The "Cloud Computing" paradigm is gaining ground with new IT service providers and traditional IT outsourcing providers alike. Customers want to use cloud computing solutions with all their advertised advantages and without the hassle of traditional long term outsourcing migration and contracting. Risk is at the center of attention when dealing with the adoption of cloud services. Because of the security concerns and the consequential reservations towards the acceptance of public cloud computing platforms, a lot has been done to improve security and trust in these environments. However, most of the implementations and research regarding this issue is concerning technical security risks with a focus on preventing perimeterbased attacks. Security and trust issues beyond perimeter based security risks have gained little attention. This paper identifies the need to look beyond technical issues and turns the attention to improving compliance and governance in cloud environments. In this process the focus is set on the discontinuity cap between existing methods to identify and evaluate IT risks and the treatment of these risks with Service Level Agreements. To close this cap a model for a dynamic view on current IT risk is proposed to comply with modern IT environments that are composed of an ampleness of different services. The model has a strong corporate context and will help companies to evaluate their current risk exposure and thus make better decisions when choosing their services.
Increasing popularity of cloud-based services has led to the emergence of cloud marketplaces where services from different providers are offered, usually in the form of a catalog. The customers' decision about buying offered services is based on idiosyncratic preferences regarding non-functional service attributes, e.g., price, provider reputation, and quality of service. Customer preferences are typically unknown to providers at the time the service portfolio (i.e. quality and price choices) is specified. Thus, from a microeconomic perspective, we have to deal with information asymmetry in markets, which complicates the challenge of finding the profit maximizing service portfolio. This paper presents a generic economic framework based on customer self-selection to address the above-mentioned optimization for a cloud service provider. The contribution is twofold: We characterize a multi-attributive customer preference function for cloud services based on a continuum of potential customers. Thereby each infinitesimal demand of a customer is characterized by a vector of minimum quality values for each of the different attributes and a maximum willingness to pay. The demand framework addresses the phenomenon of product cannibalization. We then formulate the service providers' optimal service portfolio design. This grants the provider maximal profit through optimal combination of potential values of the chosen attributes.
Abstract. The application of lean principles and agile project management techniques in the domain of large-scale software product development has gained tremendous momentum over the last decade. This results in empowerment of individuals which leads to increased flexibility but at the same time sacrifices managerial control through traditional steering practices. Hence, the design of adequate incentive schemes in order to align local optimization and opportunistic behavior with the overall strategy of the company is a crucial activity from a business perspective.Following an agent-based simulation approach with reinforcement learning, we (i) address the question of how information regarding backlog item dependencies is shared within and in between development teams on the product level subject to different incentive schemes. We (ii) compare different incentive schemes ranging from individual to team-based compensation. Based on our results, we are (iii) able to provide recommendations on how to design suitable incentive schemes in order to enable a goal-oriented steering of individual behavior in order to support the overall company objectives.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.