A scalable approach to joint cyber insurance and Security-as-a-Service provisioning in cloud computing

A scalable approach to joint cyber insurance and Security-as-a-Service provisioning in cloud computing

As computing services are increasingly cloud-based, corporations are investing in cloud-based security measures. The Security-as-a-Service (SECaaS) paradigm allows customers to outsource security to the cloud, through the payment of a subscription fee. However, no security system is bulletproof, and...

وصف كامل

محفوظ في:
التفاصيل البيبلوغرافية
المؤلفون الرئيسيون: CHASE, Jonathan David, NIYATO, Dusit, WANG, Ping, CHAISIRI, Sivadon, KO, Ryan K. L.
التنسيق: text
اللغة:English
منشور في: Institutional Knowledge at Singapore Management University 2019
الموضوعات:
Cloud computing
cyber insurance
security as a service
partial Lagrange multiplier method
sensitivity analysis
Databases and Information Systems
Information Security
OS and Networks
الوصول للمادة أونلاين:https://ink.library.smu.edu.sg/sis_research/7167
https://ink.library.smu.edu.sg/context/sis_research/article/8170/viewcontent/ScalableApproachJointCyberInsurance_av.pdf
الوسوم: إضافة وسم
لا توجد وسوم, كن أول من يضع وسما على هذه التسجيلة!
المؤسسة: Singapore Management University
اللغة: English
الوصف
الملخص:As computing services are increasingly cloud-based, corporations are investing in cloud-based security measures. The Security-as-a-Service (SECaaS) paradigm allows customers to outsource security to the cloud, through the payment of a subscription fee. However, no security system is bulletproof, and even one successful attack can result in the loss of data and revenue worth millions of dollars. To guard against this eventuality, customers may also purchase cyber insurance to receive recompense in the case of loss. To achieve cost effectiveness, it is necessary to balance provisioning of security and insurance, even when future costs and risks are uncertain. To this end, we introduce a stochastic optimization model to optimally provision security and insurance services in the cloud. Since the model we design is a mixed integer problem, we also introduce a partial Lagrange multiplier algorithm that takes advantage of the total unimodularity property to find the solution in polynomial time. We also apply sensitivity analysis to find the exact tolerance of decision variables to parameter changes. We show the effectiveness of these techniques using numerical results based on real attack data to demonstrate a realistic testing environment, and find that security and insurance are interdependent.

مواد مشابهة