Trust Management of Services in Cloud Environments

Report
Trust Management of Services in
Cloud Environments:
Obstacles and Solutions
Paper by: Talal H. Noor, Quan Z. Sheng, Sherali Zeadally, and Jian Yu
Presentation by: Jeremy Tate
Outline
•
•
•
•
•
•
•
Could Definition
Types of Clouds
Service Level Agreements
Trust management models of Clouds
Analytical Framework for Trust Management
Prototypes
Real-world examples
Cloud
•
Definition
o
•
Delivering network resources (typically from a data
center) to a user as a service
Users log into the service (website) to gain
access
Types of Cloud
•
•
•
Infrastructure as a Service
Platform as a Service
Software as a Service
Infrastructure as a Service (IaaS)
•
•
•
Provides full virtual
servers/storage/networking to a user
Allows user to install exact operating system,
software, and architecture for a specified
project
Amazon Elastic Compute Cloud (EC2) and
Simple Storage Service (S3)
Platform as a Service (PaaS)
•
•
Provides a service container for the
deployment of an application
Customer deploys select
software/applications but does not control
infrastructure
•
Microsoft Azure, Google Apps
Software as a Service (SaaS)
•
•
Service provider provides all services and
the user provides content
User has no control over software or
infrastructure
•
Google Docs and Facebook
Service Level Agreements (SLAs)
•
•
•
•
Private Cloud
Community Cloud
Public Cloud
Hybrid Cloud
Private Cloud
•
•
Computing resources are for the sole use of
a single organization/company
o
Could include multiple business units
Interactions are B2B
Community Cloud
•
Resources are shared among members of a
community
o
All have the same goal
Public Cloud
•
•
Resources are available to everyone
B2C interactions
o
EC2, S3
Hybrid Cloud
•
•
Two or more of the previous models are
used together
o
One portion could be private, another public
B2B and B2C
Trust Models
•
•
Service provider’s perspective (SPP)
o
Trust from the provider POV
Service requester’s perspective (SRP)
o
Trust from the consumer POV
Techniques
•
•
•
•
Policy as a Trust Management technique
Recommendation as a TM technique
Reputation as a TM technique
Prediction as a TM technique
Policy as a TM Technique
•
•
•
•
Uses a set of policies to control authorization
and specify minimum trust levels
o
Trust thresholds based on trust results or credentials
A cloud service consumer x, has policies Px,
credentials Cx and minimum trust threshold Tx
Provider has all the same attributes (as y)
Relationship is considered trusted if Tr(x,y) = 1
Recommendation as a TM
Technique
•
Use prior experiences to determine trust
o
•
Can use either explicit recommendation or transitive
recommendation
Consumer x, trust relation with cloud z,
service provider y
Reputation as a TM Technique
•
•
Use consumer feedback to rate service provider
o
Amazon, eBay, Epinions
Consumer x, trust threshold Tx, service provider
y, set of trusted relations Tr(y) which give trust
feedback T f(y)
Prediction as a TM Technique
•
•
•
Useful when there is no prior information
Similarly minded entities are more likely to trust
one another
Consumer x has interests ix (as vector) and
minimum trust threshold Tx (service provider is
y)
Trust Management Analytical
Framework
•
•
Trust Feedback Sharing Layer
o Different parties giving trust feedback to each other
Trust Assessment Layer
o
•
Determining the level of trust for each party,
potentially using multiple metrics
Trust Results Distribution Layer
o
Different parties requesting the trust level for other
parties
Trust Management Framework
Trust Feedback Sharing Layer
•
Credibility
•
Privacy
•
Personalization
•
Integration
o The quality of the information or service that makes
people trust the cloud
 The credibility of the cloud as well as that of the
feedback
o The degree of potential information exposure that users
of the cloud could face when interacting with the cloud
o The degree to which people adhere to the trust
management rules
 Users selecting their preferred feedback mechanism
o Ability to integrate other trust management principles
Trust Assessment Layer
•
•
•
•
•
•
Perspective
o From whose perspective is trust determined? User or provider?
Technique
o The flexibility of a technique to being adopted
Adaptability
o Responsiveness of the system to changes from requesting parties
Security
o Degree of robustness to operate in the face of attack and malicious
behaviour
Scalability
o Amount the system can be scaled
Applicability
o How useful the system is for cloud trust
Trust Results Distribution Layer
•
•
•
•
Response time
o
How long it takes trust system to respond to request
Redundancy
o
How much redundancy is used to handle load
Accuracy
o
The degree of correctness of trust results
Security
o
Protection of trust results have from being tampered
with
Prototypes
•
•
•
•
Security Aware Cloud Architecture
•
Hwang 2009; Hwang and Li 2010
Compliant Cloud Computing Architecture
•
Brandic et al. 2010
Trust Cloud
•
Ko et al. 2011
Multifaceted Trust Management System
Architecture for Cloud Computing
•
Habib et al 2011
Prototypes
• CLOUD-ARMOR
• Noor and Sheng 2011
• Dynamic Policy Management Framework
• Yu and Ng (2006, 2009)
• Sabotage Tolerance and Trust Management
in Desktop Grid Computing
•
Domingues 2007
•
Chen et al. 2008
• Grid Secure Electronic Transaction (gSET)
• Weishaupl 2006
• Role Based Trust Chains
Prototypes
•
•
•
•
Bootstrapping and Prediction of Trust
•
Skopik et al. 2009
Negotiation Scheme for Access Rights
Establishment
•
Koshutanski and Massacci 2007
Trust Management Framework for Service
Oriented Environments (TMS)
•
Conner et al. 2009
Reputation Assessment for Trust Establishment
among Web Services (RATEWeb)
•
Malik and Bouguettaya 2009
Assessment of Prototypes
Assessment of Prototypes
Assessment of Prototypes
Evaluation of trust management prototypes
across all dimensions
Trust Characteristics of Real Clouds
•
Authentication
o
•
•
•
•
Techniques and mechanisms used for
authentication in a cloud
Security
o
Security of Communication, Data, and Physical layer
Privacy Responsibility
o
… of cloud provider and consumer
Virtualization
o
At either operating system level or application level
Cloud Consumer Accessibility
o
Tools/interface by which cloud is used
Real Clouds
•
•
•
•
Microsoft
Google
Amazon
IBM
o
targeting mostly B2B users
Real Cloud Issues
•
Identification
o
•
•
•
•
•
Of both users and providers
o Evaluate Credibility
o Protect integrity of trust management data
Privacy
o Preventing the accidental leakage of user personal data
Personalization
o Have control over all aspects of trust feedback system
Integration
o Ability to use multiple trust systems together
Security
o Protection against attacks and malicious users
Scalability

similar documents