Irit Hadar
Department of Management Information System, University of Haifa, Haifa, Israel
Ethan Hadar, Debra J. Danielson
CA Technologies,1 CA Plaza, Islandia, U.S.A.
Keywords: Cloud computing best practices, IT services, IT management, Business services realized by IT services,
Service innovation, Service strategy.
Abstract: Detecting potential cloud computing services is part of business direction and strategic planning of
enterprise IT management companies. However, this relative new territory examination requires careful
analysis that incorporates both external and internal organization perspectives. The socio-engineering
methodology for cloud computing analysis (SEC) employed in this paper is aimed at discovering the
potential cloud services that are of interest to the company as a whole. The investigation results were
inserted into the company strategic technological evaluation process. The methodology was based on both
qualitative and quantitative analysis techniques, incorporating interviews, surveys, questioners and an
iterative review process. The results formed the company’s cloud taxonomy, as well as highlighted 4 main
players and 18 potential domains of services.
Sociol- and engineering viewpoints on cloud
computing taxonomy and utilization vary between
the cloud players. In such settings, an IT
management firm needs a consistent way for
detecting potential new services offered to these
players. Thus, the main challenge of such an
investigation is the diversity of opinions and
consequently, the detected services and their
consumers. Accordingly, a methodological approach
for cloud services categorization is in order. One
approach may be to enumerate the ideal IT Services
For Cloud players (ITS4C) that an IT firm should
provide to cloud participants, assuming the cloud
will be fully embraced (fully elastic, multiple
domain of administration, composite dynamic
applications). Based on Grounded Theory analysis
(Strauss and Corbin 1990, 1994), and its adapted
usage in this paper, the detection of such services
enables the classification and categorization of the
cloud IT management dimensions and changes.
Moreover, we developed an analysis methodology
termed Socio-Engineering Cloud analysis (SEC),
which is a permuation and extesion of the
methodology proposed by Aviv et al. (2008) (see
also Levi et al., 2009). SEC aims at providing a
comprehensive framework for analyzing potential
cloud services.
This paper describes the SEC methdology,
including (1) identifying analysis dimensions where
domain problems and opportunities might occur
(cloud types); (2) identifying key prototypical
players and core business processes in the selected
area (roles); and (3) identifying potential
management, security and governance categories
and sub-categories that are mapped to the
prototypical players (later to support business cases
and opportunities).
The methodology highlights several dimensions
and characteristics of the cloud, according to the
detection of the potential services and how they
should be categorized. The investigation included
organizational analysis, inventory of existing
company activities, existing R&D development
processes, company related culture and hype, survey
construction, and previous corporate work. Morover,
the inquiry included descriptive capturing,
Hadar I., Hadar E. and Danielson D..
DOI: 10.5220/0003358202600267
In Proceedings of the 1st International Conference on Cloud Computing and Services Science (CLOSER-2011), pages 260-267
ISBN: 978-989-8425-52-2
2011 SCITEPRESS (Science and Technology Publications, Lda.)
procedural/sequential use-case analysis and mapping
of existing solutions.
Since our objective was to describe a complex
observation regarding cloud perception and
interpretation in its natural settings and its full
complexity, we have used the Grounded Theory
qualitative research paradigm (Strauss and Corbin
1990, 1994), which focuses on case studies for
obtaining specific insights rather than on large
populations, simplified experiments, and statistical
methods for discovering universal laws. Qualitative
research methods have long been recognized as
important and contributing to software engineering
research (see, for example, Seaman 1999). During
this research, we documented, recorded and
analyzed relevant cases and processes. The data
analysis included coding the data obtained,
characterizing and classifying it to emerging
The sections below define the Socio-Engineering
methodology for Cloud (SEC) design and research
phases are detailed in section 2. Section 3 presents
the results of this work, followed by a short
conclusion section.
The Socio-Ecumenical methodology for cloud
analysis (SEC) is designed for gathering and
aggregating the information needed to detect
potential cloud services. The authors aggregated
ideas and data sources from myriad sources,
including interviews, conversation, and
brainstorming with thought-leaders in the company’s
technical community. The discussions and
brainstorming sessions in particular targeted
engineers to stimulate the generation of new ideas
relevant to the domains in question. The technique
was conceived as bring-the-future-to-the-present to
foster creative, no-barriers thinking by the
participants. Several small-size teams iteratively
reviewed the ideas raised throughout these
discussions, thus, leading to incremental
During the research, we modified and
extrapolated upon the combined Socio-Engineering
Knowledge Audit Methodology (SEKAM) (Aviv et
al. 2008 and Levi et al., 2009). The research method
applied in SEC was based on the method
engineering approach that aims to conceptualize,
develop, adapt and assemble new methods from
existing ones (Champlain, J. J. 1999, P.M.I. 2004,
Sivan 1999, Perez-Soltero et al. 2006). In this
research, we utilized the method engineering
approach using these five phases: research goals
setting, detection of the analysis dimensions
characteristics and origins of information, data
collection and interviews, information organization
and aggregation.
As noted in the previous section, we used in this
research data collection and analysis tools from the
Grounded Theory approach (Strauss and Corbin,
1990, 1994). for the purpose of studying social and
technical phenomena and observations without
formulating the hypotheses in advance (Strauss and
Corbin, 1990; Orlikowski, 1993, Denzin and
Lincoln, 1994). The research data was inductively
coded, with open and axial coding mechanisms, until
reaching data analysis saturation (Strauss and
Corbin, 1990). Open coding refers to the analytical
process of identifying concepts, ideas, and meanings
from the collected research data, aiming at
discovery, naming, and categorizing phenomena or
domains according to their properties, dimensions,
and incidences. Axial coding refers to the
establishing of core categories and sub-categories
from the categories revealed in the open coding
stage. The categories that emerged from this analysis
and the relations between them will be presented in
the results section below.
2.1 The SEC phases
The overall SEC phasesare as follows:
Phase 1: Research Goals Setting
This phase includes identifying areas with cloud-
oriented problems and opportunities while
discovering key stakeholders involved in the
selected area. The core business processes in the
selected area are prioritized and one process is
selected to be audited first.
In our study, this phase included literature
review (Reeves 2009, Manes 2010, Howard 2009,
Smith et al 2009, Dreyfuss et al 2009, Grossman
2009, Gillett 2009, Garbani and Mendel 2010,
Gillett et al 2008, Heffner et al. 2010, Pring et al.
2009, Worthington 2009) for establishing key
activities that should be carried out during the
conceptual analysis. It also included goals setting
with the company’s executives, and clear definition
of the requirements. The result was a cloud
taxonomy and an initial list of potential interview
questions, as well as expectation matching.
Phase 2: Detecting the Analysis Dimensions
Characteristics and Origins of Information
This was done by applying Method Characteristics
Framework (MCF) (Hackathorn, 1998). MCF is
based on domains comparison in two dimensions:
breadth and depth. The breadth dimension focuses
on conducting the analysis according to the
organizational structure, inventorying existing
activities and R&D development processes. It
considers the cloud computing company culture and
hype, when constructing the survey. The depth
dimension analysis is focused on providing a
description to the potential services, and preparing
them for the survey.
The breadth dimension supports identification of
the main research field characteristics. Here we
identified five main characteristics that influence the
quality of knowledge gathered in the context of
Cloud Computing:
(1) Organizational Analysis - including
identifying the company’s business units that may
affect the cloud computing proposed services based
on their known problems and needs, by interviewing
chief architects. In our case a total of seven
architects were interviewed.
(2) Inventory of existing activities within the
company that have a cloud terminology associated
with them, including potential patents. This phase
included working with the patent office and business
(3) Existing R&D development processes that
consider cloud issues. These included in our case the
Top Level Design Specifications of proposed
projects, the Product Marketing Documents
development, and strategic work on virtualization.
The technological community as a whole was
involved in gathering these data points. This phase
included 24 interviews.
(4) Cloud Computing interest groups were
engaged. Specifically, we investigated the cultural
and hype activities in the company occurring within
the technical community, including technology-scan
documents, cloud interest groups, internal IT
department and overall thought leadership around
the cloud.
(5) Survey construction that contains the above
dimensions mapped onto specific services coupled
with skeleton examples. The survey questions were
organized to more than 50 proposed IT services for
the cloud (ITS4C such as federated security service,
service optimizer, service analytics, service
orchestration, etc.) to cloud players (provider,
consumer, broker, developer), cloud types (internal,
private, hybrid, public), as well as deployment
methods (on and off-premise). The survey enabled
participants to skip services not in their interest, add
free comments, and indicate their level of expertise
in a specific ITS4C. In addition, we codified the
perceived market maturity for accepting a certain
solution, and the difficulty in implementing it. More
than 120 participants completed the survey across
the company. The results of this survey are beyond
the scope of this paper and will not be presented
(6) Previous corporate work was inserted as a
disruptive analysis dimension. We scanned previous
recommendations, or topics suggested, and
considered how these different vectors might affect
the overall depth of each proposed service, and how
it might change the results’ aggregation. We
considered the company’s software-as-a-service
strategy, Alternative Delivery Methods strategy, and
emerging and global trends.
The depth dimension supports analysis of each of
the domains. We employed the following three
levels (based on Levy et al. 2009):
(1) Descriptive – the potential conceptual
service offering and proposed solution is defined by
a theoretical description. This was used when the
services proposed did not have existing
implementations to the best of our knowledge.
(2) Procedural and Sequential – a sequence
and example approach, where the solution is defined
by a ‘step by step’ analysis, usually comprising a
more granular approach to the “Descriptive”
dimension, based on either written or defined
invention disclosers, or other forms of commented
analysis such as from the standard organizations.
Examples may be cloud bursting scenarios,
provision servers to satisfy seasonal or temporary
needs, and cloud to cloud backup.
(3) Practical and existing – the method
provides elicitation and analysis of existing solutions
done by competitors, ones that exist within the
company or under development. Example are cloud
data backup, existing infrastructure renting, and
sales and client relationships management services.
Phase 3: Initial Analysis
The domain analysis players, stakeholders, and
categories are organized into four domains of
players (consumers, providers, brokers, developers)
coupled with the four types of clouds (Internal,
Private, Hybrid, Public). Accordingly, we observed
11 IT concerns. as displayed in Figure 1 (assets,
location, cost model, software development,
network, hardware, capacity, identity, data, process,
liability and risk), and their relevant characteristics
in traditional datacenters, outsourcing and cloud
environments. SEK considers all dimensions when
analyzing the different ITS4C services and
consequently, their technical possibilities
Phase 4: Data Collection and Interviews
Non-structured interviews and structured survey
defines the aggregation of proposed technology and
solution into buckets. Refinement and changed to
buckets is done and reviewed by a steering
committee. The interviews were performed in an
CLOSER 2011 - International Conference on Cloud Computing and Services Science
Figure 1: IT Concerns that are modified in different aspects of IT from a traditional datacenter to outsourcing and on to
cloud computing.
iterative manner..
The first step was a cycle of interviews
involved non-structured interviews with the highest
executive and technical leadership of the company,
coordinating and accurately defining the research
goals, basic terminology, example of a service, and
followed by an unstructured brainstorming
conversation, enabling the participants to comment
freely on their thoughts. The conversations were
recorded, transcripts and analyzed. The questions in
our interviews were, for example: What do you or
your customers think about the cloud? What
problems reside within the cloud needed to be
solved? What prevents our current customers to go
to the cloud, and how can we solve that? Overall, 24
interviews were conducted.
The second step was launching a survey. The
survey questions were aimed to collect and count
codified information. The main vertical access of the
questions was the breadth of list of aspired services
that were detected during the interviews, and the
sources of information. The content of each question
contained the depth characteristics of phases 2 and 3.
In addition, an open form was provided for adding
more examples and content (scenarios) to the
services’ depth.
The third step is forming buckets of aggregated
categorization exemplified on Figure 2, aiming at
finding a common characteristic that defines a
solution approach, rather than a list of specific
categories. The buckets are mainly used to present
associations between the collected data, structured as
a pyramid illustrating possible alternatives for the
company’s cloud-based vision and its validity in the
collected data. The top layer includes the name of
the bucket and its vision, the one right below
contains the categories of themes harvested by SEC
on the cloud, the third contains the aspired IT
services for cloud players (ITS4C), the forth maps
these services into existing activities, and the lowest
layer contains examples, employing the use case
The forth step involved reviewing these structures
with the leading chief technologist, and overall
company strategy team, figuring out the source of
presentation, missing parts, or additional visions that
are not highlighted enough. Typical questions were:
Are we aggregating the areas correctly? Are we
identifying opportunities correctly? What are we
missing? What do you think you need to solve and
The fifth and last step involves improving the
buckets defined categories, adding more content to.
examples and use cases, and overall organizing and
iterating to improve the quality of the results
Phase 5: SEC Information Organization and
Revisiting the entire gathered material, and iterating
back to the appropriate phase if needed. Formal
documentation is produced, and audience
presentations and communication are commenced.
This phase involves breaking and re-assembling
back the properties and services detected in previous
phases into common formalism, adjusted to the
receiving audience. Communication material is
Figure 2: Buckets forming of potential IT Services for Cloud (ITS4C), actual work done on cloud, and examples that are
based on case studies and use-cases.
produced, results are mapped to overall market
trends and market analysis, showing potential
horizon for solution readiness, documentations and
white papers are produced, and overall stabilization
of the results is finally achieved.
Analyzing IT Services for Cloud Players (ITS4C)
requires indentifying prototypical problem areas for
each player. SEC proposes the breath dimensions for
sources of categories, and depth dimension for level
and types of details on each. Consequently, the
ITS4C are categorized according to a prototypical
role of a cloud player, whereas any organization is
comprised of a combination of these prototypical
roles. The prototypical cloud participants are
consumers, providers (producers) and developers of
cloud services, as well as brokers. A company may
consume some cloud services from a public cloud,
and provide other services for its internal cloud, or
even aggregate services and offer the aggregated
service on the public cloud. This variety of
stakeholders and the supply-chain approach,
highlight that potential IT services or capabilities
that an IT management company can provide to a
cloud player (as enablers), or foster cloud computing
usage, is a continuum of services (Ferguson and
Hadar 2010). While the company’s prototypical
cloud consumers are mainly enterprise customers,
providers and brokers present new opportunities to
exploit for the SMB (Small Medium Business)
Figure 3 details how use cases and existing
initiatives as well as thought-leadership form the
new ITS4C and areas of interest by finding roles,
categories and sub categories of the potential
domains as emerged via SEC.
ITS4C Consumers cater for the IT shop that
manages cloud services for the end-users and the
recipients of cloud service. In the context of IT
management, service consumer’s management
aspects manage IT as a business. As such, it includes
several domains of interest that are extrapolated
using similar terminology from ITIL v3.0:
Service Strategy contains the project and
portfolio (PPM) component that enables the
organization of the IT strategies and ongoing
initiatives across all cloud domains in an agile
manner, according to optimization suggestions. The
strategy contains cloud financial management that is
connected to the brokering commerce solutions, as
well as to the monitoring and metering of the
consumed services via the Service Operation of the
CLOSER 2011 - International Conference on Cloud Computing and Services Science
Service Design provides service level
management that uses monitors from the Operation
support. It enforces federated security, and
proactively solves service quality problems by
planning capabilities through the analysis of IT
behavior, detecting utilization patterns and change
The Compliance and Governance services
provide transparency into the consumed services via
reporting and auditing, as well as manage the
distributed data and records (managed information)
within the distributed services.
The Business Process Utility (BPU) services
capture the overall IT management processes, used
by the consumers in commoditized process,
balancing processes, time and labor management
using virtual labor management.
Service Transition and Control is responsible for
ensuring the quality of requested services. The
inventory and catalog is responsible for tracking the
quality of the used services. The service
configuration management maintains information on
the services deployed topology. The service lifecycle
manages changes in services, including request for
usage and termination of service.
ITS4C Providers cater for companies that
operate cloud computing environments for either
internal consumers (such as internal cloud), a
collaborative restricted environment (such as private
clouds), or provide these services for external users,
such as the case of a public cloud offering.
In the case of internal cloud, the Service-Provider
IT-services, which are enablers to the cloud
providers, aim at improving the enterprise’s internal
resources utilization, and manage the growth of IT.
This includes the handling of new technologies such
as Server Virtualization. The case of internal and
private cloud services can include either enterprise
organizations with a single or multiple IT
administration, or traditional service providers.
The IT service categories are:
Service Operation that deals with the definition and
monitoring of the availability and performance of
deployed IT assets. It provides an operations
dashboard that displays the overall status and health
of the system to the consumer. Business continuity
management is responsible for ongoing
provisioning, recovery, backup and redundancy of
the IT assets within the datacenter and the
infrastructure in large, as well as countermeasures
and remedy. A service desk and incident
management component provides the ability to
restore IT services back to operation through a
workflow and lifecycle of incidents that conclude
with incident resolution. Service capacity
management compares alternatives for IT resources
by analyzing costs and quality, conducting load
tests, and accordingly adjusting the definitions.
The Security management is achieved through
the identity and access management services, which
manage users and controls their access to the
resources. Information security management defines
the needed associations and limitations in order to
reduce the threat of information inappropriate usage.
ITS4C Brokers provide solutions for both
consumers and providers of IT services, by
facilitating collaboration between them and enabling
an commercial trade. Service brokering generates
revenue by facilitating the trade and business
relations amongst them, including multiple
participants. These services include:
Service Integration that negotiates agreements
with supply chain services, sets agreements for
operations and services, and catalogues the results.
They facilitate federated security amongst a
collection of multiple administration domains, and
broker the identities.
The Discovery of new service offerings are
captured on a public cloud catalog that provides
quality measurements, indicators and trends on
candidate services, as well as conducts optimization
analysis according to consumers’ requests.
Finally, the Financial Services provide an e-
commerce arena, facilitating trade, and conducting
financial activities according to consumers and
providers requests of billing or procuring services.
ITS4C Developers cater for IT shops that need
to build and deploy a software offering on the cloud
ecosystem. Thus, the IT services include the
construction, testing and provisioning of new
services. The main aspect with regard to IT services
is the release management that is responsible for
testing a changed item prior to releasing it into the
system. Thus, this component builds and organizes
the deployed packages, and rolls out the change
request to the operation services.
This paper defined categories in which potential IT
Services for Cloud players (ITS4C) can be
highlighted, and thus provide opportunities for an IT
company. The analysis provides observations into
potential IT services, catering for prototypical cloud
participants (consumer, provider, broker and
developer of cloud services), as well as four domains
that affect mostly the type of software delivery
Figure 3: IT Services for Cloud Players (ITS4C) and their internal categories. The IT service categories are illustrated in
light-blue boxes, and main categories in gray boxes, according to potential customers.
(internal, private, hybrid and public), as well as
limitations on security and administration.
The setting and analysis of this paper, as well as
the detailed definition of our research methodology,
serves the corporate technological investigation.
Since the detailed list of services detected is
proprietary, these results are not included in this
paper. However, this paper provides the setting and
background for a methodological investigation and a
comprehensive framework for analyzing and
identifying cloud-based potential IT services.
We would like to acknowledge the contribution of
our larger team, for reviewing this paper, and
specifically for maturing the taxonomy section that
is relevant to SEKAM+. The team members are:
Elliot, Stephen J; Ferguson, Donald F; Fry, Jay;
Gingell, Robert A; Jindal, Lokesh; Kartha, Rahul;
Kissane, Jon; Mallannagari, Siddharth; Oberlin,
Steven M; Somashekar, Sam; Vazhayil, Haseem;
Waschke, Marvin G
Aviv, I., Levy, M. and Hadar, I. (2008) Socio-Engineering
Knowledge Audit Methodology (SEKAM) for
Analyzing End-User Requirements. Proceedings of
OSRA EIS&KM, International Conference of
Information Systems (ICIS) 2008, Paris, France.
Bassey, M. (1999) “Chapter 7: Methods of enquiry and the
conduct of case study research”, in Case Study
Research in Educational Settings, Buckingham, UK:
Open University Press, pp. 65-91.
Seaman, C. B. (1999) "Qualitative Methods in Empirical
Studies of Software Engineering," IEEE Transactions
on Software Engineering, vol. 25, no. 4, pp. 557-572,
July/August, 1999.
Champlain, J. J. (2003) Auditing Information Systems,
Second Edition. John Wiley and Sons, Inc. April 2003.
Denzin, N., and Lincoln, Y. (1994). Handbook of
Qualitative Research, Thousand Oaks: Sage.
Dreyfuss C, Kitzis E, Rold C. (2009) “Alternative
Delivery and Acquisition Models for IT Services: CIO
CLOSER 2011 - International Conference on Cloud Computing and Services Science
Challenges With These New Bundles”, Gartner, 18
March 2009
Ferguson D. F., Hadar E, (2010) “Constructing and
evaluating supply-chain systems in cloud-connected
enterprise”, 22-24 July, international conference on
software and data technologies, ICSOFT 2010,Athens,
Garbani J. P, Mendel T, (2010) “Market Update: IT
Management Software In 2009”, Forrester, February
22, 2010
Gillett F, Brown E. G, Lee C, (2008) “There Are Two
Types Of Compute Clouds”, Forrester, November 21,
Gillett F. E. (2009), “Conventional Wisdom Is wrong
About Cloud IaaS”, Forrester, May 29, 2009
Grossman R. L, (2009), “The Case for Cloud Computing”,
IT Professional 11(2): 23-27, 2009
Hackathorn, R. D., Karimi, J. (1988) A Framework for
Comparing Information Engineering Methods. MIS
Quarterly vol. 12, issue 2, pp. 203-220.
Hadar E., Gates C., (2009), “Cloud Computing Web-
Services Offering and IT Management Aspects”,
Cloud Computing workshop, October 25,
International Conference on Object Oriented
Programming, Systems, Languages and Applications
OOPSLA 2009, Orlando, Florida, US, 2009
Heffner R, Rymer J.R., Czarnecki M, (200(), “Taking The
Fog Out Of Cloud Computing: Platform-As-A-
Service, Begin Building PaaS Into Your Application
Platform Strategy”, Forrester, February 10, 2009
Howard C, (2009), “Cloud Computing: An Executive
Primer”, Burton Group April 20, 2009
Levy, M., Hadar, I. and Aviv, I., (2009), “Enhancing
Knowledge-Intensive Business Processes via
Knowledge Management Audit”, Proceedings of the
15th Americas Conference on Information Systems
(AmCIS), August 2009, San-Francisco, USA.
Manes A.T., (2010), “Application Platform Strategies for
the 2010's”, Burton Group , January 2010
Orlikowski, W.J. (1993). “CASE tools as organizational
change: Investigating incremental and radical changes
in systems development”. MIS Quarterly 17(3), pp.
Perez-Soltero, A., Barcelo-Valenzuela, M., Palma-
Mendez, J. T. (2006), “Knowledge audit methodology
with emphasis on core processes”. European and
Mediterranean Conference on Information Systems,
P.M.I. standard, (2004) A Guide to the Project
Management Body of Knowledge: (Pmbok Guide).
Project Management Institute, Third edition, ISBN10:
Pring B, Brown R.H, Frank A, Hayward S, Leong L.,
(2009), “Forecast: Sizing the Cloud; Understanding
the Opportunities in Cloud Services”, Gartner, 18
March 2009
Reeves D., “Transforming IT”, Burton Group, April 20,
Sivan, Y. Y. (1999) A Modern Knowledge KM
infrastructure: Properties and Capabilities. WebNet
Journal, vol. 1, issue 3, pp. 18-21.
Smith D.M., (2009), Cearley D.W., Plummer D.C., “Key
Issues for Cloud Computing”, Gartner, 3 February
Strauss, A. and Corbin, J. Basics of Qualitative Research:
Grounded Theory Procedures and Techniques. Sage,
Newbury Park, 1990
Strauss, A. & Corbin, J. (1994) “Grounded Theory
Methodology: An Overview”, Chapter 1 in Denzin,
N.K. and Lincoln, Y.S. (eds.), Handbook of qualitative
research, Thousand Oaks: Sage, pp. 273-285.
Worthington D. (2009) “Cloud providers answer the tough
questions”, SDTimes web May 15, 2009