Cloud Trust Research Articles

S-ZAC: Hardening Access Control of Service Mesh Using Intel SGX for Zero Trust in Cloud

In cloud services, the zero-trust security paradigm has emerged as a key strategy to reduce the large attack surface created by the complexity of cloud systems. Service mesh is a popular practice to realize the zero-trust architecture, which relies heavily on network access control to achieve the desired security. Building a service mesh-based solution in the cloud is not straightforward because privileged adversaries (e.g., malicious cloud insiders) can easily compromise the control plane where the access control function is implemented. In this paper, we propose S-ZAC, an access control hardening technique for service mesh-based solutions in the cloud. S-ZAC uses Intel SGX to provide a trusted execution environment for the control plane, which is responsible for enforcing access control for the service mesh. By isolating all access-control-related functions within an SGX enclave, S-ZAC ensures high resilience of the service mesh solution even in the presence of privileged adversaries. Due to the design limitations of SGX, implementing S-ZAC in the cloud for zero trust faces several challenges that can lead to serious scalability and failover issues. The first challenge is to establish secure communication channels between the S-ZAC components, even in the presence of privileged attackers. The second challenge is the limited memory capacity of the SGX enclave. Finally, the third challenge is that the inherent design of SGX does not support persistent enclave states, meaning that any state of running enclaves is volatile. We address these challenges by proposing our novel solutions. By implementing a prototype of S-ZAC, we evaluate its performance in terms of security and performance. The evaluation results validate the effectiveness of S-ZAC to enhance the security of the service mesh control plane in cloud environments.

Trust Management in Cloud Computing Using Blockchain Technology: a taxonomy, review & future directions

Through visualization and resource integration, cloud computing has expanded its service its service area and offers a better user experience than the traditional platform, along with us business operation model bringing huge economic and social benefits. However, a large amount of evidence shows that cloud computing is facing with serious security and trust crises, and building a trust / enabled transaction environment has become its key factor. The traditional cloud trust model transparency and traceability trust evolution results cannot be fully recognized by all participants. Its unique features in operating rules and traceability of records ensure the integrity, undesirability and security of the transaction data. Therefore Blockchain is very suitable for constructing distributed and decentralized trust architecture. Based on a novel Cloud- Edge trust management framework and a double Blochkchain structure based cloud transaction model , it identifies the open challenges and gives direction for future research field.

Quantifying quantitative correlation of provider selection influences cloud security

The cloud computing has been able to help users to access the data easily and effectively. However, cloud security is highly emphasized to cloud users to ensure data is securely stored. The cloud security can be handled well by chosen trusted cloud service provider in getting high impact on the cloud security. The relationship between cloud security with the provider selection is much needed to ensure the extent to which data is securely stored in a cloud. Therefore, in this paper the quantitative method was conducted to measure the correlation between the selected the right cloud service provider influence the cloud security. Thus, knowledgeable person in having the experiences in using the cloud service was taking from two institution of higher learning (IHL) as a respondent. In addition, variability and normality data analysis was firstly conducted to obtain the consistency of the data. Then, the correlation between cloud security factor and provider selection factor was conducted using spearman correlation matrix and scatter graph in identifying the closely and significant the value in influencing between the factors. Thus, the correlation relationship analysis result shown the selected the right cloud provider’s give higher impact to cloud security.

Exploring Cloud Computing Adoption in Higher Educational Environment: An Extension of the Tpb Model With Trust, Peer Influences, Perceived Usefulness and Ease of Use

Cloud computing is regarded as the next generation of computing. It is progressively being used as a launching pad for digital innovation and organizational agility. Cloud computing is frequently used by private and public organizations due to its flexibility, collaboration, cost-effectiveness, and scalability. These characteristics make cloud computing indispensable for individuals and businesses such as higher education institutes. Several prior studies covered the technological facets of cloud-based contexts, including cloud security, scalability, and virtualization. However, it is contend that the main barrier to cloud computing isn't technical but cognitive or behavioural, and in particular attitudinal. Thus, this research aims to study higher education’ students’ attitudes and their intention to adopt cloud computing, with a specific concentration on the effect of trust, peer influences, perceived usefulness and ease of use in order to investigate the factors influencing the adoption of cloud computing in higher educational environment in Saudi Arabia. This study presents an extended Decomposed Theory of Planned Behaviour (DTPB) to include trust, peer influences, perceived usefulness and ease of use as a cognition, representing a person’s perception of social influence to perform or not perform a behaviour under consideration. The proposed model was able to explain 62% of the variance in behavioural intention and 65% of students' attitudes towards the adoption of cloud computing in higher educational environment. The study's findings show that the proposed model explained a significant amount of variation in cloud computing adoption. It suggests that the model expansion by incorporating trust, peer influences, perceived usefulness and ease of use factors were valuable explorations. Further, the findings demonstrate that university students' attitudes toward using cloud computing are significantly influenced by perceived ease of use, trust in cloud computing service provider and perceived usefulness, which have the ability to explain their attitude by 22.15%, 21.9% and 20.9% respectively. The result also shows that "subjective norm" alone explains 33.95% of students' "behavioural intentions" towards using cloud computing, followed by their "attitude," which explains around 14.24% of "behavioural intentions," and then university students’ "self-efficacy," with 13.71%.

RESCU-SQL: Oblivious Querying for the Zero Trust Cloud

Cloud service providers offer robust infrastructure for rent to organizations of all kinds. High stakes applications, such as the ones in defense and healthcare, are turning to the public cloud for a cost-effective, geographically distributed, always available solution to their hosting needs. Many such users are unwilling or unable to delegate their data to this third-party infrastructure. In this demonstration, we introduce RESCU-SQL, a zero-trust platform for resilient and secure SQL querying outsourced to one or more cloud service providers. RESCU-SQL users can query their DBMS using cloud infrastructure alone without revealing their private records to anyone. It does so by executing the query over secure multiparty computation. We call this system zero trust because it can tolerate any number of malicious servers provided one of them remains honest. Our demo will offer an interactive dashboard with which attendees can observe the performance of RESCU-SQL deployed on several in-cloud nodes for the TPC-H benchmark. Attendees can select a computing party and inject messages from it to explore how quickly it detects and reacts to a malicious party. This is the first SQL system to support all-but-one maliciously secure querying over a semi-honest coordinator for efficiency.

Reputation based novel trust management framework with enhanced availability for cloud

To select a cloud service provider (CSP) out of immense number of relevant CSPs available, cloud customer (CC) trusts on the reviews provided by the CCs who have used the services provided by CSPs. However, relying on these feedbacks may be hazardous if the review(s) have been deliberately posted with wicked motive. To mitigate the impact of malicious feedbacks, a framework, namely highly available credible cloud trust management framework (HA2CTMF) has been proposed with the intent of revamping the reputation and availability parameters of QoS by evaluating the trust of cloud service providers (CSPs) based on the credibility of feedbacks furnished by CC. HA2CTMF detects collusion and Sybil attacks on the labeled CloudArmor dataset and increases availability of the trust service. Collusion attack has been detected by comparing review count; service count; & mean of reviews with their respective threshold values. Further, Sybil attack has been uncovered with the help of these aspects: deviation from mean of reviews; pattern detection; & comparison of polarity value from both lower & upper threshold values. Additionally, enhanced availability has been ensured by working on disaster management and diminishing repercussions of single point of failure. The results have been accessed on the following parameters: precision; recall; f1-score & availability percentage on the dataset comprising 8774 data points. This framework has exhibited precision of 85.69%, recall of 89.45%, f1-score of 87.53% and availability of 96.71% compared to CloudArmor framework values on the same parameters as: 44.47%; 62.21%; 51.85% & 70.43% respectively. As per the results attained, we conclude that proposed HA2CTMF has demonstrated better outcome.

The Data Security and multi-cloud Privacy concerns

The security, privacy, and challenges of establishing trust in cloud computing are examined in this paper. It discusses the issues that must be resolved to guarantee the security, privacy, and reliability of data processed, stored, and shared in cloud architecture. Cloud computing is a rapidly growing field, with more and more individuals and organizations adopting it as their preferred data storage and processing method. However, with this growth comes the need for increased attention to privacy, security, and trust in cloud computing. In this paper, we review the current state of privacy, security, and trust in cloud computing and examine the various strategies and technologies being used to address these concerns. We discuss the importance of end-to-end encryption, strong access controls, and data anonymization techniques in protecting user data in the cloud. Additionally, we analyze the role of trusted third parties, such as auditors and certifications, in ensuring the integrity of cloud services. Finally, we consider the impact of emerging technologies, such as blockchain and homomorphic encryption, on the future of privacy, security, and trust in cloud computing. Overall, our analysis highlights the need for ongoing research and development in this area to ensure that cloud computing remains a secure and trustworthy platform for users.

An Intelligent Trust Cloud Management Method for Secure Clustering in 5G Enabled Internet of Medical Things

5G edge computing enabled Internet of Medical Things (IoMT) is an efficient technology to provide decentralized medical services while device-to-device (D2D) communication is a promising paradigm for future 5G networks. To assure secure and reliable communication in 5G edge computing and D2D enabled IoMT systems, this article presents an intelligent trust cloud management method. First, an active training mechanism is proposed to construct the standard trust clouds. Second, individual trust clouds of the IoMT devices can be established through fuzzy trust inferring and recommending. Third, a trust classification scheme is proposed to determine whether an IoMT device is malicious. Finally, a trust cloud update mechanism is presented to make the proposed trust management method adaptive and intelligent under an open wireless medium. Simulation results demonstrate that the proposed method can effectively address the trust uncertainty issue and improve the detection accuracy of malicious devices.

Signal Optimization of Electronic Communication Network Based on Internet of Things

In order to solve the problem that many people communicate at the same time, there are many external interference factors, and the signal is prone to instability in the process of electronic communication, the author proposes a signal optimization method for electronic communication network based on the Internet of Things. The method takes the cloud trust mechanism as the dynamic evolution trust relationship between various Internet of Things electronic communication services, performs explicit and implicit uncertainty conversion, calculates the objective function of data communication network performance, and confirms the control strategy. The positioning information of the network nodes in the communication is added to the communication data packet, and the most stable electronic communication path in the network is obtained to form the network topology structure. The Krasovsky method is adopted, and the working state of the nodes of the communication network is divided into the congested state and the normal state, the probability of the two is calculated, and the range of the transition balance is determined, so as to realize the optimization of the stability of the network topology. Experimental results show that the transmission rate of this method has been maintained at about 180 Kb/s; although there is fluctuation, the fluctuation value is small and the transmission rate is very stable. Conclusion. It can improve the accuracy of electronic communication of the Internet of Things and is less affected by external interference factors, and the communication transmission rate is faster.

A forensic analysis of rclone and rclone's prospects for digital forensic investigations of cloud storage

Organizations and end users are moving their data into the cloud and trust Cloud Storage Providers (CSP) such as pCloud, Dropbox, or Backblaze. Given their popularity, it is likely that forensic examiners encounter one or more online storage types that they will have to acquire and analyze during an investigation. To access cloud storage, CSPs provide web-interfaces, proprietary software solutions (e.g., Dropbox client for Windows) as well as APIs allowing third-party access. One of these third-party applications is rclone which is an open-source tool to access many common CSPs through a command line interface. In this article, we look at rclone from two perspectives: First, we perform a forensic analysis on rclone and discuss aspects such as password recovery of the configuration file, encryption, and JA3 fingerprints. Second, we discuss rclone as a prospect to be a forensic tool which includes its read-only mount feature and sample cases. Under the circumstances tested, rclone is suitable for forensic practitioners as it is open-source, documented, and includes some essential functionality frequently needed but practitioners need to be aware of the caveats.

An Enhanced and Reliable Cloud Trust Protection Model for Privacy Data

The vulnerability of Cloud Computing Systems (CCSs) to Advanced Persistent Threats (APTs) is a significant concern to government and industry. We present a cloud architecture reference model that incorporates a wide range of security controls and best practices,and a cloud security assessment model – Cloud-Trust – that estimates high level security metrics to quantify the degree of confidentiality and integrity offered by a CCS or cloud service provider (CSP). Cloud-Trust is used to assess the security level of four multi- tenant IaaS cloud rchitectures equipped with alternative cloud security controls and to show the probability of CCS penetration (high value data compromise) is high if a minimal set of security controls are implemented. CCS penetration probability drops substantially if a cloud defense in depth security architecture is adopted that protects virtual machine (VM) images at rest, strengthens CSP an cloud tenantsystem administrator access controls, and which employs other network security controls to minimize cloud network surveillance and discovery of live VMs. Keywords: - Cloud Computing, Trust, Trust Management, Trust Models, Privacy, Trust metric, enables CSPs to start, stop, move, and restart

Blockchain-Based Decentralized Cloud Solutions for Data Transfer.

Cloud computing has increased its service area and user experience above traditional platforms through virtualization and resource integration, resulting in substantial economic and societal advantages. Cloud computing is experiencing a significant security and trust dilemma, requiring a trust-enabled transaction environment. The typical cloud trust model is centralized, resulting in high maintenance costs, network congestion, and even single-point failure. Also, due to a lack of openness and traceability, trust rating findings are not universally acknowledged. “Blockchain is a novel, decentralised computing system. Its unique operational principles and record traceability assure the transaction data's integrity, undeniability, and security. So, blockchain is ideal for building a distributed and decentralised trust infrastructure. This study addresses the difficulty of transferring data and related permission policies from the cloud to the distributed file systems (DFS). Our aims include moving the data files from the cloud to the distributed file system and developing a cloud policy. This study addresses the difficulty of transferring data and related permission policies from the cloud to the DFS. In DFS, no node is given the privilege, and storage of all the data is dependent on content-addressing. The data files are moved from Amazon S3 buckets to the interplanetary file system (IPFS). In DFS, no node is given the privilege, and storage of all the data is dependent on content-addressing.

Trust Management in the World of Cloud Computing. Past Trends and Some New Directions

Over the past years, Cloud computing has become one of the most influential information technologies to combat computing needs because of its unprecedented advantages. In spite of all the social and economic benefits it provides, it has its own fair share of issues. These include privacy, security, virtualization, storage, and trust. The underlying issues of privacy, security, and trust are the major barriers to the adoption of cloud by individuals and organizations as a whole. Trust has been the least looked into since it includes both subjective and objective characteristics. There is a lack of review on trust models in this research domain. This paper focuses on getting insight into the nomenclature of trust, its classifications, trust dimensions and throws an insight into various trust models that exist in the current knowledge stack. Also, various trust evaluation measures are highlighted in this work. We also draw a comparative analysis of various trust evaluation models and metrics to better understand the notion of trust in cloud environments. Furthermore, this work brings into light some of the gaps and areas that need to be tackled toward solving the trust issues in cloud environments so as to provide a trustworthy cloud ecosystem. Lastly, we proposed a Machine Learning backed Rich model based solution for trust verification in Cloud Computing. We proposed an approach for verifying whether the right software is running for the correct services in a trusted manner by analyzing features generated from the output cloud processed data. The proposed scheme can be utilized for verifying the cloud trust in delivering services as expected that can be perceived as an initiative towards trust evaluation in cloud services employing Machine learning techniques. The experimental results prove that the proposed method verifies the service utilized with an accuracy of 99%.

TRUST BASED SECURITY MODEL FOR CLOUD SYSTEMS IN AN ORGANIZATION

Cloud storage provides great benefits and advantages like reduction in cost, increased flexibility, elasticity and the efficient use of resources. With these great advantages, there are concerns and problem for cloud users. Some obstacles in using cloud computing services are because of its distributed and untransparent nature. That's why users have no control over their data and information and are not sure of whether or not to trust cloud providers. Therefore, the objective of this research is to examine the influence of customer and provider characteristics on cloud service outcome, impact of Trust on cloud service outcome, and to examine if Trust mediate the relationship of customer characteristics and provider’s characteristics with cloud service outcome. In order to achieve the objectives of this research, the analyses of measurement model, factor analysis, assessment of structure model and regression analysis has been conducted. The Findings of this study shows that the existing threats in cloud service is one of the reason why users are not trusting cloud service providers. These threats which are privacy and security cause unwillingness to use cloud services. This study also found that Trust plays an enormous role for cloud service users and providers because it increases usage, willingness to use among customers, and reputation of cloud service providers. It also found that Outcome is really low if there is no trust in these services. This study will help cloud service providers/developers to know the reasons why some people and organizations are not willing to use their services.

Pattern detection in cloud computing: Bibliometric mapping of publications in the field from past to present

The use of cloud computing has become widespread with the rapid development of technology. In this context, it is important to make a bibliometric analysis to identify developments in cloud computing research and to guide future research. For bibliometric analysis of cloud computing research, this study examines 48692 studies scanned in the Web of Science database as of July 2021, without year and index limits. VOSviewer software was used for bibliometric analysis. Bibliometric analysis showed that the research in the field of cloud computing increased exponentially until 2016, but after 2016, the research decreased and turned to more specific areas. China, USA, and India, respectively, are the countries that contributed the most to the cloud computing literature. According to the keyword co-occurrence analysis, the prominent keywords are fog computing, mobile cloud computing, data security, and trust. In addition, edge computing and blockchain stand out as trending topics in recent years. Future Generation Computer Systems and IEEE Access are the journals that contribute the most to the field. Taken as a whole, the findings of the study describe the field in general and provide important, enlightening, and stimulating information for researchers who are or will be interested in cloud computing.

Blockchain-based trust management in cloud computing systems: a taxonomy, review and future directions

Through virtualization and resource integration, cloud computing has expanded its service area and offers a better user experience than the traditional platforms, along with its business operation model bringing huge economic and social benefits. However, a large amount of evidence shows that cloud computing is facing with serious security and trust crisis, and building a trust-enabled transaction environment has become its key factor. The traditional cloud trust model usually adopts a centralized architecture, which causes large management overhead, network congestion and even single point of failure. Furthermore, due to a lack of transparency and traceability, trust evaluation results cannot be fully recognized by all participants. Blockchain is a new and promising decentralized framework and distributed computing paradigm. Its unique features in operating rules and traceability of records ensure the integrity, undeniability and security of the transaction data. Therefore, blockchain is very suitable for constructing a distributed and decentralized trust architecture. This paper carries out a comprehensive survey on blockchain-based trust approaches in cloud computing systems. Based on a novel cloud-edge trust management framework and a double-blockchain structure based cloud transaction model, it identifies the open challenges and gives directions for future research in this field.

Cloud Trust-Driven Hierarchical Sharing Method of Internet of Things Information Resources

Short information sharing time is one of the problems to be solved in the traditional Internet. Therefore, this paper proposes a hierarchical simulation of the Internet of Things sharing structure framework that trusts the cloud to drive Internet information resource sharing. By setting thresholds and iterative adjustment parameters, a complementary judgment matrix is constructed to obtain the minimum nonnegative deviation value and the optimal weight vector. This paper sorts according to the value of the Internet information security model, obtains the optimal model to avoid human tampering, and designs the information resource acquisition process to ensure the reliability of the source data. We use radio frequency identification (RFID) equipment in the preprocessing of massive heterogeneous data in the Internet of Things. In a network environment where resources are limited and heterogeneous are fully considered, the trust-based adaptive detection algorithm is used to evaluate the credibility of the trust-driven algorithm for hierarchical information resource sharing services in the cloud environment of the Internet of Things. We propose a cloud trust-driven hierarchical information resource sharing Internet information resource model. Firstly, the key characteristics of hierarchical information resource sharing are analyzed. Then, a hierarchical information resource sharing model was established by using specific constraints, trust steepness function, cloud trust evaluation criteria, and trust constraint coefficient. Finally, an example of IoT system is designed to verify the effectiveness of the model. Experimental results show that, compared with the traditional model or algorithm, this model has a good hierarchical sharing effect of the underlying resource information.

A systematic mapping study of security, trust and privacy in clouds

Cloud computing thrives around trust and security in the relationship between cloud providers and users of their services. The objective was the conduct of a systematic mapping study of cloud computing security, trust and privacy. The research was executed using three classes of facets, namely topic, contribution, and research based on the systematic mapping process. The result shows that privacy issues and challenges on metric had 4.76% of the publications. On cloud trust in the domain of tool, the publications were 8.75%. The publications on design within the domain of model stood at 12.38%, and publications on privacy issues and challenges in the area of process were 8.57%. Furthermore, there were more articles published on privacy issues and challenges within the domain of evaluation research with 10.43%. The publications on design based on validation research made up 7.83% of the study. More papers were also published on frameworks and techniques within the domain of solution research with 5.22% each. There were more articles published on privacy issues and challenges with regards to philosophical research with 4.35%. Shortcomings in the fields of security, trust and privacy in the cloud, were identified through this study, which should motivate further research.

Quality and Profit Assured Trusted Cloud Federation Formation: Game Theory Based Approach

With more awareness and growth in the cloud market, demands for computational resources have increased in order to provide services to the cloud users. Sometimes it is difficult for an individual cloud service provider (CSP) to meet the level of promised quality of service (QoS) and to fulfill all types of resource requests dynamically. Cloud federation has become a consolidated paradigm in which group of cooperative CSPs share their unused resources with peers to gain some economic benefit. Hence, the cloud federation overcomes the limitation of each CSP for maintaining QoS during sudden spikes in resource demand. However, the presence of untrusted CSPs degrades the QoS of the services delivered through federation. Trusted CSPs are highly reputed in the federation as they can extend their resources and services to maintain the level of committed QoS by the member CSPs of the federation. Therefore, to guarantee delivery of committed QoS, it will be necessary to form a federation with trusted CSPs only. In this paper, we present a broker based cloud federation architecture. The cloud federation formation is modeled as a hedonic coalitional game. The main objective of this work is to find the most suitable and stable federation of trusted CSPs that will maximize the satisfaction level of each individual CSP on the basis of QoS and profit. The proposed coalitional game inspired cloud federation formation (CGCFF) algorithm has been extensively compared with selected existing techniques. Simulation results show that the set of federation formed by CGCFF is Nash-stable and performs better than these techniques in terms of satisfaction, quality and profit.

A novel cloud management framework for trust establishment and evaluation in a federated cloud environment

Cloud Computing is being utilized by large-scale organizations for data storage and management. It provides advantages like reducing the cost of information technology services by shared computing resources and more data storage space, in addition to on-demand and easy pay-per-use service mechanism. Different Cloud Service Providers (CSPs) form cloud federation to share their resources. In a cloud environment, it is essential to make sure that the customer’s data is fully secured, and standard privacy laws are applied to form a trusted relationship among CSPs and customers. Therefore, the focus of this research is to identify the issues for establishment of a trusted environment and evaluation of trusted levels between customers and their CSP. In this paper, a Federated Cloud Trust Management Framework (FCTMF) is proposed that resolves the trust issues and motivates the cloud providers to successfully participate in cloud federation. The proposed framework evaluates the level of trust based on Service Level Agreement (SLA) parameters, also considering customers and participating CSPs’ feedback. The results and comparison exhibit that the proposed framework is more accurate and feasible in terms of calculating level of trust.