{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,10]],"date-time":"2026-06-10T16:17:06Z","timestamp":1781108226698,"version":"3.54.1"},"reference-count":43,"publisher":"IGI Global Scientific Publishing","issue":"1","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010,1,1]]},"abstract":"<p>Cloud computing ecosystems of service providers and consumers will become a significant part of the way information services are provided, allowing more agile coalitions, cost savings and improved service delivery. Existing approaches to information security do not readily extend to this complex multi-party world. The authors argue for a mathematical model-based framework for the analysis and management of information stewardship that makes explicit both the expectations and responsibilities of cloud stakeholders and the design assumptions of systems. Such a framework supports integrated economic, technology, and behavioural analyses, so providing a basis for a better understanding of the interplay between preferences, policies, system design, regulations, and Service Level Agreements. The authors suggest approaches to constructing economic, technology, and behavioural models and discuss the challenges in integrating them.<\/p>","DOI":"10.4018\/jssmet.2010010104","type":"journal-article","created":{"date-parts":[[2010,4,19]],"date-time":"2010-04-19T08:11:30Z","timestamp":1271664690000},"page":"50-67","source":"Crossref","is-referenced-by-count":11,"title":["Information Stewardship in Cloud Computing"],"prefix":"10.4018","volume":"1","author":[{"given":"David","family":"Pym","sequence":"first","affiliation":[{"name":"Hewlett-Packard Laboratories, UK"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Martin","family":"Sadler","sequence":"additional","affiliation":[{"name":"Hewlett-Packard Laboratories, UK"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"2432","reference":[{"key":"jssmet.2010010104-0","unstructured":"Abadi, M. (2003). Logic in Access Control. In Proceedings of the 18th Annual IEEE Symposium on Logic in Computer Science (pp. 228-233). Washington, DC: IEEE."},{"key":"jssmet.2010010104-1","unstructured":"Anderson, R. (2001). Why information security is hard \u2014 an economic perspective. In Proceedings of the 17th Annual Computer Security Applications Conference, New Orleans, LA (pp. 358-365). Washington, DC: IEEE."},{"key":"jssmet.2010010104-2","unstructured":"Anderson, R., & Moore, T. (2007). The Economics of Information Security: A Survey and Open Questions. In Proceedings of the Fourth Bi-annual Conference on the Economics of the Software and Internet Industries. Retrieved from http:\/\/people.seas.harvard.edu\/~tmoore"},{"key":"jssmet.2010010104-3","first-page":"141","article-title":"Modelling the Human and Technological Costs and Benefits of USB Memory Stick Security","author":"A.Beautement","year":"2008","journal-title":"Managing Information Risk and the Economics of Information Security"},{"key":"jssmet.2010010104-4","doi-asserted-by":"crossref","unstructured":"Beres, Y., Griffin, J., Heitman, M., Markle, D., & Ventura, P. (2008). Analysing the Performance of Security Solutions to Reduce Vulnerability Exposure Windows. In Proceedings of the Annual Computer Security Applications Conference, Anaheim, CA (pp. 33-42). Washington, DC: IEEE.","DOI":"10.1109\/ACSAC.2008.42"},{"key":"jssmet.2010010104-5","author":"G.Birtwistle","year":"1987","journal-title":"Discrete event modelling on Simula"},{"key":"jssmet.2010010104-6","unstructured":"Cloud Computing Security Alliance. (2009). Security Guidance for Critical Areas of Focus in Cloud Computing. Retrieved from http:\/\/www.cloudsecurityalliance.org\/guidance\/csaguide.pdf"},{"key":"jssmet.2010010104-7","doi-asserted-by":"crossref","unstructured":"Collinson, M., Monahan, B., & Pym, D. (2009). A Logical and Computational Account of Located Resources. Journal of Logic and Computation (in press).-2008-74R1","DOI":"10.1093\/logcom\/exp021"},{"key":"jssmet.2010010104-8","doi-asserted-by":"publisher","DOI":"10.1017\/S0960129509990077"},{"key":"jssmet.2010010104-9","doi-asserted-by":"publisher","DOI":"10.1007\/s00165-009-0107-x"},{"key":"jssmet.2010010104-10","doi-asserted-by":"crossref","unstructured":"Degabriele, J. P., & Pym, D. (2007). Economic Aspects of a Utility Computing Service (HP Labs Tech. Rep. HPL-2007-101).","DOI":"10.4108\/gridnets.2007.2223"},{"key":"jssmet.2010010104-11","unstructured":"Degabriele, J. P., & Pym, D. (2008). Modelling Task Knowledge Structures in Demos 2000 (HP Labs Tech. Rep. HPL-2008-94)."},{"key":"jssmet.2010010104-12","unstructured":"Gellman, R. (2009). Privacy in the Clouds: Risks to Privacy and Confidentiality from Cloud Computing. Retrieved from http:\/\/www.worldprivacyforum.org\/pdf\/WPF_Cloud_Privacy_Report.pdf"},{"key":"jssmet.2010010104-13","author":"F.Giordano","year":"2003","journal-title":"A First Course in Mathematical Modelling"},{"key":"jssmet.2010010104-14","author":"B.Glaser","year":"1967","journal-title":"Strategies for Qualitative Research"},{"key":"jssmet.2010010104-15","doi-asserted-by":"publisher","DOI":"10.1145\/581271.581274"},{"key":"jssmet.2010010104-16","author":"L.Gordon","year":"2006","journal-title":"Managing Cybersecurity Resources"},{"issue":"2","key":"jssmet.2010010104-17","first-page":"1","article-title":"Information Security Expenditures and Real Options: A Wait-and-See Approach.","volume":"19","author":"L.Gordon","year":"2003","journal-title":"Computer Security Journal"},{"key":"jssmet.2010010104-18","author":"C.Hoare","year":"1985","journal-title":"Communicating Sequential Processes"},{"key":"jssmet.2010010104-19","unstructured":"HP. (2009). Everything as a service. Retrieved from http:\/\/www.hp.com\/hpinfo\/initiatives\/eaas\/index.html"},{"key":"jssmet.2010010104-20","doi-asserted-by":"crossref","unstructured":"Ioannidis, C., Pym, D., & Williams, J. (2009a). Investments and Trade-offs in the Economics of Information Security. In Proceedings of the Financial Cryptography and Data Security. New York: Springer.","DOI":"10.1007\/978-3-642-03549-4_9"},{"key":"jssmet.2010010104-21","unstructured":"Ioannidis, C., Pym, D., & Williams, J. (2009b). Information Security Trade-offs and Optimal Patching Policies. Retrieved from http:\/\/www.cs.bath.ac.uk\/~pym\/ IoannidisPymWilliams-EconPatching.pdf"},{"key":"jssmet.2010010104-22","doi-asserted-by":"publisher","DOI":"10.1145\/966930.966934"},{"key":"jssmet.2010010104-23","doi-asserted-by":"crossref","DOI":"10.1017\/CBO9781139174084","author":"R.Keeney","year":"1993","journal-title":"Decisions with Multiple Objectives"},{"key":"jssmet.2010010104-24","doi-asserted-by":"publisher","DOI":"10.1002\/malq.19630090502"},{"key":"jssmet.2010010104-25","author":"J.McColl","year":"1995","journal-title":"Probability"},{"key":"jssmet.2010010104-26","doi-asserted-by":"publisher","DOI":"10.1016\/0304-3975(83)90114-7"},{"key":"jssmet.2010010104-27","author":"R.Milner","year":"1989","journal-title":"Communication and Concurrency"},{"key":"jssmet.2010010104-28","doi-asserted-by":"crossref","DOI":"10.1017\/CBO9780511626661","author":"R.Milner","year":"2009","journal-title":"The Space and Motion of Communicating Agents"},{"key":"jssmet.2010010104-29","author":"B.Nardi","year":"1999","journal-title":"Information ecologies: using technology with heart"},{"key":"jssmet.2010010104-30","unstructured":"NIST. (2009). Draft NIST Working Definition of Cloud Computing v14. Retrieved from http:\/\/csrc.nist.gov\/groups\/SNS\/cloud-computing\/"},{"key":"jssmet.2010010104-31","unstructured":"OECD. (n.d.). OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data. Retrieved from http:\/\/www.oecd.org"},{"key":"jssmet.2010010104-32","author":"M.Pidd","year":"2003","journal-title":"Tools for Thinking: Modelling in Management Science"},{"key":"jssmet.2010010104-33","article-title":"Complementarity in systems modelling","author":"M.Pidd","year":"2004","journal-title":"Systems Modelling: Theory and Practice"},{"key":"jssmet.2010010104-34","author":"M.Pidd","year":"2004","journal-title":"Computer Simulation in Management Science"},{"key":"jssmet.2010010104-35","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-662-03687-7","author":"W.Reisig","year":"1998","journal-title":"Elements of Distributed Algorithms: Modelling and Analysis with Petri Nets"},{"key":"jssmet.2010010104-36","unstructured":"Robbins, L. (1932, 1935). An Essay on the Nature and Significance of Economic Science, (2nd ed.). London: Macmillan."},{"key":"jssmet.2010010104-37","doi-asserted-by":"crossref","DOI":"10.1007\/978-1-4757-3550-5","author":"C.Stirling","year":"2001","journal-title":"Modal and Temporal Properties of Processes"},{"key":"jssmet.2010010104-38","first-page":"195","article-title":"A bayesian approach to real estate management","author":"H.Varian","year":"1974","journal-title":"Studies in Bayesian Economics in Honour of L.J. Savage"},{"key":"jssmet.2010010104-39","unstructured":"Varian, H. (2000, June 1). Managing Online Security Risks. New York Times."},{"key":"jssmet.2010010104-40","doi-asserted-by":"crossref","unstructured":"Winckler, M., Johnson, H., & Palanque, P. (2007). Task Models and Diagrams for User Interface Design (LNCS 4849). New York: Springer.","DOI":"10.1007\/978-3-540-77222-4"},{"key":"jssmet.2010010104-41","unstructured":"Yearworth, M., Monahan, B., & Pym, D. (2006, October 23-24). Predictive Modelling for Security Operations Economics. Paper presented at the Workshop on the Economics of Securing the Information Infrastructure (WESII), Washington, DC."},{"key":"jssmet.2010010104-42","doi-asserted-by":"publisher","DOI":"10.2307\/2289234"}],"container-title":["International Journal of Service Science, Management, Engineering, and Technology"],"original-title":[],"language":"ng","link":[{"URL":"https:\/\/www.igi-global.com\/viewtitle.aspx?TitleId=41008","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,5,31]],"date-time":"2023-05-31T17:06:48Z","timestamp":1685552808000},"score":1,"resource":{"primary":{"URL":"https:\/\/services.igi-global.com\/resolvedoi\/resolve.aspx?doi=10.4018\/jssmet.2010010104"}},"subtitle":[""],"short-title":[],"issued":{"date-parts":[[2010,1,1]]},"references-count":43,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2010,1]]}},"URL":"https:\/\/doi.org\/10.4018\/jssmet.2010010104","relation":{},"ISSN":["1947-959X","1947-9603"],"issn-type":[{"value":"1947-959X","type":"print"},{"value":"1947-9603","type":"electronic"}],"subject":[],"published":{"date-parts":[[2010,1,1]]}}}