Service Trustiness and Resource Legitimacy in Cloud Computing

Cloud computing is emerging as a virtual model in support of “everything-as-a-service” (XaaS). Service providers in a cloud provide XasS of resources. There are numerous providers involved in a cloud such as feeders, owners, delegators and creators who are less likely the same agent. Consequently, without identifying the credential of their providers, cloud resources cannot be securely managed by traditional security models and services may be trustless. In this paper, we propose a new security technique to measure the trustiness of the cloud resources. Using the metadata of resources, the technique binds authorization policies to compute the trace ability between the resources and the provider’s credential. The contribution of this paper includes a mechanism of the privilege chains that can be used to verify the legitimacy of cloud resources and to measure the trustiness of cloud services.

[1]  Daniele Sgandurra,et al.  Cloud Security Is Not (Just) Virtualization Security , 2009 .

[2]  Daniele Sgandurra,et al.  Cloud security is not (just) virtualization security: a short paper , 2009, CCSW '09.

[3]  He Wang,et al.  Discretionary access control with the administrative role graph model , 2007, SACMAT '07.

[4]  Anand R. Tripathi,et al.  Context-aware role-based access control in pervasive computing systems , 2008, SACMAT '08.

[5]  David J. Blezard,et al.  One user, one password: integrating unix accounts and active directory , 2002, SIGUCCS '02.

[6]  Luis Rodero-Merino,et al.  A break in the clouds: towards a cloud definition , 2008, CCRV.

[7]  Wolfgang Klas,et al.  A survey of techniques for achieving metadata interoperability , 2010, CSUR.

[8]  Fernando Pereira MPEG multimedia standards: evolution and future developments , 2007, ACM Multimedia.

[9]  Nora Cuppens-Boulahia,et al.  Managing Delegation in Access Control Models , 2007, 15th International Conference on Advanced Computing and Communications (ADCOM 2007).

[10]  Chris Rose,et al.  A Break in the Clouds: Towards a Cloud Definition , 2011 .

[11]  Thomas Sandholm,et al.  What's inside the Cloud? An architectural map of the Cloud landscape , 2009, 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing.

[12]  Markus Jakobsson,et al.  Controlling data in the cloud: outsourcing computation without outsourcing control , 2009, CCSW '09.

[13]  K. Srinathan,et al.  Privacy Preserving Cooperative Clustering Service , 2007, 15th International Conference on Advanced Computing and Communications (ADCOM 2007).

[14]  Paul England,et al.  Resource management for isolation enhanced cloud services , 2009, CCSW '09.

[15]  Wenying Zeng,et al.  Research on cloud storage architecture and key technologies , 2009, ICIS.

[16]  Elisa Bertino,et al.  Fine-grained role-based delegation in presence of the hybrid role hierarchy , 2006, SACMAT '06.

[17]  Ravi S. Sandhu,et al.  RBAC Standard Rationale: Comments on "A Critique of the ANSI Standard on Role-Based Access Control" , 2007, IEEE Security & Privacy.

[18]  Nima Kaviani,et al.  A two-Factor Authentication System using Mobile Devices to Protect against Untrusted Public Computers , 2007 .