6 research outputs found
Calculating and Evaluating Trustworthiness of Certification Authority
In a public key infrastructure trust model, a trust is transferred along a set of certificates, issued by certificate authorities (CAs) considered as trustfully third parties, providing a trust chain among its entities. In order to deserve this trustworthiness, a CA should to apply the rigorous procedures for generating keys, checking the identities, and following reliable security practices. Any deficiency in these procedures may in?uence its trustworthiness. In this context, some authorities could be weaker than others. Then, relying parties (RPs) and certificate holders (CHs) need a mechanism to evaluate CA trustworthiness. In this paper, we provide them this mechanism to have information about its trustworthiness. In fact, we propose a trust level calculation algorithm that is based on three parameters which are the CA reputation, the quality of procedures described in the certi?cate policy and its security maturity level
IoT trust and reputation: a survey and taxonomy
IoT is one of the fastest-growing technologies and it is estimated that more
than a billion devices would be utilized across the globe by the end of 2030.
To maximize the capability of these connected entities, trust and reputation
among IoT entities is essential. Several trust management models have been
proposed in the IoT environment; however, these schemes have not fully
addressed the IoT devices features, such as devices role, device type and its
dynamic behavior in a smart environment. As a result, traditional trust and
reputation models are insufficient to tackle these characteristics and
uncertainty risks while connecting nodes to the network. Whilst continuous
study has been carried out and various articles suggest promising solutions in
constrained environments, research on trust and reputation is still at its
infancy. In this paper, we carry out a comprehensive literature review on
state-of-the-art research on the trust and reputation of IoT devices and
systems. Specifically, we first propose a new structure, namely a new taxonomy,
to organize the trust and reputation models based on the ways trust is managed.
The proposed taxonomy comprises of traditional trust management-based systems
and artificial intelligence-based systems, and combine both the classes which
encourage the existing schemes to adapt these emerging concepts. This
collaboration between the conventional mathematical and the advanced ML models
result in design schemes that are more robust and efficient. Then we drill down
to compare and analyse the methods and applications of these systems based on
community-accepted performance metrics, e.g. scalability, delay,
cooperativeness and efficiency. Finally, built upon the findings of the
analysis, we identify and discuss open research issues and challenges, and
further speculate and point out future research directions.Comment: 20 pages, 5 Figures, 3 tables, Journal of cloud computin
IoT trust and reputation: a survey and taxonomy
IoT is one of the fastest-growing technologies and it is estimated that more
than a billion devices would be utilized across the globe by the end of 2030.
To maximize the capability of these connected entities, trust and reputation
among IoT entities is essential. Several trust management models have been
proposed in the IoT environment; however, these schemes have not fully
addressed the IoT devices features, such as devices role, device type and its
dynamic behavior in a smart environment. As a result, traditional trust and
reputation models are insufficient to tackle these characteristics and
uncertainty risks while connecting nodes to the network. Whilst continuous
study has been carried out and various articles suggest promising solutions in
constrained environments, research on trust and reputation is still at its
infancy. In this paper, we carry out a comprehensive literature review on
state-of-the-art research on the trust and reputation of IoT devices and
systems. Specifically, we first propose a new structure, namely a new taxonomy,
to organize the trust and reputation models based on the ways trust is managed.
The proposed taxonomy comprises of traditional trust management-based systems
and artificial intelligence-based systems, and combine both the classes which
encourage the existing schemes to adapt these emerging concepts. This
collaboration between the conventional mathematical and the advanced ML models
result in design schemes that are more robust and efficient. Then we drill down
to compare and analyse the methods and applications of these systems based on
community-accepted performance metrics, e.g. scalability, delay,
cooperativeness and efficiency. Finally, built upon the findings of the
analysis, we identify and discuss open research issues and challenges, and
further speculate and point out future research directions.Comment: 20 pages, 5 Figures, 3 tables, Journal of cloud computin
Find My Trustworthy Fogs: A Fuzzy-based Trust Evaluation Framework
The growth of IoT is proven with the massive amount of data generated in 2015, and expected to be even more in the years to come. Relying on the cloud to meet the expanding volume, variety, and velocity of data that the IoT generates may not be feasible. In the last two years, fog computing has become a considerably important research topic in an attempt to reduce the burden on cloud and solve cloud's inability to meet the IoT latency requirement. However, fog environment is different than in cloud since fog environment is far more distributed. Due to the dynamic nature of fog, backups such as redundant power supply would deem unnecessary, and relying on just one Internet Service Provider for their fog device would be sufficient. If obstacles arise in this fog environment, factors such as latency, availability or reliability would in turn be unstable. Fogs become harder to trust, and this issue is more complicated and challenging in comparison to the conventional cloud. This implies that trustworthiness in fog is an imperative issue that needs to be addressed. With the help of a broker, managing trust in a distributive environment can be tackled. Acting as an intermediary, a broker helps in facilitating negotiation between two parties. Although the brokering concept has been around for a long time and is widely used in the cloud, it is a new concept in fog computing. As of late, there are several research studies that incorporates broker in fog where these brokers focus towards pricing management. However to the best of our knowledge there is no literature on broker-based trust evaluation in fog service allocation. This is the first work that proposes broker-based trust evaluation framework that focuses on identifying a trustworthy fog to fulfi ll the user requests. In this paper, fuzzy logic is used as the basis for the evaluation while considering the availability and cost of fog. We propose Request Matching algorithm to identify a user request, and Fuzzy-based Filtering algorithm to match the request with one of the predefi ned sets created and managed by the broker. In this paper, we present a use case that illustrates how fuzzy logic works in determining the trustworthiness of a fog. Our findings suggest that the algorithms can successfully provide users a trustworthy fog that matches their requirement
Modelo de Calidad para Servicios Cloud
[EN] Modelo de Calidad para Servicios Cloud
4
Abstract
Context:
Cloud computing is a model of provision and consumption of services that offers
many advantages to companies (high availability, flexibility, maximum utilization of resources,
etc.) that result in quality requirements that must be met by the servi
ce. In recent years there
have been proposed numerous quality attributes and metrics for cloud services, but there is no
study to collect this information and classified it with respect to internal and external
characteristics of service (Quality of Servic
e
-
QoS) and characteristics in use of the service
(Quality of Experience
-
QoE).
Objective:
The objective of
this
final master
’s work
is to define a model specific quality cloud
services aligned with the ISO /
IEC 25010, which integrate the quality feature
s, attributes and
metrics proposed in the literature and
which allow
to assess the quality cloud of artifacts in
various stages of the life cycle.
Method:
We performed a systematic review of the literature in order to identify and analyze
the attributes an
d quality metrics proposed to assess the quality of cloud services. This method
has been widely used in the field of Software Engineering and has proven useful to collect and
analyze existing information on a particular research topic.
Results:
The result
is a quality model for cloud services which has been built from 178
attributes and 364 metric obtained as a result of the systematic review. In particular, the results
of the review indicate that 48% of proposals are metrics to measure performance efficien
cy,
reliability metrics following him with 23%. With respect to the phase of the life cycle, 55% of
these metrics are used in the operation phase and 32% in the acquisition phase. Regarding the
point of view of stakeholders, 39% of the metrics are oriented
to the service provider, 33%
consumer, 7% to the facilitator (broker) and only 5% service developer. With respect to cloud
evaluated artifacts, most metrics (97%) are applied to the cloud service being tested or deployed
in the cloud; only 2% of the metri
cs are applied to the service architecture and 1% on the service
specification. With regard to the validation, the results show that 99% of metric proposals lack
any type of validation, although 44% presents a proof of concept illustrating how the metrics
can be used. Additionally, we identified 27 attributes for cloud services, the elasticity was the
most named, with 14%.
Conclusions:
The results of this work have provided relevant information on the current
status and gaps that exist in the field of quali
ty assessment of cloud services. They have also
allowed us to define a quality model to meet some identified shortcomings. As future work, we
intend to refine the proposed model, propose new metrics and adapt some existing
architectures for evaluating clou
d and empirical studies to provide evidence about
theusefulness of a set of metrics[ES] El trabajo consiste en definir un modelo de calidad que determine las características de los servicios cloud y proporcione los mecanismos necesarios para evaluar su calidad. Se realizará una revisión sistemática de la literatura con el objetivo de identificar un conjunto de atributos de calidad, métricas e indicadores que permitirán medir las características identificadas. Como resultado se obtendrá un modelo de calidad alineado con la ISO/IEC 25010 que integrará las características de calidad, atributos, métricas e indicadores que dan soporte a su evaluación.[CA] Context: La computacio en el nuvol es un model de prestacio i consum de servicis que oferix moltes ventages a les empreses (alta disponibilitat, elasticitat, maxim aprofitament de recursos, etc.) que se traduixen en requisits de calitat que deuen ser complits pel servici. En els ultims anys s'han propost numerosos atributs de calitat i metriques per a servicis cloud, pero no existix un estudi que recoja esta informacio i la classifique en respecte a les caracteristiques internes i externes del servici (Quality of Service – QoS), aixina com caracteristiques en us del servici (Quality of Experience – QoE).
Objectiu: L'objectiu d'este treball de fi de máster es definir un model de calitat especifica per a servicis cloud, enringlerat en l'ISO/IEC 25010, que integre les caracteristiques de calitat, atributs i metriques proposts en la lliteratura i que permeten evaluar la calitat dels artefactes cloud en distintes fases del cicle de vida.
Metodo: S'ha realisat una revisio sistematica de la lliteratura en l'objectiu d'identificar i analisar els atributs i metriques de calitat propostes per a evaluar la calitat dels servicis cloud. Este metodo ha segut utilisat extensament en l'ambit de l'Ingenieria del Software i ha demostrat ser util per a recopilar i analisar l'informacio existent relativa a un determinat tema d'investigacio.
Resultats: El resultat es un model de calitat per a servicis cloud que ha segut construit a partir dels 178 atributs i 364 metriques obtingudes com resultat de la revisio sistematica. En particular, els resultats de la revisio indiquen que el 48% de les metriques propostes son per a mesurar Eficiencia de desempenyorament, seguint-li les metriques de fiabilidad en en un 23%. En respecte a la fase del cicle de vida, un 55% d'estes metriques s'utilisen en la fase d'Operacio i un 32% en la fase d'Adquisicio. En respecte al punt de vista dels stakeholders, el 39% de les metriques estan orientades al proveïdor del servici, el 33% al consumidor, el 7% al facilitador (bróker) i nomes un 5% al desarrollador del servici. En respecte als artefactes cloud valorats, la majoria de les metriques (97%) s'apliquen sobre el servici cloud en fase de proves o desplegat en el cloud; nomes un 2% de les metriques s'apliquen sobre l'arquitectura del servici i un 1% sobre l'especificacio del servici. En respecte a la validacio, els resultats mostren que el 99% de les metriques propostes carixen de qualsevol tipo de validacio, encara que el 44% presenta una prova de concepte que ilustra com se pot utilisar les metriques. Adicionalment identifiquem 27 atributs propis dels servicis cloud, sent l'elasticitat el mes nomenat, en 14%.
Conclusions: Els resultats del treball han proporcionat informacio rellevant sobre l'estat actual i les carencies que existixen en l'ambit de l'evaluacio de la calitat dels servicis cloud. Tambe mos han permes definir un model de calitat per a suplir algunes carencies identificades. Com trabajos futurs, pretenem refinar el model propost, propondre noves metriques i adaptar algunes existents per a l'evaluacio d'arquitectures cloud, aixina com realisar estudios empirics per a proporcionar evidencia al voltant de l'utilitat d'un conjunt de metriquesNavas Rosales, RM. (2016). Modelo de Calidad para Servicios Cloud. http://hdl.handle.net/10251/77847TFG
Modelo Comparativo de Plataformas Cloud y Evaluación de Microsoft Azure, Google App Engine y AmazonEC2
[ES] Existe una gran cantidad de proveedores de servicios en la nube siendo los más
importantes Microsoft, Google y Amazon. Otros proveedores también son Rackspace,
IBM, Oracle, Salesforce, etc. Un aspecto relevante para los desarrolladores y clientes
es conocer las características de estos proveedores para tener información objetiva de
cómo elegir entre una plataforma u otra dependiendo de sus objetivos y necesidades.
En este proyecto se ha realizado un estudio para determinar las características de
calidad relevantes de las plataformas cloud y se ha propuesto un modelo de calidad
basado en la ISO/IEC 25010 para guiar a los usuarios en la comparación y selección
de dichas plataformas. El modelo está soportado por un sistema de recomendación
que permite a los usuarios especificar sus objetivos y comparar plataformas cloud
mediante un conjunto de atributos y métricas de calidad. Este modelo se ha aplicado a
un estudio para comparar las plataformas Microsoft Azure, Google App Engine y
Amazon Elastic Compute Cloud (EC2) permitiendo la evaluación de sus características
de calidad más relevantes.[EN] There is a large number of cloud service providers being the most important
Microsoft, Google and Amazon. Other providers are also Rackspace, IBM, Oracle,
Salesforce, etc. A relevant aspect for developers and customers is to determine the
characteristics of these providers to have objective information on how to choose
between one platform or another depending on their objectives and needs. In this
project, we have carried out a study to determine the relevant quality characteristics of
cloud platforms and a quality model based on ISO/IEC 25010 has been proposed to
guide users in the comparison and selection of these platforms. The model is
supported by a recommendation system that allows users to specify their objectives
and compare cloud platforms through a set of quality attributes and metrics. This model
has been applied to a case study which compares the Microsoft Azure, Google App
Engine and Amazon Elastic Compute Cloud (EC2) platforms allowing the evaluation of
its most relevant quality characteristics.Álvarez Vañó, JM. (2018). Modelo Comparativo de Plataformas Cloud y Evaluación de Microsoft Azure, Google App Engine y AmazonEC2. http://hdl.handle.net/10251/101221TFG