A Broker Based Trust Model for Cloud Computing Environment Chaitali Uikey 1, Dr. D. S. Bhilare 2 1 School of Computer Science & IT, DAVV, Indore, MP. India 2 Computer Center, DAVV, Indore, MP. India Abstract With the increase in an online transactions and interactions on the internet, a key issue is how to use efficient and simple evaluation method to achieve trust based decisionmaking for service users and service providers. Trust plays an important role in all commercial cloud environments. It is the evaluation of capability of service providers as well as service users in completing a task based on trust relationship in the context of distributed environment. This paper introduces a trust model to calculate the rating of service users, service providers by means of service broker. The service broker chooses appropriate cloud services in heterogeneous environment based on the requirement of users. For evaluating trust, proposed trust model is useful in open distributed environments, where the resources and services are available on demand. Keywords Cloud Broker, Cloud Computing, Service Rating, Trust Management, Trust Relationship. I. INTRODUCTION Cloud computing approach is developing as a significant trend in high-performance computing. Cloud computing deliver a variety of IT enabled hardware, software resources and services to users over the internet. Cloud computing services are Software as a service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS)[1]. Virtualization is an innermost part for cloud architecture. Today s, cloud computing normally used by technical, non technical field and academic societies, has been fast to enter the commercial field. Trust management provides a good way for improving the security. Managing trust is fundamental part in cloud scenarios considering its characteristics such as dynamic in nature, scalability, resource pooling, on demand self service. It is a new security mode to provide security state, reliability, and access control policies. For assessment, identifying and distributing malicious entities based on changing and mining the detected results for security mechanism in different systems and collecting feedback assessment. Feedback, recommendation, reviews from the users is valuable for service selection in e-market. Recently, a cloud marketplace [2] has been launched to support consumers in identifying dependable cloud service providers. They are rated based on questionnaire that needs to be filled in by current cloud service users. Cloud common aims to combine consumer feedback with technical measurements for assessing and comparing the trustworthiness of cloud providers. Trust establishment is based on the facts of experiences collected from the previous interactions of entities. In general, if the interactions conform to the purpose of the cloud service provider, then trust evaluation will be correspondingly high in perception of service providers. Otherwise, it will be accordingly low. In this paper, a formal trust model has been proposed for cloud environment from the basic concepts of trust. In the proposed approach, moreover time based experience, reputation concepts and also has been considered trust relationship (direct or recommended trust) for calculating the rating based of both entities in cloud environment. In the model, it has been perceived that before providing or accessing the service from/to the cloud environment. Service user as well as service provider will ensure the trustworthiness of each other with different level of access according to SLAs, data security, performance, utilization etc. Further, the model is capable to update the rating value dynamically for each entity of the cloud. The remaining sections of the paper are structured as follows. Section 2 discusses related research work carried out in the field of trust management in cloud computing. In Section 3 introduce trust factor and its definition. Overview of proposed trust model is presented in section 4. Section 5 describes the rating evaluation and updating methods for cloud entities. Finally conclusion and future work are presented in the last section. II. LITERATURE REVIEW In recent years, many research scholars have made a lot of research on trust model measuring the trustworthiness and managing the trust relationship. The most common one is reputation based trust management mechanism, which has been widely used in online electronic communities and distributed environment [3]. 247
Tabaki et al.[4] illustrated the unique issues of cloud computing consisting of different modules to handle security and trust issues of key components. Khaled M. Khan[5] hold that trusting cloud computing might differ from trusting other systems, but any new technology must gradually build its reputation for good performance and security earning users trust over time. Ranchal et al. studied the identity management in cloud computing and proposed a system without the involvement of trusted third party [6]. Kwei-Jay Lin et al. [7] propose a distributed trust management for e-services such as e- commerce. In their broker framework where every user is associated with a broker who collects for its users the reputation ratings about any web services. The user provides its broker the service rating each interaction with any service in order to build up the reputation for the service. Shantanu pal et al. [8] proposed security and privacy solution lies both at the service provider level as well as service user level in a cloud environment. Their framework can provide security, infrastructure as well as data stored in cloud platform. Manuel et al. [9] have proposed trust model for both grid and cloud system that is integrated with CARE resource broker. Habib et al. [10] have survey the trust related issues in cloud computing i.e., SLAs, audits, rating and measuring, self assessment questionnaires etc. D. Feedback Evaluator A feedback is a statement issued by the users about the quality of service provided by provider in a single transaction [9]. Feedback evaluator is receiving user s feedback, verifying the feedback and updating the value in the feedback data repository. Service user feedback is an important factor in a cloud trust model for accessing cloud services. The feedback of the user can ensure the dependability of cloud resources. The service user s feedback helps to improve the performance of the service providers. A Service provider adopts them and makes changes according to the requirement. E. Definitions of Trust Type 1. Direct Trust (DT): DT is the principle that one participant trusted in other participant with use the reference of trust value. 2. Recommendation Trust (RT): RT is the principle that the ability of a participant is decided by third participant whether it is reliable in a given trust value before recommending to other. III. TRUST FACTOR The factors used for proposed trust model are described below: A. Trust Trust is complex and an integral component in many kinds of human interaction, allowing people to act under uncertainty and with the risk of negative cost. Trust is related to a certainty in attributes such as honesty, dependability, timeliness, security, competence, reliability, truthfulness, etc., of the trusted entities to act as expected. Certainty is not a fixed value associated with the entity, but rather it is subjected to the entities activities and applied only within a specific context at a given time [11]. B. Reputation The reputation of an entity is a belief of its activities based on other entities observation or information about the entity s past activities at a given time [12]. C. Trustworthiness The entity s trustworthiness is an indicator of quality of the entity s services. Figure 1. Direct and Recommendation Trust IV. OVERVIEW OF PROPOSED TRUST MODEL If two parties want to interact with each other they should be able to evaluate the amount of trust on each other using some evaluation factors. The evaluation factors can be considered with trust relationship. The trust can be managed by policy based approach and reputation based approach. Considering reputation based approach, it is based on the existence of a broker between service users and service providers. The broker is considered an independent entity that will honestly rate cloud service usages. On the other hand it will be difficult for each cloud service or for a group of cloud services to develop and to maintain a broker, taking into consideration the increasing number of cloud services. 248
Cloud service broker enables building of security reputation of individual service provider and sharing the same with its users. Considering there are two domains, one is broker domain and other is service provider s/service user s domain. In figure 2, the clouds represents service providers domain, which are resources for processing service requests. The arrows show that the rate will be evaluated for both service provider as well as service user in broker domain. The proposed model as shown in figure 2 includes various components namely: (A) Cloud Service Providers (CSPs) (B) Cloud Service Users (CSUs) (C) Cloud Service Broker (CSB) (D) Trust Engine (TE) (E) Cloud Discovery Repository (CDR) (F) Interaction Record Table (IRT) (G) Evaluation Record Table (ERT). A. Cloud Service Providers (CSPs) CSP can be a person, enterprise, or entity responsible for building a service available to interested parties. Cloud service providers host and manages the underlying infrastructure and offer cloud services (eg. Software as a Service, Platform as a Service and Infrastructure as a Service) to cloud service user, cloud service broker and cloud reseller. B. Cloud Service User (CSUs) CSU is a person or enterprise that maintains a business relationship with, and uses service from cloud providers. Business organizations, government authorities, educational institutions and individuals belonging to the category of service user, may use cloud services to meet their business, national, educational, and personal needs (without offering any services to others). C. Cloud Service Broker (CSB) CSB is an entity that manages the usage, performance and delivery of cloud services, and negotiates relationships between CSPs and CSUs. Two types of brokers are introduced in cloud market. First, there are brokers that concentrate on negotiating relationships between CSPs and CSUs without managing and owning the cloud infrastructure. Second, there are brokers that add some extra service on top of CSPs to enhance and secure the cloud environment for the CSUs. D. Trust Engine (TE) TE is the trust engine contained in a cloud broker. It is a core part of the model that performs the trustworthiness calculation for CSPs and CSUs. E. Cloud Discovery Repository (CDR) CDR is an ontology based repository of cloud services with discovery capabilities. CSPs can publish their services in the repository and that services can be discovered by CSUs according to their functional and non-functional characteristics. The ontology judges several aspects such as: business functions and processes, provider type, management tools, geographical location, security mechanism, load balancing, virtualization technology and so on. F. Interaction Record Table (IRT) IRT maintains record and feedback score of each interaction between entities in a cloud environment. G. Evaluation Record Table (ERT) The reputation of a CSPs and CSUs is calculated in term of its service trustworthiness using trust relationship obtained from computation. It depends on user s experiences of using the service. The value of reputation is calculated by rating. Rating(R) is calculated for both domains which show satisfaction of security features provided by users as well as providers. The working can be explained as, Cloud service user requests are passed to a cloud broker which will perform the query about services and search for services from service repository as per user requirement. Top results are returned to service user, which will interact with service provider to establish an agreement regarding the services. The broker will provide a feedback according to trust relationship and calculate the feedback for the considerable parameters, to avoid false rating. Figure 2. Trust Model 249
V. TRUST EVALUATION A trust model can be defined as a system, where service users and service providers evaluate trustworthiness of each other and enforce trust relationship among them. The proposed trust model is suited for open distributed application where CSU and CSP are not known to each other. CSB plays a role to complete a task of CSUs which is provided by CSPs. The entities are divided into Cloud Service Provider (CSP), Cloud Service User (CSU) and Cloud Service Broker (CSB) in cloud computing. Trust evaluation depends on interaction between CSP and CSB, CSB and CSU. The interaction is dynamic and has fine appropriateness. In cloud computing, CSUs request services to CSB and CSB find the services in their repository. CSB provides corresponding service for CSUs. CSB rate each other after each interaction, as in the E-commerce system. Here this model doesn t consider the cooperation among CSPs and among CSUs where CSUs and CSPs are unknown to each other. For calculate the value of trust, the interaction and assessment between CSPs and CSUs are based on feedback information. A. Proposed procedure for Trust Feedback Values To compute the trust feedback value between CSUs and CSPs, a designing trust model is mentioned / described which establishes and evaluates the trustworthiness of the participating entities. Create an Interaction Record Table (IRT) and Evaluation Record Table (ERT) in broker domain. Update interaction record in IRT of the entities that are requested to process a requested service. Update the rating score in ERT. Check the rating score of the providers in ERT before any transaction. Suppose there are n number of cloud service users {csu 1, csu 2, csu 3,,csu n } and m number of cloud service providers {csp 1,csp 2,csp 3,.., csp m } interacting within a broker interface. Broker interface is mediator between service provider and service user domain. Broker interface record interaction amongst their entities and provide feedback and calculate the rating of these interactions for establishing trust in an open dynamic environment, where an application is executed on an unknown node. There can be two tables designed for evaluating the credibility of entities in a cloud. Interaction Record Table (IRT) maintains record and feedback score of each transaction of an entity in a user domain with entity of provider domain in a cloud. ERT evaluate and update the rating score of each providers and users. In the proposed trust model two types of trust relationship (TR) is assumed i.e., Direct Trust and Recommended Trust. TABLE I INTERACTION RECORD TABLE csp id csu id ni tr Feedback Score(FS) Total Interaction Value(TIV) csp_fs csu_fs csp_tiv csu_tiv csp 1 csu 1 1 0 1 1 1 1 csp 2 csu 1 1 1 0.5 0.5 1 1 csp 3 csu 2 1 0 1 1 1 1 csp 1 csu 1 1 0 1 1 2 2 csp 1 csu 1 1 0 1 1 3 3 csp 1 csu 2 1 1 0.5 0.5 1 1 An IRT and ERT can be stored at the broker interface end (Trust Engine), where individual records of interaction between entities shall be stored. The IRT have the following tuple which is to be maintained at trust engine. B. Interaction Record Table defined by eight tuple. IRT= (csp id, csu id, ni, csp_fs, csu_fs, tr, csp_tiv, csu_tiv) Where, csp id is unique service provider identification number. csu id is unique service user identification number. ni is the number of interaction between CSP and CSU. csp_fs is the assessment of the CSU to the CSP. The CSP may be provides good service, average service and bad service. If the CSU satisfied with services of CSP the interaction is good, so csp_fs is 1. If CSP are average for service csp_fs is 0.5. Otherwise, if the CSP are 0 for bad services mean unsatisfactory or unsure for service. 250
csu_fs is the assessment of the CSP to the CSU. The CSU behaviour may be good, average and fraud. If the CSU carries out normal or good interaction, so csu_fs is 1. If CSU carries out average interaction, csu_fs is 0.5. If the system cannot decide whether it is good or average for the CSU s behaviour, csu_fs is 0. tr is the trust relationship, 0 as value for direct trust(dt) and 1 as a value for recommendation trust(rt). csp_tiv is the total number of interaction between CSP to CSU. csu_tiv is the total number of interaction between CSU to CSP. Table I shows, IRT, record details of each single interaction, between CSU and CSP under some trusted third party (Broker) to calculate feedback score of each entity. Here, feedback service score can be calculated by giving values defined in a tuple. The service is rated on the basis of reliability and trust. The feedback score for an entity can be calculated on the basis of feedback score and number of interaction with trust relationship. C. Evaluation Record Table Evaluation of entity l on entity k, which includes direct trust and recommendation trust, relies on the interaction between l and k. The feedback about service interaction experience is denoted by FS lk and FS kl with direct and recommendation trust. (1) (2) Where,, and successively express good service, average service and unsatisfactory service between CSU and CSPs within the time interval t., and express good user, average user and unsatisfactory user respectively between CSP and CSUs within the time interval t. When the entities are interacting for second time, the TR value will be 0 as the trust evaluated as direct trust after one interaction. The rating will be composite of the feedback score for interaction and the trust relationship. Considering the malicious purpose of some entities who would try to increase the rating of an entity by giving more score for the service provided, the overall score will reduce as the number of interactions will increase, by calculating the score on the basis of above equation 1 or 2. 251 The rating R of an entity can be calculated as: The table I can be referred where the different trust relationships between CSPs and CSUs is given. In table II the values of rating calculated on the basis of interaction between provider and user is shown. The rating factor here is responsible for the trustworthiness of the domain in an open market where the market companies are dynamics. The ERT can be considered before interaction with each other. Service Provider Rating (3) TABLE II. EVALUATION RECORD TABLE Service User Rating csp id csu id Rating csu id csp id Rating csp 1 csu 1, csu 2 1.8 csu 1 csp 1, csp 2 1.8 csp 2 csu 1 1.5 csu 2 csp 3, csp 1 1.75 csp 3 csu 2 1 D. Updating Trust Explaining the updating of values in ERT. Let there be two domains one is user domain where n number of user want to use services from different service provider and other is provider domains that provides services for user requirement. Assume that user csu 1 want some service which is fulfilled by csp 3 provider with direct recommendation. csu 1 is already getting services from csp 1 and csp 2. Let us suppose, ERT table III has the following initial values (csp 3, 1) at service provider rating score and (csu 1, 1.8) at service user rating score which is calculated after adding feedback score of all entities of user csu 1 and provider csp 3 domain. After the interaction csp 3 get (csp 3, 2) rating score and adding csu 1 in csp 3 column where csu 1 get (csu 1, 1.9) rating score and adding csp 3 in csu 1 column. The ERT in table III updates value of score in their respective field. It can be concluded from the above example that the trustworthiness of domain is associated with the behavior of entities. If the entities behavior is secure, the domain will have a higher trustworthiness; otherwise the entities malicious behavior will reduce its trustworthiness.
E. Trust Delay Function Trust decay with time. The trust an entity has acquired at time t in a perspective of specified service might not be same as the trust attributed to him in the same perspective at time t. Let t c and t l denote the current time and the last time of interaction then decay function γ is defined as Where k = {1, 2, 3,..}, k determines the rate of decay of the trust value with time t. The trust decay factor starts decaying, as there are no interactions between the entities for certain period of time. The trust decay factor is inversely proportional to the time. As the time increases the value of trust decay factor decreases. When the value of trust is 0 the trust is formed again. (4) TABLE III. UPDATE EVALUATION RECORD TABLE Service Provider Rating VI. CONCLUSION Service User Rating csp id csu id Rating csu id csp id Rating csp 1 csu 1, csu 2 1.8 csu 1 csp 1, csp 2, csp 2 With the expansion of online services usage and the growing adoption of cloud services in a heterogeneous environment, it is important to ensure the trustworthiness of any service provider before it is invoked. However, most service users may not be capable to deploy a trust measure themselves. On the other hand, they may be connected to a trust community that can provide them with valuable understanding on a potential service. The trust in an open environment is difficult to establish and negotiate. This paper presented a trust model, where service broker manage trust information for service providers and service users. A service broker maintains a trust (rating) value of each of its users and providers in the cloud environment and updates this value after interactions. A broker also maintains the feedback of the users and the providers. The proposed trust model, calculates the trustworthiness of the participating entities to enable communication and interaction in an open distributed environment such as cloud. 1.9 csp 2 csu 1 1.5 csu 2 csp 3, csp 1 1.75 csp 3 csu 2, csu 1 2 252 Trust decay factor, decrease with time. Considering the growth and dynamic nature of cloud, the trust relationship is to be establishing again when it becomes 0 even though the participating entities have interacted earlier. The solution is effective for open environments where the markets are dynamic. The trust relationship is considered for open distributed environment where CSPs and CSUs are unknown to each other. The future work will be enhancing the proposed trust model in real time work environment. REFERENCES [1] P. Mell and T. Grance, The NIST definition of cloud computing (draft), NIST special publication, 2011, 800 no.(145), 7. [2] S.K Garg, S. Versteeg, and R. Buyya, Smicloud: A framework for comparing and ranking cloud services, Fourth IEEE International Conference on Utility and Cloud Computing (UCC), 2011, pp. 210-218. [3] D. Quercia, S. Hailes, and L. Capra, "B-trust: Bayesian trust framework for pervasive computing," In Proceedings of itrust. LNCS, 2006, pp. 298-312. [4] H. Tabaki, J. Joshi, and G.-J. Ahn, Security and privacy challenges in cloud computing environments, IEEE Security & Privacy, vol. 8, no. 6, Nov.-Dec. 2010, pp. 24 3. [5] K.M. Khan and Q. Malluhi, Establishing Trust in Cloud Computing, IT Professional, Vol. 12 no.5, Sept.-Oct. 2010, pp. 20-27. [6] R. Ranchal, B. Bhargava, L. B. Othmane, A. Kim, M. Kang, & M. Linderman, Protection of identity information in cloud computing without trusted third party, 29th IEEE Symposium on Reliable Distributed Systems, Oct. 2010, pp. 368-372. [7] Kwei-Jay Lin, Haiyin Lu, Tao Yu, Chia-en Tai, A Reputation and Trust Management Broker Framework for Web Applications, Proceedings of the 2005 IEEE International Conference on e- Technology, e-commerce and e-service (EEE'05) on e-technology, e-commerce and e-service, March-April 2005 pp.262-269, [doi>10.1109/eee.2005.14]. [8] S. Pal, S. Khatua, N. Chaki, & S. Sanyal, (2011). A new trusted and collaborative agent based approach for ensuring cloud security, Annals of Faculty Engineering Hunedoara International Journal of Engineering; scheduled for publication in Vol. 10, Issue 1, February, 2012. ISSN: 1584-2665. [9] P. D. Manuel, S. Thamarai Selvi, & M. E. Barr, Trust management system for grid and cloud resources, IEEE First International Conference on Advanced Computing, ICAC 2009. pp. 176-181. [10] Sheikh MahbubHabib, SaschaHauke, Sebastian Ries and Max M uhlh auser, Trust as a facilitator in cloud computing: a survey, Journal of Cloud Computing: Advances, Systems and Applications, Springer 2012. http://www.journalofcloudcomputing.com/content/1/1/19. [11] T. Grandison, M. Sloman, A Survey of Trust in Internet Applications,. IEEE Communications Surveys and Tutorials, 3, 2000 [12] B. Ma, S. Jizhou, and Y. Ce, Reputation-based Trust Model in Grid Security System, Journal of Communication and Computer, Vol. 3, no.8, 2006.