Received January 5, 2019, accepted February 6, 2019, date of publication February 22, 2019, date of current version March

18, 2019.
Digital Object Identifier 10.1109/ACCESS.2019.2900889

Openness and Security in Cloud Computing

Services: Assessment Methods and Investment
Strategies Analysis
JIAN XU 1,2 , CHANGYONG LIANG1,3 , HEMANT K. JAIN4 , AND DONGXIAO GU 1
1 School of Management, Hefei University of Technology, Hefei 230009, China
2 School of Statistics and Applied Mathematics, Anhui University of Finance and Economics, Bengbu 233030, China
3 Key Laboratory of Process Optimization and Intelligent Decision-Making, Ministry of Education, Hefei 230009, China
4 Gary W. Rollins College of Business, The University of Tennessee at Chattanooga, Chattanooga, TN 37403, USA

Corresponding author: Dongxiao Gu (gudongxiao@[Link])

This work was supported in part by the National Natural Science Foundation of China under Grant 71331002, Grant 71771075,
Grant 71771077, and Grant 71601061, in part by the Ministry of Education of Humanities and Social Science Project under
Grant 16YJA630075 and Grant 16YJC630094, and in part by the Natural Science Foundation of the Anhui University of
Finance and Economics under Grant ACKY1632.

ABSTRACT Cloud computing companies need to achieve a balance between service openness and security
control to promote the growth of the cloud service business. This paper is a theoretical discussion of the
complete service openness condition and the complete security control condition based on Nash equilibrium
from the perspective of investment, including investment in service and investment in security by the cloud
computing company. The quantitative assessment methods of two conditions are designed based on the
investments. A quantitative analysis of the impact of security investments on security control and service
openness is presented. Based on this analysis, the optimal security investment for service openness and the
minimum complete service openness investment standard are derived. Finally, the relationship between them
is analyzed to help cloud computing providers decide the optimal strategy for coordinating investment in both
service and security.

INDEX TERMS Cloud computing service, service openness, security control, quantitative assessment
method, optimal investment coordination.

I. INTRODUCTION Since cloud computing is being used to provide many

Cloud computing can provide large-scale, multilevel, highly different services to various users, its service-oriented archi-
efficient, and convenient service to users based on their tecture contains numerous open features [9], [10]. Increased
demand [1], [2]. The cloud service provider constructs infras- openness of cloud services not only increases users’ trust,
tructure to support new modern services [3], [4] which can but also attracts new users, since openness makes it eas-
bring high returns to the service provider. However, a large ier to use the service and connect with other services and
amount of upfront and sustained investment is inevitable applications [11]. Cloud service companies make investment
for technology development and operations to ensure the to improve openness [12].
availability of affordable computing resources [5]–[7]. Ama- However, openness also brings security problems because
zon Web Services (AWS), which accounts for 40 percent of abnormal users may take advantage of the openness to
the public cloud market, achieved a profit of $4.3 billion attack the system and obtain illegal benefit [13]. Rationally,
in 2017, more than the pretax profit of the entire company, providers and users have profit-making objectives. To avoid
but also had a negative cash flow of $1.5 billion for facility risk, the provider may increase investment in security to
investment [8]. Therefore, analysis of investment in cloud improve security detection technology [14]–[16], so that
service is important. openness will be tightened. Thus the provider needs to not
only maintain service openness but also assure security con-
The associate editor coordinating the review of this manuscript and trol to the user, and a good cloud service should find a bal-
approving it for publication was Mehedi Masud. ance between these two goals. This paper addresses service

2169-3536 2019 IEEE. Translations and content mining are permitted for academic research only.
29038 Personal use is also permitted, but republication/redistribution requires IEEE permission. VOLUME 7, 2019
See [Link] for more information.
J. Xu et al.: Openness and Security in Cloud Computing Services: Assessment Methods and Investment Strategies Analysis

investment and security investment, and analyzes service

openness and security control from the perspective of both.
Fig.1 shows the overall structure and logic of this paper.

FIGURE 2. The game process between provider and user in cloud service.

the abnormal user is judged as normal [18], [19]. Both fail-

ures would cause harm to a cloud service; the former would
FIGURE 1. The overall structure and logic of this study. result in loss of customer trust, and the latter would result in
loss to the provider.
The remainder of this paper is organized as follows:
Section 2 describes the game process of cloud service B. LITERATURE REVIEW
between provider and user to reflect openness and secu- Openness and security have been considered important issues
rity, and related work is also reviewed. Section 3 develops in cloud computing. It is widely believed that it is diffi-
the expected utility models based on economic factors and cult to achieve perfect security just through technological
investment perspective. Nash equilibrium is used to deduce methods [20]. Previous research shows that particular atten-
the complete service openness condition and the complete tion should be paid to the influence of incentives in cloud
security control condition. The methods for assessing the service, for these economic factors affect the decision making
degree of openness and security are outlined in Section 4. and behavior of those in various roles in the information
Section 5 analyzes the relationship between openness and system [18], [21], [22].
security, and the optimal investment coordination strategy is In cloud services, there is interaction between system
also discussed. Section 6 concludes the paper and provides security and service benefit, suitable for studying with
future research directions. All proofs are provided in appen- game theory [18], [22]–[27]. Optimal configurations of secu-
dices. rity investment in information services are analyzed by
game [27], [28]. Furuncu and Sogukpinar [29] assess the
II. THE CLOUD SERVICE PROCESS security level of cloud service by Confidentiality, Integrity
A. DESCRIPTION OF GAME IN CLOUD SERVICE and Availability (CIA) in service schema and further analyze
In the cloud service environment, a user submits a service scalable security risk assessment by game theory.
request that may be either normal behavior for normal use Considering imperfect security detection, Chen et al. [19]
or abnormal behavior for a malicious intention motivated by proposes a model of user behavior based on incomplete
more benefit. The service provider decides to either provide information. The multistage dynamic game model adopts
or reject the service based on the result of security detection. current and historical actions, combined with false-positive
The provider and user obtain different profits in different and false-negative failures in security detection, to improve
strategy sets. Since the provider and user are assumed to be in the accuracy of detection. Nie and Guo [30] construct a pay-
rational pursuit of profit, a game process is provided in Fig.2. off matrix by membership function to discuss user behavior
This paper considers the benign decision strategy, which is by game theory in multicloud environments. Cao et al. [31]
that the user displays normal use behavior and the provider consider information security to build optimal configurations
provides the service to the user, as the premise of mutualism of detection by game theory and analyze the effect of decision
of provider and user and the foundation of cloud service. failure. However, none of this work considers system open-
Security detection technology for cloud service is not ness and the tradeoff it creates with security.
perfect, so the cloud service system has inherent secu- In this paper we consider service investment [32], security
rity vulnerabilities [17]. Security breaches are specifically investment [17], the security breach including two detec-
expressed as two kinds of detection failures: the false-positive tion faults: the false-positive failure and the false-negative
failure, in which the security detection system judges the nor- failure [18], [19], and discuss the relationship between
mal user as abnormal, and the false-negative failure, in which service openness and security control. Thus, the complete

VOLUME 7, 2019 29039

 J. Xu et al.: Openness and Security in Cloud Computing Services: Assessment Methods and Investment Strategies Analysis

service openness condition, the complete security control TABLE 1. Notation used in the model.
condition, and assessment methods of both, as well as the
optimal investment coordination strategy for service and
security, are obtained.

III. THE MODEL AND CONDITIONS GENERATION

A. THE ANALYSIS OF ECONOMIC FACTORS
Based on the above analysis and literature, we identified the
following economic factors for provider and user in various
decision-making situations.
1) User-related factors
• Normal use profit: The user behaves normally
using the cloud service to derive business value,
which is the benefit of using cloud service minus C. THE EXPECTED UTILITY
payment. We assume payment schema is pay-per-use (PPU) [33],
• Illegal benefit: The user behaves abnormally to which means payment is generated only by providing ser-
obtain illegal benefit because of the false-negative vice. Four cases are identified based on different strategy
failure of security detection. sets, which are expressed as probability characteristics called
• Punishment loss: The user gets punished because background probability. They are represented as the proba-
the cloud service’s security detection determines bility of false-positive failure α and false-negative failure β.
the user to be illegal. Therefore, the expected utility is the profit under the back-
2) Provider-related factors ground probability. This logic is shown in Fig. 3
• Normal service profit: By selling services to the
user, the provider obtains normal profit, which is
the user’s payment minus normal service costs.
• Security loss: The provider suffers loss because of
security’s false-negative failure to detect abnormal
user behavior.
• Reputation loss: The provider suffers tangible
or intangible reputation loss because of the
false-positive failure of security detection related
to normal user behavior.
• Additional profit: The provider generates
additional profit by providing services to users,
in addition to normal service profit, in the
form of additional income minus additional FIGURE 3. Representation of dynamic game.
cost.
This paper considers additional income from the (I) Case One: The provider serves the normal-behavior
investment including service investment that may result from user, which is the benign decision that cloud service pursues.
internal investment to increase the availability of affordable The strategy set is d11 = {d1a , d1i }. The user obtains the nor-
computing resources to improve service openness [32]. Addi- mal use profit E − pk. The security detection correctly iden-
tional cost is considered as a security investment used to tifies the normal user, which means there is no false-positive
improve security detection in the service. failure, so the background probability is 1 − α. The expected
utility of the user is represented as uid11 .
B. NOTATION AND ASSUMPTIONS
uid11 = (1 − α)[E − pk] (1.a)
In the game process, provider a and user i are represented
by three tuple G = {N , S, U }, where N = {a, i} is the Similarly, the pr ovider obtains the normal service profit
participant set and D = {d a , d i } is the strategy set of provider (p−c)k and the additional profit padd , and the expected utility
and user. The two decisions, to provide or reject service, are of provider is represented as uad11 .
expressed as Da = {d1a , d2a } respectively, and normal and
uad11 = (1 − α)[(p − c)k + padd ] (1.b)
abnormal user behaviors are expressed as Di = {d1i , d2i }.
U = {ua , ui } represents the expected utility of provider and (II) Case Two: The provider rejects the abnormal user.
user. The notations used in the model are summarized below The strategy set is d22 = {d2a , d2i }. The abnormal user is
in Table 1. correctly identified, which means there is no false-negative

29040 VOLUME 7, 2019

J. Xu et al.: Openness and Security in Cloud Computing Services: Assessment Methods and Investment Strategies Analysis

failure, so the background probability is 1 − β. The abnormal 1) THE COMPLETE SERVICE OPENNESS CONDITION
user will not have normal use profit E − pk, much less illegal Irrespective of the user’s decision, the provider’s decision is
benefit brisk , but also the user will be punished as prisk . The to chase more benefit. The expected utility of the provider
expected utility of the user is represented as uid22 . is ua .
(
uid22 = −(1 − β)[E − pk + brisk + prisk ] (2.a) a arg max{uad11 , uad21 } d i = d1i
u = (5)
arg max{uad22 , uad12 } d i = d2i
The provider loses all profit, including both the normal
Since the benign decision is an equilibrium point, the set
service profit (p − c)k and the additional profit padd . The
service of the provider is the Pareto optimal. Thus, if d i = d1i ,
expected utility of the provider is represented as uad22 .
ua = uad11 ⇒ uad11 ≥ uad21 . If d i = d2i , ua = uad12 ⇒ uad12 ≥
uad22 = −(1 − β)[(p − c)k + padd ] (2.b) uad22 . From derivation provided in Appendix A, we can derive
that if the service investment meets Eq.(6), the provider will
(III) Case Three: The provider rejects the normal user always tend to make a service decision. The complete service
because of a false-positive failure of security detection. The openness condition is expressed as follows:
strategy set is d21 = {d2a , d1i } and the background probability w > z + βlrisk − (p − c)k (6)
is α. Since no service is provided, the user does not obtain
normal use profit E − pk, and he also will be wrongly Set value B = z + βlrisk − (p − c)k is called the com-
punished prisk as an abnormal user. So, the expected utility plete service openness investment standard. It is obvious that
of the user is represented as uid21 . the increase in security investment z and the security loss,
which happened under the false-negative failure βlrisk , will
uid21 = −α[E − pk + prisk ] (3.a) increase this standard, whereas the normal service profit of
the provider (p − c)k decreases this standard. Eq.(6) can be
Similarly, the provider will not obtain the normal service transformed into w + pk ≥ z + ck + βlrisk . It is clear that
profit (p − c)k or any additional profit padd , and there will complete service openness means that the total benefit to the
be reputational losses ptrust . Thus, the expected utility of the provider is higher than total cost.
provider is represented as uad21 .
2) THE COMPLETE SECURITY CONTROL CONDITION
uad21 = −α[(p − c)k + ptrust + padd ] (3.b) There is a similar discussion for the user. Rationally, whatever
the decision of the provider, the user will chase more benefit.
(IV) Case Four: The provider serves the abnormal user The expected utility of the user is ui .
because of a false-negative failure of security detection. The (
strategy set is d12 = {d1a , d2i } and the background proba- i arg max{uid11 , uid12 } d a = d1a
u = (7)
bility is β. The abnormal user will obtain benefit, including arg max{uid21 , uid22 } d a = d2a
both normal use profit E − pk and illegal benefit brisk . So,
the expected utility of the user is represented as uid12 . Take the normal behavior decision of the user as the Pareto
optimality. If d a = d1a , ui = uid11 ⇒ uid11 ≥ uid12 , and if
uid12 = β[E − pk + brisk ] (4.a) d a = d2a , ui = uid21 ⇒ uid21 ≥ uid22 . From the derivation in
Appendix B, the following result can be obtained.
The provider obtains the normal service profit (p − c)k, If the probability of false-positive and false-negative
because the user pays for the service despite being an abnor- failure α, β can meet Eq.(8), the user will be forced to adopt
mal user because of PPU payment schema. The additional normal behavior, as determined by the cloud service’s secu-
profit padd is also obtained because service has occurred, but rity detection, even though security breaches still exits.
a security loss lrisk also occurs in this case. Thus, the expected
α(E − pk) + β(E − pk + brisk ) ≤ E − pk (8)
utility of the provider is represented as uad12 .
Obviously, β(E −pk +brisk ) is regarded as the total profit in
uad12 = β[(p − c)k − lrisk + padd ] (4.b) cases with false-negative failures of users who display abnor-
mal behavior, and α(E − pk) is the total profit in cases with
D. EQUILIBRIUM ANALYSIS AND CONDITIONS false-positive failures of users who display normal behavior.
GENERATION Eq.(8) shows that when the user’s expectation of total profit
Based on the above discussion, at a certain macro static time, under two security detection failures is smaller than the user’s
the strategy set of user and provider is finite, and equilib- normal profit of E −pk, cloud service can completely compel
rium must exist according to Nash’s equilibrium existence the user to display normal behavior.
theorem [34], [35]. Taking the benign decision as an equilib-
rium point, regardless of the decisions of provider and user, IV. ASSESSMENT METHODS
cloud service has complete service openness and complete In reality, conditions of complete service openness and secu-
security control at the same time. rity control are difficult to achieve. This section develops

VOLUME 7, 2019 29041

 J. Xu et al.: Openness and Security in Cloud Computing Services: Assessment Methods and Investment Strategies Analysis

quantitative assessment methods to measure the degree of

complete service openness and complete security control
when these two conditions are not fully satisfied.

A. THE ASSESSMENT METHOD OF COMPLETE SERVICE

OPENNESS
For the complete service openness condition, if service
investment is bigger than the complete service openness
investment standard w ≥ B, cloud service will reach 100 per-
cent complete service openness. However, in reality complete
openness is impossible due to the existence of security issues;
When the complete service openness condition cannot be
FIGURE 4. The degree of the complete service openness changes with the
satisfied, it is necessary to find the assessment method O(w) service investment.
that calculates the degree to which complete service openness
is caused by service investment w.
First, suppose the assessment function O(w) = 0%, (3) If 1 < θ < e, an inflection point exists in the interval
if w = 0. As the service investment w increases from 0 to the w ∈ [0, B].
complete service openness investment standard B, the degree
is stimulated and increases from 0 percent to 100 percent. Let θ e−w/B − 1 = 0 ⇒ w = B ln θ ,
When w ≥ B, that is also O(w) = 100%. Therefore, so (B ln θ, ([e(1 − θ )]/[θ (1 − e)])θ ) is the inflection point.
the assessment function O(w) is an incremental function of When w ∈ [0, B ln θ] describes the cautious provider, w ∈
service investment, that is ∂O/∂w > 0. [B ln θ, B] describes the sensitive provider. In general, as w
Second, for more comprehensive consideration, there are increases, it reflects the attitude of the provider changing from
two possible responses when a provider is stimulated by cautious to sensitive.
service investment. One type of provider is sensitive. Open- There is a data simulation of the assessment function of the
ness increases rapidly at first because the provider has a complete service openness. The complete service openness
positive attitude, but along with a growing service investment, investment standard B is set as 50. The degree of complete
service openness’s rate of growth slows because stimulation service openness is shown in Fig.4 in three different atti-
is weakening. This means the increase in service openness tude intensities of the provider caused by parameter θ =
by the sensitive provider shifts from fast to slow, thus bring- 0.5, 2, 3 respectively; the greater the intensity, the greater
ing a diminishing marginal return on the service investment the degree of bending that explains the sensitivity and
∂ 2 O/∂w2 < 0. The other type of provider proceeds more caution.
cautiously, and the trend of increasing service openness is
opposite to that of the sensitive provider ∂ 2 O/∂w2 > 0. B. THE ASSESSMENT METHOD OF THE COMPLETE
Based on the above, the following exponential function is SECURITY CONTROL
designed to assess the degree of complete service openness The complete security control condition presents the influ-
when w ≤ B, which not only reflects increased function, but ence of security control on user behavior. When the condition
is able to express sensitivity and caution two attitudes of cloud is satisfied, the user will engage in completely normal behav-
service provider by different value of parameter θ . ior in the cloud service, and the degree of security control is
e complete at 100 percent.
O(w) = [ (e−w/B − 1)]θ × 100% (9) When this condition cannot be reached, a security breach
1−e
of cloud service is s ∈ [0, 1] [17], which reflects the degree
θ (θ ≥ 0) denotes the attitude intensity of a provider facing to which security detection contains both the false-positive
service investment. failure α and the false-negative failure β. When a secu-
∂O θe e rity breach occurs in a user’s normal behavior, security
= e−w/B [ (e−w/B − 1)]θ −1 ≥ 0
∂w B(e − 1) 1−e detection makes the wrong judgment that a normal user
∂2 O θ e θ −w/B −w/B is abnormal; this is the false-positive failure. Similarly,
= 2( ) e (e − 1)θ−2 (θ e−w/B − 1) a security breach related to a user’s abnormal behavior is
∂w 2 B 1−e
a false-negative failure. Two failures are expressed by con-
The positive and negative signs of this second derivative ditional probability P(security breach|normal) = α and
depend on the last item. Let 1 = (θ e−w/B −1), w ∈ [0, B] ⇒ P(security breach|abnormal) = β.
1 ∈ [(θ/e) − 1, θ − 1]. There are three situations. Since security breach s contains only these two failure
(1) If 0 < θ ≤ 1, then 1 < 0, that is, ∂ 2 O/∂w2 < 0, so the situations, P(normal|security breach) + P(abnormal|security
exponential function describes the sensitive provider. breach) = 1. Let η(0 < η < 1) denote that
(2) If θ ≥ e, then 1 > 0, that is, ∂ 2 O/∂w2 > 0, so the the proportion of users is normal. Bayes formula is
exponential function describes the cautious provider. used to get the following: P(security breach|normal)

29042 VOLUME 7, 2019

J. Xu et al.: Openness and Security in Cloud Computing Services: Assessment Methods and Investment Strategies Analysis

FIGURE 5. The degree to which complete security control changes with FIGURE 6. The security breach changes with security investment.
the security breach.

investment z also raises the complete service openness invest-

ment standard B to affect service openness. Thus, in this
P(normal) + P(security breach|abnormal)P(abnormal) =
paper, security investment z is selected as a juncture point
P(security breach). Thus
to analyze the relationship between service openness and
αη + β(1 − η) = s (10) security control, as well as the coordination strategy with
service investment.
Eq.(10) reveals the relationship between the two types of
failures and a security breach. The complete security control A. THE INFLUENCE OF SECURITY INVESTMENT ON
condition is reflected by two failures by Eq.(8). Combining SECURITY CONTROL
Eq.(8) and (10), the relation of the security breach s with 1) THE INFLUENCE OF SECURITY INVESTMENT ON
degree of the complete security control is deduced as follows, SECURITY BREACH
(See details in Appendix C). Generally, as security investment increases, security
E−pk
(1) If s ∈ [0, E−pk+b risk
(1 − η)], the complete security breaches s decrease; thereby incidences of false-positive
control condition has been reached, and the degree of failures α and false-negative failures β also decrease, and the
complete security control is 100 percent. This is the degree of complete security control is improved.
case of complete security control. Work by Gordon and Loeb [17] takes into account
E−pk
(2) If s ∈ ( E−pk+b risk
(1 − η), η], the complete security the relationship between security investment and security
control condition is reached when α ∗ < α < ηs and breach. The security breach is defined depending on the
0 < β < β ∗ , and the degree of complete security security investment z and the original vulnerability of security
control can be calculated by Eq.(11). Where α ∗ = v(v ∈ [0, 1]).
(1−η−s)(E−pk)−sbrisk (s−η)(E−pk)
(1−2η)(E−pk)−ηbrisk and β = (1−2η)(E−pk)−ηbrisk , this
∗

is the threshold when the complete security control con- s(v, z) = v(λz+1) (12)
dition is just reached. This is the case of conditionally where the parameter λ > 0 is the intensity of security
controlled security. investment on security breach.
(E − pk)(1 − η)(η − s) Take a data simulation to describe the relationship between
S(s) = | | × 100% (11) security breach and security investment as shown in Fig.6.
s[(1 − 2η)(E − pk) − ηbrisk ]
Set λ is 0.2. Three kinds of original vulnerability of secu-
(3) If s ∈ (η, 1], the complete security control condition rity are shown by v = 0.3,0.6,0.9. Fig.6 shows that with
is impossible to reach, and the degree of complete an increase in security investment, three curves of security
security control is zero percent. This is the case of breach decrease from original vulnerability to almost zero.
completely uncontrollable security. The smaller the original vulnerability of security, the faster
There is a data simulation of the assessment function. the reduction of security breach with increased security
We set the normal use profit of user E − pk = 10, investment.
the proportion of normal user η is 0.5, and the illegal ben- The relationship of security breach with two failures is s =
efit of user brisk is 100. The degree to which complete αη+β(1−η) and s = v(λz+1) ⇒ v = s/vλz , so v = (α/vλz )η+
security control changes with a security breach is shown (β/vλz )(1−η). Since the original vulnerability of security v is
in Fig.5. security breach without security investment, that is z = 0 ⇒
s(v, 0) = v. Meanwhile v is also specifically expressed as
V. THE COMPREHENSIVE ANALYSIS two kinds of original detection failures α̂ and β̂, that is v =
Service openness and security control are affected by service α̂η + β̂(1 − η). Therefore, security investment also reduces
investment w and security investment z respectively. How- two failures, as expressed in α/vλz = α̂ ⇒ α = α̂vλz and
ever, in the complete service openness condition, security β/vλz = β̂ ⇒ β = β̂vλz .

VOLUME 7, 2019 29043

 J. Xu et al.: Openness and Security in Cloud Computing Services: Assessment Methods and Investment Strategies Analysis

FIGURE 7. The degree of the complete security control changes the

security investment.
FIGURE 8. The complete service openness investment standard changes
with the security investment.
2) THE INFLUENCE OF SECURITY INVESTMENT ON
SECURITY CONTROL
Since Eq.(12) can establish the connection between security investment z increases the standard. On the other hand,
breach and security investment, z0% and z100% are two crit- increasing security investment reduces security breaches,
ical security investment points that make security breach s so βlrisk is also reduced in the standard B. In order to analyze
reach zero and 100 percent of complete security control. the influence of security investment on the standard B, com-
When z = z0% , s(z0% ) = η, and when z = z100% , bining β = β̂vλz with B = z + βlrisk − (p − c)k, the complete
E−pk
s(z100% ) = E−pk+b risk
(1 − η), that is, z0% = λ1 logv ηv , z100% = service openness investment standard is also expressed by
1 (E−pk)(1−η)
λ logv v(E−pk+brisk ) .
Therefore the degree of complete security control can be B = z + β̂vλz lrisk − (p − c)k (14)
measured by security investment as in Eq.(13).
As seen in Appendix D, there is the optimal security
100% z ∈ [z100% , +∞]


 investment for service openness z∗ = ln(λβ̂ln(1/v)lλln(1/v)
risk )
gets
(E − pk)(1 − η)(η − v(λz+1) )

the minimum complete service openness investment standard


| (λz+1) | × 100%

[(1 − 2η)(E − pk) − ηbrisk ] β̂ln(1/v)lrisk )
S(z) = v B∗ = ln(eλλln(1/v) − (p − c)k, so that complete service
z ∈ [z0% , z100% ]

openness is easier to reach.




0% z ∈ [0, z0% ] A data simulation of how the complete service open-

(13) ness investment standard changes with security investment
is shown in Fig.8. The intensity of security investment λ is
Set the original vulnerability v is 0.3; the intensity of 0.2, the original false-negative failure probability β̂ is 0.1,
security investment λ is 0.2, the proportion of normal user the security loss of the provider lrisk is 10000, and the normal
η is 0.5, the normal use profit of user E − pk is 10, and the service profit of the provider (p − c)k is 10. Three kinds
illegal benefit brisk is 100000. The relation of the degree of of original vulnerability are shown by v = 0.3, 0.6, 0.9
complete security control with security investment is shown respectively.
in Fig.7. Fig.8 shows three curves of the complete service openness
In any situation, as security investment z increases, the two investment standard B, with a trend of first decreasing but
security detection failures α and β will decrease, the security then increasing. This means that initially, as security invest-
breach S will decrease, and the security control of system ment increases, the decrease of the false-negative failure β
become higher. Therefore, the degree of complete security in security breach s causes B to be lowered, but if security
control is calculated by Eq.(13), which is divided into three investment continues to increase, B will rise as well. The
interval sections by two critical security investment points turning points P1, P2, P3 are the minimum service openness
z0% and z100% . And when z ∈ [z0% , z100% ], the degree of investment standard B∗ at different original vulnerability v =
complete security control is a non-linear function of security 0.3,0.6,0.9 respectively. Security investment at the turning
investment z, (See Fig.7) which can also be calculated by point is also the optimal value for service openness because
Eq.(13). this standard is the lowest at this time.
Meanwhile, when the original vulnerability of security
B. THE INFLUENCE OF SECURITY INVESTMENT ON is smaller, both the optimal security investment for ser-
SERVICE OPENNESS vice openness and the minimum complete service openness
1) THE INFLUENCE OF SECURITY INVESTMENT ON THE investment standard are also smaller. This is because when the
COMPLETE SERVICE OPENNESS INVESTMENT STANDARD original vulnerability of security v is smaller, β̂vλz lrisk could
The complete service openness investment standard is reach zero faster with increasing security investment. There-
B = z+βlrisk −(p−c)k. It is obvious that increasing security fore good security also easily promotes service openness.

29044 VOLUME 7, 2019

J. Xu et al.: Openness and Security in Cloud Computing Services: Assessment Methods and Investment Strategies Analysis

FIGURE 9. The degree of complete service openness and complete service openness investment standard changes with the security investment.
(a) w < B∗ . (b) w = B∗ . (c) w > B∗ .

2) THE INFLUENCE OF SECURITY INVESTMENT ON C. COMPREHENSIVE ANALYSIS OF SERVICE INVESTMENT

SERVICE OPENNESS AND SECURITY INVESTMENT
When security investment reaches the optimal for service Based on the above analysis, two aspects of investment by
openness z = z∗ , the minimum complete service openness cloud service providers are clear: investment in both service
investment standard B∗ is obtained. Fig.9 reflects three sit- and security have profound effect on service openness and
uations where the degree of the complete service openness security control. Combined with these two investments, ser-
changes with security investments, which sets the data sim- vices and security will be comprehensively analyzed to obtain
ulation about the intensity of openness as θ is 2, the orig- appropriate investment strategies. In the following analysis,
inal false-negative failure probability β̂ is 0.1, the security the priority is on concurrently satisfying the best possible
loss lrisk is 10000, and the normal service profit (p − c)k standards of both service openness and security control.
is 10. Generally, service investment is less than or equal to the
In Fig.9(a), service investment is less than the minimum minimum complete service openness investment standard,
complete service openness investment standard w < B∗ , because cloud service has been able to reach complete service
so the degree of service openness cannot reach 100 percent, openness when service investment is equal to the minimum
as calculated by Eq.(9). complete service openness investment standard. Fig.10 shows
In Fig.9(b), service investment is equal to the minimum three situations in which these two investments are analyzed
complete service openness investment standard w = B∗ . to coordinate service openness and security control.
So the degree of complete service openness just reaches In Fig.10(a) and 10(b), the cloud service has achieved
100 percent at z = z∗ , which also can be calculated by Eq.(9) complete security control when z ≥ z100% . And when z =
at other security investment levels. z∗ , cloud service is also able to achieve complete service
In Fig.9(c), service investment is greater than the minimum openness or make service openness reach the maximum.
complete service openness investment standard w > B∗ . The Thus, the optimal security investment for service openness
degree of complete service openness is 100 percent when
z∗ = ln(λβ̂ln(1/v)l
λln(1/v)
risk )
is the best security investment from the
z ∈ [z1 , z2 ], where z1 and z2 are called as the lowest and
perspective of both complete service openness and complete
highest security investment of the complete service open-
security control.
ness respectively. z1 and z2 can be obtained by w = z +
At the same time, the best service investment is the min-
β̂vλz lrisk − (p − c)k. The degree of complete service openness
imum complete service openness investment standard B∗ =
also can be calculated by Eq.(9) at other security investment ln(eλβ̂ln(1/v)lrisk )
levels. λln(1/v) − (p − c)k. It is worth discussing that even if

VOLUME 7, 2019 29045

 J. Xu et al.: Openness and Security in Cloud Computing Services: Assessment Methods and Investment Strategies Analysis

FIGURE 10. The degree of the complete service openness and the degree of the complete security control change with the security investment.
(a) z100% < z ∗ . (b) z100% = z ∗ . (c) z100% > z ∗ .

current service investment is less than the minimum complete openness declines slowly. Therefore, the best security invest-
service openness investment standard, in order to get better ment is more likely to be near z100% .
service openness, it is necessary to increase service invest-
ment to make it as close as possible to B∗ . VI. CONCLUSIONS
In Fig.10(c), complete service openness and security con- Cloud service should have good service openness for users
trol cannot be satisfied at the same time. In this complex and strong security control to protect providers. This paper
situation, the best security investment needs to be decided considers these two aspects from the perspective of service
according to the different attitudes of providers toward open- investment and security investment. To analyze these two and
ness and security. Generally, a provider chooses the optimal to obtain optimal investments to coordinate service openness
security investment z from the interval section [z∗ , z100% ] and security control, complete service openness and complete
security control conditions are obtained. From these two con-
(that is [ ln(λβ̂ln(1/v)l
λln(1/v)
risk ) 1 (E−pk)(1−η)
, λ logv v(E−pk+b risk )
]) because the secu-
ditions, assessment methods for complete service openness
rity investment of this interval section achieves relatively
and complete security control are further developed. The
balanced service openness and complete security control.
minimum complete service openness investment standard
And the best service investment is as close as possible to the
and the optimal security investment for service openness are
complete service openness investment standard B∗ .
obtained. Finally, the best service investment and the best
The specific optimal security investment can be obtained
security investment are discussed to balance service openness
by combining two assessment methods of service openness
and security control.
with Eq.(9) and security control with Eq.(13), according
First, this paper presents a static approach based on macro-
to their corresponding coordination mechanisms caused by
analysis. The expected utility is constructed under the back-
attitude to openness and security of cloud service provider.
ground probability and does not involve a specific time span.
A simple way is to find the intersection point of two assess-
Future research could add time factors to analyze the effect
ment functions in the interval section [z∗ , z100% ] to obtain
of corresponding conclusions, especially the relevant conclu-
a balance between service and security, and this intersec-
sions related to various economic factors parameter that are
tion point can be calculated by combining two assessment
updated dynamically with time. Second, the specific optimal
functions O(w) = [ 1−e e
(e−w/B − 1)]θ × 100% and S(z) =
(λz+1) investment strategy is based on different service and security
(E−pk)(1−η)(η−v
| v(λz+1) )
[(1−2η)(E−pk)−ηbrisk ]
| × 100% of B = z + β̂vλz lrisk − coordination mechanisms and the attitude of the provider
(p − c)k. However, security is usually the most important fact toward openness and security, which will be further studied
for cloud service companies. From Fig.10(c), when security based on the two assessment methods of this paper. Third,
investment approaches z100% , the degree of complete security this paper assumes the Nash equilibrium point is benign
control rises sharply, while the degree of complete service decisions of cloud service providers and users, thus deriving

29046 VOLUME 7, 2019

J. Xu et al.: Openness and Security in Cloud Computing Services: Assessment Methods and Investment Strategies Analysis

complete service openness condition and complete security

control condition. However, actually these two conditions are
almost impossible to achieve, so this paper also designs the
assessment method to calculate the degree of achievement,
but the Nash equilibrium point of decisions will also change
at this time, we will use the evolutionary game to discuss this
change in the future work.

APPENDIX A
TO OBTAIN THE COMPLETE SERVICE OPENNESS
CONDITION
The situation of d i = d1i and d i = d2i , from comparing
Eq.(1.b) and (3.b), Eq.(2.b) and (4.b). If the service of the FIGURE 11. The region expression in the security control.
provider is Pareto optimality, that implies that
(1−α)[(p−c)k +padd ] ≥ −α[(p−c)k +ptrust +padd ] (A1) E-pk E-pk
β[(p−c)k +padd − lrisk ] ≥ −(1 − β)[(p − c)k +padd ] (A2) E − pk + prisk E − pk + brisk + prisk
β0 =
And the additional profit padd contains service investment E-pk E − pk + brisk
w and security investment z, so padd = w − z. E − pk + prisk E − pk + brisk + prisk
It follows Eq.(A1) and (A2) that = −(E − pk)/prisk (B6)

(p−c)k +w−z−α(p−c)k ≥ −α(p − c)k − αptrust The normal use benefit of user E is higher than the user’s
β(p − c)k − βlrisk ≥ β(p − c)k − (p − c)k − (w − z) payment of them pk, and other economic factors are positive.
That is α0 > 0, β0 < 0 in Eq.(B5) and (B6). Thus, there
And further is the graph of the security control region shown as Fig.11.
w ≥ z − (p − c)k − αptrust (A3) It is easy to find the line of Eq.(B3) under the line expressed
by Eq.(B4), and region II is included in region I. If α and β
w ≥ z − (p − c)k + βlrisk (A4) meet Eq.(B3), then Eq.(B4) has been satisfied. Therefore if
Because α, β, ptrust , and lrisk are positive. It is clear that α(E − pk) + β(E − pk + brisk ) ≤ E − pk, the user exhibits
Eq.(A4) contains Eq.(A3). Therefore set B = z + βlrisk − normal behavior.
(p − c)k, if w ≥ B provider will service the user.
APPENDIX C
APPENDIX B TO OBTAIN THE ASSESSMENT METHOD OF DEGREE OF
TO OBTAIN THE COMPLETE SECURITY CONTROL COMPLETE SECURITY CONTROL
CONDITION Eq.(C1), which came from Eq.(8), is a linear function
The situation of d a = d1a and d a = d2a , from comparing about the probability of the false-positive failure α and the
Eq.(1.a) and (4.a), Eq.(2.a) and (3.a). If normal behavior of false-negative failure β. The relation between the security
the user is Pareto optimality, that implies that breach and the false-positive failure α and the false-negative
failure β is also a linear function described in Eq.(10). Fig.12
(1 − α)[E − pk] ≥ β[E − pk + brisk ] (B1) demonstrates the relationship between these two linear func-
−α[E − pk +prisk ] ≥ −(1−β)[E − pk +brisk +prisk ] (B2) tions to discuss the degree of the complete security control in
different situations.
It follows from Eq.(B1) and (B2) that
α(E −pk)+β(E −pk +brisk ) ≤ E −pk (B3) α(E − pk) + β(E − pk + brisk ) = E − pk (C1)
α(E −pk +prisk )+β(E −pk +brisk +prisk ) αη + β(1 − η) = s (10)
≤ E −pk +brisk +prisk (B4)
The coordinates of the intersection point I of these two lin-
And further, if and only if equality holds in Eq.(B3) ear functions is (α ∗ , β ∗ ), which can be calculated by Cramer’s
and (B4), then the solution of equations (α0 , β0 ) is obtained. rule:
According to the Cramer’s rule,
E-pk E − pk + brisk
E-pk E − pk +brisk s 1−η
E − pk +brisk +prisk E − pk + brisk + prisk α∗ =
α0 = E-pk E − pk + brisk
E-pk E − pk +brisk η 1−η
E − pk +prisk E − pk + brisk + prisk (1 − η − s)(E − pk) − sbrisk
= (C2)
= (E − pk + brisk + prisk )/prisk (B5) (1 − 2η)(E − pk) − ηbrisk
VOLUME 7, 2019 29047
 J. Xu et al.: Openness and Security in Cloud Computing Services: Assessment Methods and Investment Strategies Analysis

(2) Stage 2: Part of the line segment αη + β(1 − η) = s

is in region R.
Stage 2 is where point N is on the right side of point C
and point M is above point B, ηs ≤ 1 ⇒ s ≤ η and
E−pk E−pk
1−η > E−pk+brisk ⇒ E−pk+brisk (1 − η) < s, so s ∈
s
E−pk
( E−pk+b risk
(1 − η), η] and α ∗ ≤ α ≤ ηs , 0 ≤ β ≤ β ∗ .
Part of the line segment αη + β(1 − η) = s enters region R,
so this part signifies that the complete security control con-
dition can be reached. Hence the degree of complete security
control is the ratio of the part of the line segment that has
kIN k2
entered region R to the total line segment, kMN k2 × 100% =
s (1−η−s)(E−pk)−sb
(s−η)(E−pk)
FIGURE 12. The schematic of the complete security control with the ( risk
(1−2η)(E−pk)−ηbrisk − ηs )2 +( (1−2η)(E−pk)−ηb −0)2
risk
false-positive failure and the false-negative failure.
s 2 2 ×100%, that is,
+ s
η2 (1−η)2

E-pk E-pk (E − pk)(1 − η)(η − s)

η | | × 100% (C4)
s s((1 − 2η)(E − pk) − ηbrisk )
β∗ =
E-pk E − pk + brisk
(3) Stage 3: The whole of the line segment αη + β(1 −
η 1−η
η) = s is in region R.
(s − η)(E − pk) The stage 3 is the point M is below the point B. 1−η s
≤
= (C3)
(1 − 2η)(E − pk) − ηbrisk E−pk E−pk E−pk
E−pk+brisk ⇒ s ≤ E−pk+brisk (1−η), so s ∈ [0, E−pk+brisk (1−
Because of α ≥ 0, β ≥ 0, Eq.(C1) and (10) are the η)]. The whole part of the line segment of αη+β(1−η) = s is
line segment in Fig.12. And region R under the line segment in region R. This time the complete security control condition
α(E−pk)+β(E−pk+brisk ) = E−pk is the complete security has been reached, so the degree of complete security control
control according to the proof in Appendix B, in which α,β is 100 percent.
satisfy the complete security control condition. When the
security breach decreases two failures α,β also decrease, and APPENDIX D
the line segment of αη + β(1 − η) = s is close to region R. TO OBTAIN THE OPTIMAL SECURITY INVESTMENT FOR
Therefore the ratio of the length of the part of the line segment SERVICE OPENNESS AND THE MINIMUM COMPLETE
of αη + β(1 − η) = s entering region R to the length of SERVICE OPENNESS INVESTMENT STANDARD
the entire line segment is the degree of the complete security According to Eq.(14) (B = z + β̂vλz lrisk − (p − c)k), the first
control. order conditions to achieve an optimal equilibrium point of
It is easy to get the coordinates of the upper endpoint B, security investment.
E−pk
(0, E−pk+b risk
), and lower endpoint C, (1, 0), of the line seg-
ment α(E − pk) + β(E − pk + brisk ) = E − pk. The coor- ∂B/∂z = 1 + λβ̂ ln vvλz lrisk (E1)
s
dinates of the left-most endpoint M, (0, 1−η ) and right-most Let ∂B/∂z = 0 ⇒ 1 + λβ̂ ln vvλz lrisk = 0
endpoint N, ( η , 0) of the line segment αη + β(1 − η) = s are
s
1
shown in Fig.12. ⇒ vλz =
Generally, the illegal benefit of user brisk is more than λβ̂ ln (1/v)lrisk
the normal use profit of user E − pk, and the proportion of 1 1
⇒ z = logv ( )
normal behavior user η is greater than abnormal behavior, λ λβ̂ ln (1/v)lrisk
E−pk η
so E−pk+b risk
≤ 1−η . Therefore, the slope of the line α(E − ln (λβ̂ ln (1/v)lrisk )
pk) + β(E − pk + brisk ) = E − pk is bigger than the slope =
E−pk η λ ln (1/v)
of the line αη + β(1 − η) = s. And E−pk+b > 1−η can be
risk ∂ B/∂z = λ β̂(ln v)2 vλz lrisk > 0
2 2 2
(E2)
similarly discussed.
With the line segment of the αη + β(1 − η) = s close to So the optimal security investment for service openness z∗
region R, there are three situations of the relationship of the makes the complete service openness investment standard B
line segment with region R. reach the minimum B∗ .
(1) Stage 1: No part of the line segment of αη + β(1 −
η) = s is in region R. ln (λβ̂ ln (1/v)lrisk )
z∗ =
Stage 1 is that the point N is on the left side of the point C, λ ln (1/v)
s
> 1 ⇒ s > η, so s ∈ (η, 1]. No part of the line segment of
B∗ = z∗ − (p − c)k + β̂vλz lrisk
∗
η
αη + β(1 − η) = s is in region R, and the complete security
control condition is completely unreachable. So the degree of ln (eλβ̂ ln (1/v)lrisk )
= − (p − c)k (E3)
complete security control is zero percent. λ ln (1/v)

29048 VOLUME 7, 2019

J. Xu et al.: Openness and Security in Cloud Computing Services: Assessment Methods and Investment Strategies Analysis

REFERENCES [25] G. Levitin and K. Hausken, ‘‘Resource distribution in multiple attacks with
[1] P. C. Hershey, S. Rao, C. B. Silio, and A. Narayan, ‘‘System of systems for imperfect detection of the attack outcome,’’ Risk Anal., vol. 32, no. 2,
quality-of-service observation and response in cloud computing environ- pp. 304–318, Feb. 2011.
ments,’’ IEEE Syst. J., vol. 9, no. 1, pp. 212–222, Mar. 2015. [26] G. Levitin, K. Hausken, and H. B. Haim, ‘‘Defending majority voting sys-
[2] Y. Yao, J. Cao, S. Qian, and X. Wang, ‘‘Resource scheduling for real- tems against a strategic attacker,’’ Rel. Eng. Syst. Saf., vol. 111, pp. 37–44,
time analytical workflow services in the cloud,’’ IEEE Access, vol. 6, Aug. 2013.
pp. 57910–57922, 2018. [27] H. Cavusoglu, S. Raghunathan, and H. Cavusoglu, ‘‘Configuration of
and interaction between information security technologies: The case of
[3] C. Zuo, J. Shao, J. K. Liu, G. Wei, and Y. Ling, ‘‘Fine-grained two-factor
firewalls and intrusion detection systems,’’ Inf. Syst. Res., vol. 20, no. 2,
protection mechanism for data sharing in cloud storage,’’ IEEE Trans. Inf.
pp. 198–217, Jun. 2009.
Forensics Security, vol. 13, no. 1, pp. 186–196, Jan. 2018.
[28] K. Anastasopoulou, S. Kokolakis, and P. Andriotis, ‘‘Privacy decision-
[4] R. T. Zhou, Z. Li, and C. Wu, ‘‘Scheduling frameworks for cloud container
making in the digital era: A game theoretic review,’’ in Human
services,’’ IEEE-Acm Trans. Netw., vol. 26, no. 1, pp. 436–450, Feb. 2018.
Aspects of Information Security, Privacy and Trust. New York,
[5] L. Wang, Y. Ma, J. Yan, V. Chang, and A. Y. Zomaya, ‘‘pipsCloud:
NY, USA: Springer, 2017, pp. 589–603. [Online]. Available:
High performance cloud computing for remote sensing big data man-
[Link]
agement and processing,’’ Future Generat. Comput. Syst., vol. 78, no. 1,
[29] E. Furuncu and I. Sogukpinar, ‘‘Scalable risk assessment method for cloud
pp. 353–368, 2018.
computing using game theory (CCRAM),’’ Comput. Standards Interfaces,
[6] J. Vithayathil, ‘‘Will cloud computing make the information technology vol. 38, pp. 44–50, Feb. 2015.
(IT) department obsolete?’’ Inf. Syst. J., vol. 28, no. 4, pp. 634–649, [30] T. Nie and Y. Guo, ‘‘User behavior analysis model based on game theory
Jul. 2018. under multi-clouds environment,’’ Comput. Sci., vol. 4, no. 1, pp. 120–125,
[7] M. A. Lema et al., ‘‘Business case and technology analysis for 5g low 2014.
latency applications,’’ IEEE Access, vol. 5, pp. 5917–5935, 2017. [31] J. Cao, K. Hwang, K. Li, and A. Y. Zomaya, ‘‘Optimal multiserver config-
[8] Adam Levine-Weinberg. Is [Link]’s Retail Business Actually uration for profit maximization in cloud computing,’’ IEEE Trans. Parallel
Profitable? (It’s Complicated). Accessed: Nov. 28, 2018. [Online]. Distrib. Syst., vol. 24, no. 6, pp. 1087–1096, Jun. 2013.
Available: [Link] [32] J. L. Lucas-Simarro, R. Moreno-Vozmediano, R. S. Montero, and
[Link] M. I. Llorente, ‘‘Cost optimization of virtual infrastructures in dynamic
[9] W. A. Tan, S. Li, Q. Zhang, S. Chen, A. Tang, and X. Hu, ‘‘Reliable multi-cloud scenarios,’’ Concurrency Comput.-Pract. Exper., vol. 27, no. 9,
service computing platform architecture for cross-organizational work- pp. 2260–2277, Jun. 2015.
flows,’’ in Proc. IEEE Int. Conf. Syst., Man, Cybern. (SMC), Oct. 2014, [33] D. Ardagna, M., Ciavotta, and M. Passacantando, ‘‘Generalized nash
pp. 3066–3071. equilibria for the service provisioning problem in multi-cloud systems,’’
[10] Y. Ji, J. Zhang, J. Ma, C. Yang, and X. Yao, ‘‘BMPLS: Blockchain-based IEEE Trans. Services Comput., vol. 10, no. 3, pp. 381–395, May/Jun. 2017.
multi-level privacy-preserving location sharing scheme for telecare medi- [34] Z. Yang, D. Meng, and A. Wang, ‘‘On the existence of ideal Nash equilibria
cal information systems,’’ J. Med. Syst., vol. 42, no. 8, p. 147, Jun. 2018. in discontinuous games with infinite criteria,’’ Oper. Res. Lett., vol. 45,
[11] G. Garrison, S. Kim, and R. L. Wakefield, ‘‘Success factors for deploying no. 4, pp. 362–365, Jul. 2017.
cloud computing,’’ Commun. ACM, vol. 55, no. 9, pp. 62–68, Sep. 2012. [35] C. T. Do, N. H. Tran, E.-N. Huh, C. S. Hong, D. Niyato, and Z. Han,
[12] D. Byrne, C. Corrado, and D. E. Sichel, ‘‘The rise of cloud comput- ‘‘Dynamics of service selection and provider pricing game in hetero-
ing: Minding your p’s, q’s and k’s,’’ Nat. Bur. Econ. Res., Tech. Rep., geneous cloud market,’’ J. Netw. Comput. Appl., vol. 69, pp. 152–165,
Cambridge, MA, USA, Working paper 25188, 2018. [Online]. Available: Jul. 2016.
[Link] doi: 10.3386/w25188.
[13] H. MPH Yu, K. Williams, and X. H. Yuan, ‘‘Cloud computing threats
and provider security assessment,’’ in Algorithms Architectures
for Parallel Process., Ica3pp 2015, vol. 9532. New York,
NY, USA: Springer, 2015, pp. 238–250. [Online]. Available: JIAN XU received the B.S. degree in information
[Link] and computing science from the Hefei University
[14] S. Raja and S. Ramaiah, ‘‘Performance comparison of neuro-fuzzy cloud of Technology, in 2004, and the M.S. degree in
intrusion detection systems,’’ Int. Arab J. Inf. Technol., vol. 13, no. 1, applied mathematics from the Guilin University
pp. 142–149, Jan. 2016. of Electronic Technology, in 2007. He is currently
[15] Y. Wang, J. Ma, D. Lu, L. Zhang, and X. Meng, ‘‘Game optimization pursuing the Ph.D. degree in management sci-
for internal DDoS attack detection in cloud computing,’’ J. Comput. Res. ence and engineering with the School of Manage-
Develop., vol. 52, no. 8, pp. 1873–1882, 2015. ment, Hefei University of Technology. He is also
[16] H. J. Syed, A. Gani, F. H. Nasaruddin, A. Naveed, A. I. A. Ahmed, and a part-time Lecturer with the School of Statistics
K. Khan, ‘‘CloudProcMon: A non-intrusive cloud monitoring framework,’’ and Applied Mathematics, Anhui University of
IEEE Access, vol. 6, pp. 44591–44606, 2018.
Finance and Economics. His research interests include cloud computing
[17] L. A. Gordon and M. P. Loeb, ‘‘The economics of information security
service, management information systems, and big data analysis.
investment,’’ ACM Trans. Inf. Syst. Secur., vol. 5, no. 4, pp. 438–457, 2002.
[18] X. Gao, W. J. Zhong, and S. Mei, ‘‘A game-theory approach to config-
uration of detection software with decision errors,’’ Rel. Eng. Syst. Saf.,
vol. 119, pp. 35–43, Nov. 2013.
[19] Y. R. Chen, L. Q. Tian, and Y. Yang, ‘‘Model and analysis of user behavior
based on dynamic game theory in cloud computing,’’ Tien Tzu Hsueh CHANGYONG LIANG is currently a Professor of
Pao/acta Electronica Sinica, vol. 39, no. 8, pp. 1818–1823, Aug. 2011.
management information systems with the School
[20] J. T. Hamill, R. F. Deckro, and J. M. Kloeber, ‘‘Evaluating information
of Management, Hefei University of Technology,
assurance strategies,’’ Decis. Support Syst., vol. 39, no. 3, pp. 463–484,
where he is also with the Key Laboratory of
May 2005.
Process Optimization and Intelligent Decision-
[21] X. Zhao, F. Fang, and A. B. Whinston, ‘‘An economic mechanism for
better Internet security,’’ Decis. Support Syst., vol. 45, no. 4, pp. 811–821, Making. He has authored over 100 publications in
Nov. 2008. high level journals, such as Information and Man-
[22] X. Gao, W. J. Zhong, and S. E. Mei, ‘‘Security investment and information agement, the International Journal of Intelligent
sharing under an alternative security breach probability function,’’ Inf. Syst. Systems, Computers & Industrial Engineering,
Frontiers, vol. 17, no. 2, pp. 423–438, Apr. 2015. Artificial Intelligence in Medicine, the Interna-
[23] K. Hausken, ‘‘Information sharing among firms and cyber attacks,’’ tional Journal of Production Research, Applied Soft Computing, Expert
J. Accounting Public Policy, vol. 26, no. 6, pp. 639–688, Nov./Dec. 2007. Systems with Applications, and Knowledge-Based Systems. His research
[24] K. Hausken, ‘‘The economics of terrorism against two targets,’’ Appl. Econ. interests include information system management, cloud computing service,
Lett., vol. 19, no. 12, pp. 1135–1138, Aug. 2012. and smart business.

VOLUME 7, 2019 29049

 J. Xu et al.: Openness and Security in Cloud Computing Services: Assessment Methods and Investment Strategies Analysis

HEMANT K. JAIN is currently a Professor DONGXIAO GU is currently an Associate

of information technology management with the Professor of Management information systems
Gary W. Rollins College of Business, The Uni- with the Hefei University of Technology. His
versity of Tennessee at Chattanooga. He has research interests include cloud computing ser-
authored more than 100 publications in lead- vice, big data modeling-based smart health, and
ing international journals, such as Information business intelligence. His research has been pub-
Systems Research, Management Information Sys- lished in Information and Management, Comput-
tems Quarterly, the Journal of MIS, the IEEE ers & Industrial Engineering, the International
TRANSACTIONS ON SOFTWARE ENGINEERING, the Euro- Journal of Production Research, Applied Soft
pean Journal of Information Systems, the Com- Computing, Expert Systems with Applications, and
munications of the AIS, Decision Sciences, Communications of the ACM, Knowledge-Based Systems.
Decision Support Systems, and Information and Management. His research
interests include service oriented architecture and IT agility, business analyt-
ics, and machine learning, component-based system development, and web
services.

29050 VOLUME 7, 2019