ISSN (Print): 2374-1953

ISSN (Online): 2374-1988

Editor-in-Chief: Sergii Kavun

Website: http://www.sciepub.com/journal/AJIS

   

Article

Cloud Computing Adoption in Insurance Companies in Kenya

1School of Computing and Informatics University of Nairobi, Kenya


American Journal of Information Systems. 2016, 4(1), 11-16
doi: 10.12691/ajis-4-1-3
Copyright © 2016 Science and Education Publishing

Cite this paper:
Pastor Meshack Akhusama, Christopher Moturi. Cloud Computing Adoption in Insurance Companies in Kenya. American Journal of Information Systems. 2016; 4(1):11-16. doi: 10.12691/ajis-4-1-3.

Correspondence to: Pastor  Meshack Akhusama, School of Computing and Informatics University of Nairobi, Kenya. Email: makhusama@gmail.com

Abstract

Cloud Computing allows companies to access ICT-based services i.e. computer infrastructure, applications, platforms and business processes, via the internet. Cloud Computing is still at the infancy stage in Africa. Studies have indicated a lack of cloud based awareness, even among big organizations in Africa. Kenya just like any other African market is yet to fully adopt cloud based systems due to trust and security concerns. This study aimed at identifying the extent and characteristics of Cloud Computing adoption in insurance companies in Kenya. The study assessed Cloud Computing uses in terms of productivity applications, business applications (CRM, SaaS), infrastructure on-demand (storage, network, and server), finance applications, core business application, databases and desktop. The adoption of the Cloud Computing services in insurance companies was relatively low. The results obtained would assist in providing a roadmap for the best practices to improve Cloud Computing services in the insurance industry in Kenya.

Keywords

References

[1]  Armbrust, M., Fox, A., Griffith, R., Joseph, A. D., Katz, R., Konwinski, A., ... & Zaharia, M. (2010). A view of cloud computing. Communications of the ACM, 53(4), 50-58.
 
[2]  Buyya, R. (2009). Market-Oriented Cloud Computing: Vision, Hype, and Reality of Delivering Computing as the 5th Utility. CCGRID '09 Proceedings of the 2009 9th IEEE/ACM International Symposium on Cluster Computing and the Grid , 3622-3624.
 
[3]  Foster, I., Zhao, Y., Raicu, I., & Lu, S. (2008, November). Cloud computing and grid computing 360-degree compared. In Grid Computing Environments Workshop, 2008. GCE'08 (pp. 1-10). IEEE.
 
[4]  Khajeh-Hosseini, A., Greenwood, D., & Sommerville, I. (2010). Cloud migration: A case study of migrating an enterprise it system to iaas. In Cloud Computing (CLOUD), 2010 IEEE 3rd International Conference on (pp. 450-457). IEEE.
 
[5]  Kim, W., Kim, S. D., Lee, E., & Lee, S. (2009). Adoption issues for cloud computing. In Proceedings of the 7th International Conference on Advances in Mobile Computing and Multimedia (2-5). ACM.
 
Show More References
[6]  Kshetri, N. (2010). Cloud computing in developing economies. ieee Computer, 43(10), 47-55.
 
[7]  Mather, T., Kumaraswamy, S., & Latif, S. (2009). Cloud security and privacy: an enterprise perspective on risks and compliance. O'Reilly Media, Inc.
 
[8]  Omwansa, T. K., Waema, T. M., & Omwenga, M. B (2014). Cloud Computing in Kenya A 2013 Baseline Survey.
 
[9]  Wambu, C. W., & Irungu, D. N. (2014). Does Adoption of Information Technology Improve Firm Performance? A Survey of Firms Listed in the Nairobi Securities Exchange. Journal of Economics and Sustainable Development, 5(23), 112-117.
 
[10]  Winkler, V. (2011). Securing the Cloud: Cloud Computer Security Techniques and Tactics . New York: Syngress.
 
Show Less References

Article

ASP: Advanced Security Protocol for Security and Privacy in Cloud Computing

1M.Tech-Computer Science and Engineering, Lakshmi Narain College of Technology-Indore (RGPV, Bhopal), MP, India

2Department of Computer Science and Engineering, Lakshmi Narain College of Technology-Indore (RGPV, Bhopal), MP, India


American Journal of Information Systems. 2016, 4(2), 17-31
doi: 10.12691/ajis-4-2-1
Copyright © 2016 Science and Education Publishing

Cite this paper:
Shyam Nandan Kumar, Amit Vajpayee. ASP: Advanced Security Protocol for Security and Privacy in Cloud Computing. American Journal of Information Systems. 2016; 4(2):17-31. doi: 10.12691/ajis-4-2-1.

Correspondence to: Shyam  Nandan Kumar, M.Tech-Computer Science and Engineering, Lakshmi Narain College of Technology-Indore (RGPV, Bhopal), MP, India. Email: shyamnandan.mec@gmail.com

Abstract

Security concern has become the biggest obstacle to adoption of cloud because all information and data are completely under the control of cloud service providers. To provide optimal services on cloud, this paper introduces a new distributed and scalable data sharing scheme for data owners in clouds that supports anonymous authentication. Proposed ASP (Advanced Security Protocol) protocol is a cryptographic access control protocol based on key-updating scheme referred to as Advanced Key Update (AKU). The main advantage of the AKU scheme its support for efficient delegation and revocation of privileges in hierarchies without requiring complex cryptographic data structures. Proposed ASP protocol also includes a new digital signature scheme that enables cloud providers to ensure that requests are submitted by authorized end-users, without learning their identities. User Revocation facility is also supported by proposed ASP. In this paper various existing approaches and issues related to data encryption and message authentications are also discussed. At last, experiment results are analyzed and performances are evaluated. The main aim of the paper is to provide more visibility and control to the end-users and close the gap between capabilities of existing solutions and new requirements of cloud-based systems.

Keywords

References

[1]  Shyam Nandan Kumar, and Amit Vajpayee, “A Survey on Secure Cloud: Security and Privacy in Cloud Computing.” American Journal of Systems and Software, vol. 4, no. 1 (2016): 14-26.
 
[2]  Shyam Nandan Kumar, “Cryptography during Data Sharing and Accessing Over Cloud.” International Transaction of Electrical and Computer Engineers System, vol. 3, no. 1 (2015): 12-18.
 
[3]  Shyam Nandan Kumar, “DecenCrypto Cloud: Decentralized Cryptography Technique for Secure Communication over the Clouds.” Journal of Computer Sciences and Applications, vol. 3, no. 3 (2015): 73-78.
 
[4]  Shyam Nandan Kumar, “Review on Network Security and Cryptography.” International Transaction of Electrical and Computer Engineers System, vol. 3, no. 1 (2015): 1-11.
 
[5]  Shyam Nandan Kumar, “World towards Advance Web Mining: A Review.” American Journal of Systems and Software, vol. 3, no. 2 (2015): 44-61.
 
Show More References
[6]  “The NIST Definition of Cloud Computing”. National Institute of Standards and Technology. Retrieved 24 July 2011.
 
[7]  Mather T, Kumaraswamy S, Latif S (2009) Cloud Security and Privacy. O’Reilly Media, Inc., Sebastopol, CA.
 
[8]  A. Verma and S. Kaushal, “Cloud Computing Security Issues and Challenges: A Survey”, Proceedings of Advances in Computing and Communications, Vol. 193, pp. 445-454, 2011.
 
[9]  Shucheng Yu, Cong Wang, Kui Ren, and Wenjing Lou. “Achieving secure, scalable and fine-grained data access control in cloud computing”. In Proceedings of the 29th conference on Information communications, INFOCOM'10, pp. 534-542, Piscataway, NJ, USA, 2010. IEEE Press.
 
[10]  Wayne Jansen, Timothy Grance, “NIST Guidelines on Security and Privacy in Public Cloud Computing”, Draft Special Publication 800-144, 2011.
 
[11]  RFC 3174, US Secure Hash Algorithm 1 (SHA1) http://www.ietf.org/rfc/rfc3174.txt.
 
[12]  Joan Daemen and Vincent Rijmen. Rijndael/aes. “In Encyclopedia of Cryptography and Security”. 2005.
 
[13]  Jon Marler, “Securing the Cloud: Addressing Cloud Computing Security Concerns with Private Cloud”, Rackspace Knowledge Centre, March 27, 2011, Article Id: 1638.
 
[14]  A. Sahai and B. Waters, “Fuzzy identity-based encryption”, in EUROCRYPT, ser. Lecture Notes in Computer Science, vol. 3494. Springer, pp. 457-473, 2005.
 
[15]  V. Goyal, O. Pandey, A. Sahai, and B. Waters, “Attribute-Based Encryption for Fine-Grained Access Control of Encrypted data,” in Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS ’06). ACM, 2006, pp. 89-98.
 
[16]  R. Ostrovsky, A. Sahai, and B. Waters, “Attribute-based encryption with non-monotonic access structures,” in Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS '07), pp. 195-203, November 2007.
 
[17]  J. Bethencourt, A. Sahai, and B. Waters, “Ciphertext-policy attribute-based encryption,” in Proceedings of the IEEE Symposium on Security and Privacy (SP '07), pp. 321-334, May 2007.
 
[18]  L. Cheung and C. Newport, “Provably secure ciphertext policy ABE,” in Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS '07), pp. 456-465, November 2007.
 
[19]  B. Waters, “Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization,” in Public Key Cryptography (PKC '11), pp. 53-70, Springer, Berlin, Germany, 2011.
 
[20]  A. Lewko, T. Okamoto, A. Sahai, and B. Waters, “Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption,” in Advances in Cryptology: EUROCRYPT 2010, vol. 6110 of Lecture Notes in Computer Science, pp. 62-91, Springer, Berlin, Germany, 2010.
 
[21]  K. Emura, A. Miyaji, K. Omote, A. Nomura, and M. Soshi, “A ciphertext-policy attribute-based encryption scheme with constant ciphertext length,” International Journal of Applied Cryptography, vol. 2, no. 1, pp. 46-59, 2010.
 
[22]  M. Chase, “Multi-authority attribute based encryption,” in Theory of Cryptography, vol. 4392 of Lecture Notes in Computer Science, pp. 515-534, Springer, Berlin, Germany, 2007.
 
[23]  J. Han, W. Susilo, Y. Mu, and J. Yan, “Privacy-preserving decentralized key-policy attribute-based encryption,” IEEE Transactions on Parallel and Distributed Systems, vol. 23, no. 11, pp. 2150-2162, 2012.
 
[24]  V. Bozovic, D. Socek, R. Steinwandt, and V. I. Villanyi, “Multi-authority attribute-based encryption with honest-but-curious central authority,” International Journal of Computer Mathematics, vol. 89, no. 3, pp. 268-283, 2012.
 
[25]  H. Lin, Z. Cao, X. Liang, and J. Shao, “Secure threshold multi authority attribute based encryption without a central authority,” Information Sciences, vol. 180, no. 13, pp. 2618-2632, 2010.
 
[26]  M. Chase and S. S. M. Chow, “Improving privacy and security in multi-authority attribute-based encryption,” in Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS '09), pp. 121-130, Chicago, Ill, USA, November 2009.
 
[27]  N. Attrapadung and H. Imai, “Dual-policy attribute based encryption,” in Applied Cryptography and Network Security, pp. 168-185, Springer, Berlin, Germany, 2009.
 
[28]  Guojun Wang, Qin Liu, Jie Wu and Minyi Guo, “Hierarchical attribute-based encryption and scalable user revocation for sharing data in cloud servers”, 2011.
 
[29]  M. Mambo and E. Okamoto, “Proxy cryptosystems: delegation of the power to decrypt ciphertexts,” IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, vol. 80, no. 1, pp. 54-62, 1997.
 
[30]  M. Blaze, G. Bleumer, and M. Strauss, “Divertible protocols and atomic proxy cryptography,” in Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques (EUROCRYPT '98), pp. 127-144, Espoo, Finland, 1998.
 
[31]  Tatsuaki Okamoto and Katsuyuki Takashima, “Decentralized Attribute-Based Signatures” , Public-Key Cryptography – PKC 2013, Springer Berlin Heidelberg, pp 125-142.
 
[32]  Xiaofeng Chen, Jin Li, Xinyi Huang, Jingwei Li, Yang Xiang and Duncan S. Wong, “Secure Outsourced Attribute-Based Signatures”, pp: 3285-3294, IEEE, vol. 25, (2014).
 
[33]  Wenyi Liu, Uluagac, A.S. and Beyah, R., “MACA: A privacy-preserving multi-factor cloud authentication system utilizing big data”, IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), 2014, pp. 518-523, Toronto, ON.
 
[34]  S. Yu, C. Wang, K. Ren, and W. Lou, “Attribute based data sharing with attribute revocation” in ACM ASIACCS, pp. 261-270, 2010.
 
[35]  A. B. Lewko and B. Waters, “Decentralizing attribute-based encryption”, in EUROCRYPT, ser. Lecture Notes in Computer Science, vol. 6632. Springer, pp. 568-588, 2011.
 
[36]  H. K. Maji, M. Prabhakaran, and M. Rosulek, “Attribute-based signatures”, in CT-RSA, ser. Lecture Notes in Computer Science, vol. 6558. Springer, pp. 376-392, 2011.
 
[37]  Amazon S3 . http://aws.amazon.com/s3/.
 
[38]  Michael Backes, Christian Cachin, and Alina Oprea. “Secure Key-Updating for Lazy Revocation”,. In Research Report RZ 3627, IBM Research, pages 327-346. Springer, 2005.
 
[39]  Marina Blanton, Nelly Fazio, and Keith B. Frikken. “Dynamic and Efficient Key Management for Access Hierarchies”. In Proceedings of the ACM Conference on Computer and Communications Security, 2005.
 
[40]  Dan Boneh and Matthew Franklin. “Identity-based encryption from the weil pairing”. SIAM J. Comput., 32: 586-615, March 2003.
 
[41]  Craig Gentry and Alice Silverberg. “Hierarchical ID-based cryptography”. In ASI- ACRYPT, pp. 548-566, 2002.
 
[42]  SQL Data Services/Azure Services Platform. http://http://www.windowsazure.com.
 
[43]  Amazon SimpleDB. http://aws.amazon.com/simpledb/.
 
[44]  Google App Engine. http://appengine.google.com.
 
[45]  Fay Chang, Jeffrey Dean, Sanjay Ghemawat, Wilson C. Hsieh, Deborah A. Wallach, Mike Burrows, Tushar Chandra, Andrew Fikes, and Robert E. Gruber. Bigtable: “A distributed storage system for structured data”. In Proceedings of the 7th symposium on Operating systems design and implementation - volume 7, pp. 205-218, 2006.
 
[46]  P. Sharma, S. K. Sood, and S. Kaur, “Security Issues in Cloud Computing”, Proceedings of High Performance Architecture and Grid Computing, Vol. 169, pp. 36-45, 2011.
 
[47]  Alessandro Perilli, Claudio Criscione, “Securing the Private Cloud”, Article on Secure Networks, Virtualization.info. http://virtualization.info/en/security/privatecloud.pdf.
 
[48]  Thomas W. Shinder, “Security Issues in Cloud Deployment models”, TechNet Articles, Wiki, Microsoft, Aug, 2011.
 
[49]  Craig Gentry, A FULLY HOMOMORPHIC ENCRYPTION SCHEME”, PhD Thesis, STANFORD UNIVERSITY, September 2009.
 
[50]  Cloud Security Alliance (2012), “SecaaS implementation guidance, category 1: identity and Access management”. Available: https://downloads.cloudsecurityalliance.org/initiatives/secaas/SecaaS_Cat_1_IAM_Implementation _Guidance.pdf.
 
[51]  Ron Rivest (2002-10-29). “Lecture Notes 15: Voting, Homomorphic Encryption.
 
[52]  B. R. Kandukuri, P. V. Ramakrishna, and A. Rakshit, “Cloud security issues”, in Proceedings of the IEEE International Conference on Services Computing (SCC '09), pp. 517-520, September 2009.
 
[53]  Win-Bin Huang and Wei-Tsung Su, “Identity-based access control for digital content based on ciphertext-policy attribute-based encryption”, International Conference on Information Networking (ICOIN), IEEE, pp. 87-91, Cambodia, 2015.
 
[54]  Jie Xu, Qiaoyan Wen, Wenmin Li, Zhengping Jin, “Circuit Ciphertext-Policy Attribute-Based Hybrid Encryption with Verifiable Delegation in Cloud Computing”, IEEE Transactions on Parallel and Distributed Systems, vol. 27, issue: 1, pp. 119-129, 2015.
 
[55]  Win-Bin Huang, Wei-Tsung Su, and Chiang-Sheng Liang, “A threshold-based key generation approach for ciphertext-policy attribute-based encryption”, Seventh International Conference on Ubiquitous and Future Networks (ICUFN), IEEE, pp. 908-913, Sapporo, 2015.
 
[56]  Juanjuan Li, Zhenhua Liu, and Longhui Zu, “Chosen-Ciphertext Secure Multi-use Unidirectional Attribute-Based Proxy Re-Encryptions”, Ninth Asia Joint Conference on Information Security (ASIA JCIS), IEEE, pp. 96-103, Wuhan, 2014.
 
[57]  Han Yiliang, Jiang Di , Yang Xiaoyuan, “The Revocable Attribute Based Encryption Scheme for Social Networks”, International Symposium on Security and Privacy in Social Networks and Big Data (SocialSec), IEEE, pp. 44-51, Hangzhou, 2015.
 
[58]  Lin You, and Lijun Wang, “Hierarchical authority key-policy attribute-based encryption”, IEEE 16th International Conference on Communication Technology (ICCT), pp. 868-872, Hangzhou, 2015.
 
Show Less References

Article

An Institutional Perspective to Understand FOSS Adoption in Public Sectors: Case Studies in Ethiopia and India

1Department of Informatics, University of Oslo, Oslo, Norway


American Journal of Information Systems. 2016, 4(2), 32-44
doi: 10.12691/ajis-4-2-2
Copyright © 2016 Science and Education Publishing

Cite this paper:
Selamawit Molla Mekonnen, Zegaye Seifu Wubishet. An Institutional Perspective to Understand FOSS Adoption in Public Sectors: Case Studies in Ethiopia and India. American Journal of Information Systems. 2016; 4(2):32-44. doi: 10.12691/ajis-4-2-2.

Correspondence to: Selamawit  Molla Mekonnen, Department of Informatics, University of Oslo, Oslo, Norway. Email: selamawm@ifi.uio.no

Abstract

This paper is aimed at understanding institutional influences on Free and Open Source Software (FOSS) adoption in public sectors. It explores strategies, policies, and technical infrastructure so as to harness FOSS as an alternative technical solution in organizations such as the health sector. The study was conducted in India/Kerala and Ethiopia following interpretive qualitative research tradition. Data was collected at micro and macro level. While the micro level explored the acceptance of specific FOSS in Kerala and rejection in Ethiopia, the macro level studied how institutions outside the health sector were drawn upon to legitimize decisions. Data collection was conducted while at the same time analyzing and refining the data to find common themes for both settings. Subsequently, the themes were categorized interpretively into regulative, normative and cultural-cognitive institutions as provided by Scott (2001). The result shows regulative and normative institutions influence FOSS adoption in public sectors positively and that integrating FOSS with the proprietary dominated public sector of developing countries should begin by cultivating the normative institutional aspect. The normative aspect focuses on issues related to FOSS education and professional associations. Moreover, the study shows, technology by itself can facilitate its own adoption once it has gained large installed base; expanding the institutional framework to include a technological element. Practically, the study contributes to our understanding of the field level challenges in realizing the potential of FOSS for the benefits of public sector organizations in general and health sectors in particular in developing countries.

Keywords

References

[1]  Cook, I. and G. Horobin, Implementing eGovernment without promoting dependence: Open source software in developing countries in Southeast Asia. Public Administration and Development, 2006. 26(4): p. 279-289.
 
[2]  Cook, I. and G. Horobin, Implementing eGovernment with out promoting dependence:open source software in developing countries in Southeast Asia. Public Administration and Development, 2006. 26(4): p. 279-289.
 
[3]  Camara, G. and F. Fonseca, Information policies and Open source Software in developing Countries. Journal of the American Society for Information Science and Technology, 2007. 58(1): p. 121-132.
 
[4]  Scacchi, W., et al., Understanding Free and Open Source Software Development Porcesses. Software Process Improvement and Practice, 2006. 11: p. 95-105.
 
[5]  Abbott, P., How can African countries advance their outsourcing industries: An overview of possible approaches. The African Journal of Information Systems, 2013. 5(1): p. 2.
 
Show More References
[6]  Mengesha, N.T., Technology Capacity Development through OSS Implementation: The Case of Public Higher Education Institutions in Ethiopia. The African Journal Of Information Systems, 2010. 2(1): p. 2.
 
[7]  Effah, J. and G. Abbeyquaye, How FOSS Replaced Proprietary Software at a University: An Improvisation Perspective in a Low-income Country. The African Journal of Information Systems, 2014. 6(1): p. 2.
 
[8]  Twaakyondo, H.M. and J.H. Lungo, Open source software in health information systems: Opportunities and challenges. Tanzania Journal of Engineering and Technology, 2008. 2(1): p. 36-45.
 
[9]  Sheikh, Y.H. and A.D. Bakar, Open Source Software Solution for Healthcare: The Case of Health Information System in Zanzibar, in e-Infrastructure and e-Services for Developing Countries. 2011, Springer. p. 146-155.
 
[10]  Scott, W.R., Institutions and organizations. 2001: Sage Thousand Oaks, CA.
 
[11]  DeVaujany, F., et al., Applying and theorising institutional frameworks in IS research. Information Technology & People, 2014. 27(3).
 
[12]  Pishdad, A., et al. Identifying Gaps in Institutional Theory. in Proceedings of the 25th Australasian Conference on Information Systems, 2014. Auckland, New Zealand.
 
[13]  North, D.C., Institutions, institutional change and economic performance. 1990: Cambridge university press.
 
[14]  Greenwood, R., R. Suddaby, and C.R. Hinings, Theorizing change: The role of professional associations in the transformation of institutionalized fields. Academy of management journal, 2002. 45(1): p. 58-80.
 
[15]  Sahay, S., et al., Interplay of institutional logics and implications for deinstitutionalization: case study of HMIS implementation in Tajikistan. Information Technologies & International Development, 2010. 6(3): p. pp. 19-32.
 
[16]  Palthe, J., Regulative, Normative, and Cognitive Elements of Organizations: Implications for Managing Change. Management and Organizational Studies, 2014. 1(2): p. p59.
 
[17]  Hsu, C., Y.-T. Lin, and T. Wang, A legitimacy challenge of a cross-cultural interorganizational information system. European Journal of Information Systems, 2015. 24: p. 278-294.
 
[18]  Suddaby, R., Challenges for institutional theory. Journal of Management Inquiry, 2010. 19(1): p. 14-20.
 
[19]  Hsu, C., Y.-T. Lin, and T. Wang, A legitimacy challenge of a cross-cultural interorganizational information system. European Journal of Information Systems, 2015. 24(3): p. 278-294.
 
[20]  Jepperson, R.L., Institutions, institutional effects, and institutionalism. The new institutionalism in organizational analysis, 1991. 6: p. 143-163.
 
[21]  Avgerou, C., Information systems and global diversity. 2002: OUP Oxford.
 
[22]  Oliver, C., The antecedents of deinstitutionalization. Organization studies, 1992. 13(4): p. 563-588.
 
[23]  Grisot, M., H. O., and A. Thorseng, Innovation of,in,on infrastructures: articulating the role of architecture in information infrastructure evolution. Journal of the Association for Information Systems, 2014. 15(special issue): p. 197-219.
 
[24]  Hanseth, O. and E. Monteiro, Understanding information infrastructure. Unpublished Manuscript, Retrieved on 6th September from http://heim. ifi. uio. no/~ oleha/Publications/bok. pdf, 1998.
 
[25]  Aanestad, M. and T.B. Jensen, Building nation-wide information infrastructures in healthcare through modular implementation strategies. The Journal of Strategic Information Systems, 2011. 20(2): p. 161-176.
 
[26]  Dahlbom, B. and L. Mathiassen, Computers in context: The Philospphy and Practice of System Design. 1993, Cambridge, Massachusetts: Blackwell Publisher
 
[27]  Maguire, S., C. Hardy, and T.B. Lawrence, Institutional entrepreneurship in emerging fields: HIV/AIDS treatment advocacy in Canada. Academy of management journal, 2004. 47(5): p. 657-679.
 
[28]  Hardy, C. and S. Maguire, Institutional entrepreneurship. The Sage handbook of organizational institutionalism, 2008: p. 198-217.
 
[29]  Walsham, G., Interpreting information systems in organizations. Vol. 19. 1993: Wiley Chichester.
 
[30]  Walsham, G., Doing interpretive research. European journal of information systems, 2006. 15(3): p. 320-330.
 
[31]  Orlikowski, W.J. and J.J. Baroudi, Studying information technology in organizations: Research approaches and assumptions. Information systems research, 1991. 2(1): p. 1-28.
 
[32]  Klein, H.K. and M.D. Myers, A set of principles for conducting and evaluating interpretive field studies in information systems. MIS quarterly, 1999: p. 67-93.
 
[33]  Creswell, J.W., Research design: Qualitative, quantitative, and mixed methods approaches. 2013: Sage publications.
 
[34]  Braa, J., E. Monterio, and S. Sahay, Networks of action: sustainable health information systems across developing countries. . MIS quarterly, 2004. 28: p. 337-362.
 
[35]  Walsham, G., Interpretive case studies in IS research: nature and method. European Journal of information systems, 1995. 4(2): p. 74-81.
 
[36]  Elliott, R. and L. Timulak, Descriptive and interpretive approaches to qualitative research. A handbook of research methods for clinical and health psychology, 2005: p. 147-159.
 
[37]  Walsham, G., What is Interpretive Research? . (n.d), University of Oslo: Retrieved from http://www.uio.no/studier/emner/matnat/ifi/INF5740/h04/.../Lecture_1.pp.
 
[38]  Henfridsson, O. and B. Bygstad, The Generative Mechanisms of Digital Infrastructure Evolution. Mis Quarterly, 2013. 37(3): p. 907-931.
 
[39]  Silva, L. and J. Backhouse. Becoming part of the furniture:the institutionalization of information systems. in IFIP TC8 WG 8.2 international conference on information systems and qualitative research. 1997. Philadelphia: Chapman & Hall, Ltd.
 
[40]  Wubishet, Z., Conceptualizing the Governance of Free and Open Source Software Development: A Framework Based on Case Studies of Three Software Projects in Norway, in Department of Informatics. 2011, Norway: Oslo.
 
[41]  Arthur, W.B., Competing technologies, increasing returns, and lock-in by historical events. The economic journal, 1989. 99(394): p. 116-131.
 
[42]  Aanestad, A., Cultivating Networks: Implementing Surgical Telemedicine., in Department of Informatics. 2002, University of Oslo: Oslo.
 
[43]  Farrell, J. and G. Saloner, Standardization, compatibility, and innovation. The RAND Journal of Economics, 1985: p. 70-83.
 
Show Less References