handheld

device is under the control of genuine user. This can also be described as gaining independent

charecteristics. The gaining function is developed in a very secure and robust way under the

independent characteristic framework. The client current actions can be represented as tuple

(T, F1, F2, .., FR) where current time is shown as T and F1, F2, ….FR represents the values of

variables (F1, . . . , FR) at instant of time t. The significant perception for this logic is to evaluate

a discreet gain for each feature and then utilize it a function in order to gather such distinctive

gain values into a final evaluation. Fundamentally, we will have R gaining functions represented

as G

Page 103: Master Thesis - Yemi Adesida

102

G1(f1)=1-H(f1|T=t) (1)

The gain function for the client position might be allocated to a position visited at a specific

time of day a gain which is inversely proportional to the Euclidean distance to the nearest

position group which is connected with that specific instant of the day. A client who specifically

is at “office” group during office hours and at a “resident” group at night can receive the

maximum gain for being positioned at an expected group at the expected time. Position near

expected group would receive incomplete credit which reduces to “0” as the distance to the

group increments.

The next phase will be knowledge acquiring with gaining protocol. With the facilitated

distinctive gain values for the R different characteristics, the system calls f(G1(f1), . . GR(vR)) to

evaluate the final value of gain. Citing an example, let us say that each gain Gi(f1) (1<i<R) is the

feasibility of the fi, which means Gi(fi)=Pr[Vi=vi] as in equation (1). Exactly after this step, a

common process to combine the gain values is to estimate the combined feasibility of (f1, . . ,

fR). The final gain value will be the multiplication of these feasibilities: f(g1, . . , gR)=g1.g2.. . gR.

Or else alternative feasible structure for function is a weighted addition: f(g1, . . , gR):=

w1.g1+w2.g2+ . . .+wR.gR. The weights w1, . . , wR has to be estimated through a potential

training procedure. In order to acquire knowledge using gaining protocol, we need to consider

that the system gather set of actions from the individual clients. This collection of information

will be categorized into evaluation set and training set. The training set will comprise of utility

as positive samples in the training procedure.

The system in hybrid method generates attack information for training process. In specific, the

system will deploy wedging procedure for creating negative samples. That will mean if a client P

and client Q come into view in the proximity of each other at instant of time t, than the system

wedge the information for P before t and the information for Q after time t. The proposed

framework represents a hybrid process of initiating an attack model where Q picks up or

intrude P’s trusted hand held device and initiates using it maliciously. In practicality, Q could be

any associated relation or may be completely outsider (stranger). Training the weights w1, . . ,

wR can be represented as a issue of minimization which will mean that if the system fixes the

Page 104: Master Thesis - Yemi Adesida

103

rate of false negative e.g. it can be said that a genuine legal client is declined the permission of

access and has to feed the password frequently in day. Therefore the proposed system aims at

minimize the rate of false positive which is failure to identify an attack and the time till the

detection in the presence of an attack.

Related Applications

In this section we describe the most popular and recent cloud-based mobile payments which

have been developed by well-known companies.

A. Google Wallet

One of the major companies which operates the concept of mobile wallet is Google. They

named this service as "Google Wallet" (Google, 2013; Ronald et al., 2013). The communication

between the mobile phone and the POS is carried out through NFC technology that transmits

the payment details to merchant's POS. Customer credentials are not stored in the mobile

phone; rather, they are stored online. Google Wallet takes the form of an application stored on

the customer's mobile phone. The customer will have an account with Google Wallet which

includes the relevant registered credit/debit cards. Accordingly, the Google Wallet device has a

chip /SE which stores encrypted payment card information. Linked credit or debit card

credentials are not stored on the SE; rather, the virtual prepaid credit/debit card which is

created during the setup is stored on the SE. The transaction then operates through the virtual

prepaid credit/debit card that transfers funds from the Google Wallet into the merchant's POS

when the customer taps his phone on the POS.

B. MasterPass

"MasterPass" (Mastercard, 2013; Bodhani, 2013) is a service which has been developed by

MasterCard as an extended version of PayPass Wallet Services (NFC World, 2013) and provides

a digital wallet service for secure and convenient online shopping. In MasterPass, delivery

information and transaction data are stored in a central and secure location. The latest

MasterPass provides the following services (NFC World, 2013):

Page 105: Master Thesis - Yemi Adesida

104

MasterPass checkout services: This service enables the vendor’s payment acceptance in

a consistent way irrespective of the client’s location. This means vendors have the

ability to accept a payment without having to know where the client is. For instance,

when the client is in store, he can use this service since it supports NFC, Quick Response

(QR) codes, tags, and mobile devices to pay for products at a vendor’s POS. Thus, in

online shopping scenarios, the client can use this service to pay for a product without

having to enter the card and delivery details every time he intends to make a purchase.

MasterPass-connected wallets: Vendors, financial institutions, and partners are able to

provide their own wallets using this service. The client’s card information, address

books, etc. can be saved in a secure cloud provided by a party they trust. Thus, clients

can use other credit and debit cards in addition to their MasterCard’s cards.

MasterPass value added services: The purpose of this service is to improve the client’s

shopping experience before, during and after checkout. Value added services include

account balances, offers, loyalty programs, and real-time alerts.

Page 106: Master Thesis - Yemi Adesida

105

C H A P T E R E I G H T

CONCLUSION AND RECOMENDATION

In this thesis, I described the evolution of computing from the 1970s, to the 21st century, and

the introduction of cloud computing. I made some explanation on the traditional ways of

computing, and also pointed out the challenges of this old ways. I described to a considerable

extent, the concept of cloud computing, and explained its characteristics, and advantages over

the traditional computing architecture. I also did a quick survey on the adoption of cloud

computing in Nigeria, what motivated people to abandon the traditional computing frame

work, and what the limiting factor is for those who are yet to migrate.

I also presented a comparative case study of enterprise messaging and collaboration Migration

from the traditional on-premises Microsoft Exchange Server, to the cloud based Google Apps by

Intrinsic Communication. Insights from the different in cost incurred and benefits gained in this

switch served as a factor for quantitatively and qualitatively comparing the two computing

architecture.

Results

In this section I give a brief summary of the findings of the comparative study of traditional

computing and cloud computing technologies. I also give conclusions about the result of the

findings.

A. Comparative Study Of Traditional And Cloud Computing

In this research, I have been able to identify what changes and cost can be expected in shifting

from traditional computing to cloud computing. From the benefits of cloud computing to the

interviews, it is obvious that there could be gains in performance, cost reduction and increased

productivity with the use of cloud computing.

Page 107: Master Thesis - Yemi Adesida

106

I was able to describe the factors to consider and most activities involved when migrating from

the traditional mail service to the cloud service. From this, we see that businesses using cloud

computing will be positioned to perform faster, be more flexible and have a lower IT

management cost compare to the businesses running the traditional IT architecture. Cost

calculations made in the case study indeed also showed financial benefits. Actual flexibility and

higher performance were not measured with these interviews. From the literature we can say,

that flexibility and performance increase compared with traditional IT. This is because cloud

computing allocates services to where it is needed, so whenever a client request more

processing power, the cloud assigns this to him.

When an organisation wants to expand, there are no difficulties to add additional services. The

cloud provider just reallocates the new services. In this way the provider is able to provide

certain performance and flexibility. The lower costs are realized because of the Pay-As-You-Go

system. You pay what you use. So in peak usage a user pays more, and in low usage times, the

user pays less. Expanding your organisation does not require large investments, just a request

for more services from the cloud provider. Besides the flexibility and performance, the cloud

also provides easy back-ups stored at remote locations. So whenever something goes horrible

wrong with the data in an organisation there is easy access to back-ups.

The risks are nonetheless also important, even though the benefits outweigh them. The most

important measure for handling the risks is the Service Level Agreement. This is an agreement

the user has with the provider. It states all the ins and outs about the cloud and must be

accepted by both parties. With the SLA you as a customer of cloud computing can be sure of

not being exposed to the risks you don’t want to (if acceptable and viable).

The use of cloud computing is growing as for example Rackspace has shown. They get more and

more users, and as it is currently growing cloud computing might be the new future. It is

Page 108: Master Thesis - Yemi Adesida

107

inevitable that this technology will grow further and therefore will be improved. This might

even result in even better risk handling in the coming years.

B. Cloud_Based Mobile NFC Payments (iPay)

The second part of this thesis focuses on case study of Mobile Payments. This paper contributes

to the mobile payment literature by empirically evaluating the business potential ns operation

of NFC-based mobile payments as a widespread alternative to existing proximity payment

options within 3 years. The evaluation has been based on a modified version of the RealWin-

Worth framework which, through a series of in-depth questions, helped assess whether the

introduction of NFC-based mobile payments would imply a sufficient amount of long-term

revenue to justify the initial investment in the payment instrument.

The expectation is that smartphones will become ubiquitous due to the increased functionality

and, as a result, a demand for NFC-based mobile payments will emerge. So in the long run it is

more than likely that we will see the more contactless mobile devices.

it is clear that the field of NFC-based mobile payments research is still emerging, and as a result

more research needs to be conducted to advance an understanding of how new payment

instruments impact

Going forward it will interesting to research another area as regards to how banking and

customer loyalty is perceived. Although not conclusive in the data material there are signs that

financial institutions should be more concerned with how customers wish to conduct their

personal business in the future. A number of the largest companies in the world have pursuing

mobile technologies and platforms. In addition, they have the financial strength to function as

financial institutions. This could open up for the possibility that future customers do not place

their savings account and current account in their local bank, but store their money with

Google, Apple or Facebook.

Page 109: Master Thesis - Yemi Adesida

108

REFERENCES

Armbrust, M., Fox, A., Griffith, R., Joseph, A., Katz, R., Konwinski, A., Lee, G., Patterson, D.,

Rabkin, A., Stoica, A., and Zaharia, M. (2009). Above the clouds: A berkeley view of cloud

computing. UC Berkeley Reliable Adaptive distributed systems Laboratory.

Armbrust, M., Fox, A., Griffith, R., Joseph, A., Katz, R., Konwinski, A., Lee, G., Patterson, D.,

Rabkin, A., Stoica, A., and Zaharia, M.l(2010). A view of cloud computing. Communications of

the ACM, 50-58

Brian Arthur, W., (1989) Competing Technologies, Increasing Returns, and Lock-In by Historical

Events. The Economic Journal. 116-131.

Brodkin, J. (2008) Gartner: Seven cloud-computing security risks. Networkworld. Available at:

http://folk.ntnu.no/oztarman/tdt60/cloud%20computing/3%20Cloud_Computing_Security_Ris

k.pdf [Visited 06-04-2011]

Bryan Cruickshank, et al, (2011) The Cloud, Changing the business ecosystem. Availabe at

www.kpmg.com/in

Buyva, R., Murshed, M. (2003) GridSim: A Toolkit for the Modeling and Simulation of

Distributed Resource Management and Scheduling for Grid Computing. Concurrency and

computation: Practice and experience. 14(13-15)1175-1220.

Buyya (2009), Cloud computing and emerging IT platforms: Vision, hype, and reality for

delivering computing as the 5th utility. Future Generation Computer Systems. 25(6) 599-616.

Buyya, R., Vecchiola, C., Pandey, S. (2009). Cloudbus Toolkit for Market-Oriented Cloud

Computing. Lecture Notes in Computer Science. 5931, 24-44.

Catteddu, D. and Hogben, G. (2009). Cloud Computing: benefits, risks and recommendations for

information security. Communications in Computer and Information Science. 72(1, 17).

Page 110: Master Thesis - Yemi Adesida

109

Cloud Computing – Demystifying SaaS, PaaS and IaaS by Cloudtweaks. Available at:

http://www.cloudtweaks.com/2010/05/cloud-computing-demystifying-saas-paas-and-iaas/

[Visited 05-04-2011]

Foster, I., Yong Zhao, Raicu, I, Lu, S. (2008) Cloud Computing and Grid Computing 360-degree

compared. Grid Computing Environments Workshop.

FrontPage Image. Available at: http://usareonline.blogspot.com/2010/11/in-cloud-computing-

anche-il-prossimo.html [Visited 10-04-2011]

Google docs. Available at: http://www.google.com/google-d-s/intl/nl/documents/ [ Visited 01-

04-2011]

Grossman, R.L. (2009) The case for cloud computing. IT Proffesional. 11(2), 23-27

Hayes, B. Cloud computing. Communications of the ACM, 52(7), 9-11.

Jensen, M., Schwenk, J., Gruschka, N., Iacono, L.L. (2006) On Technical Security Issues in

Cloud Computing. IEEE International Conference on Cloud Computing. 109-116.

Khajeh-Hosseini, A., Sommerville, I., Sriram, I. (2010) Research Challenges for Enterprise Cloud

Computing. 1st ACM Symposium on Cloud Computing.

Knorr, E. (2010) What cloud computing really means. Available at:

http://www.infoworld.com.d.cloud-computing/what-cloud-computing-really-means-031

[Visited 03-04-2011]

Kunze, M., Wang, L., Laszewski, G., Younge, A., He, X., Tao, J. and Fu, C. (2008) Cloud

computing: a Perspective study. New Generation Computing, 28(2), 137-146.

Lacity, M. C., & Hirschheim, R. A. (1993). Information Systems Outsourcing: Myths, Metaphors

and Realities (p. xiv, 273). Wiley.

Mather, T. Kumaswamy, S. Latif, S. (2009) Cloud Security and Privacy: An Enterprise Perspective

on Risks and Compliance. O’ Reilly media.

Page 111: Master Thesis - Yemi Adesida

110

McIntosh, M., Austel, P. (2005) XML signature element wrapping attacks and countermeasures.

Proceedings of the 2005 workshop on Secure web services.20-27.

Mell, P., Grance, T., (2009). The Nist Definition of Cloud Computing. Recommendations of the

National Institute of Standards and Technology. NIST special publication, 2011 National Institute

of standards and technology. 145(6).

Pearson, S. (2009). Taking Account of Privacy when Designing Cloud Computing. Software

Engineering Challenges of Cloud Computing, 2009. CLOUD '09. 44-52.

Pietsaszek, T., Vanden Berghe, C. (2006) Defending Against Injection Attacks Through. Context-

Sensitive String Evaluation. Recent Advances in Intrusion Detection. Lecture Notes in Computer

Science, 3858/2006, 124-145.

Rogers, Everett M. (1962). Diffusion of Innovations. Glencoe: Free Press.

RTTS (2011) Performance Testing in the Cloud. Available at:

http://www.rttsweb.com/services/implementation/performance/packages/ [Visited: 10-05-

2011]


Recommended