Migration to cloud computing
For the purposes of this paper, migration to the cloud can be defined as the process of moving all or a portion of an organization's legacy IT assets, such as hardware, software, stored data, and business processes, from locally installed deployments on-premises behind firewalls to the cloud environment where they can be managed remotely by a third party. The procedure also includes moving IT resources across various cloud providers, or "cloud-to-cloud migration." Some of the on-site IT infrastructure may need to be kept throughout the cloud migration process [14].
Decision making process
The intelligence phase of the procedure begins with an analysis of an organization's "reality." It includes efforts for issue identification and data collecting regarding the social, competitive, and organizational settings. The design phase streamlines the "reality" of an organization, discovers linkages between factors, and establishes the standards for assessing potential alternative strategies. Based on the criteria determined in the design phase, the decision phase entails choosing the most suitable alternative course of action. The paradigm has received widespread acclaim and use in problem-solving [15]. Simon's concept includes Decision Support Systems (DSSs) in its entirety. An examination of the current DSSs, created to aid in the decision-making process for cloud computing migration, is presented in the part that follows.
Current level of support for decisions to migrate to the cloud
Industrialists and academics are now much more aware of the assistance needed for migration choices as a result of the development and growth of cloud computing. As shown by a number of published whitepapers, cloud providers and IT consultant firms have made several efforts to offer direction and evaluation tools to aid with migration choices. However, owing to their reliance on closed proprietary technologies that often call for consulting agreements, these initiatives have either been designed for marketing objectives or are not accessible to the general public [16].
The Technology-organization-environment framework
The TOE is said to be an integrative framework that offers a comprehensive strategy and direction, despite the fact that other frameworks have been designed for the adoption of ICT [36]. The three components of the TOE framework technology, organization, and environment have an impact on how innovations are accepted. It acts as a classification system for variables that encourage or impede the adoption of technological advancement [17].
SWOT ANALYSIS
Table 2: Further a SWOT analysis on these SMEs put forward following results
STRENGTHS
|
WEAKNESS
|
Saving in terms of cost
Saving in terms of time
Scalability, pay per use.
|
24X7 availability of Internet.
No proper estimation of final cost.
Dependency on third party.
Lack of Privacy.
|
OPPORTUNITIES
|
THREATS
|
Easy and enhanced exchange of ideas and communication with clients /partners
Enhanced ways and means of collaboration in innovation.
Fast recovery of lost data on real time basis Proper fast recovery of lost data - opportunity of 24/7 real time data management.
|
Privacy problems including lack of confidentiality and security.
No Control on data
Loss of intellectual property rights.
In long run could be more expensive than in house system in place.
|
The majority of organizations may find it difficult to choose a cloud environment due to problems with client authentication and permission. However, attacks in the form of signature wrapping have been reported on both Eucalyptus and Amazon cloud services, despite the fact that mechanisms like XML-based authentication and Federated Identity Management based on insecure SOP can be used to ensure security in terms of authentication, authorization, and protection issues of client information [18].
VIRTUAL MACHINE EXPLOITATION BY HACKERS/MALICIOUSUSERS:
Utilizing virtual machines is the key idea at the heart of cloud computing. Virtual machines are just the computer's software equivalent. Virtualization may take on a number of different forms, including desktop virtualization, network virtualization, storage virtualization, and hardware virtualization [19].
Virtual machines make advantage of shared resources including processors, memory, and storage. Given this sort of architecture, an attacker's main focus is on a certain physical computer, which allows them to retroactively bring down all the virtual machines [20]. Virtual computers may be vulnerable to external assaults, which would mean that cloud computing as a whole would be useless. Any one of the following three circumstances may occur:
1. The host machine can be compromised
2. A single guest or multiple guests are compromised.
Although the system administrator has the option of rolling back, once resources have been hacked, a hacker has unrestricted freedom and may do any number of activities with the resources. According to a report, 60% of virtual computers are less secure than their equivalents in the real world. Less conventional security procedures are used, which makes computers reduced exposed to security threats and is the main cause of less security.
3. In cloud computing, a phrase known as VMSprawl is employed. The virtual machines are simple to create since they are created via recursive design, which means that their expansion extends beyond the control of the administrator. The idea of isolation in virtual machines is also violated since an attacker may use a compromised virtual computer to connect with other virtual machines. Another sort of assault is one in which a hacker takes over the hypervisor (software that enables the construction and execution of virtual machines [21]) and, in doing so, takes over the host system, denying users of their services. [22] In our research, a study that quantifies the number of firms that have successfully implemented the cloud strategy is presented.
83% of the workload will go to a public cloud with ideal security and appropriate access.