International Research Journal of Computer Science and Information Systems (IRJCSIS) Vol. 2(2) pp. 18-24, March, 2013
Available online http://www.interesjournals.org/IRJCSIS
Copyright © 2013 International Research Journals
Review
Examining ubiquitous security-capital issues in
implementing a campus-system-as-a-service (CSaaS)
model in the cloud computing age: case study subsaharan region
1
Jameson Mbale, 1Kauna Mufeti and 2Victor Hamutenya
1
Centre of Excellence for Telecommunications and Information Technology (CoE), University of Namibia, Windhoek,
Namibia
2
Information Technology Department, Faculty of Telecommunications, University of Namibia, Namibia
*Corresponding Author E-mail: mbalej@yahoo.com
Accepted February 26, 2013
The system was envisioned as a benchmarked model to build Campus-System-as-a-Service (CSaaS) in
a cloud computing environment. The CSaaS architecture model demonstrated that building such a
system requires strong improvements in security which in turn insists upon a huge budget to
accomplish its objectives. The demand and acquisition of an exorbitant budget poses a challenge to the
sub-Saharan institutions due to scarcity of resources. Nevertheless, a solution was sought. The
concept of a consortium was put forth to combat their deficiencies. Some examples of these African
consortia are: the Partnership for Higher Education in Africa, involving eight (8) universities; The Higher
Education Institutions (HEIs) in Western and Central Africa comprising a hundred (100) institutions, the
initiatives for the formation of National Research and Education Network (NRENs), are but a few of such
organizations. All such assemblages demonstrated the capacity of sub-Saharan campuses to pool their
material, capital and human resources together in a way that would exploit technologies like cloud
computing. The CSaaS architecture model demonstrates how the underlying consortium campuses can
be connected through the CSaaS system to the cloud. Such a system would be capable of managing
Campus Management Systems which would include: student registration, examinations, student
results, students learning materials, library information, research, scholarships, admission information,
undergraduate and postgraduate programmes, student recreation, website, eLearning, internship,
alumina, timetable, campus strategic plan, institution estate, hostels, dining and kitchen, campus
clinic/hospital, staffing, administration, and etc. With such a huge range of applications, the consortium
members would only pay for the services on demand. They would not be responsible for the provision
of maintenance and services of hardware and software facilities.
Keywords: Campus-System-as-a-Service (CSaaS); CSaaS cloud architecture; cloud computing environment;
security; capital resource; consortium campuses; sub-Saharan region; CSaaS Model Convetor; model convertor
and campus cloud.
INTRODUCTION
The system was foreseen as a benchmarked model to
build Campus-System-as-a-Service (CSaaS) in a cloud
Mbale et al. 19
computing environment. The rationale of such a model
was to motivate sub-Saharan institutions to make use of
their resources and to embrace a promising new
technology. The CSaaS architecture demonstrates how
security concerns and affirmation of the budgets are
paramount to the building of the CSaaS system in the
cloud computing age. Managing security in such
environment demands a huge budget which poses a
challenge to the sub-Saharan campuses. In order to
overcome this hurdle, the institutions in that region were
encouraged to form a consortium, to bring their resources
to bear, to raise money and to continue paying for CSaaS
services.
The Statement of Problem
When a new technology arrives, whether the community
wants to embrace it or not, it will continue to exist as long
as it has dominant a value and will by pass those who
cannot adapt. Once the community has failed to adapt, it
remain stat the mercy of older and perhaps outdated
methodologies. By the time you realise that you needed
that technology, it may be too late to catch up with it and it
will likely be far more expensive to adapt it. With this in
mind, it is indeed true that the sub-Saharan region has
been bypassed by many of the new technologies that
evolved within recent history. Once the technology has
bypassed you it becomes very expensive to adjust to that
technology. In the case of ICT technology, educational
institutions in both the, public and private sectors would be
forced to overhaul a major part of their infrastructures in
order to be compliant with new equipment, software or
technology. This is especially devastating if each
institution was responsible for the care and maintenance
of its own technical infrastructure. Therefore, the subSaharan region must learn to embrace the new trends of
technologies in economical ways. Now that the cloud
computing has emerged as a new technology trend, the
learning institutions in the sub-Saharan region should join
all their ICT resources to build a strong CSaaS. By pooling
their resources, they may manage to overcome the lack of
ICT resources many are experiencing. Karanja G. (2006)
recommended the formation of a consortium to purchase
bandwidth as an obvious initiative for the immediate
future. This has proven to be a successful strategy, by
negotiating bulk discounts, this association has lowered
the price paid by some African HEIs for their bandwidth
from as much as US$15,000 per Mbps per month to
US$2,330. Of the fifty-one (51) HEIs included in this
survey of West and Central African HEIs, ten (10)
indicated that they were members of a bandwidth
consortium. Adopting a cloud computing model for CSaaS
would stand as a milestone in planning to achieve such
goals. This model would help the planners to focus upon
the two major concerns of cloud computing, security and
capital resources as demonstrated in Figure 1.
Literature review
First, the benefit of cloud computing has been discussed
extensively elsewhere Bisong A. at el., (2011), Bendandi
S. (2010), Kuyoro S. O. at el. (2011), Chow R. et al.
(2009), Archer J. et al. (2010), however the
disadvantages of security and capital resource issues
surrounding it has outweighed the advantages. Many
entrepreneurs and scholars have expressed severe
concerns about the security and resource issues affecting
the cloud computing technology. This section would look
at security and capital resource discussed by other
scholars.
Security Issues Surrounding Cloud Computing
Bisong A. et al., (2011) they stated that many enterprises
are seriously looking into cloud computing to save cost, in
the near future and cloud computing usage is expected to
skyrocket. They stressed that accompanying this
increased usage in cloud computing, vulnerability to
viruses, worms, hackers and cyber attacks will also
increase. They also mentioned that organized criminals,
terrorists and hostile nations would see this as a new
opportunity to steal private information, disrupt services
and cause harm to the enterprise. In response to these
threats, top security concerns were also raised Bendandi
S. (2010). Thus there is a strong need to improve security
practices and many cloud customers will buy into cloud
computing on the basis of the reputation for confidentiality,
integrity and the level of resilience of the security services
offered by a provider. He highlighted that some of these
services involve auditing and evidence gathering to
support the security of the cloud. He further pointed out
that the audit and evidence gathering where dedicated
pay-per-use forensic images of virtual machines by
certified professionals to assure security were employed.
Other approaches to security are available where large
cloud providers would offer a standardized, opened
interface to manage security thereby opening a market for
security services.
Kuyoro S. O. et al. (2011) they pointed out that security
20 Int. Res. J. Comput. Sci. Inform. Syst.
rity
pus
Cam
d
u
o
l
C
Cam
p
Clou us
d
Securi
Sec
u
y
Server
Server
us
mp
Ca ud
Clo
Sec
urit
y
y
urit
Sec
ty
Se
r it
cu
Server
Se
y
r it
u
c
Cl
ou
dP
IS
P'
s
IS
P'
s
ro
v id
C
e
a
ic
ers
mp
v
r
e
us
S
-Sy
-a
ste
-as
m
me
t
ass
y
S
a-S
su
erv
p
m
Ca Campus - System - as - a - Service ice
Campus 1
Campus 2
Campus 3
. . .
Campus n
Figure 1. CSaaS Cloud Architecture
Table 1. The Concerns of Cloud Computing
CHALLENGE
Security
Availability
Cost
Regulatory Requirements
issues in cloud computing had played a major role in
slowing down its acceptance, in fact security was ranked
first as the primary challenge of cloud computing. Table 1
lists some of their findings in ranked order:
They further emphasized that putting your data, and
running your software on someone else's hard disk, using
someone else's CPU, appears daunting to many. Wellknown security issues such as data loss, phishing, and
botnets, running remotely on a collection of machines,
posed serious threats to organization's data and software.
The other challenges they discussed were: costing
models, charging models, service level agreements,
deciding what to migrate, and cloud interoperability
PERCENTAGE
74.6 %
63.1 %
50.4 %
49.2%
issues. Though, on the other hand, they emphasized that
security could improve due to centralization of data and
increased security-focused resources.
Security threats according to Chow R. et al. (2009)
were categorized into three groups: (1) traditional, (2)
availability and (3) third party. They gave an explanation
that, traditional group concerns computer and network
intrusions or attacks that would be made possible or at
least easier by moving to the cloud. That category
involved the following parts: the VM-level attacks, cloud
provider vulnerabilities, the phishing cloud provider the
expanded network attack surface, authentication and
authorization. The availability group was concerned with
Mbale et al. 21
critical applications and data being available when
needed. The Third-party data control forms the third
group where the potential lack of control and
transparency when a third party holds the data is of
concern. This requires a high level of trust on the part of
a customer toward the provider.
Archer et al. (2010) they identified seven (7) top
threats of cloud computing and explained them as
follows: the first threat was the abuse and nefarious use
of cloud computing. Second was the insecure interfaces
and APIs. Cloud computing providers offer a set of
software interfaces or APIs that customers use to
manage and interact with cloud services. The third is the
malicious insider. The impact that malicious insiders can
have on an organization is considerable, given their level
of access and ability to infiltrate organizations and assets.
The fourth threat is shared technology issues such as
disk partitions, CPU caches, GPUs, and other shared
elements that were never designed for strong
compartmentalization. The fifth is the data loss or
leakage that could result from insufficient authentication,
authorization, and audit (AAA) controls. The sixth is
account or service hijacking, stolen credentials, etc.
Attackers can often access critical areas of deployed
cloud computing services permitting them to compromise
the confidentiality, integrity and availability of those
services. The seventh threat is the unknown risk profile
that could still linger when compliance of the
internal security procedures, configuration hardening,
patching, auditing, and logging have undetected
vulnerabilities.
Capital Resource Surrounding Cloud Computing
Echezona R. I. et al. (2010) discussed the University
roles as research, evaluation, information transfer, and
technology development are therefore critical to social
progress and economic growth. Therefore, University
strategic planning should pay special attention to the
challenge of accessing current scientific knowledge
(through journals, books, CD-ROM, On-Line resources)
at affordable cost. They further stated that many
initiatives have taken place to get Africa interconnected to
the “information super highway”. They also pointed out
that NGOs, telecommunication companies, philanthropic
organizations and some countries of the developed world
have extended their services to ICT development in
Africa. They narrated that the Partnership for Higher
Education in Africa (including the Ford, Macarthur, and
Rockefeller foundations) has helped an organization of
thirteen (13) African universities to cover connecting
costs. They also emphasized that some African countries
through their Universities have made appreciable efforts,
individually and collaboratively, at establishing affordable
ICT links which invariably improves Internet connectivity.
They went on to say most of the initiatives have been
realized through the formation of National Research and
Education Network (NRENs), and Regional Research
and Education Networks. Their financial positions have
limited their activities to acquisition of VSAT at an
affordable price through the economies of scale offered
by consortium formation.
According to Aluoch (2006) explained that connectivity
in Africa is poor, unreliable, scarce and very expensive,
and where available, is almost never dedicated and users
have to contend with frequent service outages conflated
with very slow speeds. The author also revealed the
result of the 2006 African Tertiary Institutions
Connectivity Survey (ATICS) which indicated that
Universities in Africa, on an average pay about US
$40.50 per kilobits per second (kbps) per month while
some institutions pay as much as US $36 kbps for
bandwidth. They also pointed out that these figures are
very high compared to users in North America who are
on megabit and Gigabit speeds and pay much less, that
is $10 per month for a 3 mbps Digital subscribers line
(DSL) link.
Communications costs in sub-Saharan Africa,
according to Juma et al. (2008) are the highest in the
world, and African universities face costs of internet
bandwidth that are over 20 times as high as those in
western universities. They also stated that monopoly
structure and the “low volume, high price” business
model of the investment has kept the price of internet
access beyond the reach of most universities. They
stressed that the cost to operators is estimated to be
about $2, 000/Mbps per month. But average prices are
estimated to be $13,000 per month and have reached
peak levels of $25,000 per month. As a result of the high
prices the cable’s capacity utilization is estimated to be a
meager 5%.
According to Juma et al. (2008), the report showed that the
HEIs in Western and Central Africa represent a total user base
of over hundred (100) institutions and 2.158 million users,
representing an estimated total bandwidth in 2008 of 266.261
Mbps (download) and a budget of US$9.528 million. The
authors suggested that by acting collectively, intervening more
directly into the supply chain, and taking advantage of the
new submarine cable and regional fibre optic networks
which will become available during the next five years
they will be able to
22 Int. Res. J. Comput. Sci. Inform. Syst.
meet their own requirements comparable to HEIs
elsewhere in the world.
The Bandwidth Task Force Secretariat (2003)
explained that in 2003 compiled a bandwidth utilization
report for the Partnership for Higher Education in Africa
showing total monthly costs for the involved eight (8)
Universities and these were: University of Dar es Salaam,
Makerere University, University of Ghana, Eduardo
Mondlane University, University of Ibadan, University of
Jos, Obafemi Awolowo University, and Bayero University.
The total monthly charge put together for these
Universities were approximately sixty nine thousand one
hundred and thirty one USA Dollars (US$ 69,131.00) and
monthly cost per kilobits per second were roughly one
hundred forty five USA Dollars and twelve shillings (US$
145.12).
Karanja G. (2006) discussed the 2006 Report, African
Tertiary Institutions Connectivity Survey (ATICS)
investigated the utilisation of bandwidth of African
Universities. The report gave the comparison of highest
monthly bandwidth costs as US$36.33/kbps reported in
the 2004 and US$33.26/kbps in 2006. He further showed
that put the monthly direct VSAT costs at US$7.13/kbps
were found on average to be much more expensive than
land-based connections which costUS$4.30/kbps. He
further said the report reasoned that although land-based
connectivity in most countries in Africa ultimately comes
in via VSAT, the land-based services are bought in
relatively larger volumes, and therefore the consortium is
able to negotiate lower costs than single institutions
buying VSAT services for themselves. The report also
gave the top nine (9) institutions with the most expensive
bandwidth to the sum total of one hundred and five USA
Dollars seventy four cents (US$105.74) for /kbps per
month.
institutions across the region. Previously, some
demonstration of consortia were reported such as
Partnership for Higher Education in Africa, involving eight
(8) universities, HEIs in Western and Central Africa
constituting approximately a hundred (100) institutions,
initiatives for formation of National Research and
Education Network (NRENs), to mention a few. These
assemblages demonstrated what could happen when
sub-Saharan campuses pool their capacities, merging
their material, capital and human resources together in
way that could harness the benefits offered by new
technologies such as cloud computing. The formation of
such a consortium by various campuses would manage
to share the load of paying the cloud computing providers
and their services.
The CSaaS System
In between the cloud and the underlying campuses there
was a CSaaS system which run institutional programs.
These programs interface to the cloud and the underlying
campuses, and their (programs) were tailored to provide
access to everyday campus information. Some of these
system programs would be the comprehensive Campus
Management Systems which would include: student
registration, examinations, student results, students
learning materials, library information, research,
scholarships, admission information, undergraduate and
postgraduate programmes, student recreation, website,
eLearning, internship, alumina, timetable, the campus
strategic plan, dining and kitchen, campus clinic/hospital,
staffing, administration, etc. The programs were run
within the cloud and the consortium would pay on
demand for the services. Also side-by-side were the
Information Service Providers (ISPs) who managed other
services such as bandwidth.
The CSaaS cloud architecture model
As discussed earlier, many of the concerns about cloud
computing dwells on security and capital resources. In this
regard Figure 1 demonstrates a (CSaaS) architecture
model build taking into consideration the need for
extensively strengthening security around the cloud and
hints at the parallel requirement for an a large budget.
Campuses of Different Institutions of sub-Saharan
Region
Underlying the architecture are campuses from different
The Cloud Infrastructure
On Figure 1 shows the Cloud architecture. At the top lies
the cloud, which is surrounded by a thick ream of
security. Inside the cloud are installed servers owned and
ran by the cloud providers. The clients who comprise the
consortium of campuses are relieved from the burden of
having to buy software and hardware since the cloud
servers and other resources are provided as part of the
contract. Further, the cost of maintaining, servicing and
upgrading the existing infrastructure is born by cloud
providers and not the client campuses of the consortium.
Mbale et al. 23
In
te Cl
ro ou
Is pe d
su ra
% es bili
ty
Model
Convertor
(MC)
Se
o
A rv
t t te
gr ic
a
ee e
h a
W igr
% me of
M %
nt
Othe
rs
%
Cost
ing
%
g
in
rg
a
Ch %
Figure 2. CSaaS Cloud Model Convertor
Cloud Providers
Thus it promises a cost-effective way to provide ICT
services.
A 24/7 CSaaS Cloud Multi-Security System
As shown in Figure 1, the cloud in that model was
surrounded by a thick ream of security, and as above
other entrepreneurs cited that security issues dominated
all others with seventy four point six percent (74.6%).
Indeed, from Figure 1, the thick security ream forms core
of this work. As the CSaaS would be on the cloud, it
would be vulnerable to security attack. Guarding against
all possible existing security attacks is very gigantic task
and very costly as well. To combat the most severe
security threats in such a model would require a massive
budget in order to provide a multi-security protection
system capable of alleviating these risks. These risks, of
course, involve a range perils which include cloud
provider vulnerabilities, authentication and authorization
issues, malicious software, insecure interfaces,
untrustworthy insiders, shared technologies, data loss or
leakage, account or service hijacking, , but to mention a
few. Building a model system of this kind would definitely
cost the cloud providers a large amount of money and
they would likely pass this cost on to the customer
which in this case would be the consortium.
Nevertheless, as mentioned previously, cited institutions
already spend a lot of money in paying for their
bandwidth resources. Therefore putting all those
capital expenditures together, the clients should
manage to pay for the charges of the security system.
The cloud providers are responsible for providing,
running and maintaining the infrastructure. They
purchase and install the required hardware and software.
They carry out the 24/7 service provision to the
consortium members. The cloud providers are also
responsible for developing the application programs for
the campus conglomerate. It is up to the group to choose
the preferred cloud provider, of course it would be one
that could meet their diverse requirements. .
CSaaS cloud model convertor (CSaaS-cmc)
One of the challenging issues was how much each
institutional member would contribute or pay. Some
institutions had more users and demanded a higher
usage of resources than others. In this case, each
campus will have to contribute more or less depending
upon its need. In that way, Figure 2, a CSaaS-CMC was
developed to calculate this amount. This work is referred
to as the “factors models (FM)” which considers the
various aspects of cloud operations. The components
were: the costing model, the charging model, the service
level agreement, what to migrate, and cloud
interoperability of each campus.
The CSaaS Cloud Model Convertor in Figure 2 had a
Model Convertor (MC), a component which calculated
values of various model charges of the different FM. The
variables used for calculation were: number of users in a
campus, number of the connected and working
equipment, and capacity of bandwidth utilization. Using
24 Int. Res. J. Comput. Sci. Inform. Syst.
these variables, the MC calculated the values of each FM
in percentages. After calculation, the percentage values
of each FM would appear on the CSaaS-CMC for each
FM. The campus with high percentages contributed or
paid more. The one with low percentages pays the least.
Not only was the system helpful to determine how much
each campus was to pay, but very useful to the cloud
providers in determining how to allocate resources. It also
calculated the charges of service on demand. Once a
campus ran the service, the system automatically
calculated the charges. The system determined the
operational costs, involving the security, bandwidth
management, and other service charges. The CSaaSCMC would then determine the service agreement, what
data to migrate, the interoperability of the data and the
system as whole. All these calculations would help to
come up with the overall charges given to the client.
CONCLUSION
The system was envisaged as a benchmarked model to
build Campus-System-as-a-Service in a cloud computing
environment. The building of such a system emphasizes
the importance and strength of the security aspect and
affirms the capital resource base. The system is very
vulnerable to security threats and its maintenance
demanded an excessive budget. Due to the need for
mammoth budgets, sub-Saharan institutions were
compelled to form campus consortia that would enable
them to pool their resources in order to pay for the
services the cloud offers. As discussed previously, a
number of initiatives to form such consortia were outlined
and the data collected encouraged the building of this
model. Underlying the model were the various campuses
forming the consortium. The CSaaS system interfaced
with the underlying campuses and the cloud. Whereas,
the cloud constituted the equipment that were operated,
maintained or serviced by the cloud providers. The
consortium campuses were only charged for service on
demand. The system had a CSaaS-CMC that calculated
the FM’s which overally determined how much each
campus was to contribute or pay. The CSaaS-CMC had
an inner component that did the actual calculations using
the variables and these were: number of users in a
campus, number of the connected and working
equipment, and capacity of bandwidth utilization.
.
REFERENCES
Aluoch AA (2006). The search for affordable quality Internet connectivity
for African universities,” AAU Newsletter 12 (3):8.
Archer J, Boehme A, Cullinane D, Kurtz P, Puhlmann N, Reavis J
(2010). Top Threats Security to Cloud Computing V1.0. Cloud
Security Alliance.
Bandwidth Task Force Secretariat (2003). More Bandwidth at Lower
Cost: An Investigation for the Partnership for Higher Education in
Africa.
Bendandi S (2009). Cloud computing: Benefits, risks and
recommendations for information security. Retrieved on March 15,
2010 from http://www.scribd.com/doc/23185511/Cloud-Computingbenefits-risks-and-recommendationsfor-information-security.
Bisong A, Rahman SM (2011). An Overview of the Security Concerns in
Enterprise Cloud Computing. International Journal of Network
Security and Its Applications (IJNSA), Vol.3, No.1.
Chow R., Golle P., Jakobsson M., Shi E., Staddon J., Masuoka R., and
Molina J (2009). Controlling Data in the Cloud: Outsourcing
Computation without Outsourcing Control. ACM Cloud Computing
Security Workshop (CCSW).
Echezona RI., Ugwuany CF (2010). African University Libraries and
Internet Connectivity: Challenges and the Way Forward. A Library
Philosophy
and
Practice,
http://unllib.unl.edu/LPP/echezonaugwuan,yi.htm.
Hamilton P, Ibrahim A, Kone T, Lishou C, Oumtanaga S, Sie OE,
Tonye E (2008). AAU Connectivity Survey: Addressing the Demand
for Connectivity of Higher Education Institutions (HEIs) in the West
and Central Africa Region.
Juma C, Moyer E (2008). High-Speed Internet Access for African
Universities: The Lifeline of Int. Res. Cooperat.; Presented at the
Special Session on “Science and Technology Collaboration between
Developed and Developing Countries” convened by the STS forum
on the occasion of the Fourth Tokyo International Conference on
African Development (TICAD IV) in Yokohama, Japan.
Karanja G (2006). 2006 Report: African Tertiary Institutions Connectivity
Survey (ATICS). Cyberplex Africa. Botswana.
Kuyoro SO, Ibikunle F, Awodele O (2011). Cloud Computing Security
Issues and Challenges. Int. J. Comput.Networks (IJCN), 3:(5).Aluoch
A. A (2006). The search for affordable quality Internet connectivity for
African universities,” AAU Newsletter 12 (3):8.