An end-user centred framework for data access management and security in the enterprise public cloud

Rights statement
Awarding institution
  • University of Strathclyde
Date of award
  • 2024
Thesis identifier
  • T16948
Person Identifier (Local)
  • 201783692
Qualification Level
Qualification Name
Department, School or Faculty
  • Cloud Computing, an emerging internet technology that provides on-demand services to end-users with high scalability in an efficient way over the internet. Enterprises in recent years have been keen on cloud-based Enterprise Resource Planning software as it is more affordable than traditional on-premises Enterprise Resource Planning software. An interesting pattern emerges when enterprises, although keen on cloudbased Enterprise Resource Planning software, are concerned about their data security in the cloud, which is the major concern hindering the adoption of cloud-based Enterprise Resource Planning software applications within enterprises. In this context, this research reviewed various cloud computing security models and proposed an implementation framework which uses ‘Enterprise Access Directory, Cloud Service Provider Access Directory, Enterprise Database Fragmentation, and End-user Access Queries ‘to encourage more enterprise end-user involvement in the security of enterprise data in the cloud. A sequential exploratory mixed method approach was designed in four stages namely: ‘Project Initiation’, ‘Project Prioritization’, ‘Project Analysis Phase’ and ‘Project evaluation’. This was used to evaluate the attributes of the proposed framework. The analysis of the research data showed that the proposed framework was asked in the right direction. The proposed framework encourages enduser participation in enterprise cloud data security while also reducing the impact of malicious insiders on the data stored in enterprise public cloud. This research contributes to existing knowledge of cloud computing security models by augmenting the research area of end-user roles and responsibilities within the enterprise to determine the level of access to data in the cloud-based Enterprise Resource Planning system. Policies for data management security and incentive programmes forenterprises, in the initial study for this research revealed that communication methods predict how well end-users follow policies. The initial study for this research confirmed the value of communication in this domain.
Advisor / supervisor
  • Weir, George R. S.
  • Renaud, Karen Vera
Resource Type