• DocumentCode
    1905551
  • Title

    Framework for assessing the trustworthiness of cloud resources

  • Author

    Kuehnhausen, Martin ; Frost, Victor S. ; Minden, Gary J.

  • Author_Institution
    Dept. of Electr. Eng. & Comput. Sci., Univ. of Kansas, Lawrence, KS, USA
  • fYear
    2012
  • fDate
    6-8 March 2012
  • Firstpage
    142
  • Lastpage
    145
  • Abstract
    Computing power is shifting from local computers to a globally distributed system of servers. Data that used to be stored on the user´s machine as well as applications that process this data are now part of the “cloud”. While there are various advantages in doing so such as cost, performance and availability; security and trust relationships now become major issues. For instance, in the cloud, computations (i.e. data processing) are often distributed among multiple servers which are not necessarily controlled by the user or even a single entity. Therefore, the user needs to determine what part of the processing that produced the results can and cannot be trusted. In order to secure individual resources such as individual applications, operating systems and hypervisors in the cloud we have developed a new framework which embeds them in an armor that protects the resources. The armor works by constantly monitoring and evaluating the environment surrounding the armor and checking the resources it is protecting in order to assess the trustworthiness of cloud resources. Based on these assessments and trust relationships with other armor components it makes decisions such as redeployment or migration in the event that resources have been compromised. The framework provides mechanisms for extracting measurements from resources and derives a trustworthiness assessment for each measurement (of whether it has been compromised) based on a rich set of data and meta information from multiple resources and contexts. This includes a rigorous process of how to derive confidence intervals from data by evaluating history, expected behavior and context information. Furthermore, we present a flexible decision scheme which allows for the estimation of belief that a resource has been compromised based on the assessment and confidence intervals of the individual measurements, their meta information and context.
  • Keywords
    belief maintenance; cloud computing; security of data; armor components; belief estimation; cloud resources; computing power; confidence interval; context information; data processing; environment evaluation; environment monitoring; expected behavior; globally distributed server system; history evaluation; hypervisors; meta information; operating systems; resource checking; resource protection; security; trust relationship; trustworthiness assessment; Atmospheric measurements; Context; Data mining; Data models; Decision making; Security; Uncertainty;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Cognitive Methods in Situation Awareness and Decision Support (CogSIMA), 2012 IEEE International Multi-Disciplinary Conference on
  • Conference_Location
    New Orleans, LA
  • Print_ISBN
    978-1-4673-0343-9
  • Type

    conf

  • DOI
    10.1109/CogSIMA.2012.6188367
  • Filename
    6188367