Enhancement Supporting Reputation-Based Trust Management for Cloud Services
International Journal of Computer Science (IJCS) Published by SK Research Group of Companies (SKRGC)
Download this PDF format
Abstract
Trust management is one of the most challenging issues for the adoption and growth of cloud computing. The highly dynamic, distributed, and non-transparent nature of cloud services introduces several challenging issues such as privacy, security, and availability. Preserving consumers‘ privacy is not an easy task due to the sensitive information involved in the interactions between consumers and the trust management service. Protecting cloud services against their malicious users (e.g., such users might give misleading feedback to disadvantage a particular cloud service) is a difficult problem. Guaranteeing the availability of the trust management service is another significant challenge because of the dynamic nature of cloud environments. In this article, we describe the design and implementation of Cloud Armor, a reputation-based trust management framework that provides a set of functionalities to deliver trust as a service (TaaS), which includes i) a novel protocol to prove the credibility of trust feedbacks and preserve users‘ privacy, ii) an adaptive and robust credibility model for measuring the credibility of trust feedbacks to protect cloud services from malicious users and to compare the trustworthiness of cloud services, and iii) an availability model to manage the availability of the decentralized implementation of the trust management service. The feasibility and benefits of our approach have been validated by a prototype and experimental studies using a collection of real-world trust feedbacks on cloud services.
References
[1] S. M. Khan and K. W. Hamlen, ?Hatman: Intra-cloud trust management for Hadoop,? in Proc. 5th Int. Conf. Cloud Comput., 2012, pp. 494–501.
[2] S. Pearson, ?Privacy, security and trust in cloud computing,? in Privacy and Security for Cloud Computing, ser. Computer Communications and Networks. New York, NY, USA: Springer, 2013, pp. 3–42.
[3] J. Huang and D. M. Nicol, ?Trust mechanisms for cloud computing,? J. Cloud Comput., vol. 2, no. 1, pp. 1–14, 2013.
[4] K. Hwang and D. Li, ?Trusted cloud computing with secure resources and data coloring,? IEEE Internet Comput., vol. 14, no. 5, pp. 14–22, Sep./Oct. 2010.
[5] M. Armbrust, A. Fox, R. Griffith, A. Joseph, R. Katz, A. Konwinski, G. Lee, D. Patterson, A. Rabkin, I. Stoica, and M. Zaharia, ?A view of cloud computing,? Commun. ACM, vol. 53, no. 4, pp. 50–58, 2010.
[6] S. Habib, S. Ries, and M. Muhlhauser, ?Towards a trust management system for cloud computing,? in Proc. 10th Int. Conf. Trust, Security Privacy Comput. Commun., 2011, pp. 933–939. [7] I. Brandic, S. Dustdar, T. Anstett, D. Schumm, F. Leymann, and R. Konrad, ?Compliant cloud computing (C3): Architecture and language support for user-driven compliance management in clouds,? in Proc. 3rd Int. Conf. Cloud Comput., 2010, pp. 244–251.
[8] W. Conner, A. Iyengar, T. Mikalsen, I. Rouvellou, and K. Nahrstedt, ?A trust management framework for service-oriented environments,? in Proc. 18th Int. Conf. World Wide Web, 2009, pp. 891–900.
[9] T. H. Noor, Q. Z. Sheng, and A. Alfazi, ?Reputation attacks detection for effective trust assessment of cloud services,? in Proc.
[10] T. H. Noor, Q. Z. Sheng, S. Zeadally, and J. Yu, ?Trust management of services in cloud environments: Obstacles and solutions,?ACM Comput. Surv., vol. 46, no. 1, pp. 12:1–12:30, 2013. [11] S. Pearson and A. Benameur, ?Privacy, security and trust issues arising from cloud computing,? in Proc. 2nd Int. Conf. Cloud Comput., 2010, pp. 693–702.
[12] E. Bertino, F. Paci, R. Ferrini, and N. Shang, ?Privacy-preserving digital identity management for cloud computing,? IEEE Data Eng. Bull, vol. 32, no. 1, pp. 21–27, Mar. 2009.
[13] E. Friedman, P. Resnick, and R. Sami, ?Manipulation-resistant reputation systems,? in Algorithmic Game Theory. New York, USA: Cambridge Univ. Press, 2007, pp. 677–697.
[14] K. Ren, C. Wang, and Q. Wang, ?Security challenges for the public cloud,? IEEE Internet Comput., vol. 16, no. 1, pp. 69–73, Jan./Feb. 2012.
[15] F. Skopik, D. Schall, and S. Dustdar, ?Start trusting strangers? bootstrapping and prediction of trust,? in Proc. 10th Int. Conf. Web Inf. Syst. Eng., 2009, pp. 275–289.
[16] H. Guo, J. Huai, Y. Li, and T. Deng, ?KAF: Kalman filter based adaptive maintenance for dependability of composite services,? in Proc. 20th Int. Conf. Adv. Inf. Syst. Eng., 2008, pp. 328–342. [17] T. Dillon, C. Wu, and E. Chang, ?Cloud computing: Issues and challenges,? in Proc. IEEE 24th Int. Conf. Adv. Inf. Netw. Appl.,2010, pp. 27–33.
[18] Y. Wei and M. B. Blake, ?Service-oriented computing and cloud computing: Challenges and opportunities,? IEEE Internet Comput., vol. 14, no. 6, pp. 72–75, Nov./Dec. 2010.
[19] P. Mell and T. Grance. (2011, Sep.). The NIST definition of cloud computing [Online]. Available: https://csrc.nist.gov/ publications/drafts/800-145/Draft-SP-800-145_cloud-definition. Pdf
[20] O. David and C. Jaquet. (2009, Jun.). Trust and identification in the light of virtual persons pp. 1–103 [Online]. Available: https:// www.fidis.net/resources/deliverables/identity-of-identity/
[21] B. Fung, K. Wang, R. Chen, and P. Yu, ?Privacy-preserving data publishing: A survey of recent developments,? ACM Comput. Surv., vol. 42, no. 4, pp. 1–53, 2010.
[22] J. R. Douceur, ?The sybil attack,? in Proc. Revised Papers 1st Int. Workshop Peer-to-Peer Syst., 2002, pp. 251–260.
[23] S. Ba and P. Pavlou, ?Evidence of the effect of trust building technology in electronic markets: Price premiums and buyer behavior,? MIS Quart., vol. 26, no. 3, pp. 243–268, 2002.
Keywords
Cloud computing, trust management, reputation, credibility, credentials, security, privacy, availability
