A Cloud Trust Model in a Security Aware Cloud

Faced with today´s innovative blow-up of cloud technologies, we are forced to rebuild services in terms of cloud. In the rebuilding, considering the facet of cloud as a social infrastructure, security is a critical problem of clouds. Most of insecurity against clouds can be summarized as social insecurity, which is classified into the multiple stakeholder problem, the open space security problem, and the mission critical data handling problem. As a solution of those problems, we propose a new cloud trust model. In our cloud trust model, in addition to conventional trust models, we consider both internal trust that is the TPM of this model, and contracted trust that controls cloud service providers under contracts and related documents. We call the cloud platform that meets the cloud trust model as “Security Aware Cloud.” In a security aware cloud, internal trust must be established as the firm base of trust. By implementing TPM of security such as Id management and key management on internal trust, we obtain a firm trust model. Moreover, by controlling levels of quality of service and security by contract, we can optimize ROI on service and security delegated to a cloud.