You are on page 1of 10

A trust

evaluation model for cloud computing

Introduction
Cloud computing is an emerging information technology that changes the way IT
architectural solutions. It is a new pattern of business computing, and it can dynamically provide
computing services supported by state-of-the-art data centers that usually employ Virtual
Machine (VM) technologies. One of the most critical issues in cloud computing is security.
With the development of the Internet and Web technology and frequent cross-cultural
communication, it is necessary for people to be able to access and manage information in many
different languages. These information resources with a variety of different languages are
distributed in Web pages and the databases. Cloud computing provides information resources for
users in "Cloud" through the Internet. Cloud computing utilizes large-scale virtualized data
centers to manage such large volume of resources. Excellent surveys of technical solutions
towards better performance and energy-efficiency of cloud systems can be found in, and a review
of relevant metrics and benchmarks has been provided.

Cloud computing is a general term for anything that involves delivering hosted services over the
Internet. These services are broadly divided into three categories: Infrastructure-as-a-Service
(IaaS), Platform-as-a-Service (PaaS) and Software-as-a-Service (SaaS). The name cloud
computing was inspired by the cloud symbol that's often used to represent the Internet in
flowcharts and diagrams.

A cloud service has three distinct characteristics that differentiate it from traditional hosting. It is
sold on demand, typically by the minute or the hour; it is elastic -- a user can have as much or as
little of a service as they want at any given time; and the service is fully managed by the provider
(the consumer needs nothing but a personal computer and Internet access). Significant
innovations in virtualization and distributed computing, as well as improved access to high-speed
Internet and a weak economy, have accelerated interest in cloud computing.
A cloud can be private or public. A public cloud sells services to anyone on the Internet.
(Currently, Amazon Web Services is the largest public cloud provider.) A private cloud is a
proprietary network or a data center that supplies hosted services to a limited number of people.
When a service provider uses public cloud resources to create their private cloud, the result is
called a virtual private cloud. Private or public, the goal of cloud computing is to provide easy,
scalable access to computing resources and IT services.

Infrastructure-as-a-Service like Amazon Web Services provides virtual server instance to start,
stop, access and configure their virtual servers and storage. In the enterprise, cloud computing
allows a company to pay for only as much capacity as is needed, and bring more online as soon
as required. Because this pay-for-what-you-use model resembles the way electricity, fuel and
water are consumed, it's sometimes referred to as utility computing.
Platform-as-a-service in the cloud is defined as a set of software and product development tools
hosted on the provider's infrastructure. Developers create applications on the provider's platform
over the Internet. PaaS providers may use APIs, website portals or gateway software installed on
the customer's computer. Force.com, (an outgrowth of Salesforce.com) and GoogleApps are
examples of PaaS. Developers need to know that currently, there are not standards for

interoperability or data portability in the cloud. Some providers will not allow software created
by their customers to be moved off the provider's platform.
In the software-as-a-service cloud model, the vendor supplies the hardware infrastructure, the
software product and interacts with the user through a front-end portal. SaaS is a very broad
market. Services can be anything from Web-based email to inventory control and database
processing. Because the service provider hosts both the application and the data, the end user is
free to use the service from anywhere.

Brief review
Trust has attracted extensive attention in social science and computer science as a solution to
enhance the security of the system. This paper proposes a trust evaluation model based on D-S
evidence theory and sliding windows for cloud computing. The timeliness of the interaction
evidence as the first-hand evidence is reflected by introducing sliding windows.
The direct trust of entities is computed based on the interaction evidence by D-S evidence theory.
The conflict of the recommendation trust as the second-hand evidence is eliminated with a help
of an improved fusion approach as far as possible. Finally, the combination of the
recommendation trust exposes the credibility of entities. Experimental results show that the
proposed model is effective and extensible.
The trust mechanism provides a good way for improving the system security. It is a new and
emerging security mode to provide security states, access control, reliability and policies for
decision making by identifying and distributing the malicious entities based on converting and
extracting the detected results from security mechanisms in different systems and collecting
feedback assessments continually. In recent years, many scholars have made a lot of research on
trust model. Hwang et al. assessed the security demands of three cloud service models: IaaS,
PaaS and SaaS. Integrated cloud architecture was presented to reinforce the security and privacy
in cloud applications.
Some security protection mechanisms were suggested, such as finegain access control, trust
delegation and negotiation, reputation system of resource sites. Zissis et al. pointed out that
security in a cloud environment requires a systemic point of view, from which security will be
constructed on trust, mitigating protection to a trusted third party. Takabi et al. illustrated the
unique issues of cloud computing that exacerbate security and privacy challenges in clouds.
Various approaches to address these challenges were discussed. It explores the future work
needed to provide a trustworthy cloud computing environment. Tian et al. put forward basic
criteria about evaluating node behavior trust and evaluation strategy in the cloud computing.
Based on the basic criteria of the evaluation, the sliding window was used to carry out the
evaluation of node behavior trust. Then a kind of evaluation mechanism on node behavior trust
based on sliding windows model was brought forward. Jiang et al. proposed a new evidential
trust model for open distributed systems. This model was based on an improved D-S evidence
theory by the introduction of time efficiency factor calculation function and the modification of
D-S combination rules. It is highly effective in defending attacks on the system for malicious
behaviors.

Motivation
As the trust is coming from a social science, it has the characteristics such as SUbjectivity and
ambiguity, and is not conducive to natural science research; this is the difficulty of research of
user behavior trust. Basic idea of the paper is "divide and treat" based on hierarchical structure
model to decompose complicated user behavior trust(UT) into small sub-trust(ST), then we
further subdivided behavior subtrust(ST) into more small data unit, namely behavior trust
evidences(BE), after that we compose it again from bottom layer to top layer Scientifically. This
kind of firstdecomposition and then-combination method can solve the uncertainty, subjectivity
and ambiguity of evaluation of user behavior trust in cloud computing.
In cloud computing, according to the user behavior contract signed by the service providers and
users, user authentication information and authentication failed plan strategy, possible subjective
and objective safety risk behavior of users, the cloud resources fees statistics used by user, user
behavior trust (UT) can be decomposed into four basic behavior sub-trust, namely security
behavior sub-trust (SST), contract behavior sub-trust (CST), expense behavior sub-trust (EST)
and identity re-authentication sub-trust(IST).
Contract behavior sub-trust (CST) is refer to whether user behavior comply with the contract, for
example, In the use of digital resource cloud, whether the cloud user use resources according to
the regulations, whether excessive downloading, secretly setting of external proxy server.
security behavior sub-trust (SST) is refer to whether user behavior with the attack and
destruction on the cloud resources, for example, whether user attempts to attack the digital
resources and servers, get account information of other users and commercial competitors in the
name of a legitimate user to make Denial of Service (DoS) .identity reauthentication sub-trust
(IST)is refer to that when the user authentication may be wrong, how to re-authenticate the user
identification, for example, If the user uses mobile phones and PDA to access cloud resource,
which over the computer equipment is easy to lose, if he also using the default user name and
password, it is easy to lost username and password. Therefore, during the important information
access, it is necessary to re-authenticate the user identification when the service provider monitor
user abnormal behavior (such as excessive download) .expense behavior sub-trust (EST) is refer
to that when users use cloud resources, whether user comply with the agreed terms of resource
consumption, not opportunistic, not drill holes of consumption charging, for example, In the use
of digital resource cloud, cloud users are generally paid fixed costs annually, if the user exit of
the system as soon as possible after information is retrieved, which can maximize the use of
electronic resources, Otherwise, in the resource-use peak, other users can not use system
resources due to the limitation of the maximum concurrent users. Here the user expense behavior
trust is important; service providers should monitor user consumption behavior and reward good
users with high trust in expense behavior.

Reserech gap found


Currently, the cloud computing is hot research both in scholars and enterprise, because of its
good features such as low investment, easy maintenance, Flexibility and fast deployment,
reliable service. But to truly implement cloud computing, we need to gradually improve it in
academic, legal and institutional. Especially, the issue of trust is one of the biggest obstacles for
the development of cloud computing. In the cloud computing, due to users directly use and
operate the software and OS, and even basic programming environment and network
infrastructure which provided by the cloud services providers, so the impact and destruction for
the software and hardware cloud resources in cloud computing are worse than the current
Internet users who use it to share resources. Therefore, that whether user behavior is trusted, how
to evaluate user behavior trust is an important research content in cloud computing. mainly
discusses evaluation importance of user behavior trust and evaluation strategy, in the cloud
computing, including trust object analysis, principle on evaluating user behavior trust, basic idea
of evaluating user behavior trust, evaluation strategy of behavior trust for each access, and long
access, which laid the theoretical foundation about trust for the practical cloud computing
application.
Currently, the cloud computing is welcome in scholars and enterprise, because of its good
features such as low investment, easy maintenance, Flexibility and fast deployment, reliable
service. At the same time, cloud computing can also reduce operating costs, improve operational
efficiency. So many countries put the financial and material for the cloud computing. The U.S.
government expect that the annual growth rate of its spending on cloud computing will be about
40% in the 2010-2015, in 2015 it will reach 7 billion U.S. dollars.
Interest in cloud computing has grown considerably in recent years as technological progress has
spawned new opportunities to develop and adapt business models to transform industries,
business processes and working practices (Morgan L. Conboy K.). The global market for cloud
computing is forecast to grow from a $40.7 billion in 2011 to $241 billion in 2020. There are
three major types of cloud computing: infrastructure as a service (IaaS), platform as a service
(PaaS) and software as a service (SaaS). The adoption and deployment of cloud computing
platforms have many attractive benefits, such as reliability, quality of service and robustness (M.
Randles, D. Lamb, E. Odat, A. Taleb-Bendiab,). To the consumer, the cloud appears to be
infinite, and the consumer can purchase as much or as little computing power as they need. From
a providers perspective, the key issue is to maximize profits by minimizing the operational
costs. In this regard, power management in cloud data centers is becoming a crucial issue since it
dominates the operational costs. Moreover, power consumption in large-scale computer systems
like clouds also raises many other serious issues including carbon dioxide and system reliability.
The emergence of cloud computing has made a tremendous impact on the information
technology (IT) industry over the past few years, where large companies such as Amazon,
Google, Salesforce, IBM, Microsoft, and Oracle have begun to establish new data centers for

hosting cloud computing applications in various locations around the world to provide
redundancy and ensure reliability in case of site failures.

Proposed problem statement


There are some issue are found which required further research:

Trust and risk is a pair of contradictory unity, so we need to guard against the risk even of
that we have high trust each other. "Slow rise" is a strategy that is to prevent the user
immediately get a high trust value only after a small number of accessing cloud
resources, only through a large number of the access, slowly to achieve high trust in the
trust evaluation. This is an evaluation strategy to prevent user cheating beforehand.

The behavior trust evaluation is constantly formed by accumulating, which is based on a


large number of the historical behavior of user. So its results are stable and representative
of the "personality characteristics". However, if number of user access is not enough
large, then the result is unstable and not representative. Therefore, the trust evaluation of
user behavior should be based on a large number of behaviors access.

The evaluative result of behavioral trust has important relations to user access time. The
more recent behaviors will play a more important role in trust evaluation, the more longterm behavior has the smaller influence on the trust evaluation due to attenuation.
Meanwhile, the evaluative result of the behavioral trust also has an important relationship
with each behavior. The more conventional behavior has the smaller influence on trust
evaluation, and the more abnormal behavior will play a more important role in trust
evaluation.

The punishment of non-trust user is very important parameters to trust evaluation. Rapid
decline" is an evaluation strategy to punish non-trust behavior afterwards. The overall
trust value of user that was rated mistrustful in any time will be quickly reduced. The
intensity of the reduced trust value is far greater than that gradually increased when
finding cheating behavior, which can prompt the user to reduce fraud.

Proposed work:
Work done so far: I have completed the research for various issues arises in trust evaluation
model for cloud computing .I found the scope for cloud computing in current scenario we
research about the basic concept about the cloud computing and the motivation for the research
is the risk involves in cloud computing. cloud computing is primarily commercially-driven and
commercial clouds are naturally realistic as research platforms, they do not provide to the
scientist enough control for dependable experiments. On the other hand, research carried
out using simulation, mathematical modeling or small prototypes may not necessarily be
applicable in real clouds of larger scale. Previous surveys on cloud performance and
energy-efficiency have focused on the technical mechanisms proposed to address these
issues. Researchers of various disciplines and expertise can use them to identify areas
where they can contribute with innovative technical solutions. This paper is meant to be
complementary to these surveys. By providing the landscape of research platforms for
cloud systems, our aim is to help researchers identify a suitable approach for modeling,
simulation or prototype implementation on which they can develop and evaluate their
technical solutions.
Work need to done:

To provide comprehensive literature review of the current academic studies about cloud
computing.
To provide a discussion about collected data and the limits in some current projects,
which need to improve, by taking a case study about a companys current project and a
quantitative online survey.
To provide recommendations for various cloud computing projects based on the analysis
and discussion of the research. And provide recommendations for further researches.
Provide various uses for cloud computing.
To provide literature review on development process of smart utilization of various
methods for cloud computing.
To analyze the impact of this research on world environment.
Evaluate the views of experts through various journals on cloud computing.
Collect data: the process of the project, feedback from operator every month, plan cost,
an additional cost, control of the schedule, and take feedback from experts.
To evaluate the control of the schedule and the result of the project, find out whether this
study makes a positive effect.
To find out the future work areas.

Conclusion & Future work


Trust evaluation model is of importance to supporting system security. This paper has presented
a trust evaluation model based on evidence theory and sliding windows for cloud computing. The
proposed model has a number of advantages. Cloud computing provides information resources
for users in "Cloud" through the Internet. These information resources with a variety of different
languages are distributed in Web pages and the databases. The scheduling of multilingual
information resources becomes complex, as multilingual information resources are
heterogeneous and uneven in cloud computing. The need arises in scheduling of multilingual
information resources in cloud computing for new mechanisms. This paper presents a four-tier
architecture for multilingual information resources scheduling in cloud computing. It includes
user accessing tier, technology supporting tier, resource scheduling tier and resources tier. We
propose a three-layer scheduling model for multilingual information resources in cloud
computing. The model includes some home managers, some local scheduling agents and a global
scheduling agent. The model not only shows the autonomy of private cloud resources and is
convenient for user to submit and supervise tasks, but also lightens the pressure of the global
scheduling agent. The example shows that the proposed scheduling model could improve the
performance of the scheduling of multilingual information resources in cloud computing.