security features provided by CSP . The trustworthiness(T) is given by applying the

conjunction operator of subjective logic on the opinions obtained from each of these

computation and then calculating the expectation of the combined opinion.

T=Expectation (W M Ʌ EUR )

(6)

Where W M is the opinion obtained from the monitoring(M) as well as the W EUR is

the opinion obtained from the enterprise user ratings(EUR). The symbol

Ʌ

is the

conjunction operator used to combine the two opinions.

4.1 Incidence Monitoring

The incidence monitoring records evidence about the incidences related to parameters

such as authentication, authorization, inside attacks, multi-tenent attack, data leakage

and malware propogation. These incidences can either be identified by the cloud

service provider and sent to the broker or the broker after receiving the security events

carries further analysis to identify the incidences from the data received. Both

approaches have their own advantages and disadvantages.

For each monitoring parameter, the number of incidents occuring within a time

window w are observed. Every incident identified, adds to the negative evidence and

absence of incidents increases the positive evidence. Based on the positive and

negative evidences, opinions are formed for each of the parameters. Let W AT, W AR, W IA,

W MT, W DL, and W MP be opinions formed for CSP based on the monitoring parameter of

authentication, authorization, inside attacks, multi-tenent attack, data leakage and

malware propogation respectively. Consider for example that there are n monitors

associated with monitoring of authentication incidence at CSP-1. Then the opinion

W AT for CSP-1 is given as the consensus of all n monitors. Considering all monitoring

parameters, the overall opinion W M for CSP-1 is given by applying conjunction

operator over the consensus opinion, which is as follows:

W M = W AT M1,…,Mn Ʌ W AR M1,…,Mn Ʌ W IA M1,…,Mn Ʌ W MT M1,…,Mn Ʌ

W DL M1,…,Mn ɅW MP M1,…,Mn

(7)

Where W AT M1,.,Mn is consensus opinion by monitors M1 to Mn regarding

authentication. Similarly consensus opinions for other parameters are obtained.

4.2

Enterprise User Rating

For every usage of the services from the CSP, the enterprise user rates the satisfaction

of security features and capabilities provided by the CSP corresponding to the

requirements set forward initially by the user. Consider q enterprise users registered

with the broker and provide ratings to the CSP for each of the monitoring parameters.

The overall opinon W EUR for CSP-1 based on the enterprise user rating is given by

applying the conjunction operator over the consensus opinion, as follows:

(8)

W EUR = W AT EU1,EU2…,EUq Ʌ W AR EU1,EU2…,EUq Ʌ W IA EU1,EU2…,EUq Ʌ

W MT EU1,EU2…,EUq Ʌ W DL EU1,EU2…,EUq Ʌ W MP EU1,EU2…,EUq