Presentation is loading. Please wait.

Presentation is loading. Please wait.

Trust Management of Services in Cloud Environments: Obstacles and Solutions Paper by: Talal H. Noor, Quan Z. Sheng, Sherali Zeadally, and Jian Yu Presentation.

Similar presentations

Presentation on theme: "Trust Management of Services in Cloud Environments: Obstacles and Solutions Paper by: Talal H. Noor, Quan Z. Sheng, Sherali Zeadally, and Jian Yu Presentation."— Presentation transcript:

1 Trust Management of Services in Cloud Environments: Obstacles and Solutions Paper by: Talal H. Noor, Quan Z. Sheng, Sherali Zeadally, and Jian Yu Presentation by: Jeremy Tate

2 Outline Could Definition Types of Clouds Service Level Agreements Trust management models of Clouds Analytical Framework for Trust Management Prototypes Real-world examples

3 Cloud Definition o Delivering network resources (typically from a data center) to a user as a service Users log into the service (website) to gain access

4 Types of Cloud Infrastructure as a Service Platform as a Service Software as a Service

5 Infrastructure as a Service (IaaS) Provides full virtual servers/storage/networking to a user Allows user to install exact operating system, software, and architecture for a specified project Amazon Elastic Compute Cloud (EC2) and Simple Storage Service (S3)

6 Platform as a Service (PaaS) Provides a service container for the deployment of an application Customer deploys select software/applications but does not control infrastructure Microsoft Azure, Google Apps

7 Software as a Service (SaaS) Service provider provides all services and the user provides content User has no control over software or infrastructure Google Docs and Facebook

8 Service Level Agreements (SLAs) Private Cloud Community Cloud Public Cloud Hybrid Cloud

9 Private Cloud Computing resources are for the sole use of a single organization/company o Could include multiple business units Interactions are B2B

10 Community Cloud Resources are shared among members of a community o All have the same goal

11 Public Cloud Resources are available to everyone B2C interactions o EC2, S3

12 Hybrid Cloud Two or more of the previous models are used together o One portion could be private, another public B2B and B2C

13 Trust Models Service providers perspective (SPP) o Trust from the provider POV Service requesters perspective (SRP) o Trust from the consumer POV

14 Techniques Policy as a Trust Management technique Recommendation as a TM technique Reputation as a TM technique Prediction as a TM technique

15 Policy as a TM Technique Uses a set of policies to control authorization and specify minimum trust levels o Trust thresholds based on trust results or credentials A cloud service consumer x, has policies Px, credentials C x and minimum trust threshold T x Provider has all the same attributes (as y) Relationship is considered trusted if Tr(x,y) = 1

16 Recommendation as a TM Technique Use prior experiences to determine trust o Can use either explicit recommendation or transitive recommendation Consumer x, trust relation with cloud z, service provider y

17 Reputation as a TM Technique Use consumer feedback to rate service provider o Amazon, eBay, Epinions Consumer x, trust threshold T x, service provider y, set of trusted relations Tr(y) which give trust feedback T f(y)

18 Prediction as a TM Technique Useful when there is no prior information Similarly minded entities are more likely to trust one another Consumer x has interests i x (as vector) and minimum trust threshold Tx (service provider is y)

19 Trust Management Analytical Framework Trust Feedback Sharing Layer o Different parties giving trust feedback to each other Trust Assessment Layer o Determining the level of trust for each party, potentially using multiple metrics Trust Results Distribution Layer o Different parties requesting the trust level for other parties

20 Trust Management Framework

21 Trust Feedback Sharing Layer Credibility o The quality of the information or service that makes people trust the cloud The credibility of the cloud as well as that of the feedback Privacy o The degree of potential information exposure that users of the cloud could face when interacting with the cloud Personalization o The degree to which people adhere to the trust management rules Users selecting their preferred feedback mechanism Integration o Ability to integrate other trust management principles

22 Trust Assessment Layer Perspective o From whose perspective is trust determined? User or provider? Technique o The flexibility of a technique to being adopted Adaptability o Responsiveness of the system to changes from requesting parties Security o Degree of robustness to operate in the face of attack and malicious behaviour Scalability o Amount the system can be scaled Applicability o How useful the system is for cloud trust

23 Trust Results Distribution Layer Response time o How long it takes trust system to respond to request Redundancy o How much redundancy is used to handle load Accuracy o The degree of correctness of trust results Security o Protection of trust results have from being tampered with

24 Prototypes Security Aware Cloud Architecture Hwang 2009; Hwang and Li 2010 Compliant Cloud Computing Architecture Brandic et al Trust Cloud Ko et al Multifaceted Trust Management System Architecture for Cloud Computing Habib et al 2011

25 Prototypes CLOUD-ARMOR Noor and Sheng 2011 Dynamic Policy Management Framework Yu and Ng (2006, 2009) Sabotage Tolerance and Trust Management in Desktop Grid Computing Domingues 2007 Grid Secure Electronic Transaction (gSET) Weishaupl 2006 Role Based Trust Chains Chen et al. 2008

26 Prototypes Bootstrapping and Prediction of Trust Skopik et al Negotiation Scheme for Access Rights Establishment Koshutanski and Massacci 2007 Trust Management Framework for Service Oriented Environments (TMS) Conner et al Reputation Assessment for Trust Establishment among Web Services (RATEWeb) Malik and Bouguettaya 2009

27 Assessment of Prototypes


29 Evaluation of trust management prototypes across all dimensions

30 Trust Characteristics of Real Clouds Authentication o Techniques and mechanisms used for authentication in a cloud Security o Security of Communication, Data, and Physical layer Privacy Responsibility o … of cloud provider and consumer Virtualization o At either operating system level or application level Cloud Consumer Accessibility o Tools/interface by which cloud is used

31 Real Clouds Microsoft Google Amazon IBM o targeting mostly B2B users

32 Real Cloud Issues Identification o Of both users and providers o Evaluate Credibility o Protect integrity of trust management data Privacy o Preventing the accidental leakage of user personal data Personalization o Have control over all aspects of trust feedback system Integration o Ability to use multiple trust systems together Security o Protection against attacks and malicious users Scalability

Download ppt "Trust Management of Services in Cloud Environments: Obstacles and Solutions Paper by: Talal H. Noor, Quan Z. Sheng, Sherali Zeadally, and Jian Yu Presentation."

Similar presentations

Ads by Google