A Scalable Approach to Joint Cyber Insurance and Security-as-a-Service Provisioning in Cloud Computing

Chase, Jonathan; Niyato, Dusit; Wang, Ping; Chaisiri, Sivadon; Ko, Ryan K. L.

doi:10.1109/tdsc.2017.2703626

Cited by 22 publications

(10 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Recently, many studies analyzed the cyber risk insurance from a technology perspective. Security frameworks involving cyber risk insurance have been developed for specific IT systems, including computer networks (Fahrenwaldt, Weber, and Weske, 2018;Xu and Hua, 2019), heterogeneous wireless network (Lu, Niyato, Jiang, Wang, and Poor, 2018a), wireless cellular network (Lu et al, 2018b), plug-in electric vehicles (Hoang, Wang, Niyato, and Hossain, 2017), cloud computing (Chase, Niyato, Wang, Chaisiri, and Ko, 2019), and fog computing (Feng, Xiong, Niyato, Wang, and Leshem, 2018). Some studies considered the interplay between self-mitigation measures (i.e.…”

Section: Related Workmentioning

confidence: 99%

“…There are also studies which took the insured's perspective and analyzed the security provisioning process using dynamic models. Chase et al (2019) developed a framework based on stochastic optimization to jointly provision cyber risk insurance and cloud-based security services across multiple time periods in cloud computing applications. Zhang and Zhu (2018) modeled the decisions on self-protections of the insured by a Markov decision process and investigated the problem of insurance contract design.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

A Bonus-Malus Framework for Cyber Risk Insurance and Optimal Cybersecurity Provisioning

Xiang¹,

Neufeld²,

Peters³

et al. 2021

Preprint

View full text Add to dashboard Cite

The cyber risk insurance market is at a nascent stage of its development, even as the magnitude of cyber losses is significant and the rate of cyber risk events is increasing. Existing cyber risk insurance products as well as academic studies have been focusing on classifying cyber risk events and developing models of these events, but little attention has been paid to proposing insurance risk transfer strategies that incentivize mitigation of cyber loss through adjusting the premium of the risk transfer product. To address this important gap, we develop a Bonus-Malus model for cyber risk insurance. Specifically, we propose a mathematical model of cyber risk insurance and cybersecurity provisioning supported with an efficient numerical algorithm based on dynamic programming. Through a numerical experiment, we demonstrate how a properly designed cyber risk insurance contract with a Bonus-Malus system can resolve the issue of moral hazard and benefit the insurer.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

A Bonus-Malus Framework for Cyber Risk Insurance and Optimal Cybersecurity Provisioning

Xiang¹,

Neufeld²,

Peters³

et al. 2021

Preprint

View full text Add to dashboard Cite

show abstract

“…It only ensures secrecy of data to all other users who use the same server for data storage. Chase et al in 2019 [4] proposed technique for cyber insurance provisioning and security in cloud computing. It utilized stochastic optimization technique that provides optimally both services.…”

Section: Literature Surveymentioning

confidence: 99%

Security Concerns in Cloud Computing: Analysis and Solution

Attri*,

Kaur

2019

ijitee

View full text Add to dashboard Cite

Cloud computing present comprehensive way for the user to interact with resources that they didn’t possess. Using cloud computing, resources can be accessed on pay per use basis. Mass community of user access resources from cloud and due to presence of sensitive information presents within cloud, security mechanism become need of the hour. This paper discusses security mechanisms used within cloud along with shortcomings and future enhancement of each technique. DNA encryption mechanism is discussed in detail along with research gap and problem definition. Collision problem is discovered from DNA encryption and its rectification using future enhancement process of folding with chaining is also presented through this literature. Results obtained in terms of parameters such as key size and execution time is presented in tabular structure. DNA encryption with folding method has least execution time in key formation but collision problem hamper performance of DNA encryption. Parameters such as throughput, key size and execution time must be enhanced through collision detection mechanism and discussed through this literature.

show abstract

“…The numerical results showed that cyber insurance is an effective way to mitigate losses caused by cyberattacks for cloud providers. Alternatively, there are some other work introducing applications of cyber insurance to deal with cyber risks for cloud customers [10], [11]. The core idea of these papers is using stochastic programming to balance provisioning of security and insurance, even when future costs and risks are uncertain.…”

Section: Related Workmentioning

confidence: 99%

A stochastic programming approach for risk management in mobile cloud computing

Hoang

Niyato

Wang

et al. 2018

2018 IEEE Wireless Communications and Networking Conference (WCNC)

Self Cite

View full text Add to dashboard Cite

The development of mobile cloud computing has brought many benefits to mobile users as well as cloud service providers. However, mobile cloud computing is facing some challenges, especially security-related problems due to the growing number of cyberattacks which can cause serious losses. In this paper, we propose a dynamic framework together with advanced risk management strategies to minimize losses caused by cyberattacks to a cloud service provider. In particular, this framework allows the cloud service provider to select appropriate security solutions, e.g., security software/hardware implementation and insurance policies, to deal with different types of attacks. Furthermore, the stochastic programming approach is adopted to minimize the expected total loss for the cloud service provider under its financial capability and uncertainty of attacks and their potential losses. Through numerical evaluation, we show that our approach is an effective tool in not only dealing with cyberattacks under uncertainty, but also minimizing the total loss for the cloud service provider given its available budget.

show abstract

A Scalable Approach to Joint Cyber Insurance and Security-as-a-Service Provisioning in Cloud Computing

Cited by 22 publications

References 20 publications

A Bonus-Malus Framework for Cyber Risk Insurance and Optimal Cybersecurity Provisioning

A Bonus-Malus Framework for Cyber Risk Insurance and Optimal Cybersecurity Provisioning

Security Concerns in Cloud Computing: Analysis and Solution

A stochastic programming approach for risk management in mobile cloud computing

Contact Info

Product

Resources

About