Cloud computing has been a paradigm shift in the information technology domain. It offers potential benefits to users in terms of instant availability, scalability and resource sharing, while potentially posing security issues. Especially, recent events like Amazons system failure increased the concerns related to cloud computing1. Given these security and reliability concerns, we explore the optimal decision rule for moving certain IT function to public clouds. We formulate the problem as an entrepreneurial decision for an optimal stopping time at which the entrepreneur shall migrate to the cloud computing paradigm. Two different models are presented. Recognizing that an important and specific issue related to different computing paradigm is the potential “security” risk posed by each technology, we consider security risks in both models. The first model approaches the optimal adoption problem from assessing the cloud computing adoption under project value uncertainty. The entrepreneur has the timing flexibility and solves his optimal adoption decision under uncertainty. The optimal adoption rule obtained is a threshold strategy. A firm should adopt the cloud computing only if the value from the adoption exceeds the threshold level. The second model builds on a comprehensive assessment of two different computing paradigms. The entrepreneur can either keep the traditional on-site computing paradigm or migrate to the cloud computing paradigm. His problem is to make the paradigm shift optimally. We model such a problem as optimally swapping two “risky” assets, which refer to benefits of the traditional on-site computing paradigm and those of the cloud computing paradigm. The term “risky” captures the fact that actual benefits can only be resolved through time, and thus estimates of benefits are embedded with uncertainty. We obtain the optimal swapping rule as a threshold strategy, defined in terms of the two benefit ratio. A firm should only shift the part of its business to the cloud computing service if the ratio, the benefit from the cloud computing paradigm over that from the traditional on-site computing paradigm, exceeds the threshold. In both models, both the extent of riskiness (i.e. uncertainty) and the significance of security risks (both in terms of potential occurrence probability and the severity of damage) affect the threshold level, thus the entrepreneurial adoption decision.
[1]
Yanpei Chen,et al.
What's New About Cloud Computing Security?
,
2010
.
[2]
Eduardo S. Schwartz,et al.
Investment Under Uncertainty.
,
1994
.
[3]
Murat Kantarcioglu,et al.
A Game-Theoretical Approach for Finding Optimal Strategies in a Botnet Defense Model
,
2010,
GameSec.
[4]
Barbara Panicucci,et al.
A game theoretic formulation of the service provisioning problem in cloud systems
,
2011,
WWW.
[5]
Daniele Catteddu and Giles Hogben.
Cloud Computing. Benefits, risks and recommendations for information security
,
2009
.
[6]
Tansu Alpcan,et al.
Network Security
,
2010
.
[7]
Anand Sivasubramaniam,et al.
To Move or Not to Move: The Economics of Cloud Computing
,
2011,
HotCloud.