When to Utilize Software as a Service

Cloud computing enables on-demand network access to shared resources (e.g., computation, networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort. Cloud computing refers to both the applications delivered as services over the Internet and the hardware and system software in the data centers. Software as a service (SaaS) is part of cloud computing. It is one of the cloud service models. SaaS is software deployed as a hosted service and accessed over the Internet. In SaaS, the consumer uses the provider‘s applications running in the cloud. SaaS separates the possession and ownership of software from its use. The applications can be accessed from any device through a thin client interface. A typical SaaS application is used with a web browser based on monthly pricing. In this thesis, the characteristics of cloud computing and SaaS are presented. Also, a few implementation platforms for SaaS are discussed. Then, four different SaaS implementation cases and one transformation case are deliberated. The pros and cons of SaaS are studied. This is done based on literature references and analysis of the SaaS implementations and the transformation case. The analysis is done both from the customer‘s and service provider‘s point of view. In addition, the pros and cons of on-premises software are listed. The purpose of this thesis is to find when SaaS should be utilized and when it is better to choose a traditional on-premises software. The qualities of SaaS bring many benefits both for the customer as well as the provider. A customer should utilize SaaS when it provides cost savings, ease, and scalability over on-premises software. SaaS is reasonable when the customer does not need tailoring, but he only needs a simple, general-purpose service, and the application supports customer‘s core business. A provider should utilize SaaS when it offers cost savings, scalability, faster development, and wider customer base over on-premises software. It is wise to choose SaaS when the application is cheap, aimed at mass market, needs frequent updating, needs high performance computing, needs storing large amounts of data, or there is some other direct value from the cloud infrastructure.

Scaling up stepwise feature introduction to construction of large software systems

Developing software is a difficult and error-prone activity. Furthermore, the complexity of modern computer applications is significant. Hence,an organised approach to software construction is crucial. Stepwise Feature Introduction – created by R.-J. Back – is a development paradigm, in which software is constructed by adding functionality in small increments. The resulting code has an organised, layered structure and can be easily reused. Moreover, the interaction with the users of the software and the correctness concerns are essential elements of the development process, contributing to high quality and functionality of the final product. The paradigm of Stepwise Feature Introduction has been successfully applied in an academic environment, to a number of small-scale developments. The thesis examines the paradigm and its suitability to construction of large and complex software systems by focusing on the development of two software systems of significant complexity. Throughout the thesis we propose a number of improvements and modifications that should be applied to the paradigm when developing or reengineering large and complex software systems. The discussion in the thesis covers various aspects of software development that relate to Stepwise Feature Introduction. More specifically, we evaluate the paradigm based on the common practices of object-oriented programming and design and agile development methodologies. We also outline the strategy to testing systems built with the paradigm of Stepwise Feature Introduction.

New and Emerging Challenges of the ICT-Mediated Health and Well-Being Services

This monograph dissertation looks into the field of ICT-mediated health and well-being services. Through six chapters that extend the work done in the reviewed and published articles, the dissertation focuses on new and emerging technologies, and to impact of their use on the beneficiary; the individual who eventually derives advantage from the services. As the field is currently going through major changes particularly in the OECD countries, the focus is on shortterm developments in the field and the analysis on the long term developments is cursory by nature. The dissertation includes theoretical and empirical elements. Most of the empirical elements are linked to product development and conceptualization performed in the national MyWellbeing project that ended in 2010. In the project, the emphasis was on conceptualization of a personal aid for the beneficiary that could be used for managing information and services in the field of health and well-being services. This work continued the theme of developing individual-centric solutions for the field; a work that started in the InnoElli Senior program in 2006. The nature of this thesis is foremost a conceptual elaboration based on a literature review, illustrated in empirical work performed in different projects. As a theoretical contribution, this dissertation elaborates the role of a mediator, i.e. an intermediary, and it is used as an overarching theme. The role acts as a ‘lens’ through which a number of technology-related phenomena are looked at, pinned down and addressed to a degree. This includes introduction of solutions, ranging from anthropomorphic artefacts to decision support systems that may change the way individuals experience clinical encounters in the near-future. Due to the complex and multiform nature of the field, it is impractical and effectively impossible to cover all aspects that are related to mediation in a single work. Issues such as legislation, financing and privacy are all of equal importance. Consideration of all these issues is beyond the scope of this dissertation and their investigation is left to other work. It follows from this that the investigation on the role is not intended as inclusive one. The role of the mediator is also used to highlight some of the ethical issues related to personal health information management, and to mediating health and well-being related issues on behalf of another individual, such as an elderly relative or a fellow member of a small unit in the armed forces. The dissertation concludes in a summary about the use and functions of the mediator, describing some potential avenues for implementing such support mechanisms to the changing field of ICT-mediated health and well-being services. The conclusions also describe some of the limitations of this dissertation, including remarks on methodology and content.

Measuring software security from the design of software

The vast majority of our contemporary society owns a mobile phone, which has resulted in a dramatic rise in the amount of networked computers in recent years. Security issues in the computers have followed the same trend and nearly everyone is now affected by such issues. How could the situation be improved? For software engineers, an obvious answer is to build computer software with security in mind. A problem with building software with security is how to define secure software or how to measure security. This thesis divides the problem into three research questions. First, how can we measure the security of software? Second, what types of tools are available for measuring security? And finally, what do these tools reveal about the security of software? Measuring tools of these kind are commonly called metrics. This thesis is focused on the perspective of software engineers in the software design phase. Focus on the design phase means that code level semantics or programming language specifics are not discussed in this work. Organizational policy, management issues or software development process are also out of the scope. The first two research problems were studied using a literature review while the third was studied using a case study research. The target of the case study was a Java based email server called Apache James, which had details from its changelog and security issues available and the source code was accessible. The research revealed that there is a consensus in the terminology on software security. Security verification activities are commonly divided into evaluation and assurance. The focus of this work was in assurance, which means to verify one’s own work. There are 34 metrics available for security measurements, of which five are evaluation metrics and 29 are assurance metrics. We found, however, that the general quality of these metrics was not good. Only three metrics in the design category passed the inspection criteria and could be used in the case study. The metrics claim to give quantitative information on the security of the software, but in practice they were limited to evaluating different versions of the same software. Apart from being relative, the metrics were unable to detect security issues or point out problems in the design. Furthermore, interpreting the metrics’ results was difficult. In conclusion, the general state of the software security metrics leaves a lot to be desired. The metrics studied had both theoretical and practical issues, and are not suitable for daily engineering workflows. The metrics studied provided a basis for further research, since they pointed out areas where the security metrics were necessary to improve whether verification of security from the design was desired.

What is the current state of cloud service research and its promise for the future? A systematic literature review

The information technology (IT) industry has recently witnessed the proliferation of cloud services, which have allowed IT service providers to deliver on-demand resources to customers over the Internet. This frees both service providers and consumers from traditional IT-related burdens such as capital and operating expenses and allows them to respond rapidly to new opportunities in the market. Due to the popularity and growth of cloud services, numerous researchers have conducted studies on various aspects of cloud services, both positive and negative. However, none of those studies have connected all relevant information to provide a holistic picture of the current state of cloud service research. This study aims to investigate that current situation and propose the most promising future directions. In order to determine achieve these goals, a systematic literature review was conducted on studies with a primary focus on cloud services. Based on carefully crafted inclusion criteria, 52 articles from highly credible online sources were selected for the review. To define the main focus of the review and facilitate the analysis of literature, a conceptual framework with five main factors was proposed. The selected articles were organized under the factors of the proposed framework and then synthesized using a narrative technique. The results of this systematic review indicate that the impacts of cloud services on enterprises were the factor best covered by contemporary research. Researchers were able to present valuable findings about how cloud services impact various aspects of enterprises such as governance, performance, and security. By contrast, the role of service provider sub-contractors in the cloud service market remains largely uninvestigated, as do cloud-based enterprise software and cloud-based office systems for consumers. Moreover, the results also show that researchers should pay more attention to the integration of cloud services into legacy IT systems to facilitate the adoption of cloud services by enterprise users. After the literature synthesis, the present study proposed several promising directions for cloud service research by outlining research questions for the underexplored areas of cloud services, in order to facilitate the development of cloud service markets in the future.