2 sonuçlar
Arama Sonuçları
Listeleniyor 1 - 2 / 2
Yayın An analysis of enterprise-level cloud transition barriers within the Technology-Organization-Environment (TOE) framework and strategic solution proposals(Gazi Üniversitesi, 2025-10-31) Çeliktaş, Barış; Birgin, Berat; Tok, Mevlüt SerkanEnterprise-level transitions to cloud service providers are frequently delayed or disrupted due to the multilayered nature of technical, organizational, and legal barriers. This study classifies these obstacles within the TechnologyOrganization-Environment (TOE) theoretical framework and provides a comprehensive analysis. Methodologically, a triangulated data source approach was adopted, combining systematic literature review, the 2025 Flexera Cloud Report, and Cloud Adoption Framework (CAF) documentation from major providers such as AWS, Azure, and Google Cloud. Findings indicate that technological barriers particularly cryptographic complexity, cost unpredictability, and weak system integration, are the most dominant. These barriers were visually modeled, and the structural interdependencies among five core cryptographic components (key management, secure computation, algorithm selection, access control, and regulatory compliance) were illustrated through a flow diagram. By aligning FinOps and compliance-oriented solution strategies with the TOE framework, the study offers a strategic roadmap for decision-makers and cloud architects planning cloud adoption. It links conceptual models to applied practices, providing structured support for organizations seeking to mature their cloud strategy.Yayın From policy to practice: a sector-agnostic operational framework for post-quantum cryptography transition(Institute of Electrical and Electronics Engineers Inc., 2026-03-02) Birgin, Berat; Çeliktaş, BarışThe pace of quantum computing development necessitates not only the adoption of post-quantum cryptographic algorithms, but also the establishment of an executable and auditable institutional transition process. Although guidance documents published by the National Institute of Standards and Technology (NIST) and roadmaps proposed by the Post-Quantum Cryptography Coalition (PQCC) articulate strategic objectives, they largely remain procedural constructs lacking a concrete operational execution model. This paper presents an industry-neutral operational framework that translates policy-level post-quantum cryptography (PQC) guidance into deterministic, proof-producing process flows encompassing cryptographic asset discovery, classification, risk modeling, algorithm selection, deployment, monitoring, and governance enforcement. Central to the framework is a deterministic Quantum Risk Scoring (QRS) function, calibrated using the Analytical Hierarchy Process (AHP), which enables reproducible asset prioritization and policy-driven enforcement decisions. Framework executability is further strengthened through cryptography-aware continuous integration/continuous deployment (CI/CD) validation gates and downgrade protection mechanisms, ensuring the generation of verifiable and immutable audit artifacts. A scenario-based operational validation, implemented using open-source toolchains, demonstrates the framework’s operability, auditability, and governance alignment without relying on empirical cryptographic performance benchmarks, confirming that PQC transition can be operationalized as a verifiable lifecycle process bridging policy guidance with enforceable technical actions. Rather than introducing new cryptographic primitives, this work formalizes PQC transition as an operational systems-engineering problem centered on governance-enforced execution and lifecycle verifiability.
