Establishing Trust in Cloud Services via Integration of Cloud Trust Protocol with a Trust Label System

Vincent C. Emeakaroha, Eoin O'Meara, Brian Lee, Theo Lynn, John P. Morrison

2017

Abstract

Cloud computing has transformed the computing landscape by enabling flexible compute-resource provisioning. The rapid growth of cloud computing and its large-scale nature provide many advantages to business enterprises. Lack of trust in cloud services however remains a major barrier to the adoption of cloud computing. Trust issues typically relate to concerns about the location, protection and privacy of data. The concept of trust includes trust in both novel technologies and cloud service providers and is composed of both persistent and dynamic trust elements. We have previously developed a trust label system that is capable of facilitating both persistent and dynamic trust building in both cloud services and cloud service providers; however, it lacks reliable information delivery mechanisms. The Cloud Trust Protocol (CTP) aims to provide a reliable information communication system for cloud service consumers and thus offers a natural complement to the trust label system by providing a reliable and interoperable information exchange mechanism. In this paper, we propose a novel integration of the trust label system with CTP to provide end-to-end visibility of cloud service operational information to consumers.

References

  1. Anderson, S. W., Christ, M. H., Dekker, H. C., and Sedatole, K. L. (2014). The use of management controls to mitigate risk in strategic alliances: Field and survey evidence. Journal of Management Accounting Research, 26(1):1-32.
  2. Bente, G., Baptist, O., and Leuschner, H. (2012). To buy or not to buy: Influence of seller photos and reputation on buyer trust and purchase behavior. Int. J. Hum.- Comput. Stud., 70(1):1-13.
  3. Bradshaw, D., Folco, G., Cattaneo, G., and Kolding, M. (2012). Quantitative estimates of the demand for cloud computing in europe and the likely barriers to up-take. In IDC Analize de Future.
  4. Buyya, R., Yeo, C. S., Venugopal, S., Broberg, J., and Brandic, I. (2009). Cloud computing and emerging it platforms: Vision, hype, and reality for delivering computing as the 5th utility. Future Generation Computing Systems, 25(6):599-616.
  5. Cloud Accountability project (2016). A4Cloud. http://www.a4cloud.eu/objectives Accessed on 22/08/2016.
  6. Cloud Security Alliance (2015a). Cloud trust protocol. https://cloudsecurityalliance.org/group/ cloudtrust-protocol/ Accessed on 22/08/2016.
  7. Cloud Security Alliance (2015b). Cloud trust protocol daemon prototype. https://github.com/ cloudsecurityalliance/ctpd Accessed on 07/09/2016.
  8. CUMULUS project (2016). Certification infrastructure for multi-layer cloud services. http://www. cumulus-project.eu/ Accessed on 22/08/2016.
  9. Das, T. and Teng, B. S. (1996). Risk types and inter-firm alliance structures. Journal of management studies, 33(6):827-843.
  10. Deitz, G. and DenHartog, D. (2006). Measuring trust inside organizations. JPersonnel Review, 35(5):557-588.
  11. Emeakaroha, V., Fatema, K., Vanderwerff, L., Healy, P., Lynn, T., and Morrison, J. (2016). A trust label system for communicating trust in cloud services. IEEE Transactions on Services Computing, PP(99):1-1.
  12. Gefen, D. (2003). TAM or just plain habit: A look at experienced online shoppers. Journal of End User Computing, 15(3):1-13.
  13. Gens, F. (2014). Worldwide and regional public cloud it services 2014-2018 forecast. https://www.idc.com/ research/viewtoc.jsp?containerId=251730 Accessed on 20/10/2016. IDC Market Analysis.
  14. Hogan, M., Liu, F., Sokol, A., and Tong, J. (2011). Nist cloud computing standards roadmap. NIST Special Publication, 35.
  15. Hwang, K. and Li, D. (2010). Trusted cloud computing with secure resources and data coloring. IEEE Internet Computing, 14(5):14 -22.
  16. Kim, W. (2009). Cloud computing: Today and tomorrow. Journal of object technology, 8:65 - 72.
  17. Leimbach, T., Hallinan, D., Bachlechner, D., Weber, A., Jaglo, M., Hennen, L., Nielsen, R., Nentwich, M., Strau, S., Lynn, T., and Hunt, G. (2014). Potential and impacts of cloud computing services and social network websites. Science and Technology Options Assessment (STOA) http://www.europarl. europa.eu/RegData/etudes/etudes/join/2014/ 513546/IPOL-JOIN_ET(2014)513546_EN.pdf Accessed on 15/08/2016.
  18. Lewicki, R. and Bunker, B. (1996). Developing and maintaining trust in work relationships. Technical report, Trust in organizations: Frontiers of theory and research. edited by Roderick M. Kramer, Tom R. Tyler.
  19. Low, C., Chen, Y., and Wu, M. (2011). Understanding the determinants of cloud computing adoption. Industrial management and data systems, 111:1006 - 1023.
  20. Lynn, T., Healy, P., McClatchey, R., Morrison, J., Pahl, C., and Lee, B. (2013). The case for cloud service trustmarks and assurance-as-a-service. In Intl. Conference on Cloud Computing and Services Science Closer, pages 8-10.
  21. Lynn, T., van der Werff, L., Hunt, G., and Healy, P. (2016). Development of a cloud trust label: A delphi approach. Journal of Computer Information System, 56(3):185-193.
  22. Masevic, I., van der Werff, L., Emeakaroha, V., Morrison, J., and Lynn, T. (2016). Validating a cloud trust label: Influencing consumer trust. In Cloud British Academy of Management Conference.
  23. Mcknight, D. H., Carter, M., Thatcher, J. B., and Clay, P. F. (2011). Trust in a specific technology: An investigation of its components and measures. ACM Trans. Manage. Inf. Syst., 2(2):12:1-12:25.
  24. McKnight, D. H. and Chervany, N. L. (2001). What trust means in e-commerce customer relationships: An interdisciplinary conceptual typology. Int. J. Electron. Commerce, 6(2):35-59.
  25. NIST (2016). Security content automation protocol. https://scap.nist.gov/revision/1.2/ index.html Accessed on 22/08/2016.
  26. Pavlou, P. A. and Gefen, D. (2004). Building effective online marketplaces with institution-based trust. Info. Sys. Research, 15(1):37-59.
  27. Pearson, S. (2013). Privacy, security and trust in cloud computing. In Computer Communications and Networks, pages 3 - 42.
  28. Pearson, S. and Benameur, A. (2010). Privacy, security and trust issues arising from cloud computing. In Cloud Computing Technology and Science (CloudCom), 2010 IEEE Second International Conference on, pages 693-702.
  29. Ron Knode (2010). Cloud trust 2.0. https: //scap.nist.gov/events/2010/itsac/ presentations/day2/Security_Automation_ for_Cloud_Computing-CloudTrust_2.0.pdf Accessed on 22/08/2016.
  30. Rousseau, D. M. and Sitkin, S. B. (1998). Not so different after all: A cross-discipline view of trust. Academy of Management Review, 23(3):393-404.
  31. SPECS project (2016). Secure provisioning of cloud service based on SLA management. http:// www.specs-project.eu/project/description/ Accessed on 22/08/2016.
  32. Subashini, S. and Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing. Journal of network and computer applications, 34:1 - 11.
  33. Zissis, D. and Lekkas, D. (2012). Addressing cloud computing security issues. Future Generation computer systems, 28(3):583 - 592.
Download


Paper Citation


in Harvard Style

Emeakaroha V., O'Meara E., Lee B., Lynn T. and Morrison J. (2017). Establishing Trust in Cloud Services via Integration of Cloud Trust Protocol with a Trust Label System . In Proceedings of the 7th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER, ISBN 978-989-758-243-1, pages 618-625. DOI: 10.5220/0006362906180625


in Bibtex Style

@conference{closer17,
author={Vincent C. Emeakaroha and Eoin O'Meara and Brian Lee and Theo Lynn and John P. Morrison},
title={Establishing Trust in Cloud Services via Integration of Cloud Trust Protocol with a Trust Label System},
booktitle={Proceedings of the 7th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,},
year={2017},
pages={618-625},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006362906180625},
isbn={978-989-758-243-1},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 7th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,
TI - Establishing Trust in Cloud Services via Integration of Cloud Trust Protocol with a Trust Label System
SN - 978-989-758-243-1
AU - Emeakaroha V.
AU - O'Meara E.
AU - Lee B.
AU - Lynn T.
AU - Morrison J.
PY - 2017
SP - 618
EP - 625
DO - 10.5220/0006362906180625