Cloud Service Model's Role in Provider and User Security Investment Incentives
成果类型:
Article
署名作者:
Yang, Mingwen; Jacob, Varghese S.; Raghunathan, Srinivasan
署名单位:
University of Washington; University of Washington Seattle; University of Texas System; University of Texas Dallas
刊物名称:
PRODUCTION AND OPERATIONS MANAGEMENT
ISSN/ISSBN:
1059-1478
DOI:
10.1111/poms.13274
发表日期:
2021
页码:
419-437
关键词:
E‐ business
cloud computing
cloud security
cloud service model
game theory
摘要:
Cloud computing can be viewed as an e-business in which the cloud provider sells a range of information technology services and operations over the Internet to firms. Security is a major concern for firms that move to the cloud. The security of a cloud is the joint responsibility of the cloud provider and cloud users. However, the extent to which the provider and users can affect cloud security through their efforts depends on the cloud service model. In this study, we develop a game-theoretical model to study the impact of the cloud service model on provider and user incentives to exert security effort. Our results show that for a given service model, an increase in the user loss from a security breach induces users to exert more security effort. However, if the provider's service cost is low, the provider profitably free rides on the enhanced user incentives to exert security effort by diminishing his effort. Analogously, the cloud provider is able to profitably free ride on users' enhanced incentives to exert security effort when the user population is more homogeneous in terms of either cloud valuation or loss from a security breach, depending on the service cost. Our results also have implications for how a cloud provider could possibly target a particular cloud service model to specific user groups based on their characteristics and likelihood of security loss.
来源URL: