Impact of security risks on cloud computing adoption

01/2011; DOI: 10.1109/Allerton.2011.6120232

ABSTRACT Cloud computing has been a paradigm shift in the information technology domain. It offers potential benefits to users in terms of instant availability, scalability and resource sharing, while potentially posing security issues. Especially, recent events like Amazons system failure increased the concerns related to cloud computing1. Given these security and reliability concerns, we explore the optimal decision rule for moving certain IT function to public clouds. We formulate the problem as an entrepreneurial decision for an optimal stopping time at which the entrepreneur shall migrate to the cloud computing paradigm. Two different models are presented. Recognizing that an important and specific issue related to different computing paradigm is the potential “security” risk posed by each technology, we consider security risks in both models. The first model approaches the optimal adoption problem from assessing the cloud computing adoption under project value uncertainty. The entrepreneur has the timing flexibility and solves his optimal adoption decision under uncertainty. The optimal adoption rule obtained is a threshold strategy. A firm should adopt the cloud computing only if the value from the adoption exceeds the threshold level. The second model builds on a comprehensive assessment of two different computing paradigms. The entrepreneur can either keep the traditional on-site computing paradigm or migrate to the cloud computing paradigm. His problem is to make the paradigm shift optimally. We model such a problem as optimally swapping two “risky” assets, which refer to benefits of the traditional on-site computing paradigm and those of the cloud computing paradigm. The term “risky” captures the fact that actual benefits can only be resolved through time, and thus estimates of benefits are embedded with uncertainty. We obtain the optimal swapping rule as a threshold strategy, defined in terms of the two benefit ratio. A firm should only shift the part of its business to the cloud computing service if the ratio, the benefit from the cloud computing paradigm over that from the traditional on-site computing paradigm, exceeds the threshold. In both models, both the extent of riskiness (i.e. uncertainty) and the significance of security risks (both in terms of potential occurrence probability and the severity of damage) affect the threshold level, thus the entrepreneurial adoption decision.

1 Follower
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Industries in developed countries are moving quickly to ensure the rapid adoption of cloud computing. At this stage, several outstanding issues exist, particularly related to Service Level Agreements (SLAs), security and privacy. Consumers and businesses are willing to use cloud computing only if they can trust that their data will remain private and secure. Our review of research literature indicates the level of control that a user has on their data is directly correlated to the level of data privacy provided by the cloud service. We considered several privacy factors from the industry perspective, namely data loss, data storage location being unknown to the client, vendor lock-in, unauthorized secondary use of user’s data for advertising, targeting secured backup and easy restoration. The level of user control in database models were identified according to the level of existence in these privacy factors. Finally, we focused on a novel logical model that might help to bring the level of user control of privacy in cloud databases into a higher level.
    30th National IT Conference; 07/2012
  • [Show abstract] [Hide abstract]
    ABSTRACT: In the field of power system engineering, the optimal power flow problem is essential in planning and operations. With increasing system size and complexity, the computational requirements needed to solve practical optimal power flow problems continues to grow. Increasing computational requirements make the possibility of performing these computations remotely with cloud computing appealing. However, power system structure and component values are often confidential; therefore, the problem cannot be shared. To address this issue of confidential information in cloud computing, some techniques for masking optimization problems have been developed. The work of this paper builds upon these techniques for optimization problems but is specifically developed for addressing the DC and AC optimal power flow problems. We study the application of masking a sample OPF using the IEEE 14-bus network.
    Communication, Control, and Computing (Allerton), 2012 50th Annual Allerton Conference on; 01/2012
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Cloud Computing provides an efficient and flexible way for services to meet escalating business needs. Cloud-shared infrastructure and associated services make it cost effective alternative to traditional approaches. However, they may also introduce security breaches and privacy issues. As more cloud based applications keep evolving, the associated security threats are also growing. Many research works on cloud security exist in partial forms of either specifically on cloud issues or virtualization-related security issues. In this paper, an attempt has been made to consolidate the various security threats in a classified manner and to illustrate how cloud and virtualization vulnerabilities affect the different cloud service models.