Abstract
Governments across the world are starting to make a dynamic shift to cloud computing so as to increase efficiency. Although, the cloud technology brings various benefits for government organisations, including flexibility and low cost, adopting it with the existing system is not an easy task. In this regard, the most significant challenge to any government agency is security concern. Our previous study focused to identify security factors that influence decision of government organisations to adopt cloud. This research enhances the previous work by investigating on the impact of various independent security related factors on the adopted security taxonomy based on critical ratio, standard error and significance levels. Data was collected from IT and security experts in the government organisations of Saudi Arabia. The Analysis of Moment Structures (AMOS) tool was used in this research for data analysis. Critical ratio reveals the importance of Security Benefits, Risks and Awareness Taxonomies on cloud adoption. Also, most of the exogenous variables had strong and positive relationships with their fellow exogenous variables. In future, this taxonomy model can also be applied for studying the adoption of new IT innovations whose IT architecture is similar to that of the cloud.
Similar content being viewed by others
References
Alassafi MO, Alharthi A, Alenezi A, Walters RJ, Wills GB (2016) Investigating the security factors in cloud computing adoption: towards developing an integrated framework. J Internet Technol Secur Trans (JITST) 5(2):486–494
Winkler V (2009) Securing the cloud: cloud computer security techniques and tactics. Elsevier
Alhussain T, AlGhamdi R, Alkhalaf S, Alfarraj O (2013) Users’ perceptions of mobile phone security: a survey study in the Kingdom of Saudi Arabia. Int J Comput Theory Eng 5(5):793–793
Alassafi MO, Hussain RK, Ghashgari G, Walters RJ, Wills GB (2017) Security in organisations: governance, risks and vulnerabilities in moving to the cloud. In: International workshop on enterprise security. Springer, Cham, pp 241–258. https://doi.org/10.1007/978-3-319-54380-2_11
Alkhater N, Wills G, Walters R (2014) Factors Influencing an organisation’s intention to adopt cloud computing in Saudi Arabia. In: 2014 IEEE 6th international conference on cloud computing technology and science. IEEE, pp 1040–1044
Alsanea M, Barth J (2014) Factors affecting the adoption of cloud computing in the government sector: a case study of Saudi Arabia. Int J Cloud Comput Serv 3(6):1–16
Alharbi ST (2017) Trust and acceptance of cloud computing: a revised UTAUT model. In: 2014 international conference on computational science and computational intelligence, vol 2. IEEE, pp 131–134
Alturki SM (2017) Analysis and identification of cloud usage in private and public sector in Saudi Arabia. Int J Comput Appl 162(4):17–21
Alharbi F, Atkins A, Stanier C (2015) Strategic framework for cloud computing decision-making in healthcare sector in Saudi Arabia. The seventh international conference on ehealth, telemedicine, and social medicine 1:138–144
Alassafi MO, Alharthi A, Walters RJ, Wills GB (2016) Security risk factors that influence cloud computing adoption in Saudi Arabia government agencies. In: 2016 international conference on information society (i-Society). IEEE, pp 28–31
Alnatheer M, Nelson K (2009) A proposed framework for understanding information security culture and practices in the Saudi context. In: Proceedings of the 7th Australian information security management conference, Perth, Australia, pp 6–17
AlGhamdi R, Drew S, AbuGabah A (2011) Designing government strategies to facilitate diffusion of online commerce: a focus on KSA. J Inf Syst Manag 1(3):97–106
AlGhamdi R (2012) Diffusion of the adoption of online retailing in Saudi Arabia. PhD thesis, Griffith University, Brisbane, Australia
Alfarraj O, Drew S, AlGhamdi R (2012) EGovernment stage model: evaluating the rate of web development progress of government websites in Saudi Arabia. Int J Adv Comput Sci Appl 2(9):82–90
Alshahrani MSA, Alsadiq MAJ (2014) Economic growth and government spending in Saudi Arabia: an empirical investigation. Int Monet Fund. https://doi.org/10.5089/9781484348796.001
Alharthi A, Alassafi MO, Walters RJ, Wills GB (2017) An exploratory study for investigating the critical success factors for cloud migration in the Saudi Arabian higher education context. Telemat Inf 34(2):664–678
Alshehri M, Drew S, Alhussain T, Alghamdi R (2012) The impact of trust on e-government services acceptance: a study of users’ perceptions by applying UTAUT model. Int J Technol Diffus (IJTD) 3(2):50–61
Khan KM, Malluhi Q (2010) Establishing trust in cloud computing. IT Prof 12(5):20–27
Pearson S (2013) Privacy, security and trust in cloud computing. Privacy and security for cloud computing. Springer, London, pp 3–42
Badger L, Bernstein D, Bohn R, De Vaulx F, Hogan M, Iorga M, Mao J, Messina J, Mills K, Simmon E, Sokol A (2014) US government cloud computing technology roadmap. US Department of Commerce, National Institute of Standards and Technology, Gaithersburg, MD
Catteddu D (2009) Cloud computing: benefits, risks and recommendations for information security. In: Iberic web application security conference. Springer, Berlin, pp 17–20. https://doi.org/10.1007/978-3-642-16120-9_9
Chang V, Kuo Y-H, Ramachandran M (2015) Cloud computing adoption framework—a security framework for business clouds. Future Gener Computer Syst 57(27):24–41
Atlam HF, Alassafi MO, Alenezi A, Walters RJ, Wills GB (2018) XACML to build access control policies for internet of things. In: Proceedings of the 3rd international conference on internet of things, big data and security, Madeira, Portugal, pp 253–260
Kanday R (2012) A survey on cloud computing security. In: 2012 international conference on computing sciences. IEEE, pp 302–311
Kajiyama T (2013) Cloud computing security: how risks and threats are affecting cloud adoption decisions. Doctoral dissertation, San Diego State University, California, USA
Latif R, Abbas H, Assar S, Ali Q (2014) Cloud computing risk assessment: a systematic literature review. Future information technology. Springer, Berlin, pp 285–295
Ferdous MS, Hussein R, Alassafi M, Alharthi A, Walters R, Wills G (2016) Threat taxonomy for cloud of things. Internet Things Big Data Anal Recent Trends Challenges 1:149–191
Cloud Security Alliance (2013) The notorious nine. In: Cloud computing top threats in 2013 CSA, CSA Glob. Staff, pp 1–14
Che J, Duan Y, Zhang T, Fan J (2011) Study on the security models and strategies of cloud computing. Procedia Eng 23:586–593
Bhattasali T, Chaki R, Chaki N (2013) Secure and trusted cloud of things. In: 2013 annual IEEE India conference (INDICON). IEEE, pp 1–6
Jajodia S, Kant K, Samarati P, Singhal A, Swarup V, Wang C (eds) (2014) Secure cloud computing. Springer, New York
Jasti A, Shah P, Nagaraj R, Pendse R (2010) Security in multi-tenancy cloud. In: 44th annual 2010 IEEE international Carnahan conference on security technology. IEEE, pp 35–41
Lian JW, Yen DC, Wang YT (2014) An exploratory study to understand the critical factors affecting the decision to adopt cloud computing in Taiwan hospital. Int J Inf Manage 34(1):28–36
AlGhamdi R, Drew S (2011) Seven key drivers to online retailing in KSA. In: Proceedings of the IADIS international conference on e-Society. Avila, Spain, pp 237–244
Wyld DC (2013) The cloudy future of government IT: cloud computing and the public sector around the world. First ACIS/JNU International Conference on Computers. Networks, Systems and Industrial Engineering. IEEE, pp 164–169
Subashini S, Kavitha V (2011) A survey on security issues in service delivery models of cloud computing. J Netw Comput Appl 34(1):1–11
Rebollo O, Mellado D, Fernández-Medina E, Mouratidis H (2015) Empirical evaluation of a cloud computing information security governance framework. Inf Softw Technol 58:44–57. https://doi.org/10.1016/j.infsof.2014.10.003
Wei J, Zhang X, Ammons G, Bala V, Ning P (2009) Managing security of virtual machine images in a cloud environment. In: Proceedings of the 2009 ACM workshop on cloud computing security. ACM, pp 91–96
Mahyar A (2014) The factors that influence on adoption of cloud computing for small and medium enterprises. Master Thesis, Universiti Teknologi Malaysia, Johor, Malaysia
Sabi HM, Uzoka F-ME, Langmia K, Njeh FN (2016) Conceptualizing a model for adoption of cloud computing in education. Int J Inf Manage 36(2):183–191
Straub DWM, Loch KD, Hill CE (2003) Transfer of information technology to the Arab World. J Global Inf Manage 9:6–28. https://doi.org/10.4018/jgim.2001100101
Weerakkody N (2008) Research methods for media and communication. Oxford University Press
Sen J (2015) Security and privacy issues in cloud computing. In: Cloud technology: concepts, methodologies, tools, and applications. IGI Global, pp 1585–1630
Chang V, Ramachandran M, Yao Y, Kuo YH, Li CS (2016) A resiliency framework for an enterprise cloud. Int J Inf Manage 36(1):155–166
Zhang X, Wuwong N, Li H, Zhang X (2010) Information security risk management framework for the cloud computing environments. In: 2010 10th IEEE international conference on computer and information technology. IEEE, pp 1328–1334
Yahya F, Chang V, Walters J, Wills B (2014) Security challenges in cloud storage. In: 6th international conference on cloud computing technology and science. IEEE, pp 1–6
Saunders M, Lewis P, Thornhill A (2009) Research methods for business students, 5th edn. Pearson, New York
Wolf EJ, Harrington KM, Clark SL, Miller MW (2013) Sample size requirements for structural equation models: an evaluation of power, bias, and solution propriety. Educ Psychol Measur 73(6):913–934
Revilla MA, Saris WE, Krosnick JA (2014) Choosing the number of categories in agree–disagree scales. Sociol Methods Res 43(1):73–97
Sekaran U, Bougie R (2016) Research methods for business: a skill building approach. Wiley
Choudrie J, Ghinea G (2013) Silver surfers, e-government and the digital divide: an exploratory study of UK local authority websites and older citizens. Interact Comput 25(6):417–442
Byrne BM (2010) Structural equation modeling with AMOS: basic concepts, applications, and programming, 2nd edn. Routledge
Hair JF, Black WC, Babin BJ, Anderson RE (2010) Multivariate data analysis, 7th edn. Pearson Higher Education, London
Bentler PM (1990) Comparative fit indexes in structural models. Psychol Bull 107(2):238–246
Kline R (2011) Principles and practice of structural equation modeling, 3rd edn. Guilford Press, New York
Wheaton B (1987) Assessment of fit in overidentified models with latent variables. Sociol Methods Res 16(1):118–154
Pallant J (2013) SPSS survival manual. McGraw-Hill Education, UK
Hooper D, Coughlan J, Mullen MR (2008) Structural equation modelling: guidelines for determining model fit. Electron J Bus Res 6(1):53–60
Finkelstein DM (2005) A beginner’s guide to structural equation modeling, 1st edn. Taylor & Francis
Tabachnick BG, Fidell LS (2012) Using multivariate statistics, 6th edn. Pearson
Hoyle RH (1995) Structural equation modeling: concepts, issues, and applications. Sage
Almorsy M, Grundy J, Müller I (2010) An analysis of the cloud computing security problem. 17th Asia-Pacific software enginering confnference (APSEC 2010). Australia, Sydney, pp 7–15
Changchit C, Chuchuen C (2018) Cloud computing: an examination of factors impacting users’ adoption. J Comput Inf Syst 58(1):1–9
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Alassafi, M.O., Atlam, H.F., Alshdadi, A.A. et al. A validation of security determinants model for cloud adoption in Saudi organisations’ context. Int. j. inf. tecnol. 14, 1075–1085 (2022). https://doi.org/10.1007/s41870-019-00360-4
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s41870-019-00360-4