Information Technology Reference
In-Depth Information
the services and also register complaints. The requirements associated with a service
and the security features expected, are encoded in the
service manifest
as discussed in
[3].The feedback and the complaints form a vital piece of evidence to model the cloud
service providers reputation based on its security strength.
3.3
Monitors
The broker receives security violation events of the service provider by registering to
the pub-sub [18] monitors in the service provider's infrastructure. The threats that
prevent organizations from adoption of the cloud services and the areas for gathering
metrics are identified as follows:
i)
Insecure Authentication or Authorization:
Interface allowing customers to manage cloud services in order to perform
provisioning, management, orchestration, and monitoring their virtual instances
ii)
Insider Attack:
An insider from cloud service provider could have privileged access to
confidential data or gain control over the cloud service with no or little risk of
detection
iii)
Multitenant Attack:
Cloud environment is meant to allow multiple users
share resources (CPU, network, memory, storage, etc.) and an improper isolation of
the multi-tenant architecture may lead to have access to any other tenant's data
iv)
Data Leakage:
Customers data on the cloud could be compromised, deleted or
modified
v) Malware Propagation:
Any malware that infects a virtual instance could
propagate over the shared host or to hypervisor, spreading rapidly, giving ability to
eavesdrop on customer's transactions.
3.4
Trust Engine
The trust engine contained in the cloud broker is the core part of the architecture that
performs the
trustworthiness
calculation for the cloud service providers. Figure 2
shows the internal work flow used for computing the reputation of cloud service
provider based on the inputs received from the interfaces of the broker.
i.
Evidence:
The evidences provided to the opinion model are gathered from
monitors, cloud service provider interface and enterprise user interface.
ii.
Opinion Model :
The evidences received from different monitors are used to form
an opinion about a cloud service provider based on the opinion model proposed in
[13]. The opinion of a proposition
x
, represented as
w(x)
or
w
x
is defined in terms
of
belief b(x)
or
b
x
,
disbelief d(x)
or
d
x
and
uncertainty u(x)
or
u
x
where
b(x)+d(x)+u(x)=1
. The opinion model in [13] is given as follows:
W
x
= (b
x
, d
x
, u
x
, a
x
)
(1)
b
x
= c r / t
(2)
d
x
= c s / t
(3)
u
x
= t / (r s + f
2
+ 1)
(4)
