Dynamics of Shared Security in the Cloud
研究了云共享安全如何因经济动态和用户使用、漏洞、安全之间的内生关系而成为一种新的公共品范式,为云服务商设计漏洞预测算法和用户资产决策提供指导。
This paper shows that shared security in the cloud manifests a new public goods paradigm owing to the dynamics of cloud economics and endogeneity between usage, vulnerability, and security. Users must balance the need for security with the risk of becoming locked into a particular cloud services provider (CSP) over time. CSP managers must recognize that security competition is neither a race to the bottom nor an arm’s race. Our results provide guidelines for designing a vulnerability prediction algorithm that emphasizes CSP managers’ understanding of users’ risk and time preferences. In addition, CSP managers should be aware of the nature of security technologies and associated costs, aiming to simplify security architecture and reduce future orchestration expenses. Over the long term, cloud users should consider judiciously repatriating cloud assets as taking refuge in the cloud presents a dynamic fallacy of composition.