Cloud Computing Trust Management

Trust is one of the most concerned challenges straining rapid adoption and growth of cloud computing.

A key technical solution requires trust to be critically managed at all levels of the cloud computing adoption lifecycle. Trust management is the assurance component for establishing and maintaining successful relational exchanges among all stakeholders in a cloud environment.

In a highly competitive and distributed service environment, cloud service(s) consumers are uncertain about trustworthiness and dependability of cloud service providers.

As a result, trust management procedures assist potential cloud service consumers to reliably identify trustworthy cloud providers, and to devise effective means to manage the trust relationship among business partners in cloud environment.

The trust level is derived from the analysis of the cloud service rating feedback supplied by trading values generated from past transactions can be used to provide important reference points to potential consumers in the future.

Positive trust values increase trust level and strengthens relationship and dependability of the cloud service consumer on the quality of services of the cloud service provider.

Trust Management Evaluation Attributes

A Trust Management (TM) system should be able to measure the degree of truthfulness of cloud-services via the following attributes:

Data integrity

This includes service requirements such as privacy, data security, and accuracy.

Security

Cloud service providers must put up mechanism to protect their consumer’s personal information and data securely.

Privacy

The cloud service providers should maintain privacy of sensitive information of their customers for continued trustworthiness and integrity.

Credibility

This is the degree of quality of a cloud service provided to a cloud service consumer by a cloud service provider.

Turnaround efficiency

This includes both the actual and the promised turnaround times. The actual turnaround time is the time expended from the start of a cloud consumer application for a service and the provisioning of this service.

On the other hand, the promised turnaround time is the expected duration of time by the cloud service provider for a service to run to completion.

Availability

This measures the degree of uptime and accessibility of resources, services or components provisioned by a cloud service provider.

Reliability/success rate

This defines the degree of compliance of a cloud service provider to provide mutually agreed upon services based on the consumer’s business requirement specifications and duration.

Adaptability

This reflects redundant provisioning of data storage and processing facilities to manage potential single point of failure events.

SLA

This is an official document that clearly specifies technical and functional descriptions to be complied by the cloud service provider.

Customer support

This is the actual support (technical, feedback, security, and so on) offered by the cloud service provider to its consumers.

User feedback

This is a post-service experience scoring by a cloud consumer on the performance and quality of service(s) being rendered by the cloud service provider.

Cloud Trust Management Techniques

Trust management techniques are classified into four techniques, namely, policy-based, recommendation-based, reputation-based, and prediction-based.

Policy-based trust management

With this technique, a set of policies is adopted to evaluate trust. Each policy is used to control the authorization level to specify a minimum expected trust threshold to authorize the access.

Result-based thresholds are retrieved via a monitoring and auditing approach (using the SLA), entities credibility approach (which measures the qualitative and quantitative features of the cloud services being provisioned) and the feedback credibility approach (that specifies a set of parameters to measure the experience of the cloud service consumers).

In credential-based threshold, credentials are issued following standards like Security Assertion Markup Language (SAML) and Simple Public Key Infrastructure (SPKI).

The major disadvantage is that it does not consider the value of past interactions and history of the participants. The policy-based trust management approach supports all the cloud service deployment models.

Recommendation-based trust management

In this approach, recommendations are requested by an inquiring entity from some participants with previous interactions and knowledge about the trusted parties.

However, recommendations can be explicit or transitive in nature. Explicit recommendation occurs when a cloud service consumer directly recommends a particular cloud service to their established trusted contacts.

Similarly, a transitive recommendation occurs if a particular cloud service is trusted by a cloud service consumer if at least one of their trusted contacts trusts the cloud service.

The main disadvantage of this model is that the degree of satisfaction for recommendation of a service is based on the perspective of the entity and might not encompass other relevant attributes of the cloud service that may be important to the prospective consumer.

Recommendation-based trust management supports all the cloud service deployment models.

Reputation-based trust management

This approach follows a community-based (social network-based) aggregation of opinions on trust towards an entity.

Normally, an entity with the highest reputation trust value is usually trusted by many other entities.

One benefit of this approach is the wider perspective of past consumers from many different situations about the performance of the cloud service provider.

On the other hand, it requires a large number of entities to provide the opinion and additionally, such entities are expected to be familiar with the attributes being evaluated.

In the same vein, trust feedback sources are usually unknown due to a large sample space.

Examples of some reputation-based trust management systems include Amazon and eBay.

This approach also supports all the three cloud service deployment models.

Prediction-based trust management

In this approach, a trust threshold is computed based on the similarity of the capabilities and interests between two entities.

This is commonly determined using similarity measurements like cosine similarity to establish possibility of trust between the entities.

This approach is the most appropriate in situations with limited or no prior information about the cloud service’s previous interactions. However, it does not guarantee accurate trust evaluation results.