Trust Management Model for Cloud Computing Environment

Software as a service or (SaaS) is a new software development and deployment paradigm over the cloud and offers Information Technology services dynamically as "on-demand" basis over the internet. Trust is one of the fundamental security concepts on storing and delivering such services. In general, trust factors are integrated into such existent security frameworks in order to add a security level to entities collaborations through the trust relationship. However, deploying trust factor in the secured cloud environment are more complex engineering task due to the existence of heterogeneous types of service providers and consumers. In this paper, a formal trust management model has been introduced to manage the trust and its properties for SaaS in cloud computing environment. The model is capable to represent the direct trust, recommended trust, reputation etc. formally. For the analysis of the trust properties in the cloud environment, the proposed approach estimates the trust value and uncertainty of each peer by computing decay function, number of positive interactions, reputation factor and satisfaction level for the collected information.Comment: 5 Pages, 2 Figures, Conferenc

Protection and efficient management of big health data in cloud environment

University of Technology Sydney. Faculty of Engineering and Information Technology.Healthcare data has become a great concern in the academic world and in industry. The deployment of electronic health records (EHRs) and healthcare-related services on cloud platforms will reduce the cost and complexity of handling and integrating medical records while improving efficiency and accuracy. To make effective use of advanced features such as high availability, reliability, and scalability of Cloud services, EHRs have to be stored in the clouds. By exposing EHRs in an outsourced environment, however, a number of serious issues related to data security and privacy, distribution and processing such as the loss of the controllability, different data formats and sizes, the leakage of sensitive information in processing, sensitive-delay requirements has been naturally raised. Many attempts have been made to address the above concerns, but most of the attempts tackled only some aspects of the problem. Encryption mechanisms can resolve the data security and privacy requirements but introduce intensive computing overheads as well as complexity in key distribution. Data is not guaranteed being protected when it is moved from one cloud to another because clouds may not use equivalent protection schemes. Sensitive data is being processed at only private clouds without sufficient resources. Consequently, Cloud computing has not been widely adopted by healthcare providers and users. Protecting and managing health data efficiently in many aspects is still an open question for current research. In this dissertation, we investigate data security and efficient management of big health data in cloud environments. Regarding data security, we establish an active data protection framework to protect data; we investigate a new approach for data mobility; we propose trusted evaluation for cloud resources in processing sensitive data. For efficient management, we investigate novel schemes and models in both Cloud computing and Fog computing for data distribution and data processing to handle the rapid growth of data, higher security on demand, and delay requirements. The novelty of this work lies in the novel data mobility management model for data protection, the efficient distribution scheme for a large-scale of EHRs, and the trust-based scheme in security and processing. The contributions of this thesis can be summarized according to data security and efficient data management. On data security, we propose a data mobility management model to protect data when it is stored and moved in clouds. We suggest a trust-based scheduling scheme for big data processing with MapReduce to fulfil both privacy and performance issues in a cloud environment. • The data mobility management introduces a new location data structure into an active data framework, a Location Registration Database (LRD), protocols for establishing a clone supervisor and a Mobility Service (MS) to handle security and privacy requirements effectively. The model proposes a novel security approach for data mobility and leads to the introduction of a new Data Mobility as a Service (DMaaS) in the Cloud. • The Trust-based scheduling scheme investigates a novel composite trust metric and a real-time trust evaluation for cloud resources to provide the highest trust execution on sensitive data. The proposed scheme introduces a new approach for big data processing to meet with high security requirements. On the efficient data management, we propose a novel Hash-Based File Clustering (HBFC) scheme and data replication management model to distribute, store and retrieve EHRs efficiently. We propose a data protection model and a task scheduling scheme which is Region-based for Fog and Cloud to address security and local performance issues. • The HBFC scheme innovatively utilizes hash functions to cluster files in defined clusters such that data can be stored and retrieved quickly while maintaining the workload balance efficiently. The scheme introduces a new clustering mechanism in managing a large-scale of EHRs to deliver healthcare services effectively in the cloud environment. • The trust-based scheduling model uses the proposed trust metric for task scheduling with MapReduce. It not only provides maximum trust execution but also increases resource utilization significantly. The model suggests a new trust-oriented scheduling mechanism between tasks and resources with MapReduce. • We introduce a novel concept “Region” in Fog computing to handle the data security and local performance issues effectively. The proposed model provides a novel Fog-based Region approach to handle security and local performance requirements. We implement and evaluate our proposed models and schemes intensively based on both real infrastructures and simulators. The outcomes demonstrate the feasibility and the efficiency of our research in this thesis. By proposing innovative concepts, metrics, algorithms, models, and services, the significant contributions of this thesis enable both healthcare providers and users to adopt cloud services widely, and allow significant improvements in providing better healthcare services

Cloud computing in government organizations: towards a new comprehensive model

Cloud computing is a new information technology paradigm, one which has been adopted in many different sectors. Many developing countries are working on improving e-government to provide services to their citizens that are integrated and effective. Therefore, the Saudi government has made improving e-government a high priority. The aim of this study is to explore significant factors affecting the adoption of cloud computing in e-government services in Saudi Arabia as a case study. After identifying these factors, we propose a new comprehensive model for the Adoption of Cloud Computing in Saudi G-GOVernment (ACCE-GOV) that has been adopted from the Technology Organisation Environment (TOE) framework and the Diffusion of Innovations (DOI) theory. This research model examines factors of technological context (compatibility, complexity, service quality, security, and relative advantages), organisational context (top management support, organisation size, and technology readiness), environmental context (regulations and competitive pressures), and social context (awareness, trust, and attitude) in regard to the adoption of cloud computing. Ultimately, this study enhances the decision-making of the Saudi government through understanding and highlighting the most important factors that influence the adoption of cloud computing in an e-government context. This is a position paper, reporting on the work in progress. The findings of this study will be useful for the researchers who considers suitability of different methodological approaches for cloud computing adoption and evaluation

Distributed Infrastructure for an Academic Cloud

The various community infrastructure literature reveals the challenges in educational institutions to embrace cloud computing trends. Setting up an own data center in effect means a private cloud. If research on the open cloud services is available within the institution, then the rollout of such research products becomes an in-house implementation. Thus, even reducing the dependence on cloud vendors. Distribution of resources opens the channel for better communication within academic institutions. It also attracts opportunities to procure individual hardware with a bigger gain. Enormous spending and unaccounted credits fall into central budgets if not controlled in a structured manner. Also, increasing the overall data management cost as an institution needs a different perspective for its’ long-term benefits. The expenses allow branching the cloud management tasks either in a vendor’s private cloud or own Cloud if feasible. Bigdata does touch the academics to so much extent that such disparate de-central data management creates several pitfalls. The solution then suggested to have a controlled environment claimed as distributed computing. Infrastructure spending shoots up with a pay as you go model. We claim that a distributed infrastructure as an excellent opportunity in the computing when performed at the cost of trust of a private cloud. The open-source movements experiment the distributed clouds by promoting OpenStack swift

Remote attestation of SEV-SNP confidential VMs using e-vTPMs

Departing from "your data is safe with us" model where the cloud infrastructure is trusted, cloud tenants are shifting towards a model in which the cloud provider is not part of the trust domain. Both silicon and cloud vendors are trying to address this shift by introducing confidential computing - an umbrella term that provides mechanisms for protecting the data in-use through encryption below the hardware boundary of the CPU, e.g., Intel Software Guard Extensions (SGX), AMD secure encrypted virtualization (SEV), Intel trust domain extensions (TDX), etc. In this work, we design and implement a virtual trusted platform module (vTPM) that virtualizes the hardware root-of-trust without requiring to trust the cloud provider. To ensure the security of a vTPM in a provider-controlled environment, we leverage unique isolation properties of the SEV-SNP hardware and a novel approach to ephemeral TPM state management. Specifically, we develop a stateless ephemeral vTPM that supports remote attestation without persistent state. This allows us to pair each confidential VM with a private instance of a vTPM that is completely isolated from the provider-controlled environment and other VMs. We built our prototype entirely on open-source components - Qemu, Linux, and Keylime. Though our work is AMD-specific, a similar approach could be used to build remote attestation protocol on other trusted execution environments (TEE).Comment: 12 pages, 4 figure

Exploring Trust in Cloud Computing for a Governmental Organization in Ethiopia: A Case Study

Organizations face a rapidly changing environment that forces them to seek high computing power. The problem was how to overcome factors that cause managers at governmental organizations in Ethiopia to be reluctant to trust cloud computing, while some managers overcame this lack of trust. The purpose of this qualitative, single case study was to provide a deeper understanding of how a governmental organization in Ethiopia overcame the factors that adversely influenced managers of other organizations to the extent that they distrusted and decided against adopting cloud computing. The population for this study was comprised of 12 managers from a governmental organization in Ethiopia who had successfully overcome the negative factors and, consequently, decided to trust and adopt cloud computing. The conceptual framework for this study was derived from the technology-organization-environment model. Data were collected using semistructured interviews, observing meetings, and reviewing organizational documents. Thematic analysis techniques were used in coding the data and developing themes. The emergent factors that helped managers to overcome negative factors included building trust in, and forming agreements with, cloud service providers; being a good follower; having senior management support; and meeting customers’ demands. The recommendation is to establish a telecom regulatory authority to improve the infrastructure of the country. Decision-makers should consider policies to enhance the success of cloud-based service implementations. The results of this study could contribute to economic growth by firms in adopting cloud computing to automate their services which could lead to positive social change within the population

Re-Encryption-Based Key Management Towards Secure and Scalable Mobile Applications in Clouds

Cloud computing confers strong economic advantages, but many clients are reluctant to implicitly trust a third-party cloud provider. To address these security concerns, data may be transmitted and stored in encrypted form. Major challenges exist concerning the aspects of the generation, distribution, and usage of encryption keys in cloud systems, such as the safe location of keys, and serving the recent trend of users that tend to connect to contemporary cloud applications using resource-constrained mobile devices in extremely large numbers simultaneously; these characteristics lead to difficulties in achieving efficient and highly scalable key management. In this work, a model for key distribution based on the principle of dynamic data re-encryption is applied to a cloud computing system in a unique way to address the demands of a mobile device environment, including limitations on client wireless data usage, storage capacity, processing power, and battery life. The proposed cloud-based re-encryption model is secure, efficient, and highly scalable in a cloud computing context, as keys are managed by the client for trust reasons, processor-intensive data re-encryption is handled by the cloud provider, and key redistribution is minimized to conserve communication costs on mobile devices. A versioning history mechanism effectively manages keys for a continuously changing user population. Finally, an implementation on commercial mobile and cloud platforms is used to validate the performance of the model

An enhancement of toe model by investigating the influential factors of cloud adoption security objectives

Cloud computing (CC) is a future technological trend for technological infrastructure development. And it is growing strongly as the backbone of industrial future technological infrastructure. As CC service has a lot to offer, it also has some major downside that clients cannot ignore. For CC service adoption, the potential candidates are SMEs but due to lack of resources, experience, expertise and low financial structure scenario CC can be most helpful. CC faces a major issue in term of cloud security, an organization doesn’t understand the cloud security factors in the organization and data owner doubts about their data. In the research paper, an investigation on the cloud security objectives to find out the influential factors for cloud adoption in SMEs by proposing an enhancement of Technology-Organization-Environment (TOE) model with some positive influential factor like cloud security, relative advantages, cost saving, availability, SLA, capability, top management, organizational readiness, IS knowledge, malicious insiders, government regulatory support, competitive pressure, size and type. Some negative influencing factors like technological readiness, cloud trust and lack of standards in cloud security. Data were collected by questionnaires from a selected IT company based on SaaS and public cloud. Case study method has been used for validating the enhance TOE model. The IBM Statistics SPSS v22 tool was used for data analysis. The results of data analysis support the enhancement as well as all the proposed hypotheses. In summary, the results of the analysis show that all the enhancement factors were found to have a significant cloud security influence on adoption of cloud computing for SMEs

A trust model for cloud computing environment

Este artigo apresenta uma proposta de um modelo de gestão contendo requisitos relacionados com a confiabilidade dos sistemas no ambiente de Computação em Nuvem (CN). A proposta teve como base uma revisão da literatura sobre os problemas, desafios e estudos que estão em curso relacionados com a segurança e confiabilidade de aplicações e Sistemas de Informações (SI) neste ambiente tecnológico. Nesta revisão bibliográfica são abordados os entraves e desafios atualmente existentes na visão de conceituados autores sobre o tema. Estas questões foram abordadas e estruturadas na forma de um modelo, denominado de “Modelo de Confiança para o ambiente de Computação em Nuvem”. Trata-se de uma proposta proativa que tem por objetivo organizar e discutir soluções de gestão para o ambiente de CN com uma maior confiabilidade para a operacionalização das aplicações de SI, tanto por parte dos provedores como também dos seus clientes.This paper presents a proposal for a management model containing requirements concerning reliability in Cloud Computing (CC). The proposal was based on a literature review focused on the problems, challenges and underway studies related to the safety and reliability of applications and Information Systems (IS) in this technological environment. This literature review examines the existing obstacles and challenges from the point of view of respected authors on the subject. The main issues are addressed and structured as a model, called "Trust Model for Cloud Computing environment". This is a proactive proposal that aims to organize and discuss management solutions for the CC environment aiming improved reliability of the IS applications operation, both for providers and their customers