Computational trust methods for security quantification in the cloud ecosystem

In this chapter, we provide an in-depth insight into computational trust methods that are able to reliably quantify the security level of service providers and transparently communicate that level to the users. The methods particularly consider business as well as end user requirements along with a complex specification of security assurances during security quantification. Novel trust methods are validated using formal proofs, industry-accepted security assurance datasets, and user studies.

[1]  Audun Jøsang,et al.  Trust Transitivity and Conditional Belief Reasoning , 2012, IFIPTM.

[2]  Max Mühlhäuser,et al.  A Trust-Aware Framework for Evaluating Security Controls of Service Providers in Cloud Marketplaces , 2013, 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications.

[3]  Melanie Volkamer,et al.  A formal approach towards measuring trust in distributed systems , 2011, SAC.

[4]  Sadie Creese,et al.  Communicating trustworthiness using radar graphs: A detailed look , 2013, 2013 Eleventh Annual Conference on Privacy, Security and Trust.

[5]  Ahmad-Reza Sadeghi,et al.  Property-Based TPM Virtualization , 2008, ISC.

[6]  Trent Jaeger,et al.  Seeding clouds with trust anchors , 2010, CCSW '10.

[7]  Diego Gambetta Can We Trust Trust , 2000 .

[8]  Sheikh Mahbub Habib,et al.  Trust Establishment Mechanisms for Distributed Service Environments , 2014 .

[9]  Christoph Meinel,et al.  Distributed Trust Management for Validating SLA Choreographies , 2010 .

[10]  Shuai Wang,et al.  A Cloud-Based Trust Model for Evaluating Quality of Web Services , 2010, Journal of Computer Science and Technology.

[11]  Neeraj Suri,et al.  Benchmarking cloud security level agreements using quantitative policy trees , 2012, CCSW '12.

[12]  Mike Daube,et al.  Consumer testing of the acceptability and effectiveness of front-of-pack food labelling systems for the Australian grocery market. , 2009, Health promotion international.

[13]  Tyrone Grandison,et al.  Conceptions of Trust: Definition, Constructs, and Models , 2007 .

[14]  Daniel Schreiber,et al.  Evaluating User Representations for the Trustworthiness of Interaction Partners , 2008 .

[15]  Max Mühlhäuser,et al.  Fusion of Opinions under Uncertainty and Conflict -- Application to Trust Assessment for Cloud Marketplaces , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[16]  Max Mühlhäuser,et al.  Communicating and visualising multicriterial trustworthiness under uncertainty , 2014, 2014 Twelfth Annual International Conference on Privacy, Security and Trust.

[17]  N. L. Chervany,et al.  THE MEANINGS OF TRUST , 2000 .

[18]  Vijay Varadharajan,et al.  Enhancing grid security with trust management , 2004, IEEE International Conference onServices Computing, 2004. (SCC 2004). Proceedings. 2004.

[19]  Max Mühlhäuser,et al.  CertainLogic: A Logic for Modeling Trust and Uncertainty - (Short Paper) , 2011, TRUST.

[20]  Muttukrishnan Rajarajan,et al.  Trust Model for Optimized Cloud Services , 2012, IFIPTM.

[21]  Sebastian Ries,et al.  Trust in ubiquitous computing , 2009 .

[22]  Audun Jøsang,et al.  A survey of trust and reputation systems for online service provision , 2007, Decis. Support Syst..

[23]  Audun Jøsang,et al.  A Logic for Uncertain Probabilities , 2001, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[24]  F. John Krautheim,et al.  Private Virtual Infrastructure for Cloud Computing , 2009, HotCloud.

[25]  Sebastian Ries,et al.  Extending Bayesian trust models regarding context-dependence and user friendly representation , 2009, SAC '09.

[26]  Ahmad-Reza Sadeghi,et al.  Property-based attestation for computing platforms: caring about properties, not mechanisms , 2004, NSPW '04.