Monday , December 9 2019
Home / Research Papers / IT/Technology / Smartphones and Personal Cloud Computing Security Awareness

Smartphones and Personal Cloud Computing Security Awareness

Abstract

The digital world is very leisurely moving towards personal cloud computing and will enable dynamic resource sharing in support of on-demand computing that is fast, while maintaining massive digital resources. The benefits of personal cloud computing are acknowledged and generally accepted, for example resource sharing of networks, data storage, applications, and servers. Conversely, information security, including access control and authorization is understandably needed to maintain a stable computing environment. Successfully controlling access to private information is truly the most critical of all personal cloud support issues. Moreover, cloud computing using mobile technology is a relatively new concept that many organizations have adopted to decrease costs and increase productivity (Mell & Grance, 2011). According to the 2010/2011 Computer Crime and Security Survey, conducted by the Computer Security Institute, 51 percent of businesses surveyed are currently using cloud based computing platforms for mobile applications (Richardson, 2011). There are many concerns with cloud based technology that have not been fully researched, for example cloud based security solutions (Ko, Kirchber, and &, 2011). The purpose of this investigation is to identify critical data issues in personal cloud computing with a focus on the correlation with the mounting usage of Smartphones in the public domain.

Contents

  • Abstract
  • Section 1: Foundation of the Study
    • Background of the Problem
    • Problem Statement
    • Purpose Statement
    • Nature of the Study
    • Research Question
    • Hypotheses
    • Theoretical Framework
    • Definition of Terms
    • Assumptions, Limitations, and Delimitations
    • Assumptions
    • Limitations
    • Delimitations
    • Revealing the Cloud
    • The Cloud Computing Architecture
    • Cloud Computing and Principles of Security
    • Transition and Summary
  • Section 2: The Project
    • Purpose Statement
    • Baseline Questions
    • Role of the Researcher
    • Participants
    • Research Method and Design
    • Method
    • Research Design
    • Population and Sampling
    • Data Collection
    • Instruments
    • Data Collection Technique
    • Data Organization Techniques
    • Data Analysis Technique
    • Reliability and Validity
    • Reliability
    • Validity
    • Transition and Summary

Section 1: Foundation of the Study

As an emerging technology, personal cloud computing is increasingly making a significant impact in the industry (Alberts, 1996). Information Technology (IT) experts view personal cloud computing as an advantageous technology that supports cutting costs while boosting productivity in the workplace (GTSI, 2008). Corresponding to the National Institute of Standards and Technology (NIST), cloud computing is expressed as, “A model for enabling convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction”. To illustrate, this is the very reason that Microsoft, Amazon, Google, and Apple perceived cloud computing as an autonomous technology that helps their businesses meet their day-to-day missions in the workplace (Winkler et. al, 1996; Miller, 2008).

Smartphone resources on the cloud are perceived as empowering technologies that deliver resources to the cloud (GTSI, 2008). The rationale of this study is to evaluate and distinguish key challenges for safeguarding consumer confidence in the cloud environment due to expanding Smartphone use. The motivation is to present a brief description and account of the challenges facing the personal cloud computing evolution, e.g. Smartphones and data security. The research further investigates the advantages and disadvantages of personal cloud computing. This can be significant for the telecommunication providers.

Background of the Problem

John Sloan (2012) a lead analyst for Info-Tech Research Group (www.infotech.com) claimed a term was frequently used as “post-PC era.”  Over the years, he said, “We’ve been taught to think ‘personal computing’ is something that’s done on a PC that provided processing and storage. Over the last 15 years or so, however, the trend has been to move programs and data off the PC, whether it is critical applications made Web-accessible or files stored on the network.”  He went on to state, “To the average executive or SME, what does ‘cloud’ mean?  Two words ‘not here’, Sloan said “What was exclusively physical and local is now abstracted and somewhere else. If personal computing is not here, if personal computing is less and less happening on a personal computer, then where is it located? Enter the personal cloud”.

Currently, the most visible and immediate sign there was a move toward the personal cloud can be summed in the rise of “BYOD” or bring your own device. Organizations established policies and processes to deal with BYOD as the first step in a progression toward the personal cloud. Although PCs have historically been the go-to device for users, alternative devices combined with new cloud series are changing the equation. Figure 1 illustrates the history of cloud technologies.

Smartphones and Personal Cloud Computing Security Awareness

Figure 1. Evolution of Cloud Computing Technology.

Though the PC is still useful, it was becoming just one of many equally significant devices for many people. Each device had a role, for which it was well suited, and the cloud was increasingly taking on the role of being the central focal point for the user’s digital life, the one place they can always go to for anything they called for. What has changed is that Smartphones (and tablets) have made personal technology more of a mass movement. Another noteworthy concern was the tension between individuals looking to explore and exploit these tools and their legitimate concerns over security, access, and productivity – i.e. personal choice versus control. Smartphones, tablets, and other apparatuses have significantly influenced users’ digital lives and cloud computing. Steve Kleynhans (2012), the Gartner Research (www.gartner.com) vice-president of mobile and client computing says “the glue that will connect these devices for users will be emerging cloud services that will essentially form a user’s personal cloud”.

Gartner Research generated a fair amount of attention in their mid-March 2012 report that stated, “The reign of the personal computer as the sole corporate access device is coming to a close and by 2014, and the personal cloud will replace the personal computer at the center of users’ digital lives.” While this new era of the personal cloud will provide users more flexibility with investigation analysis, the device they use daily, and let them take advantage of those devices’ strengths, Gartner stated, it will also “require enterprises to fundamentally rethink how they deliver applications and services to users.”

The personal cloud was creating a new era of personal computing spanning professional and private uses. What exactly is a “personal cloud” and how will it affect everyone?  This examination of the academic literature assesses these questions and more. The Journal of Computing and Information Technology, a peer reviewed academic journal, in March of 2011 published an article titled A Review on Cloud Computing: Design Challenges in Architecture and Security by Hu, Qiu, Li, Grant, Tylor, McCaleb, Butler, & Hamner from the universities of Alabama and Kentucky. Hu et al. (2011). It reviewed the progress of cloud computing and noted several challenges and potential issues with personal cloud computing.

It is important to note that the personal cloud was not contending with public or private clouds. Each user has their own personal cloud that is amassed from various cloud services – both public and private – tailored to their own unique digital needs. Ultimately, a personal cloud is where a person connects with others, seeks entertainment and information, performs research, or conducts business. Every person has a variety of websites, online accounts, social media networks, and online stores that they associate with every day. In essence, it is a pool of services that shape their “special cloud”.

In this new world of cloud computing, companies assume the role of another personal cloud service provider that delivers a unique set of products and services that must be incorporated, or at a minimum, not conflict with the rest of the individual’s digital services. Stakeholders may in fact find themselves contending with public services a user may opt for.

Problem Statement

Personal cloud computing is growing immensely and sensitive data is distributed throughout the cloud. Increased smartphone usage is the largest contributor to increased cloud distribution of sensitive data.The problem is that society can be impacted when crime, ethics, or possibly civil liberties are engaged with this cloud data. Nothing requires service providers to safeguard the sensitive data stored amongst the cloud. Anytime, anyplace, anywhere a predicament is happening because sensitive data is placed on the cloud using a smartphone. What is the correlation between smartphones and security awareness of cloud computing?

Perhaps the largest use of cloud computing is SaaS. Revenues total $12.3 billion in 2011, according to a Gartner report (2012). The research company expects that figure to rise spectacularly in the coming years. Gartner reported that SaaS revenues should reach $14.5 billion in 2012 and continue to gather speed, reaching $22.1 billion in 2015. Gartner claimed North America, and particularly the United States showed the most opportunity for SaaS growth; the U.S. market alone hit $8.8 billion in 2011 and was expected to reach $9.1 billion in 2012. “Increasing familiarity with the SaaS model, continued oversight on IT budgets, the growth of PaaS developer communities and interest in cloud computing are now driving adoption forward,” stated Sharon Metz, Gartner research director (2012).

Presently, personal cloud computing is a concept for the future. It is something that is sprouting  into something extraordinary. Though initial personal cloud versions exist, collaboration between various services is inadequate and moving between services and devices is insufficient and awkward. The future anticipation, however, is retrieving any resource on any device anywhere. According to Kleynhans (2012), “We have a long way to go, and we may take a few detours along the way. Indeed, there are major questions about security and privacy that must be addressed, but eventually we will get closer to the goal.”

Purpose Statement

The purpose of this quantitative study will be to better comprehend the norms and meanings of the personal cloud storing sensitive data. Data collected from a survey (Appendix B) will be recorded, transcribed, and evaluated. In addition, the transcribed data will be loaded and analyzed in SPSS to explore the issues, understand the phenomenon, and answer the research questions. The scope of the study will be adult end-users from across the United States and operate a Smartphone. Data from the study may influence social change by uncovering knowledge used to build a bigger, better, and more secure personal cloud. Hence enhancing the work–life balance and user satisfaction for the Smartphone user.

Nature of the Study

While cloud computing has been identified as a fast growing technology, there are considerable advantages as well as a bright future for both users and the cloud-serving organization. However, it will be grounded upon which cloud service is better for the processes in support of the consumer’s sensitive data.

Before someone puts all their digital information into the cloud they may want to ensure that the cloud is safe and secure. To ensure that cloud computing is available for the next generation of Internet commerce, the implementation of best security practices ought to be in place and enforced adequately to protect the stakeholder from unauthorized users and to ensure that only the appropriate information is available to the appropriate users. Security safeguards must provide sufficient controls and must be able to identify threats to the participant’s resources (Nissenbaum, 2005).

The importance of the study will be to assist in analyzing concerns regarding the adoption of personal cloud computing. The important features that will have a potential to influence the investigation will be cost, productivity, resources, and security. These will be evaluated based upon the digital environment as well as their relationship to cloud computing adoption.

To illustrate the implication for additional research on cloud computing one can simply examine the interesting phenomenon:  Smartphones are becoming an important factor in consumer spending. According to research from the media company Local Corporation, North American (corporate.local.com) consumers are increasingly using their mobile devices to research products and make purchases. The report indicated consumers still rely on laptops and desktop PCs for most product research. The respondents were increasingly relying on Smartphones and tablets and that the trend was growing. To illustrate, 31% said they plan to research more via smartphone, and 41% plan to research more via tablet, over the next year.  This is in comparison to 42% more for laptops and PCs. Additionally, 20% reported buying more directly from their Smartphones.

Research Question

The central question for this doctoral study is entails should enterprises evaluate a user’s yearning for access to personal cloud services they covet against security, access, and productivity concerns? The intention of the quantitative study is to examine perceptions of Smartphone users toward personal cloud computing security.  Of special interest to the study is the rising use of Smartphones, the enlarging of the personal cloud, and how they safeguard sensitive data.

To obtain an understanding of the relationship between end-user perceptions and adoption of cloud technology appropriate research questions are designed to address what casual factors are present. The following research questions considered for this study include as follows:

  • RQ1: How secure do smartphone users think the personal cloud really is?
  • RQ2: Does a preferred smartphone provide a greater awareness of sensitive data on the cloud?

The compulsion for this current study is the magnitude of technology limiting security coverage; improving processes and core efficiencies; and the current legislation that is mandating cloud organizations that handle personal information.

Hypotheses

The researcher will also include the user’s perspective to address the dilemma, questions; and investigative or measurement questions as deemed necessary.

  • Ho1: Smartphone users are not acquainted with personal cloud security.
  • Ha1: Smartphone users are acquainted with personal cloud security.
  • Ho2: There is no connection between sensitive data on the personal cloud and Smartphone use.
  • Ha2: There is a connection between sensitive data on the personal cloud and Smartphone use.

The independent variable for this current study is smartphone user awareness of personal cloud computing security. The dependent variable for this current study is perceived ease of use, perceived usefulness, control, and attitudes toward smartphone technology.

Theoretical Framework

According to Creswell (2006),quantitative research is a research design with deep-thinking assumptions, on top of methods of inquiry. As the selected methodology, it will provide the philosophical assumptions that will steer the course of the collection and analysis of data. As a research method, it focuses on collecting, analyzing, and examining quantitative data into a single study or series of studies. Its central proposition is that the use of quantitative provides a better perception of research dilemmas than a mixed-methods or qualitative approach. Using this definition as a guide will more closely inspect major elements of this delineation.

Quantitative data encompasses closed-ended information such as that found on attitude, behavior, or performance instruments. Occasionally, quantitative information is unearthed in documents such as census records or attendance records. The analysis consists of statistically analyzing scores collected from instruments, checklists, or public documents to answer research questions or to test research hypotheses.

On the contrary, qualitative data comprises of open-ended information that the researcher gathers by way of interviews with participants. In short, open-ended questions asked during these interviews allow the partakers to furnish answers in their own words. Additionally, qualitative data may be collected by examining participants or sites of research, gathering documents from a private (e.g., diary) or public (e.g., meetings minutes) source, or collecting audiovisual materials such as videotapes or artifacts. The open-ended versus closed-ended nature of the data differentiates between the two types better than the sources of the data (Creswell, 2006). In conclusion, a mixed methods research methodology involves amassing and scrutinizing quantitative and qualitative data.

The limitations are apparent to the researcher trying to implement a quantitative study in order to attain a more thorough analysis of the data. However, if the undertaking is going to be conducted as a formal research project (Creswell, 2006), sources of information will be as follows:  Adult business professionals and users of Smartphones.

The sequence of data collection prescribed below:

  • Develop an understanding of research methods
  • Examine preliminary considerations
    • Identify a broad or worldwide stance
    • Review the basics of quantitative research
    • Identify a research problem
    • Determine whether it fits a quantitative methods approach;
  • Locate published quantitative methods studies and review how they are organized
  • Choose a type of quantitative methods design to use
  • Design a statement of the problem for the quantitative methods study
  • Collect data within a quantitative methods design
  • Analyze and validate the data within a quantitative methods design
  • Write and evaluate the study within a quantitative methods design
  • Anticipate quantitative methods questions
  • Contribute to the quantitative methods literature

An exploratory research design was selected in an effort to explain a profound comprehension of the research topic and to obtain in-depth facts about the research object. All elements of research paper, comprising theory, empirical findings, and analysis will be assimilated in a logical and consistent manner and structured in order to address and assess the central research questions appropriately (Hair et al, 2007).

Definition of Terms

App: a software application designed to run on smartphones, tablet computers and other Smartphones. They are available through application distribution platforms, which are typically operated by the owner of the mobile operating system, such as the Apple App Store, Google Play, Windows Phone Store and BlackBerry App World.

Smartphone: a small, hand-held computing device, typically having a display screen with touch input and/or a miniature keyboard and weighing less than 2 pounds (0.91 kg). Apple, HTC, Samsung, LG, Research in Motion (RIM) and Motorola are just a few examples of the many manufacturers that produce these types of devices.

Personal Cloud Computing: the use of computing resources (hardware and software) that are delivered as a service over a network (typically the Internet). The name comes from the use of a cloud-shaped symbol as an abstraction for the complex infrastructure it contains in system diagrams.

Trusted Cloud Initiative: a program of the Cloud Security Alliance industry group created to help cloud service providers develop industry-recommended, secure and interoperable identity, access and compliance management configurations and practices.

Digital divide: providers who have unequal access to digital technology.

Network Integration: integrating network of players is relationship-based, evolving to meet others’ expectations.

Stakeholder management: involvement of external stakeholders in internal processes that insures the right decisions are taken and leveraged throughout the entire process.

Assumptions, Limitations, and Delimitations

Assumtions

The limitations of the research were based on cost and resources such as computing safeguards, protection of proprietary information, and the amount of time available to conduct the study. The presumption for this study is researcher will receive honest and complete responses from the survey participants.Several key points were recognized as items of interest under the assumptions and limitations of the study and identified as:

  • A personal cloud is made up of the various online services that a user accesses from their various devices (smartphone, table, PC, etc.).
  • The personal cloud is replacing the PC as a user’s personal computing hub.
  • Stakeholder’s must weigh Smartphone usage and their desire for access to services they want against data security, access, and productivity concerns.

Limitations

Kiriplani et al. (2007) stated that quantitative research may not be appropriate due to a wide variability in research design, populations, type of interventions, and outcomes related to quantitative studies. Therefore, while there may be benefits of obtaining hard data, qualitative measures can also be beneficial for a study of this nature as it can help delineate the personal thoughts, feelings, and perceptions of users and how they impact their decision making in cloud adoption.

Delimitations

The boundary for this current study is the cloud industry as a whole, with Smartphone users as the focal point of this current study. Despite use of personal cloud technology by different professionals such as students, business people, and managers, the study will be more effective in scope by using adults with access to a Smartphone because their workload and decisions relating to information technology have a significant impact in overall information management and delivery.

Revealing the Cloud

Apple and Google are positioning to cultivate their predictions and strategy on cloud based media. The stakes are very high. Digital delivery of electronic resources, for example their music and video industry, was on the increase for these key companies. The problem is that few in society comprehended what “the cloud” implies.  All the same, these digital giants understood that the victor will procure the biggest piece when portioning the profit pie. Forrester Research (2011) reported that $12 billion was spent in the U.S. market for personal cloud services. It was forecasted to serve 196 million end-users. While most people were unknowingly using cloud computing, they were very apprehension over privacy, ethics, and security. A recent Ipsos (2011) report stated that nearly 40% of Americans felt that saving data to their hard drive is more secure and private than saving to cloud environment.

The Cloud Computing Architecture

Smartphones and Personal Cloud Computing Security Awareness

Companies like Yahoo, Microsoft, and Google have realized the benefits of this technology and proven that the technology is safe but with it risks. Cloud computing technology has played a great deal in the reduction of cost for both the system users and the website owners.This has made it possible for the user to access it from any point and still get the data they need while the site owner only needs to buy space in the server. More importantly, cloud computing allows automatic updates; the server gets the updates and applies it to anybody using the service without the user having to go to all the trouble of updating (Dhillon, 2007).

This technology has proven to be flexible and mobile. The user can work from anywhere in the world and only a computer is needed with Internet connection. Cloud computing eradicates the issues of continuous downloading therefore saving time and the hard drive space since all a user needs is log in access to a network. People using this technology find it easy sharing resources thus saving time and money. Itwas achieved by placing their resources on a single network location that is easy for the them to access. Significant benefits realized are securing of data and minimized loss of business files (Dhillon, 2007). With all the benefits mentioned, there are still many security concerns that need to be addressed.

Cloud computing providers must ensure that the infrastructure in use for the provision of cloud computing to the client and their data is secured and well protected. It is the responsibility of the customer to ensure that before transmitting sensitive and confidential information over the network, the provider has taken each and every security measure to guarantee the safety of their information.

Cloud Computing and Principles of Security

There are fundamental principles of security that cloud computing needs, in order to make guarantees to its users. These are: confidentiality, integrity, availability, authenticity, and information security and users privacy. Cloud computing technology users need to be assured of confidentiality when using the system. Confidentiality involves assuring the customer that there information will not be disclosed with or without their authority. This is important even to the companies that use cloud computing and transact their business online and it could involve the use of credit cards. This security principle needs to be considered since business and organizations will lose their customers if not assured of the security of their personal information (Dhillon, 2007).

The cloud computing technology has achieved in dealing with data integrity. Companies like Amazon and Google who use this form of technology have managed to withstand Internet attacks from hackers who try to gain access to information being transmitted over the network.

With the usage of cloud computing services to store information, the customers are in full exposure to potential violation of their privacy. There have been cases where, Yahoo and Google mail users have been exposed to these attacks and their personal privacy violated. The possession of user’s confidential information is only entrusted to the cloud service providers, and any hacker access to this information could affect the relation between the cloud computing service providers and its users (Dhillon, 2007). In cases or situations involving the use of wireless cloud computing, the customer safety risk is high and considered to increase.

Transition and Summary

The robust implementation of cloud computing models has benefitted many organizations and individuals in a myriad of ways. However, the security threats and risks that exist in the Internet platform have compromised data privacy, availability and confidentiality.There are various ways of mitigating these problems in the cloud platform. Users need to stay away from the cloud confusion. Data encryption and the generation of digital signatures can help in ensuring security for data in transit. These processes entail the provision of a secret access key to both the sender and the recipient on the data files. Other methods of ensuring security include the use of VPNs, MPLS, and spam filtering solutions.

Apple, Amazon, and Google have provided many security features for the cloud environment. Unfortunately, people remain unswerving. In their mind, there is no concern over lost information or privacy of the data. Conversely, industry experts point out the risk is mitigated by having copies or backups available to the user. Saving data on personal devices is exposed to theft, loss, or physical damage to the device.

The important social issue associated with this current study involves the improvement and increasing efficiency in personal cloud computing in relation to Smartphones and security. Rather than performing a qualitative study, it is beneficial to generate the hard data related with quantitative studies that could assist future scholars and practitioners in the field overcome these obstacles and eliminate these barriers in an efficient and effective manner. In summation of this section, the scope of this current study will focus on Smart phone users and their acceptance personal cloud computing.

Section 2: The Project

The core definition of a native mobile app is one developed to operate on a specific device platform – such as Android, Blackberry, iOS, or Windows Phone. Each platform has its own version of the cloud. Companies creating native apps must adapt the code to each platform on which they wish the app to run. As there continues to be a concerted effort to implement personal cloud computing into Smartphones, there are also challenges to address. The scope of this project is to develop a fundamental and theoretical understanding as to how Smartphone perceptions, attitudes, and behavior attitudes affect implementation and adoption of personal cloud computing.

Smartphone security is a primary concern for everyone, and mobile apps and sites are no exception. Initially, native apps were considered more secure (or at least, easier to secure) because they were not deeply integrated with the Internet. However, many require Internet access to provide optimal functionality. As a result,Smartphone security is a bigger issue than your choice of mobile solution.

Furthermore, says Graham (2008),if you prevent an app from accessing the Internet cloud, you could create an even bigger security problem. “If a native app – or the user – is storing data on the device, that’s a security risk. Businesses need to think about the security of the data and the flow of the data – the connections.”

Purpose Statement

End-user partaking is critical for adoption of emergent technologies, such as personal cloud computing. An ongoing study is necessary to address the problems associated with adoption and understanding the nuances of personal cloud computing security and smartphones.

That mobile phones have taken hold throughout the world is nothing new, but it might surprise some to learn the extent to which access to mobile phones and mobile communications has spread among both the developed and developing world. According to the World Bank and infoDev (2012), the total number of mobile subscriptions worldwide had not even reached 1 billion in 2000 but has now passed 6 billion. The report makes a distinction between the number of subscriptions and the number of people using subscriptions, identifying an upward trend in individual users having multiple subscriptions. As the use of Smartphone increases, They expect personal cloud adoption to continue to increase at a steady rate. “The future is definitely going to be in clouds of some kind,” Wolf says. “In the foreseeable future, there will be internal infrastructure but that internal infrastructure will be more cloud-like.

Baseline Questions

  1. How has personal cloud computing affected the Smartphone industry?
  2. What is the relationship between personal cloud computing and the type of Smartphone utilized?
  3. Can a Trusted Cloud Initiative reference architecture support a personal cloud computing model?

Role of the Researcher

The role of the researcher for this current study is to identify the intended population and conduct a quantitative study by administering a survey (Appendix A). The researcher’s role is to ensure that the administered survey is free from bias, does not contain conflicting statements or ambiguous questions, and is clear and concise. After administering the survey, the researcher will collect and analyze the results to ensure the testing validity by verifying that all questions were answered accurately. The researcher will confirm the survey was not altered or manipulated in any way to ensure that the testing was valid. From there, the data collected will be inputted into a statistical software program, such as SPSS, wherein the output will be analyzed and discussed in detail in presentation of the results another section.

Participants

A random sample, their acceptance and use of mobile technology, together with their personal cloud computing experience will be the focus of this current study. It is from this review that additional insight can be gained as to why there is an apparent disconnect between the implicated parties. As there are numerous entities and probable sampling populations within U.S. population, it would be beneficial to keep the study as narrow as possible as the population is relatively small and the results from having a small sample size could have an adverse effect on the end results of the study (Kripalni et al., 2007).

Research Method and Design

Method

Hopkins (2000) described quantitative study as the basis that will determine the relationship between one element (an independent variable) and another (a dependent or outcome variable) in a population.  Quantitative research designs are either descriptive (subjects usually measured once) or experimental (subjects measured before and after a treatment).  A descriptive study establishes only associations between variables.  An experiment establishes causality. This study includes a quantitative method approach and sampling.  The study will be tailored towards adults who use a Smartphone and the relationship that may exist with personal cloud computing.

            To explain a profound comprehension of the research topic and to obtain in-depth facts about the research object an exploratory research design is the logical option. All elements of a research paper, comprising theory, empirical findings, and analysis are in a logical and consistent manner and structured in order to address and assess the central research questions appropriately (Hair et al, 2007).

A quantitative method will be used for this current study. In determining user acceptance, use of the independent variables in this study will help determine any correlation to the dependent variable and explain user behavior (Davis et al., 1989). According to Corner (2002), quantitative studies should build knowledge, formulate hypotheses, develop measures, pick analytical technique and plan data collection. The hard data collected will be used in conjunction with the technology acceptance model in order to determine what impacts cloud adoption. Use of statistical analysis will be performed via SPSS software to determine correlations. Multiple regression will be used on each variable. T-tests will be performed on the independent variables. Campbell and Stanley (1963) noted that in use of a quantitative statistics, if a high correlation occurs, the hypothesis is strengthened. If the results of the analysis conclude that there is no statistical significance, then the hypothesis will be rejected.

Research Design

In order to address the baseline questions, further review of literature and review of previous quantitative studies relating to this matter will be useful for the construct portion of the survey. A correlational design method will be used for this study to measure and determine the relationship between use of Smartphones and personal cloud computing. Implementation of a survey to measure results including a 5-point Likert scale is meaningful in assessing the survey responses and coding the responses accurately.

Approximately 50 participants will participate in the survey. The variables use of Smartphones and personal cloud computing will consist of several interrelated questions concerning the perception of data security. Using null and alternative hypothesis, the resulting questions will be input into the SPSS statistical software and the output will be generated by multivariate analysis. In order to address accuracy for the quantitative analysis, the study must be conducted with an understanding of its threats to validity and factors that could create respondent bias. Such potential bias should be explored and understood by additional literature review for other quantitative studies, as well as develop an understanding of other similar instrumentation used for related studies.

Population and Sampling

The population will consist of adult Smartphone users from across the United States. Such a random selection will represent a true experiment of the intended doctoral study. Smart phone users were selected for this study based on their attitudes andperception of securing the personal cloud.

Data Collection

Instruments

A survey instrument will be used for this current study. The questions used in the survey will be specific to Smartphones and personal cloud computing. The questions related to each variable will be provided on the survey, with the respondents answering the questions on a 5-point Likert Scale, which would have variances of how the respondents will strongly agree to strongly disagree.

Data Collection Technique

This study will employ a validated and reliable survey with the help of the Internet as the medium of communication conduit for distributing the required survey questions.  Quantitative data collection methods will be utilized to support the technology cynics, which will provide the basis for the framework for collecting the data.  The survey will be distributed through the Internet. It should be noted, that in an era with more advanced data collection via internet boards such as Survey Monkey, the results of user acceptance could be biased. The bias and threats of validity would stem from users who are likely technologically advanced, and thus may have more ease responding and submitting their response via Internet.

Data Organization Techniques

The SPSS statistical software program will be used to assist in the organization of the data collected after the survey has been administered. The data results and the responses of the respondents will be safely stored in a secure area in order to protect the identity of the respondents for confidentiality purposes. In reporting the results, the identity and location of the respondents will not be revealed for confidentiality purposes.

Data Analysis Technique

Data analysis of descriptive statistics will be performed using T-tests. Descriptive statistics is beneficial in this current study as it can outline specific areas where there could be gaps strategic planning. Descriptive statistics can further be used to assess differences and impact of implementation and usage. The responses obtained from the survey will be coded via a Likert-scale ranging with numerical coding for the five choices for each question generated. The data will be input into SPSS software. Multiple regression analysis will be performed to produce results for further interpretation, analysis, and presentation.

Reliability and Validity

Reliability

As surveys will be used for to obtain the data prior to performing the quantitative analysis, the researcher should avoid lack of clarity in the survey instruments. Furthermore, the research questions should be able to communicate uniformly in meaning and substance (Wikam, 2005). Echambadi, Campbell, and Agarwal (2006) stated “causation can be determined after 1.) concomitant variation between the variables of interest, 2.) evidence of clear temporal ordering of the variables, and 3.) when all other spurious influences are controlled.”  Issues to address concerning their study: data derived from a single state and generalizations to a specific locale will be reviewed with caution; survey data are based on the respondents’ desire to reply accurately; failure to detect bias could occur with high response rates.

Validity

There are several areas of concerns and threats to validity to be aware of while conducting this current study. Threats to validity could arise from internal threats and external threats. Such internal threats include selection and instrumentation. Furthermore, there must be care in analyzing the data. Echambadi et al. (2006) stated that poor construct measurement and potential bias could cause Type I or Type II errors. Therefore, understanding causation must be determined after careful review of all data and measures such as variation and Cronbach’s alpha.

Transition and Summary

Unexpected costs related to personal cloud computing deployments can crop up due to hidden costs, human error, acquiring management tools, security and performance tracking, many other reasons. A focus of this examination will be on the association between end-users, Smartphones, and personal cloud computing. In information systems research, the technology acceptance model is a widely used and accepted theoretical model to address the variables perceived use and perceived ease of use. Based on review of other literature relating to personal cloud computing, the theory of planned behavior provides a balance of sorts to help answer some of the questions that the other may not. It is from this dual theoretical model framework that the constructs of the variables and hypotheses were created.

Questions that are significant to the variables perceived ease of use, perceived use, attitudes toward personal cloud computing, and perceived behavioral control will be administered to a random population of end-users to determine its impact towards the dependent variable user acceptance. It is from this current study, that multiple regression and analysis can be performed to determine if the hypotheses discussed in Section 1 are statistically significant. It is from these results that the data will be analyzed in the Section 3, presentation of the results, that will provide additional contribution to this area of study, as well as provide an opportunity towards positive social change in the cloud community, its practitioners, and researchers in addressing the challenges brought by data security and privacy concerns.

References
  • Alberts, D., (1996).  The unintended consequences of information age technologies. National Defense University:  NDU Press Book.
  • Campbell, D. T. & Stanley, J. C. (1963). Experimental and Quasi-Experimental Designs for Research. Chicago: Rand McNally.
  • Graham, D. T. (2008). Negotiating Contracts That Will Keep Our Cloud Afloat. You’re going to put that in a Cloud? Retrieved June 5, 2011 from: http://itm.iit.edu/netsecure11/DanielGraham_CloudPresentation.pdf
  • Creswell, J. W. & Plano Clark, V. L. (2007).  Designing and conducting mixed methods research.  Sage Publications, Inc. Thousand Oaks, CA 91320
  • Creswell, J. W. (2003).  Research design:  Qualitative, quantitative, and mixed methods
  • approaches (2nd Ed.).  Thousand Oaks, CA: Sage.
  • Davis, F.D., Bagozzi, R.P. & Warshaw, P.R. (1989). User Acceptance of Computer Technology: A Comparison of Two TheoreticalModels.Management Science (35:8), 1989, pp. 982-1002.
  • Echambadi, R., Sarkar, M.B., &Agarwal, R. (2006). Entry timing and firm survival:
  • The moderating effects of firm size and pace of technological change. University of CentralFlorida.
  • Dhillon, G. (2007). Principles of Information Systems Security: Text and Cases. New York: John Wiley & Sons Publishers.
  • Hair, J., Bush, R., & Ortinau, D. (2007). Marketing research within a changing environment. (Edition 3). New York: McGraw-Hill/Irwin.Kent, R.
  • Gartner Research Group. (2012).Gartner: the personal cloud will replace the PC by 2014. Retrieved from http://blog.spoken.com/2012/03/gartner-personal-cloud-will-replace-pc-2014.html
  • GTSI. (2008).  DISA race implementation – private infrastructure cloud for DoD. Retrieved from http://www.gtsi.com/eblast/vendors/TLS/presentations/2009/cloud/Henderson_RACE.pdf
  • Hu, F. Qui, M. Li, J. Grant, T. Tylor, D. McCaleb, S. Butler, L. & Hamner, R. (2011) A review on cloud computing: Design challenges in architecture and security.Journal of Computing and Information Technology DOI: 10.2498 Retrieved from http://web.ebscohost.com.library.capella.edu/ehost/pdfviewer/pdfviewer?sid=bca1e932-9a7d-426a-9a67-e191fc8e8a0e%40sessionmgr115&vid=2&hid=113
  • Info-Tech Research Group. (2012). Retrieved from http://www.infotech.com/about/analysts/john-sloan
  • Ko, R., Kirchberg, M., & Lee, B. (2011). From system-centric to data-centric logging – accountability, trust & security in cloud computing. Hewlett-Packard Laboratories
  • Singapore, Service Platform Lab, Cloud & Security Lab (2012). Retrieved from website: http://www.hpl.hp.com/people/ryan_ko/RKo-DSR2011-Data_Centric_Logging.pdf
  • Mell, P. & Grance, T. (2011).  The NIST definition of cloud computing.  Computer Security,Special Publication (800-145 Draft), p 2-3.  Retrieved from http://www.nist.gov/itl/csd/cloud-020111.cfm
  • Richardson, R. (2011). 2010/2011 CSI Computer Crime and Security Survey. Computer Security InstituteNational Institute of Standards and Technology (NIST, 2009).  Cloud computing.  InformationTechnology Laboratory.  Retrieved from http://csrc.nist.gov/groups/SNS/cloud-computing/index.html
  • Winkler, J., O’Shea, C., & Stokrp, M. (1996).  “Information warfare & dynamic information defense”, Command and Control Symposium, Naval Postgraduate School, Monterey, CA.

Appendix A

RESEARCH PARTICIPANT CONSENT FORM

Title:An Examination of Smartphones and Developing a Personal Cloud Computing Model Using a Trusted Cloud Initiative Reference Architecture

Investigator’s name:Dr. David Teneyuca, CISSP

School:Colorado Technical University

Department:School of Business and Technology (SOBT)

Purpose of Research:  The purpose of this quantitative study will be to understand the norms and meanings of the personal cloud replacing the personal computer as a user’s personal cloud computing hub..

Duration of Participation:The anticipated timeline for this study will be 3 months.

Risks to the Individual:There is a minimal risk to this project.  You have the right to withdraw your participation in this research without further notice.

Benefits to the Individual or Others:  Personal cloud computing will help businesses and consumers reduce costs while increasing productivity in the workplace.  Cloud computing will change the way people do business and share personal information in industry.

Compensation:No financial reward will be granted for your voluntary participation.

Extra Costs to Participate:  The participants will incur no financial costs for contributing to this investigation.

Injury or Illness:Colorado Technical University will not be held accountable for any medical expenses or monetary rewards should you incur a loss due to participation in this investigation.  This disclaimer does not relinquish permissible privileges nor shall it discharge whichever asserts in my possession regardless of any wrong doing.

Confidentiality:  Legal measures will be enforced to preserve each participant’s individual rights.  Any information provided will be secure for at least a period of twelve months.  Colorado Technical University Institutional Review Board (IRB) or any other intended body deemed lawful to this procedure will guarantee all participants’ rights are preserved.

Voluntary Nature of Participation:  Participants have the rights to terminate their attendance in this project should they believe their voluntary participation has been violated.

Contact Information:  Any questions or concerns associated with this project must be directed to Dr. David Teneyuca at (210) 392-6993 or via email:  [email protected]

Please address any complaint that you may have regarding your participation in this project to

Colorado Technical University Research Protection Office

Telephone: 1-888-123-3456

Please also note that your identity or any miscellaneous concerns that you may have will handle appropriately.

I hereby acknowledge your informed consent and I further state that I have the privilege to review your disclaimer as stated herein. By undersigning to this statement I vow my full participation and compliance to your research project.

__________________________________             __________________________

Participant’s Signature                                                                         Date

__________________________________

Participant’s Name (Print)

_________________________________                __________________________

Researcher’s Signature                                                                        Date

Appendix B

Personal Cloud Computing and Smart Phone Survey Questions

Gender:  Male _________                              Female _________

Age Group: 18-25 years __    26-34 years __   35-44 years __               over 45 years __

Do you use a Smart Phone?   Yes __              No __

If yes, is the operating system

___ iOS

___ Windows Phone 7

___ Android

___ BlackBerry OS

___ Other

___ I don’t know

Do you use a Personal Cloud with your Smart Phone?  Yes __                    No __

If no, the primary reason I do not use personal cloud computing on my Smart Phone is

___ I don’t see a need to use it.

___ I fear a compromise of my personal information

___ I don’t understand how the personal cloud functions

How familiar are you with personal cloud computing?

___ Very familiar; I understand the details.

___ Somewhat familiar; I have a general idea of what it is about.

___ Familiar; I understand the basics.

___ No familiar at all: I understand nothing about the personal cloud.

Which of these challenges do you believe can be most helpful in overcoming your personal cloud confidence?

___ Improved network utilization and efficiency.

___ Automated more provisioning and management.

___ Improved security.

___ Reduced cost.

___ Get more visibility into applications that are using the personal cloud.

Which personal cloud provider(s) are you using, planning to use, or has used in the past? (Check all that apply)

AmazonGoogle Cloud
VerizonAmazon Cloud
IBMMicrosoft Cloud
Apple iCloudAT&T
SprintOther (specify)
RackspaceNot used or undecided

I am aware of security issues associated with personal cloud computing.

YesNoUnknown

I am more concerned with malicious insiders than external attackers.

YesNoUnknown

I have confidence in the cloud service provider’s security capabilities.

YesNoUnknown

In the event a security breach is discovered, there is a clear communication channel for escalating the incident to the cloud service provider.

YesNoUnknown

In general, I believe on-premise systems and traditional data centers are more secure than systems hosted in a personal cloud.

YesNoHard to tell

I feel personal cloud computing is ready for mission-critical applications.

YesNoHard to tell

I feel personal cloud computing is going to be more secure in the future as the service models become more mature and better technologies become available.

YesNoHard to tell

My cloud resources can be used as a platform for launching attacks, hosting spams and malware, software exploits publishing, and for many other unethical purposes.

No concernMild concernConcernSerious concernShow stopper

Unauthorized users, such as hackers and malicious insiders, may gain access to your system due to flawed hypervisor, insecure cryptography, and so on.

No concernMild concernConcernSerious concernShow stopper

Vendor-provided cloud APIs with weak authentication may jeopardize the confidentiality, integrity, and availability.

No concernMild concernConcernSerious concernShow stopper

Shared resources may affect my Smart Phone’s performance and network continuity.

No concernMild concernConcernSerious concernShow stopper

Physical location of your data on the cloud is unknown.

No concernMild concernConcernSerious concernShow stopper

Your data may not be recoverable when an unforeseen event takes place.

No concernMild concernConcernSerious concernShow stopper

Your Smart Phone may be disrupted entirely when an unforeseen event takes place.

No concernMild concernConcernSerious concernShow stopper

Your service provider may not be compliant with regulatory standards, including the internal control, compliance, and internal security procedures.

No concernMild concernConcernSerious concernShow stopper

When a security breach takes place, there may be little or no forensic evidence available.

No concernMild concernConcernSerious concernShow stopper

Unauthorized access and data leakage will always remain as a possibility, no matter how much effort you put into cloud security.

No concernMild concernConcernSerious concernShow stopper

There will be unknown risks and threats as attackers continue to invent new attacking methods.

No concernMild concernConcernSerious concernShow stopper

Leave a Reply

Your email address will not be published. Required fields are marked *