Design And Implementation Of A Collaborative Software As A Service Based Office Management System

Introduction

1.1 Background of the Study

File management is the process of storing, accessing, retrieving and manipulating files. The necessity of moving a file from the RAM to a secondary storage calls for future reference (re-usability), availability (having this file ready and at hand at any time anywhere), safety (ensuring data integrity without the fear of loss or damage) and most times privacy (authentication and access control). This purpose is not fully achieved when files are saved just by the traditional file management system usually provided by the user‟s operating system or the manual system. The traditional system is exposed to insecurity, unavailability, and data loss through viral attacks and other malicious software. This created the need of an additional system for saving files (back up mechanism), where files will be available with or without the user‟s workstation, highly secured platform, and cost effective system.

Storage and access to files which has been a core concept of computing and information technology requires the moving of files to a better environment where availability and security is assured. The cloud system is a recent development which has dramatically changed the landscape of software development. It provides a simple interface where the user is abstracted from the underlying framework of the system. According to Hancleng (2009), Cloud computing is a model of enabling ubiquitous, convenient, on demand network access to shared pool of configurable computing resources (e.g networks, servers, storage, application and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.

Moving files to a cloud system has been a welcomed advancement in file management but has failed in addressing challenges. Some of these challenges include security and cost. Adopting Software as a Service (SaaS) as the befitting cloud computing model for this work does not only provide software availability but also provides an efficient means of billing users. The billing system will be monitored by the number of times the application will be used. That is, keeping a log of records, which in turn aids in monitoring any form of intrusion created by unauthorized access.

Conclusively, cloud computing and file management has „security‟ as its mediator. It is well understood that no one could take an additional step of moving files to the cloud system for storage or backup if such files are not important. Therefore, every cloud computing system should make adequate provisions for security.

1.2 Statement of the Problem

In traditional file management platform, it was discovered that accessibility and availability to stored files is restricted to the user having the device present. Also in file sharing, it is restricted by distance and network coverage whereby the conventional network facilities use cables, infra-red rays, Bluetooth etc.

The traditional approach lacks the ability to detect intrusion of any sort thus creating insecurity. Again among the existing platforms for file sharing, file size limitations is another major problem.

The problem the researcher intends to solve in this work is to provide a collaborative office management system as a cloud service to enable file sharing and collaboration among users in a system (department) with no distance and storage space limitations.

1.3 Aim and Objectives of Study

The aim of this study is to design a collaborative office management system using Software as a Service Cloud computing Model. In order to achieve the desired aim, the following objectives were considered:

Provides a standard database system for storing user information that is compatible with virtually every operating system.

Deploying useful applications on cloud for managing files which eliminates the need for setup and installation of such application on user system.

Provide a more secured service through file encryption and log management.

1.4 Significance of the Study

The research work will offer enormous benefits to organization, companies and even individuals. Such benefits includes:

Provides security compliance and easy accessibility of information.

Cost effectiveness in running application.

Effective office experience in managing and sharing files

Creating awareness of cloud based file management system as it creates a better and effective resource management irrespective of the distance or storage capacity.

1.5 Scope of the Study

File management is broad and vast. This work will cover the generic file management approach such as creating, editing, updating etc. and also some additional security measures to enhance effective management. The security implementation of this work is limited to just the user integrity, authentication and authorization. These include:

Encrypting files on upload.

Storing files in its encrypted form.

Decrypting with the user private key.

Keeping log/Audit records.

1.6 Limitations of the Study

The researcher was limited to the above mentioned scope of study due to some factors such as:

Cloud computing being a new innovation poses the limitation of resources (materials) for this research.

Fund: not having a free access to the internet was another constraint as that was the main area our research was based. Funding subscriptions to internet providers to ensure a fast and consistent connectivity.

1.7 Definition of Terms

Advanced Encryption Standard (AES) Encryption

Is a symmetric-key block cipher algorithm for secure and classified data encryption and decryption.

Authentication

Is any process by which a system verifies the identity of a user he wishes to access its resources.

Authorization

The process of granting or denying access to a network resource.

Cloud

Is a communications network. The word “cloud” often refers to the internet, and more precisely to some datacenter full of servers that is connected to the internet.

Decryption

Is the process of taking encoded or encrypted text or data and converting it back into the format you or the computer can read and understand.

Encryption

Is the process of encoding messages or information in such a way that only authorized parties can read it.

Intrusion

The act of compromising a computer system in order to gain unauthorized access.

Man in the Cloud Attack (MITC)

Is an attack where the attacker secretly replays and possibly alters the communication between two parties who believe they are directly communicating with each other.

Network

A group of interconnected computers and peripherals that is capable of sharing software and hardware resources among users.

Software as a Service (SaaS)

Is a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted. SaaS is an on-demand software typically accessed via a web browser.

Session Hijacking

Is the exploitation of a valid computer session to gain unauthorized access to information or services in a computer.

Structured Query Language (SQL) Injection

Is a computer attack in which malicious code is embedded in a poorly designed application and then passed to the backend database. The malicious data then produces database query or results or actions that should never have been executed.