Pramod Pawar

Trust Model for Optimized Cloud Services

Cloud computing with its inherent advantages draws attention for business critical applications, but concurrently expects high level of trust in cloud service providers. Reputation-based trust is emerging as a good choice to model trust of cloud service providers based on available evidence. Many existing reputation based systems either ignore or give less importance to uncertainty linked with the evidence. In this paper, we propose an uncertainty model and define our approach to compute opinion for cloud service providers. Using subjective logic operators along with the computed opinion values, we propose mechanisms to calculate the reputation of cloud service providers. We evaluate and compare our proposed model with existing reputation models.

Security-as-a-Service in Multi-cloud and Federated Cloud Environments

The economic benefits of cloud computing are encouraging customers to bring complex applications and data into the cloud. However security remains the biggest barrier in the adoption of cloud, and with the advent of multi-cloud and federated clouds in practice security concerns are for applications and data in the cloud. This paper proposes security as a value added service, provisioned dynamically during deployment and operation management of an application in multi-cloud and federated clouds. This paper specifically considers a data protection and a host & application protection solution that are offered as a SaaS application, to validate the security services in a multi-cloud and federated cloud environment. This paper shares our experiences of validating these security services over a geographically distributed, large scale, multi-cloud and federated cloud infrastructure.

Trust Assessment Using Cloud Broker

Despite the advantages and rapid growth of Cloud computing, the cloud environments are still not sufficiently trustworthy from a customer’s perspective. Several challenges such as specification of service level agreements, standards, security measures, selection of service providers and computation of trust still persists, that concerns the customer. To deal with these challenges and provide a trustworthy environment, a mediation layer may be essential. In this paper we propose a cloud broker as a mediation layer, to deal with complex decision of selecting a trustworthy cloud provider, that fulfils the service requirements, create agreements and also provisions security. The cloud broker operates in different modes and this enables a variety of trust assessments.

Trust Model for Cloud Based on Cloud Characteristics

The wider adoption of cloud computing due to its inherent advantages also brings concerns of trust and security. Trust is a fundamental subject in human life. Although, several trust models exists in different areas including cloud, none of the trust models to-date are comprehensive enough to accommodate the characteristics of the cloud environment. This paper defines a trust model based on the essential cloud characteristics as the dimensions of the trust model together with several features relevant to the dimension to build the context. The proposed trust model is supported with an opinion model that considers uncertainty for building context specific trust and credibility complimented with early filtering to reduce the impact of malicous feedback providers. The proposed model is evaluated for its robustness against malicious feedback providers.

Integrating Security Services in Cloud Service Stores

Protecting systems, applications and data hosted on a Cloud environment against cyber-threats, and accounting for security incidents across the Cloud estate are prerequisites to Cloud adoption by business, and a fundamental element of both national and corporate cyber-security and Cloud strategies. Yet, Cloud IaaS and PaaS providers typically hold Cloud consumers accountable for protecting their applications, while Cloud users often find that protecting their proprietary system, application and data stacks on public or hybrid Cloud environments can be complex, expensive and time-consuming. In this paper we describe a novel Cloud-based security management solution that empowers Cloud consumers to protect their systems, applications and data in the Cloud, whilst also improving the control and visibility of their Cloud security operations. This is achieved by enhancing the security policy management of commercial technologies, and via their integration with multiple Cloud-based hosts and applications. The result of this integration is then offered as a re-usable service across multiple Cloud platforms through a Cloud service store.

Analysing Security requirements in Cloud-based Service Level Agreements

In cloud computing, measurable services such as packet loss and memory are quantized into different levels to provide different level of services to users. Initially, there will be a service level agreement (SLA) between users and service providers (SPs) and/or SPs and infrastructure providers (IPs). However, the most crucial service required by the users and SPs in cloud computing is security and privacy. Security parameters can be used to prevent attacks and to protect data and systems. In literature, there is no comprehensive solution which quantify all the security parameters associated with the cloud computing paradigm. In this paper, for the first time, we attempt to generalize and quantify the security parameters.

Opinion Model Based Security Reputation Enabling Cloud Broker Architecture

Security and trust in service providers is a major concern in the use of cloud services and the associated process of selecting a cloud service provider that meets the expectations and needs of one’s security requirements is not easy. As a solution, we propose a broker architecture model that enables us to build a security reputation framework for cloud service providers, capturing comprehensive evidence of security information to build its trust and security reputation.

Security-as-a-Service in Multi-cloud and Federated Cloud Environments: 9th IFIP WG 11.11 International Conference, IFIPTM 2015, Hamburg, Germany, May 26-28, 2015, Proceedings

This book constitutes the refereed proceedings of the 9th IFIP WG 11.11 International Conference on Trust Management, IFIPTM 2015, held in Hamburg, Germany, in May 2015. The 10 revised full papers and 5 short papers presented were carefully reviewed and selected from 28 submissions. In addition, the book contains one invited paper and 5 papers from a special session on trusted cloud ecosystems. The papers cover a wide range of topics including trust and reputation and models thereof, the relationship between trust and security, socio-technical aspects of trust, reputation and privacy, trust in the cloud and behavioural models of trust.The economic benefits of cloud computing are encouraging customers to bring complex applications and data into the cloud. However security remains the biggest barrier in the adoption of cloud, and with the advent of multi-cloud and federated clouds in practice security concerns are for applications and data in the cloud. This paper proposes security as a value added service, provisioned dynamically during deployment and operation management of an application in multi-cloud and federated clouds. This paper specifically considers a data protection and a host & application protection solution that are offered as a SaaS appli- cation, to validate the security services in a multi-cloud and federated cloud environment. This paper shares our experiences of validating these security services over a geographically distributed, large scale, multi-cloud and federated cloud infrastructure.