Abstract
Cloud computing can be viewed as an e‐business in which the cloud provider sells a range of information technology services and operations over the Internet to firms. Security is a major concern for firms that move to the cloud. The security of a cloud is the joint responsibility of the cloud provider and cloud users. However, the extent to which the provider and users can affect cloud security through their efforts depends on the cloud service model. In this study, we develop a game‐theoretical model to study the impact of the cloud service model on provider and user incentives to exert security effort. Our results show that for a given service model, an increase in the user loss from a security breach induces users to exert more security effort. However, if the provider’s service cost is low, the provider profitably free rides on the enhanced user incentives to exert security effort by diminishing his effort. Analogously, the cloud provider is able to profitably free ride on users’ enhanced incentives to exert security effort when the user population is more homogeneous in terms of either cloud valuation or loss from a security breach, depending on the service cost. Our results also have implications for how a cloud provider could possibly target a particular cloud service model to specific user groups based on their characteristics and likelihood of security loss.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
