A Survey of Trust Management Models for Cloud Computing

Over the past few years, cloud computing has been widely adopted as a paradigm for large-scale infrastructures. In such a scenario, new security risks arise when different entities or domains share the same group of resources. Involved organizations need to establish some kind of trust relationships, able to define appropriate rules that can control which and how resources and services are going to be shared. The management of trust relationships represents a key challenge in order to meet high security requirements in cloud computing environments. This allows also to boost consumers confidence in cloud services, promoting its adoption. Establishing trust with cloud service providers supports to have confidence, control, reliability, and to avoid commercial issues like lock in. This paper proposes a survey of existing trust management models addressing collaboration agreements in cloud computing scenarios. Main limitations of current approaches are outlined and possible improvements are traced, as well as a future research path

Research on Methods for Discovering and Selecting Cloud Infrastructure Services Based on Feature Modeling

Nowadays more and more cloud infrastructure service providers are providing large numbers of service instances which are a combination of diversified resources, such as computing, storage, and network. However, for cloud infrastructure services, the lack of a description standard and the inadequate research of systematic discovery and selection methods have exposed difficulties in discovering and choosing services for users. First, considering the highly configurable properties of a cloud infrastructure service, the feature model method is used to describe such a service. Second, based on the description of the cloud infrastructure service, a systematic discovery and selection method for cloud infrastructure services are proposed. The automatic analysis techniques of the feature model are introduced to verify the model’s validity and to perform the matching of the service and demand models. Finally, we determine the critical decision metrics and their corresponding measurement methods for cloud infrastructure services, where the subjective and objective weighting results are combined to determine the weights of the decision metrics. The best matching instances from various providers are then ranked by their comprehensive evaluations. Experimental results show that the proposed methods can effectively improve the accuracy and efficiency of cloud infrastructure service discovery and selection

A predictive model for risk and trust assessment in cloud computing: taxonomy and analysis for attack pattern detection

Cloud computing environments consist of many entities that have different roles, such as provider and customer, and multiple interactions amongst them. Trust is an essential element to develop confidence-based relationships amongst the various components in such a diverse environment. The current chapter presents the taxonomy of trust models and classification of information sources for trust assessment. Furthermore, it presents the taxonomy of risk factors in cloud computing environment. It analyses further the existing approaches and portrays the potential of enhancing trust development by merging trust assessment and risk assessment methodologies. The aim of the proposed solution is to combine information sources collected from various trust and risk assessment systems deployed in cloud services, with data related to attack patterns. Specifically, the approach suggests a new qualitative solution that could analyse each symptom, indicator, and vulnerability in order to detect the impact and likelihood of attacks directed at cloud computing environments. Therefore, possible implementation of the proposed framework might help to minimise false positive alarms, as well as to improve performance and security, in the cloud computing environment

Evaluation Theory for Characteristics of Cloud Identity Trust Framework

Trust management is a prominent area of security in cloud computing because insufficient trust management hinders cloud growth. Trust management systems can help cloud users to make the best decision regarding the security, privacy, Quality of Protection (QoP), and Quality of Service (QoS). A Trust model acts as a security strength evaluator and ranking service for the cloud and cloud identity applications and services. It might be used as a benchmark to setup the cloud identity service security and to find the inadequacies and enhancements in cloud infrastructure. This chapter addresses the concerns of evaluating cloud trust management systems, data gathering, and synthesis of theory and data. The conclusion is that the relationship between cloud identity providers and Cloud identity users can greatly benefit from the evaluation and critical review of current trust models

Acceptance model of SaaS cloud computing at northern Malaysian main campus public universities

Technology advancement has side effects, although it has moved in a fast pace that facilitated life and increased business revenue. To cope with negative aspects while looking for friendly technology, Software as a Service (SaaS) Cloud Computing emerged to preserve natural resources, effectively utilize computing and power consumption, while achieving performance, decreasing cost, and increasing revenue. Yet, there are paucity in empirical studies investigating salient factors affecting the usage, acceptance, or adoption of SaaS services from the individual perspectives specifically in higher education sector. The main objective of this study is to investigate the salient factors with proper model that includes technical, social and control characteristics, as well as user security predisposition. Besides, educational level has also proven to be influential in adopting innovations. Hence, probing its role is another objective. The last objective is to investigate differences between student and lecturer groups in the relationships postulated in the model. A survey with questionnaires was conducted on students and lecturers in four public universities in Northern Malaysia. The scope of the acceptance is to investigate the personal-level use of SaaS services. Decomposed Theory of Planned Behaviour (DTPB) and Diffusion of Innovation Theory (DOI) were applied. Results revealed appropriateness of the model although the role of Trialability and Subjective Norms were not significance. The findings contribute to the body of knowledge and literature in highlighting the role of these factors that SaaS providers could benefit in planning for new services and in promoting SaaS usage to universities

Analysing Trust Issues in Cloud Identity Environments

Trust acts as a facilitator for decision making in environments, where decisions are subject to risk and uncertainty. Security is one of the factors contributing to the trust model that is a requirement for service users. In this paper we ask, What can be done to improve end user trust in choosing a cloud identity provider? Security and privacy are central issues in a cloud identity environment and it is the end user who determines the amount of trust they have in any identity system. This paper is an in-depth literature survey that evaluates identity service delivery in a cloud environment from the perspective of the service user

Cloud Broker Based Trust Assessment of Cloud Service Providers

Cloud computing is emerging as the future Internet technology due to its advantages such as sharing of IT resources, unlimited scalability and flexibility and high level of automation. Along the lines of rapid growth, the cloud computing technology also brings in concerns of security, trust and privacy of the applications and data that is hosted in the cloud environment. With large number of cloud service providers available, determining the providers that can be trusted for efficient operation of the service deployed in the provider’s environment is a key requirement for service consumers. In this thesis, we provide an approach to assess the trustworthiness of the cloud service providers. We propose a trust model that considers real-time cloud transactions to model the trustworthiness of the cloud service providers. The trust model uses the unique uncertainty model used in the representation of opinion. The Trustworthiness of a cloud service provider is modelled using opinion obtained from three different computations, namely (i) compliance of SLA (Service Level Agreement) parameters (ii) service provider satisfaction ratings and (iii) service provider behaviour. In addition to this the trust model is extended to encompass the essential Cloud characteristics, credibility for weighing the feedbacks and filtering mechanisms to filter the dubious feedback providers. The credibility function and the early filtering mechanisms in the extended trust model are shown to assist in the reduction of impact of malicious feedback providers

E-Journals and the Big Deal: A Review of the Literature

Faced with shrinking budgets and increased subscription prices, many academic libraries are seeking ways to reduce the cost of e-journal access. A common target for cuts is the “Big Deal,” or large bundled subscription model, a term coined by Kenneth Frazier in a 2001 paper criticizing the effects of the Big Deal on the academic community. The purpose of this literature review is to examine issues related to reducing e-journal costs, including criteria for subscription retention or cancellation, decision-making strategies, impacts of cancellations, and other options for e-journal content provision. Commonly used criteria for decision-making include usage statistics, overlap analysis, and input from subject specialists. The most commonly used strategy for guiding the process and aggregating data is the rubric or decision grid. While the e-journal landscape supports several access models, such as Pay-Per-View, cloud access, and interlibrary loan, the Big Deal continues to dominate. Trends over the past several years point to dwindling support for the Big Deal however, due largely to significant annual rate increases and loss of content control

FASTCloud: A framework of assessment and selection for trustworthy cloud service based on QoS

By virtue of technology and benefit advantages, cloud computing has increasingly attracted a large number of potential cloud consumers (PCC) plan to migrate the traditional business to the cloud service. However, trust has become one of the most challenging issues that prevent the PCC from adopting cloud services, especially in trustworthy cloud service selection. Besides, due to the diversity and dynamic of quality of service (QoS) in the cloud environment, the existing trust assessment methods based on the single constant value of QoS attribute and the subjective weight assignment are not good enough to provide an effective solution for PCCs to identify and select a trustworthy cloud service among a wide range of functionally-equivalent cloud service providers (CSPs). To address the challenge, a novel assessment and selection framework for trustworthy cloud service, FASTCloud, is proposed in this study. This framework facilitates PCCs to select a trustworthy cloud service based on their actual QoS requirements. In order to accurately and efficiently assess the trust level of cloud services, a QoS-based trust assessment model is proposed. This model represents a trust level assessment method based on the interval multiple attributes with an objective weight assignment method based on the deviation maximization to adaptively determine the trust level of different cloud services provisioned by candidate CSPs. The advantage of the proposed trust level assessment method in time complexity is demonstrated by the performance analysis and comparison. The experimental result of a case study with an open-source dataset shows that the trust model is efficient in cloud service trust assessment and the FASTCloud can effectively help PCCs select a trustworthy cloud service

Data centric trust evaluation and prediction framework for IOT

© 2017 ITU. Application of trust principals in internet of things (IoT) has allowed to provide more trustworthy services among the corresponding stakeholders. The most common method of assessing trust in IoT applications is to estimate trust level of the end entities (entity-centric) relative to the trustor. In these systems, trust level of the data is assumed to be the same as the trust level of the data source. However, most of the IoT based systems are data centric and operate in dynamic environments, which need immediate actions without waiting for a trust report from end entities. We address this challenge by extending our previous proposals on trust establishment for entities based on their reputation, experience and knowledge, to trust estimation of data items [1-3]. First, we present a hybrid trust framework for evaluating both data trust and entity trust, which will be enhanced as a standardization for future data driven society. The modules including data trust metric extraction, data trust aggregation, evaluation and prediction are elaborated inside the proposed framework. Finally, a possible design model is described to implement the proposed ideas