EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Managing cloud security in the presence of strategic hacker and joint responsibility

Yong Wu, Zi Kang, Tao Dai and Dong Cheng

Journal of the Operational Research Society, 2024, vol. 75, issue 7, 1371-1384

Abstract: The widespread use of cloud computing has brought cloud security to the forefront. The cloud provider and the firm assume varying degrees of joint responsibility for cloud security with cloud service models including IaaS, PaaS, and SaaS, to defend the strategic hacker. This paper builds a game-theoretical model to study cloud security management, in which we find that ignoring the strategic hacker leads to the dislocation security investment decisions (overinvestment or underinvestment) for the provider and the firm in bilateral refund contracts (BRCs). The strategic hacker’s attack effort is inverse U-shaped with cloud service models, leading to a free-riding problem between the provider and the firm. Furthermore, from the perspective of social welfare maximization, both the provider and the firm would underinvest or overinvest in cloud security. To solve the problem, we propose two new contract mechanisms: one is an internal effort-based contract, in which the provider oversees the firm internally and the compensation rate depends on the firm’s effort once the breach occurs. The other is an external effort-based contract, in which the monitoring agency supervises the efforts of the provider and the firm. We compare the two new contracts with BRCs and obtain the optimal choice for principals.

Date: 2024
References: Add references at CitEc
Citations:

Downloads: (external link)
http://hdl.handle.net/10.1080/01605682.2023.2249506 (text/html)
Access to full text is restricted to subscribers.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:taf:tjorxx:v:75:y:2024:i:7:p:1371-1384

Ordering information: This journal article can be ordered from
http://www.tandfonline.com/pricing/journal/tjor20

DOI: 10.1080/01605682.2023.2249506

Access Statistics for this article

Journal of the Operational Research Society is currently edited by Tom Archibald

More articles in Journal of the Operational Research Society from Taylor & Francis Journals
Bibliographic data for series maintained by Chris Longhurst ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-20
Handle: RePEc:taf:tjorxx:v:75:y:2024:i:7:p:1371-1384