In this paper, we study a cloud security service market, which is composed of cloud users and cloud security service vendors (CSSVs). The CSSVs work as the insurers for selling… Click to show full abstract
In this paper, we study a cloud security service market, which is composed of cloud users and cloud security service vendors (CSSVs). The CSSVs work as the insurers for selling the cloud security plan, which is consisted of cloud security service and cloud-insurance. The users in the cloud platform can purchase the cloud security plan from the CSSVs to secure their cloud service. If the cloud service is attacked and loss happens, the users will receive the claim from the CSSVs. To reduce the probability of paying claim, the CSSV has an incentive to invest in improving its cloud security service. To meet these requirements, we propose a two-stage Stackelberg game. In the first stage, the CSSVs jointly set the price charging the users and determine the security investment to improve their offered cloud security service. In the second stage, the users decide on the amount of the cloud security plan to purchase based on the prices of the cloud security plan and the perceived cyber breach probability of the cloud security service. The existence and uniqueness of the equilibrium of the Stackelberg game are proven analytically. Extensive simulations have been conducted to evaluate the performance of the Stackelberg game.
               
Click one of the above tabs to view related content.