Analysing Trust Issues in Cloud Identity Environments

Trust acts as a facilitator for decision making in environments, where decisions are subject to risk and uncertainty. Security is one of the factors contributing to the trust model that is a requirement for service users. In this paper we ask, What can be done to improve end user trust in choosing a cloud identity provider? Security and privacy are central issues in a cloud identity environment and it is the end user who determines the amount of trust they have in any identity system. This paper is an in-depth literature survey that evaluates identity service delivery in a cloud environment from the perspective of the service user

Trust in the context of subscription contracts

Trust plays an essential role in interorganizational interactions. It reduces uncertainty, ensures long-term relationships, positively influences innovation, product adoption, and serves as a solution to the commitment problem. This work observes trust in the context of a Software as a Service (SaaS) market. In a case study of a SaaS service provider and their customers, I apply the Ability, Benevolence, Integrity trust framework to illustrate the effect of individual trust dimensions on the relationship between the customer and the service provider. First, for integrity-based trust, I show a positive effect of early interactions with customer success teams on product usage. Second, I show that benevolence-based trust increases customer engagement. Third, I use supervised machine learning and explainability methods to illustrate the positive effect of the ABI trust dimensions on customer contract extensions. Methodologically, this work suggests a strategy for machine learning applications in sociological research. Finally, this work derives practical managerial implications for service providers

End-to-End Trust Fulfillment of Big Data Workflow Provisioning over Competing Clouds

Cloud Computing has emerged as a promising and powerful paradigm for delivering data- intensive, high performance computation, applications and services over the Internet. Cloud Computing has enabled the implementation and success of Big Data, a relatively recent phenomenon consisting of the generation and analysis of abundant data from various sources. Accordingly, to satisfy the growing demands of Big Data storage, processing, and analytics, a large market has emerged for Cloud Service Providers, offering a myriad of resources, platforms, and infrastructures. The proliferation of these services often makes it difficult for consumers to select the most suitable and trustworthy provider to fulfill the requirements of building complex workflows and applications in a relatively short time. In this thesis, we first propose a quality specification model to support dual pre- and post-cloud workflow provisioning, consisting of service provider selection and workflow quality enforcement and adaptation. This model captures key properties of the quality of work at different stages of the Big Data value chain, enabling standardized quality specification, monitoring, and adaptation. Subsequently, we propose a two-dimensional trust-enabled framework to facilitate end-to-end Quality of Service (QoS) enforcement that: 1) automates cloud service provider selection for Big Data workflow processing, and 2) maintains the required QoS levels of Big Data workflows during runtime through dynamic orchestration using multi-model architecture-driven workflow monitoring, prediction, and adaptation. The trust-based automatic service provider selection scheme we propose in this thesis is comprehensive and adaptive, as it relies on a dynamic trust model to evaluate the QoS of a cloud provider prior to taking any selection decisions. It is a multi-dimensional trust model for Big Data workflows over competing clouds that assesses the trustworthiness of cloud providers based on three trust levels: (1) presence of the most up-to-date cloud resource verified capabilities, (2) reputational evidence measured by neighboring users and (3) a recorded personal history of experiences with the cloud provider. The trust-based workflow orchestration scheme we propose aims to avoid performance degradation or cloud service interruption. Our workflow orchestration approach is not only based on automatic adaptation and reconfiguration supported by monitoring, but also on predicting cloud resource shortages, thus preventing performance degradation. We formalize the cloud resource orchestration process using a state machine that efficiently captures different dynamic properties of the cloud execution environment. In addition, we use a model checker to validate our monitoring model in terms of reachability, liveness, and safety properties. We evaluate both our automated service provider selection scheme and cloud workflow orchestration, monitoring and adaptation schemes on a workflow-enabled Big Data application. A set of scenarios were carefully chosen to evaluate the performance of the service provider selection, workflow monitoring and the adaptation schemes we have implemented. The results demonstrate that our service selection outperforms other selection strategies and ensures trustworthy service provider selection. The results of evaluating automated workflow orchestration further show that our model is self-adapting, self-configuring, reacts efficiently to changes and adapts accordingly while enforcing QoS of workflows

Relationship and Cloud Factors Affecting Government Confidence in the Public Cloud

Despite the advantages of the public cloud governments are still reluctant to deploy sensitive data and critical systems into the public cloud. The advantages of scalability and cost are attractive for governments and the current trend is for governments to consider placing more of their data and systems in the public cloud towards a more comprehensive government cloud solution. However, there are major concerns related to the public cloud that are especially significant to governments which are cause of reluctance in terms of public cloud adoption. Such concerns include security and privacy, governance, compliance, and performance. If these concerns are answered, governments will perceive less risk and be more confident to deploy to the public cloud. Besides the obvious technical solutions, which include improving security, another solution is an effective cloud service provider (CSP) - government relationship. Towards the development of such a solution the study contributes a novel approach to researching the CSP-government relationship in order to reveal, in depth and comprehensively, the relevant relationship and associated cloud issues, often neglected in previous research. Specifically, the developed research design was achieved through a mixed methods approach using a questionnaire and semi-structured interviews with senior IT professionals in various government ministries and departments in Saudi Arabia. The findings not only offer a comprehensive and in-depth understanding of the relationship, but also reveal specific relationship and cloud issues as problems towards the development of a solution to increase government confidence in the public cloud. Specifically, it was found that government were more concerned about areas of the cloud that are more relevant to government and there was often an associate lack of trust or perception of risk for these areas. Moreover, it was found that in relation to more specific areas of the cloud there was increasing concern in terms of trust and risk, the ability to negotiate and collaborate, and the perception of reputation. Based on these findings, which also revealed the various interplays between relationship factors as a novel contribution, the study offers recommendations to CSPs on how they may improve their relationship with the government. This is to be achieved through resolving relationship issues and associated cloud concerns within the relationship context towards improving government confidence in the public cloud. The findings also have implications for other parties which include governments considering the public cloud and those engaged in academic research in the area of government reluctance to use the public cloud