CFP last date
29 June 2026
Call for Paper
July Edition
JAAI solicits high quality original research papers for the upcoming July edition of the journal. The last date of research paper submission is 29 June 2026

Submit your paper
Know more
The week's pick
Responsive image
A Holistic Architectural Framework for Digital Sovereignty in the Post-Quantum Era: Integrating Vendor Lock-In Mitigation with Quantum-Resistant Cloud Migration Strategies

Justice Opara-Martins
Reseach Article

A Holistic Architectural Framework for Digital Sovereignty in the Post-Quantum Era: Integrating Vendor Lock-In Mitigation with Quantum-Resistant Cloud Migration Strategies

by Justice Opara-Martins
journal cover thumbnail

Journal of Advanced Artificial Intelligence
Foundation of Computer Science (FCS), NY, USA
Volume 2 - Number 6
Year of Publication: 2026
Authors: Justice Opara-Martins

Justice Opara-Martins . A Holistic Architectural Framework for Digital Sovereignty in the Post-Quantum Era: Integrating Vendor Lock-In Mitigation with Quantum-Resistant Cloud Migration Strategies. Journal of Advanced Artificial Intelligence. 2, 6 ( May 2026), 18-41. DOI=None

@article{ None,
author = { Justice Opara-Martins },
title = { A Holistic Architectural Framework for Digital Sovereignty in the Post-Quantum Era: Integrating Vendor Lock-In Mitigation with Quantum-Resistant Cloud Migration Strategies },
journal = { Journal of Advanced Artificial Intelligence },
issue_date = { May 2026 },
volume = { 2 },
number = { 6 },
month = { May },
year = { 2026 },
pages = { 18-41 },
numpages = {9},
url = { https://jaaionline.phdfocus.com/archives/volume2/number6/a-holistic-architectural-framework-for-digital-sovereignty-in-the-post-quantum-era-integrating-vendor-lock-in-mitigation-with-quantum-resistant-cloud-migration-strategies/ },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2026-05-31T02:56:50+05:30
%A Justice Opara-Martins
%T A Holistic Architectural Framework for Digital Sovereignty in the Post-Quantum Era: Integrating Vendor Lock-In Mitigation with Quantum-Resistant Cloud Migration Strategies
%J Journal of Advanced Artificial Intelligence
%V 2
%N 6
%P 18-41
%D 2026
%I Foundation of Computer Science (FCS), NY, USA
Abstract

The rapid expansion of hyperscale cloud ecosystems has transformed enterprise computing through elastic infrastructure provisioning, distributed orchestration, and cloud‑native service delivery. However, increasing dependency upon proprietary cloud platforms has intensified concerns surrounding vendor lock‑in, digital sovereignty, post‑quantum cryptographic resilience, and long‑term infrastructure autonomy. Existing cloud migration models largely prioritise scalability and operational efficiency while inadequately addressing sovereignty governance and cryptographic sustainability. The convergence of cloud computing heterogeneity, vendor lock-in vulnerabilities, and the impending post-quantum cryptographic transition presents a critical challenge for European digital sovereignty agendas. This study proposes a Sovereign Quantum Migration Framework (SQMF) integrating vendor lock-in mitigation, post-quantum cryptographic migration, and digital sovereignty governance within a unified architectural model. Through mixed-method empirical analysis involving 47 European organisations, 23 executive interviews, and three pilot implementations, the study identifies significant deficiencies in organisational preparedness for the convergence of quantum risk and cloud dependency. Findings indicate that 73% of current cloud migration strategies lack explicit post-quantum transition planning, whilst 68% exhibit critical vendor dependency patterns that would impede cryptographic agility. The proposed framework introduces a twelve-step migration methodology supported by quantitative sovereignty-risk modelling, cryptographic agility assessment, and multi-cloud governance mechanisms. Empirical validation demonstrates measurable reductions in Vendor Dependency Index scores and improvements in cryptographic resilience across financial, healthcare, and public-sector deployments. The study contributes a formalised Theory of Sovereign Cloud Architecture alongside a practical implementation roadmap for post-quantum digital infrastructure governance. The findings demonstrate that digital sovereignty must be conceptualised as a multidimensional architectural property emerging from the integration of infrastructure autonomy, cryptographic resilience, and governance independence. The study additionally introduces the Compound Sovereignty Risk (CSR) model for quantifying systemic sovereignty exposure and develops the Unified Sovereign Cloud Architecture Model (USCAM) together with the Sovereign Cloud Reference Architecture (SCRA). Findings demonstrate that vendor dependency and cryptographic rigidity interact synergistically, thereby amplifying long‑term migration complexity and sovereignty exposure. The research contributes theoretically by reconceptualising digital sovereignty as a measurable architectural property and operationally by providing a practical governance‑oriented pathway for sovereign post‑quantum cloud transformation.

References
  1. P. Mell and T. Grance, “The NIST Definition of Cloud Computing,” National Institute of Standards and Technology, Gaithersburg, MD, USA, NIST Special Publication 800-145, 2011. Available: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-145.pdf
  2. M. Armbrust et al., “A View of Cloud Computing,” Communications of the ACM, vol. 53, no. 4, pp. 50–58, 2010. Available: https://doi.org/10.1145/1721654.1721672
  3. B. Varghese and R. Buyya, “Next Generation Cloud Computing: New Trends and Research Directions,” Future Generation Computer Systems, vol. 79, pp. 849–861, 2018. Available: https://doi.org/10.1016/j.future.2017.09.020
  4. D. Petcu, “Portability and Interoperability between Clouds: Challenges and Case Study,” Towards a Service-Based Internet, vol. 6481, pp. 62–74, 2010. Available: https://doi.org/10.1007/978-3-642-17694-4_5
  5. P. W. Shor, “Algorithms for Quantum Computation: Discrete Logarithms and Factoring,” Proceedings of the 35th Annual Symposium on Foundations of Computer Science, pp. 124–134, 1994. Available: https://doi.org/10.1109/SFCS.1994.365700
  6. L. K. Grover, “A Fast Quantum Mechanical Algorithm for Database Search,” Proceedings of the 28th Annual ACM Symposium on Theory of Computing, pp. 212–219, 1996. Available: https://doi.org/10.1145/237814.237866
  7. National Institute of Standards and Technology (NIST), “Post-Quantum Cryptography Standardization,” 2024. Available: https://csrc.nist.gov/projects/post-quantum-cryptography
  8. European Commission, “European Strategy for Data,” Brussels, Belgium, 2020. Available: https://digital-strategy.ec.europa.eu/en/policies/strategy-data
  9. ENISA, “Cloud Security and Resilience Guidelines,” European Union Agency for Cybersecurity, 2023. Available: https://www.enisa.europa.eu/publications
  10. B. Burns, B. Grant, D. Oppenheimer, E. Brewer, and J. Wilkes, “Borg, Omega, and Kubernetes,” Communications of the ACM, vol. 59, no. 5, pp. 50–57, 2016. Available: https://doi.org/10.1145/2890784
  11. N. Dragoni et al., “Microservices: Yesterday, Today, and Tomorrow,” Present and Ulterior Software Engineering, pp. 195–216, 2017. Available: https://doi.org/10.1007/978-3-319-67425-4_12
  12. J. Dean and L. A. Barroso, “The Tail at Scale,” Communications of the ACM, vol. 56, no. 2, pp. 74–80, 2013. Available: https://doi.org/10.1145/2408776.2408794
  13. R. Buyya, C. S. Yeo, and S. Venugopal, “Market-Oriented Cloud Computing: Vision, Hype, and Reality,” Future Generation Computer Systems, vol. 25, no. 6, pp. 599–616, 2009. Available: https://doi.org/10.1016/j.future.2008.12.001
  14. A. K. Pathan, Cloud Security: Concepts, Methodologies, Tools and Applications, IGI Global, 2019. Available: https://doi.org/10.4018/978-1-5225-8176-3
  15. A. Li et al., “CloudCmp: Comparing Public Cloud Providers,” Proceedings of the ACM SIGCOMM Conference, pp. 1–14, 2010. Available: https://doi.org/10.1145/1851182.1851193
  16. European Union Agency for Cybersecurity (ENISA), “Guidelines for Securing the Cloud,” 2024. Available: https://www.enisa.europa.eu/topics/cloud-and-big-data/cloud-security
  17. Gartner Research, “Avoiding Strategic Vendor Lock-In in Cloud Computing,” Gartner Technical Report, 2023. Available: https://www.gartner.com/en/information-technology
  18. F. Schallbruch and S. Skierka, Cybersecurity in Germany, Springer, 2018. Available: https://doi.org/10.1007/978-3-319-89818-6
  19. D. Bernstein, “Containers and Cloud: From LXC to Docker to Kubernetes,” IEEE Cloud Computing, vol. 1, no. 3, pp. 81–84, 2014. Available: https://doi.org/10.1109/MCC.2014.51
  20. CNCF, “Cloud Native Survey Report,” Cloud Native Computing Foundation, 2024. Available: https://www.cncf.io/reports/cncf-annual-survey-2024
  21. ETSI, “Quantum-Safe Cryptography and Security,” ETSI White Paper No. 8, 2023. Available: https://www.etsi.org/images/files/ETSIWhitePapers/QuantumSafeWhitepaper.pdf
  22. D. J. Bernstein and T. Lange, Post-Quantum Cryptography, Springer, 2009. Available: https://doi.org/10.1007/978-3-540-88702-7
  23. NSA, “Quantum Computing and Post-Quantum Cryptography,” National Security Agency Advisory Memorandum, 2022. Available: https://media.defense.gov/2022/Aug/04/2003049358/-1/-1/0/CSI_QC_PQC_FAQ.PDF
  24. ISACA, “Cryptographic Agility and Enterprise Resilience,” ISACA Journal, vol. 3, pp. 12–25, 2023. Available: https://www.isaca.org/resources/isaca-journal
  25. Cloud Security Alliance, “Security Guidance for Critical Areas of Focus in Cloud Computing,” Version 5.0, 2024. Available: https://cloudsecurityalliance.org/artifacts/security-guidance-v5
  26. IBM Research, “Quantum Roadmap and Enterprise Readiness,” IBM Technical Review, 2024. Available: https://research.ibm.com/quantum
  27. GAIA-X European Association, “GAIA-X Architecture Document,” 2024. Available: https://gaia-x.eu
  28. S. Couture and S. Toupin, “What Does the Notion of Sovereignty Mean When Referring to the Digital?,” New Media & Society, vol. 21, no. 10, pp. 2305–2322, 2019. Available: https://doi.org/10.1177/1461444819865984
  29. OECD, “Digital Sovereignty and Cross-Border Data Governance,” OECD Digital Economy Papers, 2023. Available: https://www.oecd.org/digital
  30. World Economic Forum, “Cyber Resilience in the Quantum Era,” Geneva, Switzerland, 2024. Available: https://www.weforum.org/publications
  31. V. Braun and V. Clarke, “Using Thematic Analysis in Psychology,” Qualitative Research in Psychology, vol. 3, no. 2, pp. 77–101, 2006. Available: https://doi.org/10.1191/1478088706qp063oa
  32. ISO/IEC 27001:2022, Information Security, Cybersecurity and Privacy Protection — Information Security Management Systems — Requirements, International Organization for Standardization, Geneva, Switzerland, 2022. Available: https://www.iso.org/standard/27001
  33. ISO/IEC 27017:2015, Code of Practice for Information Security Controls Based on ISO/IEC 27002 for Cloud Services, ISO, Geneva, Switzerland, 2015. Available: https://www.iso.org/standard/43757.html
  34. Cloud Security Alliance, “Enterprise Architecture for a Quantum-Safe World,” CSA Research Report, 2024. Available: https://cloudsecurityalliance.org/research
  35. M. Satyanarayanan, “The Emergence of Edge Computing,” Computer, vol. 50, no. 1, pp. 30–39, 2017. Available: https://doi.org/10.1109/MC.2017.9
  36. Accenture Research, “The Economics of Sovereign Cloud,” Accenture Technology Vision Report, 2024. Available: https://www.accenture.com
  37. Deloitte, “Future of Sovereign Cloud Infrastructure,” Deloitte Insights, 2024. Available: https://www2.deloitte.com
  38. McKinsey & Company, “Cloud Transformation and Digital Sovereignty,” McKinsey Digital Report, 2023. Available: https://www.mckinsey.com/capabilities/mckinsey-digital
  39. Opara-Martins, J. and Sahandi, M. (2017) 'A holistic decision framework to avoid vendor lock-in for cloud SaaS migration', Computer and Information Science, 10(4), pp. 1-15.
  40. Opara-Martins, J., 2018. Taxonomy of Cloud Lock-in Challenges. Mobile Computing-Technology and Applications.
  41. Opara-Martins, J., Critical Appraisal of AI-Driven Fraud Detection and the Strategic Mitigation of Vendor Lock-In at JPMorgan Chase.
  42. KPMG, “Post-Quantum Cryptography Readiness Assessment,” KPMG Cybersecurity Review, 2024. Available: https://kpmg.com
  43. Opara-Martins, J., Sahandi, R. and Tian, F., 2016. Critical analysis of vendor lock-in and its impact on cloud computing migration: a business perspective. Journal of Cloud Computing, 5(1), p.4.
  44. World Economic Forum, “Global Cybersecurity Outlook,” Geneva, Switzerland, 2025. Available: https://www.weforum.org/reports/global-cybersecurity-outlook-2025
  45. PQCRYPTO Consortium (2023) Enterprise Post-Quantum Migration Roadmap. PQCRYPTO Technical Report.
Index Terms

Computer Science
Information Sciences

Keywords

Cloud Governance Multi-Cloud Architecture Strategic Migration Cryptographic Agility Sovereign Cloud Architecture Quantum-Resistant Infrastructure

Powered by PhDFocusTM