A Generic Approach for the Automated Notarization of Cloud Configurations Using Blockchain-Based Trust

  1. Weber, Thorsten
Dirigida por:
  1. Rüdiger Buchkremer Director/a
  2. Eva López González Director/a

Universidad de defensa: Universidad Católica San Antonio de Murcia

Fecha de defensa: 13 de febrero de 2023

Tribunal:
  1. Laura M. Campoy Gómez Presidente/a
  2. José Torres Remírez Secretario/a
  3. Jordi Ortiz Murillo Vocal

Tipo: Tesis

Teseo: 799522 DIALNET lock_openTESEO editor

Resumen

Due to their scalability, cloud applications have a significant cost advantage for businesses. As a result, companies want both to outsource their data to, and obtain services from, the cloud. However, because most companies have internal policies and compliance requirements for operating and using software applications, the use of cloud applications creates a new challenge for enterprises. Adopting cloud applications is equivalent to outsourcing services in that companies must trust that the cloud application provider will implement internal compliance requirements in the adopted cloud applications. Research has shown that trust and security are key factors that influence the adoption of cloud applications. This dissertation aims to develop a cloud architecture that addresses this challenge by shifting the trust for compliance-driven configurations of cloud applications from the cloud application provider to the blockchain. This work thus seeks to reduce the adoption risk of cloud applications due to compliance requirements. This dissertation uses design science research to create the architecture for shifting trust to the blockchain. A focus group discussion determined the scope of the work. The knowledge base of this work was built using artificial intelligence and a systematic literature review, and the architecture presented was developed and prototyped using the rapid application development method. Mixed-method semi-structured guided interviews were used to evaluate the presented architecture approach and assess the adoption risk reduction qualities. The dissertation showed that the developed software architecture could shift the trust from the cloud provider to the blockchain. The evaluation of the proposed software architecture further demonstrated that the adoption risk due to compliance-driven cloud application configurations could be reduced from “high” to “low” using blockchain technology. This dissertation presents an architecture that shifts the trust for implementing compliance-driven configurations from the cloud provider to the blockchain. Furthermore, it shows that the trust shift can significantly reduce cloud applications’ adoption risk.