skip to main content
research-article

Trust management of services in cloud environments: Obstacles and solutions

Published: 11 July 2013 Publication History

Abstract

Trust management is one of the most challenging issues in the emerging cloud computing area. Over the past few years, many studies have proposed different techniques to address trust management issues. However, despite these past efforts, several trust management issues such as identification, privacy, personalization, integration, security, and scalability have been mostly neglected and need to be addressed before cloud computing can be fully embraced. In this article, we present an overview of the cloud service models and we survey the main techniques and research prototypes that efficiently support trust management of services in cloud environments. We present a generic analytical framework that assesses existing trust management research prototypes in cloud computing and relevant areas using a set of assessment criteria. Open research issues for trust management in cloud environments are also discussed.

References

[1]
Al-Sharawneh, J. and Williams, M. 2010. Credibility-based social network recommendation: Follow the leader. In Proceedings of the 21st Australasian Conference on Information Systems (ACIS'10).
[2]
Alhamad, M., Dillon, T., and Chang, E. 2010. SLA-based trust model for cloud computing. In Proceedings of the 13th International Conference on Network-Based Information Systems (NBiS'10).
[3]
Amazon. 2011. Amazon.com: Online shopping for electronics, apparel, computers, books, dvds and more. http://www.amazon.com/.
[4]
Amazon-Ec2. 2011. Elastic compute cloud (amazon ec2). http://aws.amazon.com/ec2.
[5]
Amazon-S3. 2011. Amazon simple storage service (amazon - s3). http://aws.amazon.com/s3.
[6]
Aringhieri, R., Damiani, E., De Capitani Di Vimercati, S., Paraboschi, S., and Samarati, P. 2006. Fuzzy techniques for trust and reputation management in anonymous peer-to-peer systems. J. Amer. Soc. Inf. Sci. Technol. 57, 4, 528--537.
[7]
Aringhieri, R., Damiani, E., De Capitani Di Vimercati, S., and Samarati, P. 2005. Assessing efficiency of trust management in peer-to-peer systems. In Proceedings of 14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise (WETICE'05).
[8]
Armbrust, M., Fox, A., Griffith, R., Joseph, A., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I., and Zaharia, M. 2010. A view of cloud computing. Comm. ACM 53, 4, 50--58.
[9]
Artz, D. and Gil, Y. 2007. A survey of trust in computer science and the semantic web. Web Semantics: Sci. Serv. Agents World Wide Web 5, 2, 58--71.
[10]
Aziz, B. and Hamilton, G. 2009. Detecting man-in-the-middle attacks by precise timing. In Proceedings of the 3rd International Conference on Emerging Security Information, Systems and Technologies (SECURWARE'09).
[11]
Azzedin, F. and Maheswaran, M. 2002a. Integrating trust into grid resource management systems. In Proceedings of the International Conference on Parallel Processing (ICPP'02).
[12]
Azzedin, F. and Maheswaran, M. 2002b. Towards trust-aware resource management in grid computing systems. In Proceedings of the 2nd IEEE/ACM International Symposium on Cluster Computing and the Grid (CCGrid'02).
[13]
Azzedin, F. and Maheswaran, M. 2004. A trust brokering system and its application to resource management in public-resource grids. In Proceedings of the 18th International Parallel and Distributed Processing Symposium (IPDPS'04).
[14]
Ba, S. and Pavlou, P. 2002. Evidence of the effect of trust building technology in electronic markets: Price premiums and buyer behavior. MIS Quart. 26, 3, 243--268.
[15]
Bertino, E., Ferrari, E., and Squicciarini, A. 2004. Trust negotiations: Concepts, systems, and languages. Comput. Sci. Engin. 6, 4, 27--34.
[16]
Bertino, E., Paci, F., Ferrini, R., and Shang, N. 2009. Privacy-preserving digital identity management for cloud computing. IEEE Data Engin. Bull 32, 1, 21--27.
[17]
Blaze, M., Feigenbaum, J., Ioannidis, J., and Keromytis, A. D. 1999. The role of trust management in distributed systems security. In Secure Internet Programming. Springer, 185--210.
[18]
Blaze, M., Feigenbaum, J., and Keromytis, A. 1998a. KeyNote: Trust management for public-key infrastructures. In Proceedings of the 6th International Workshop on Security Protocols.
[19]
Blaze, M., Feigenbaum, J., and Lacy, J. 1996. Decentralized trust management. In Proceedings of the 17th IEEE Symposium on Security and Privacy (SP'96).
[20]
Blaze, M., Feigenbaum, J., and Strauss, M. 1998b. Compliance checking in the policymaker trust management system. In Proceedings of the 2nd International Conference on Financial Cryptography (FC'98).
[21]
Blaze, M., Ioannidis, J., and Keromytis, A. 2000. Trust management and network layer security protocols. In Proceedings of the 7th International Workshop on Security Protocols.
[22]
Brandic, I., Dustdar, S., Anstett, T., Schumm, D., Leymann, F., and Konrad, R. 2010. Compliant cloud computing (c3): Architecture and language support for user-driven compliance management in clouds. In Proceedings of IEEE 3rd International Conference on Cloud Computing (CLOUD'10).
[23]
Buyya, R., Yeo, C., and Venugopal, S. 2008. Market-oriented cloud computing: Vision, hype, and reality for delivering it services as computing utilities. In Proceedings of 10th IEEE International Conference on High Performance Computing and Communications (HPCC'08).
[24]
Camenisch, J. and Van Herreweghen, E. 2002. Design and implementation of the idemix anonymous credential system. In Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS'02).
[25]
Cantor, S., Kemp, J., Philpott, R., and Maler, E. 2005. assertions and protocols for the oasis security assertion markup language (saml) v2. 0. http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf.
[26]
Cavoukian, A. 2008. Privacy in the clouds. Ident. Inf. Soc. 1, 1, 89--108.
[27]
Chen, K., Hwang, K., and Chen, G. 2008. Heuristic discovery of role-based trust chains in peer-to-peer networks. IEEE Trans. Parallel Distrib. Syst. 20, 1, 83--96.
[28]
Clark, K., Warnier, M., Brazier, F., and Quillinan, T. 2010. Secure monitoring of service level agreements. In Proceedings of the 5th International Conference on Availability, Reliability, and Security (ARES'10).
[29]
Conner, W., Iyengar, A., Mikalsen, T., Rouvellou, I., and Nahrstedt, K. 2009. A trust management framework for service-oriented environments. In Proceedings of the 18th International Conference on World Wide Web (WWW'09).
[30]
Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., and Polk, W. 2008. RFC 5280 - Internet x.509 public key infrastructure certificate and certificate revocation list (crl) profile. http://tools.ietf.org/html/rfc5280.
[31]
Damiani, E., De Capitani Di Vimercati, S., Paraboschi, S., and Samarati, P. 2003. Managing and sharing servents' reputations in p2p systems. IEEE Trans. Knowl. Data Engin. 15, 4, 840--854.
[32]
Damiani, E., De Capitani Di Vimercati, S., Paraboschi, S., Samarati, P., and Violante, F. 2002. A reputation-based approach for choosing reliable resources in peer-to-peer networks. In Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS'02).
[33]
David, O. and Jaquet, C. 2009. Trust and identification in the light of virtual persons. http://www.dis.net/resources/deliverables/identity-of-identity/.
[34]
De Capitani Di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Psaila, G., and Samarati, P. 2012. Integrating trust management and access control in data-intensive web applications. ACM Trans. Web 6, 2, 1--44.
[35]
Domingues, P., Sousa, B., and Moura Silva, L. 2007. Sabotage-tolerance and trust management in desktop grid computing. Future Generation Comput. Syst. Int. J. Grid Comput. eSci. 23, 7, 904--912.
[36]
Douceur, J. R. 2002. The sybil attack. In Proceedings of the 1st International Workshop on Peer-to-Peer Systems (IPTPS'02).
[37]
Ebay. 2011. Ebay - New and used electronics, cars, apparel, collectibles, sporting goods and more at low prices. http://www.ebay.com/.
[38]
Ellison, C. 1996. Establishing identity without certification authorities. In Proceedings of the 6th Conference on USENIX Security Symposium (SSYM'96). Vol. 6.
[39]
Ellison, C., Frantz, B., Lampson, B., Rivest, R., Thomas, B., and Ylonen, T. 1999. SPKI certificate theory. http://www.cs.vu.nl/∼crispo/pki/standards/spki-theory-02.txt.
[40]
Epinions.Com. 2011. Reviews from epinions. http://www1.epinions.com/.
[41]
Fernandez-Gago, M., Roman, R., and Lopez, J. 2007. A survey on the applicability of trust management systems for wireless sensor networks. In Proceedings of the 3rd International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SECPerU'07).
[42]
Foster, I., Zhao, Y., Raicu, I., and Lu, S. 2008. Cloud computing and grid computing 360-degree compared. In Proceedings of the Grid Computing Environments Workshop (GCE'08).
[43]
Friedman, E., Resnick, P., and Sami, R. 2007. Manipulaation-resistant reputation systems. In Algorithmic Game Theory. Cambridge University Press, New York, 677--697.
[44]
Fung, B., Wang, K., Chen, R., and Yu, P. 2010. Privacy-preserving data publishing: A survey of recent developments. ACM Comput. Surv. 42, 4, 1--53.
[45]
Google-Apps. 2011. Google apps. http://www.google.com/apps/intl/en-au/business/index.html#utm_campaign=enau&utm_source=en-ha-apac-au-bk- google&utm_medium=ha&utm_term=google%&utm_medium=ha&utm_term=google%&utm_term=google%%20app.
[46]
Google-Docs. 2011. Google docs - Online documents, spreadsheets, presentations, surveys, file storage and more. https://docs.google.com/.
[47]
Gottfrid, D. 2007. Self-service, prorated supercomputing fun. The New York Times. http://open.blogs.nytimes.com/2007/11/01/self-service-prorated-super-computing-fun/.
[48]
Grandison, T. and Sloman, M. 2000. A survey of trust in internet applications. IEEE Comm. Surv. Tutorials 3, 4, 2--16.
[49]
Habib, S., Ries, S., and Muhlhauser, M. 2011. Towards a trust management system for cloud computing. In Proceedings of IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom'11).
[50]
Hoffman, K., Zage, D., and Nita-Rotaru, C. 2009. A survey of attack and defense techniques for reputation systems. ACM Comput. Surv. 42, 1, 1--31.
[51]
Hussain, A., Heidemann, J., and Papadopoulos, C. 2003. A framework for classifying denial of service attacks. In Proceedings of the Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications (SIGCOMM'03).
[52]
Huynh, T., Jennings, N., and Shadbolt, N. 2006. Certified reputation: How an agent can trust a stranger. In Proceedings of the 5th International Joint Conference on Autonomous Agents and Multiagent Systems (AAMAS'06).
[53]
Hwang, K., Kulkareni, S., and Hu, Y. 2009. Cloud security with virtualized defense and reputation-based trust management. In Proceedings of IEEE 8th International Conference on Dependable, Autonomic and Secure Computing (DASC'09).
[54]
Hwang, K. and Li, D. 2010. Trusted cloud computing with secure resources and data coloring. IEEE Internet Comput. 14, 5, 14--22.
[55]
Jisang, A., Ismail, R., and Boyd, C. 2007. A survey of trust and reputation systems for online service provision. Decis. Support Syst. 43, 2, 618--644.
[56]
Kamvar, S., Schlosser, M., and Garcia-Molina, H. 2003. The eigentrust algorithm for reputation management in p2p networks. In Proceedings of the 12th Intertnational Conference on World Wide Web (WWW'03).
[57]
Ko, R., Jagadpramana, P., Mowbray, M., Pearson, S., Kirchberg, M., Liang, Q., and Lee, B. 2011. TrustCloud: A framework for accountability and trust in cloud computing. In Proceedings of IEEE World Congress on Services (SERVICES'11).
[58]
Koshutanski, H. and Massacci, F. 2007. A negotiation scheme for access rights establishment in autonomic communication. J. Netw. Syst. Manag. 15, 1, 117--136.
[59]
Krautheim, F., Phatak, D., and Sherman, A. 2010. Introducing the trusted virtual environment module: A new mechanism for rooting trust in cloud computing. In Proceedings of the 3rd International Conference on Trust and Trustworthy Computing (TRUST'10).
[60]
Lai, K., Feldman, M., Stoica, I., and Chuang, J. 2003. Incentives for cooperation in peer-to-peer networks. In Proceedings of the 1st Workshop on Economics of Peer-to-Peer Systems.
[61]
Lin, C., Varadharajan, V., Wang, Y., and Pruthi, V. 2004. Enhancing grid security with trust management. In Proceedings of the IEEE International Conference on Services Computing (SCC'04).
[62]
Liu, G., Wang, Y., and Orgun, M. 2009. Trust inference in complex trust-oriented social networks. In Proceedings of IEEE 12th International Conference on Computational Science and Engineering (CSE'09).
[63]
Malik, Z. and Bouguettaya, A. 2009a. Rater credibility assessment in web services interactions. World Wide Web 12, 1, 3--25.
[64]
Malik, Z. and Bouguettaya, A. 2009b. RATEWeb: Reputation assessment for trust establishment among web services. VLDB J. 18, 4, 885--911.
[65]
Malik, Z. and Bouguettaya, A. 2009c. Reputation bootstrapping for trust establishment among web services. IEEE Internet Comput. 13, 1, 40--47.
[66]
Manuel, P., Thamarai Selvi, S., and Barr, M.-E. 2009. Trust management system for grid and cloud resources. In Proceedings of the 1st International Conference on Advanced Computing (ICAC'09).
[67]
Marti, S. and Garcia-Molina, H. 2006. Taxonomy of trust: Categorizing p2p reputation systems. Comput. Netw. 50, 4, 472--484.
[68]
Matsuo, Y. and Yamamoto, H. 2009. Community gravity: Measuring bidirectional effects by trust and rating on online social networks. In Proceedings of the 18th International Conference on World Wide Web (WWW'09).
[69]
Medjahed, B., Benatallah, B., Bouguettaya, A., Ngu, A., and Elmagarmid, A. 2003. Business-to-business interactions: Issues and enabling technologies. VLDB J. 12, 1, 59--85.
[70]
Mell, P. and Grance, T. 2011. The nist definition of cloud computing. http://csrc.nist.gov/publications/drafts/800-145/Draft-SP-800-145.
[71]
Microsoft. 2011. Windows live mesh. https://www.mesh.com/.
[72]
Noor, T. H. and Sheng, Q. Z. 2011a. Credibility-based trust management for services in cloud environments. In Proceedings of the 9th International Conference on Service Oriented Computing (ICSOC'11).
[73]
Noor, T. H. and Sheng, Q. Z. 2011b. Trust as a service: A framework for trust management in cloud environments. In Proceedings of the 12th International Conference on Web and Information Systems (WISE'11).
[74]
Park, S., Liu, L., Pu, C., Srivatsa, M., and Zhang, J. 2005. resilient trust management for web service integration. In Proceedings of IEEE International Conference on Web Services (ICWS'05).
[75]
Pashalidis, A. and Mitchell, C. 2003. A taxonomy of single sign-on systems. In Proceedings of the 8th Australasian Conference on Information Security and Privacy (ACISP'03).
[76]
Pearson, S. and Benameur, A. 2010. Privacy, security and trust issues arising from cloud computing. In Proceedings IEEE 2nd International Conference on Cloud Computing Technology and Science (CloudCom'10).
[77]
Ren, K., Wang, C., and Wang, Q. 2012. Security challenges for the public cloud. IEEE Internet Comput. 16, 1, 69--73.
[78]
Rosen, G. 2011. Jack of all clouds. http://www.jackofallclouds.com/2011/01/state-of-the-cloud-january-201/.
[79]
Roy, I., Setty, S., Kilzer, A., Shmatikov, V., and Witchel, E. 2010. Airavat: Security and privacy for mapreduce. In Proceedings of the 7th USENIX Symposium on Networked Systems Design and Implementation (NSDI'10).
[80]
Ruohomaa, S. and Kutvonen, L. 2005. Trust management survey. In Proceedings of the 3rd International Conference on Trust Management (iTrust'05).
[81]
Sabater, J. and Sierra, C. 2005. Review on computational trust and reputation models. Artif. Intell. Rev. 24, 1, 33--60.
[82]
Santos, N., Gummadi, K., and Rodrigues, R. 2009. Towards trusted cloud computing. In Proceedings of the Workshop on Hot Topics in Cloud Computing (HotCloud'09).
[83]
Seamons, K., Winslett, M., and Yu, T. 2001. Limiting the disclosure of access control policies during automated trust negotiation. In Proceedings of the Symposium on Network and Distributed System Security (NDSS'01).
[84]
Silaghi, G., Arenas, A., and Silva, L. 2007. Reputation-based trust management systems and their applicability to grids. Tech. rep. Core-GRID (TR-0064), Institute on Knowledge and Data Management Institute on System Architecture, Coimbra, Portugal.
[85]
Skogsrud, H., Benatallah, B., Casati, F., Toumani, F., and Australia, T. 2007. Managing impacts of security protocol changes in service-oriented applications. In Proceedings of the 29th International Conference on Software Engineering (ICSE'07).
[86]
Skogsrud, H., Motahari-Nezhad, H., Benatallah, B., and Casati, F. 2009. Modeling trust negotiation for web services. Comput. 42, 2, 54--61.
[87]
Skopik, F., Schall, D., and Dustdar, S. 2009. Start trusting strangers? Bootstrapping and prediction of trust. In Proceedings of the 10th International Conference on Web Information Systems Engineering (WISE'09).
[88]
Skopik, F., Schall, D., and Dustdar, S. 2010. Trustworthy interaction balancing in mixed service-oriented systems. In Proceedings of the 25th ACM Symposium on Applied Computing (SAC'10).
[89]
Song, S., Hwang, K., and Kwok, Y. 2005a. Trusted grid computing with security binding and trust integration. J. Grid Comput. 3, 1, 53--73.
[90]
Song, S., Hwang, K., Zhou, R., and Kwok, Y. 2005b. Trusted p2p transactions with fuzzy reputation aggregation. IEEE Internet Comput. 9, 6, 24--34.
[91]
Sotomayor, B., Montero, R., Lorente, I., and Foster, I. 2009. Virtual infrastructure management in private and hybrid clouds. IEEE Internet Comput. 13, 5, 14--22.
[92]
Srivatsa, M. and Liu, L. 2006. Securing decentralized reputation management using trust-guard. J. Parallel Distrib. Comput. 66, 9, 1217--1232.
[93]
Srivatsa, M., Xiong, L., and Liu, L. 2005. TrustGuard: Countering vulnerabilities in reputation management for decentralized overlay networks. In Proceedings of the 14th International Conference on World Wide Web (WWW'05).
[94]
Suryanarayana, G. and Taylor, R. 2004. A survey of trust management and resource discovery technologies in peer-to-peer applications. Tech. rep. UCI-ISR-04-6, The University of California, Irvine, CA.
[95]
Thomas, D. and Hun, A. 2002. State machines. IEEE Softw. 19, 10--12.
[96]
Viega, J. 2009. Cloud computing and the common man. Comput. 42, 8, 106--108.
[97]
Wang, Y. and Vassileva, J. 2007. Toward trust and reputation based web service selection: A survey. Int. Trans. Syst. Sci. Appl. 3, 2, 118--132.
[98]
Wei, W., Du, J., Yu, T., and Gu, X. 2009. SecureMR: A Service Integrity Assurance Framework for MapReduce. In Proceedings of the Annual Computer Security Applications Conference (ACSAC'09).
[99]
Wei, Y. and Blake, M. B. 2010. Service-oriented computing and cloud computing: challenges and opportunities. IEEE Internet Comput. 14, 6, 72--75.
[100]
Weishaupl, T., Witzany, C., and Schikuta, E. 2006. gSET: Trust management and secure accounting for business in the grid. In Proceedings of the 6th IEEE International Symposium on Cluster Computing and the Grid (CCGrid'06).
[101]
Xiong, L. and Liu, L. 2003. A reputation-based trust model for peer-to-peer e-commerce communities. In Proceedings of the IEEE International Conference on e-Commerce (CEC'03).
[102]
Xiong, L. and Liu, L. 2004. Peertrust: Supporting reputation-based trust for peer-to-peer electronic communities. IEEE Trans. Knowl. Data Engin. 16, 7, 843--857.
[103]
Yao, J., Chen, S., Wang, C., Levy, D., and Zic, J. 2010. Accountability as a service for the cloud. In Proceedings of IEEE International Conference on Services Computing (SCC'10).
[104]
Yu, C. and Ng, K. 2006. A mechanism to make authorization decisions in open distributed environments without complete policy information. In Proceedings of the International Conference on Computational Science (ICCS'06).
[105]
Yu, C. and Ng, K. 2009. DPMF: A policy management framework for heterogeneous authorization systems in grid environments. Multiagent Grid Syst. 5, 2, 235--263.
[106]
Zhou, R. and Hwang, K. 2006. Trust overlay networks for global reputation aggregation in p2p grid computing. In Proceedings of the 20th International Symposium on Parallel and Distributed Processing (IPDPS'06).
[107]
Zhou, R. and Hwang, K. 2007. Powertrust: A robust and scalable reputation system for trusted peer-to-peer computing. IEEE Trans. Parallel Distrib. Syst. 18, 5, 460--473.
[108]
Ziegler, C. and Golbeck, J. 2007. Investigating interactions of trust and interest similarity. Decis. Support Syst. 43, 2, 460--475.

Cited By

View all

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Computing Surveys
ACM Computing Surveys  Volume 46, Issue 1
October 2013
551 pages
ISSN:0360-0300
EISSN:1557-7341
DOI:10.1145/2522968
Issue’s Table of Contents
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 July 2013
Accepted: 01 January 2013
Revised: 01 January 2013
Received: 01 February 2012
Published in CSUR Volume 46, Issue 1

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. Trust management
  2. cloud computing
  3. credentials
  4. credibility
  5. policy
  6. privacy
  7. reputation
  8. security
  9. service-oriented computing
  10. trust prediction

Qualifiers

  • Research-article
  • Research
  • Refereed

Funding Sources

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)41
  • Downloads (Last 6 weeks)5
Reflects downloads up to 22 Dec 2024

Other Metrics

Citations

Cited By

View all

View Options

Login options

Full Access

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media