TU Darmstadt / ULB / TUbiblio

Towards a trust management system for cloud computing marketplaces: using CAIQ as a trust information source

Habib, Sheikh Mahbub and Ries, Sebastian and Varikkattu, Prabhu and Mühlhäuser, Max (2014):
Towards a trust management system for cloud computing marketplaces: using CAIQ as a trust information source.
7, In: Security and Communication Networks, (11), pp. 2185-2200, DOI: 10.1002/sec.748,
[Online-Edition: https://onlinelibrary.wiley.com/doi/abs/10.1002/sec.748],
[Article]

Abstract

Cloud computing enables information technology related services in a more dynamic and scalable way than before—more cost‐effective than before due to the economy of scale and of sharing resources. Usually, cloud providers describe their promised behaviour—regarding functional and non‐functional aspects of the service provision—by way of service level agreements (SLAs). For different providers offering similar functionality, SLAs are often insufficiently claimable and inconsistent with the aspects considered important by customers. Therefore, customers face problems identifying a trustworthy cloud provider solely on the basis of its SLA. To support customers in reliably identifying trustworthy cloud providers, we propose a multi‐faceted trust management system architecture for cloud computing marketplaces and related approaches. This system provides the means for identifying trustworthy cloud providers in terms of different attributes, for example, compliance, data governance and information security. In this article, we present the first realization of our proposed trust management system using the Consensus Assessment Initiative Questionnaire, initiated by the Cloud Security Alliance, as one of the sources of trust information. In particular, our proposed approach contributes to the challenge of extracting trust information from Consensus Assessment Initiative Questionnaires completed by cloud providers. Finally, our implemented system and related approaches are experimented using real datasets.

Item Type: Article
Erschienen: 2014
Creators: Habib, Sheikh Mahbub and Ries, Sebastian and Varikkattu, Prabhu and Mühlhäuser, Max
Title: Towards a trust management system for cloud computing marketplaces: using CAIQ as a trust information source
Language: English
Abstract:

Cloud computing enables information technology related services in a more dynamic and scalable way than before—more cost‐effective than before due to the economy of scale and of sharing resources. Usually, cloud providers describe their promised behaviour—regarding functional and non‐functional aspects of the service provision—by way of service level agreements (SLAs). For different providers offering similar functionality, SLAs are often insufficiently claimable and inconsistent with the aspects considered important by customers. Therefore, customers face problems identifying a trustworthy cloud provider solely on the basis of its SLA. To support customers in reliably identifying trustworthy cloud providers, we propose a multi‐faceted trust management system architecture for cloud computing marketplaces and related approaches. This system provides the means for identifying trustworthy cloud providers in terms of different attributes, for example, compliance, data governance and information security. In this article, we present the first realization of our proposed trust management system using the Consensus Assessment Initiative Questionnaire, initiated by the Cloud Security Alliance, as one of the sources of trust information. In particular, our proposed approach contributes to the challenge of extracting trust information from Consensus Assessment Initiative Questionnaires completed by cloud providers. Finally, our implemented system and related approaches are experimented using real datasets.

Journal or Publication Title: Security and Communication Networks
Volume: 7
Number: 11
Uncontrolled Keywords: cloud computing, trust models, reputation, trust management, architecture, CAIQ, self-assessment
Divisions: 20 Department of Computer Science
20 Department of Computer Science > System Security Lab
20 Department of Computer Science > Telecooperation
Profile Areas
Profile Areas > Cybersecurity (CYSEC)
LOEWE
LOEWE > LOEWE-Zentren
LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
Date Deposited: 13 Jun 2018 11:26
DOI: 10.1002/sec.748
Official URL: https://onlinelibrary.wiley.com/doi/abs/10.1002/sec.748
Identification Number: TUD-CS-2013-0022
Related URLs:
Export:
Suche nach Titel in: TUfind oder in Google
Send an inquiry Send an inquiry

Options (only for editors)

View Item View Item