4 research outputs found
Sealed Computation: Abstract Requirements for Mechanisms to Support Trustworthy Cloud Computing
In cloud computing, data processing is delegated to a remote party for
efficiency and flexibility reasons. A practical user requirement usually is
that the confidentiality and integrity of data processing needs to be
protected. In the common scenarios of cloud computing today, this can only be
achieved by assuming that the remote party does not in any form act
maliciously. In this paper, we propose an approach that avoids having to trust
a single entity. Our approach is based on two concepts: (1) the technical
abstraction of sealed computation, i.e., a technical mechanism to confine the
processing of data within a tamper-proof hardware container, and (2) the
additional role of an auditing party that itself cannot add functionality to
the system but is able to check whether the system (including the mechanism for
sealed computation) works as expected. We discuss the abstract technical and
procedural requirements of these concepts and explain how they can be applied
in practice
Context-aware multifaceted trust framework for evaluating trustworthiness of cloud providers
With the rapidly increasing number of cloud-based services, selecting a service provider is becoming more and more difficult. Among the many factors to be considered, trust in a given service and in a service provider is often critical. Appraisal of trust is a complex process, information about the offered service's quality needs to be collected from a number of sources, while user requirements may place different emphasis on the various quality indicators. Several frameworks have been proposed to facilitate service provider selection, however, only very few of them are built on existing cloud standards, and adaptability to different contexts is still a challenge. This paper proposes a new trust framework, called Context-Aware Multifaceted Trust Framework (CAMFT), to assist in evaluating trust in cloud service providers. CAMTF is flexible and context aware: it considers trust factors, users and services. When making recommendations, CAMFT employs a combination of mathematical methods that depend on the type of trust factors, and it takes both service characteristics and user perspective into account. A case study is also presented to demonstrate CAMFT's applicability to practical cases