16,557 research outputs found
Trust Management Model for Cloud Computing Environment
Software as a service or (SaaS) is a new software development and deployment
paradigm over the cloud and offers Information Technology services dynamically
as "on-demand" basis over the internet. Trust is one of the fundamental
security concepts on storing and delivering such services. In general, trust
factors are integrated into such existent security frameworks in order to add a
security level to entities collaborations through the trust relationship.
However, deploying trust factor in the secured cloud environment are more
complex engineering task due to the existence of heterogeneous types of service
providers and consumers. In this paper, a formal trust management model has
been introduced to manage the trust and its properties for SaaS in cloud
computing environment. The model is capable to represent the direct trust,
recommended trust, reputation etc. formally. For the analysis of the trust
properties in the cloud environment, the proposed approach estimates the trust
value and uncertainty of each peer by computing decay function, number of
positive interactions, reputation factor and satisfaction level for the
collected information.Comment: 5 Pages, 2 Figures, Conferenc
My Private Cloud Overview: A Trust, Privacy and Security Infrastructure for the Cloud
Based on the assumption that cloud providers can be trusted (to a certain extent) we define a trust, security and privacy preserving infrastructure that relies on trusted cloud providers to operate properly. Working in tandem with legal agreements, our open source software supports: trust and reputation management, sticky policies with fine grained access controls, privacy preserving delegation of authority, federated identity management, different levels of assurance and configurable audit trails. Armed with these tools, cloud service providers are then able to offer a reliable privacy preserving infrastructure-as-a-service to their clients
Enforcing reputation constraints on business process workflows
The problem of trust in determining the flow of execution of business processes has been in the centre of research interst in the last decade as business processes become a de facto model of Internet-based commerce, particularly with the increasing popularity in Cloud computing. One of the main mea-sures of trust is reputation, where the quality of services as provided to their clients can be used as the main factor in calculating service and service provider reputation values. The work presented here contributes to the solving of this problem by defining a model for the calculation of service reputa-tion levels in a BPEL-based business workflow. These levels of reputation are then used to control the execution of the workflow based on service-level agreement constraints provided by the users of the workflow. The main contribution of the paper is to first present a formal meaning for BPEL processes, which is constrained by reputation requirements from the users, and then we demonstrate that these requirements can be enforced using a reference architecture with a case scenario from the domain of distributed map processing. Finally, the paper discusses the possible threats that can be launched on such an architecture
Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments
Decentralized systems are a subset of distributed systems where multiple
authorities control different components and no authority is fully trusted by
all. This implies that any component in a decentralized system is potentially
adversarial. We revise fifteen years of research on decentralization and
privacy, and provide an overview of key systems, as well as key insights for
designers of future systems. We show that decentralized designs can enhance
privacy, integrity, and availability but also require careful trade-offs in
terms of system complexity, properties provided, and degree of
decentralization. These trade-offs need to be understood and navigated by
designers. We argue that a combination of insights from cryptography,
distributed systems, and mechanism design, aligned with the development of
adequate incentives, are necessary to build scalable and successful
privacy-preserving decentralized systems
- …