With the development of Internet technology and human computing, the computing environment has changed dramatically over the last three decades. Cloud computing emerges as a paradigm of Internet computing in which dyn...With the development of Internet technology and human computing, the computing environment has changed dramatically over the last three decades. Cloud computing emerges as a paradigm of Internet computing in which dynamical, scalable and often virtuMized resources are provided as services. With virtualization technology, cloud computing offers diverse services (such as virtual computing, virtual storage, virtual bandwidth, etc.) for the public by means of multi-tenancy mode. Although users are enjoying the capabilities of super-computing and mass storage supplied by cloud computing, cloud security still remains as a hot spot problem, which is in essence the trust management between data owners and storage service providers. In this paper, we propose a data coloring method based on cloud watermarking to recognize and ensure mutual reputations. The experimental results show that the robustness of reverse cloud generator can guarantee users' embedded social reputation identifications. Hence, our work provides a reference solution to the critical problem of cloud security.展开更多
As online trade and interactions on the internet are on the rise, a key issue is how to use simple and effective evaluation methods to accomplish trust decision-making for customers. It is well known that subjective t...As online trade and interactions on the internet are on the rise, a key issue is how to use simple and effective evaluation methods to accomplish trust decision-making for customers. It is well known that subjective trust holds uncertainty like randomness and fuzziness. However, existing approaches which are commonly based on probability or fuzzy set theory can not attach enough importance to uncertainty. To remedy this problem, a new quantifiable subjective trust evaluation approach is proposed based on the cloud model. Subjective trust is modeled with cloud model in the evaluation approach, and expected value and hyper-entropy of the subjective cloud is used to evaluate the reputation of trust objects. Our experimental data shows that the method can effectively support subjective trust decisions and provide a helpful exploitation for subjective trust evaluation.展开更多
Goud computing is a new paradigm in which dynamic and virtualized computing resources are provided as services over the Internet. However, because cloud resource is open and dynamically configured, resource allocation...Goud computing is a new paradigm in which dynamic and virtualized computing resources are provided as services over the Internet. However, because cloud resource is open and dynamically configured, resource allocation and scheduling are extremely important challenges in cloud infrastructure. Based on distributed agents, this paper presents trusted data acquisition mechanism for efficient scheduling cloud resources to satisfy various user requests. Our mechanism defines, collects and analyzes multiple key trust targets of cloud service resources based on historical information of servers in a cloud data center. As a result, using our trust computing mechanism, cloud providers can utilize their resources efficiently and also provide highly trusted resources and services to many users.展开更多
The adoption of Cloud Computing services in everyday business life has grown rapidly in recent years due to the many benefits of this paradigm. The various collaboration tools offered by Cloud Computing have eliminate...The adoption of Cloud Computing services in everyday business life has grown rapidly in recent years due to the many benefits of this paradigm. The various collaboration tools offered by Cloud Computing have eliminated or reduced the notion of distance between entities of the same company or between different organizations. This has led to an increase in the need to share resources (data and services). Community Cloud environments have thus emerged to facilitate interactions between organizations with identical needs and with specific and high security requirements. However, establishing trust and secure resource sharing relationships is a major challenge in this type of complex and heterogeneous environment. This paper proposes a trust assessment model (SeComTrust) based on the Zero Trust cybersecurity strategy. First, the paper introduces a community cloud architecture subdivided into different security domains. Second, it presents a process for selecting a trusted organization for an exchange based on direct or recommended trust value and reputation. Finally, a system for promoting or relegating organizations in the different security domains is applied. Experimental results show that our model guarantees the scalability of a community cloud with a high success rate of secure and quality resource sharing.展开更多
This paper sums up four security factors after analyzing co-residency threats caused by the special multitenant environment in the cloud.To secure the factors,a multiway dynamic trust chain transfer model was proposed...This paper sums up four security factors after analyzing co-residency threats caused by the special multitenant environment in the cloud.To secure the factors,a multiway dynamic trust chain transfer model was proposed on the basis of a measurement interactive virtual machine and current behavior to protect the integrity of the system.A trust chain construction module is designed in a virtual machine monitor.Through dynamic monitoring,it achieves the purpose of transferring integrity between virtual machine.A cloud system with a trust authentication function is implemented on the basis of the model,and its practicability is shown.展开更多
In cloud computing environment, as the infrastructure not owned by users, it is desirable that its security and integrity must be protected and verified time to time. In Hadoop based scalable computing setup, malfunct...In cloud computing environment, as the infrastructure not owned by users, it is desirable that its security and integrity must be protected and verified time to time. In Hadoop based scalable computing setup, malfunctioning nodes generate wrong output during the run time. To detect such nodes, we create collaborative network between worker node (i.e. data node of Hadoop) and Master node (i.e. name node of Hadoop) with the help of trusted heartbeat framework (THF). We propose procedures to register node and to alter status of node based on reputation provided by other co-worker nodes.展开更多
This paper analyzes the reasons for the formation of security problems in mobile agent systems, and analyzes and compares the security mechanisms and security technologies of existing mobile agent systems from the per...This paper analyzes the reasons for the formation of security problems in mobile agent systems, and analyzes and compares the security mechanisms and security technologies of existing mobile agent systems from the perspective of blocking attacks. On this basis, the host protection mobile agent protection technology is selected, and a method to enhance the security protection of mobile agents (referred to as IEOP method) is proposed. The method first encrypts the mobile agent code using the encryption function, and then encapsulates the encrypted mobile agent with the improved EOP protocol IEOP, and then traces the suspicious execution result. Experiments show that using this method can block most malicious attacks on mobile agents, and can protect the integrity and confidentiality of mobile agents, but the increment of mobile agent tour time is not large.展开更多
In the last few years, cloud computing as a new computing paradigm has gone through significant development, but it is also facing many problems. One of them is the cloud service selection problem. As increasingly boo...In the last few years, cloud computing as a new computing paradigm has gone through significant development, but it is also facing many problems. One of them is the cloud service selection problem. As increasingly boosting cloud services are offered through the internet and some of them may be not reliable or even malicious, how to select trustworthy cloud services for cloud users is a big challenge. In this paper, we propose a multi-dimensional trust-aware cloud service selection mechanism based on evidential reasoning(ER) approach that integrates both perception-based trust value and reputation based trust value, which are derived from direct and indirect trust evidence respectively, to identify trustworthy services. Here, multi-dimensional trust evidence, which reflects the trustworthiness of cloud services from different aspects, is elicited in the form of historical users feedback ratings. Then, the ER approach is applied to aggregate the multi-dimensional trust ratings to obtain the real-time trust value and select the most trustworthy cloud service of certain type for the active users. Finally, the fresh feedback from the active users will update the trust evidence for other service users in the future.展开更多
Cloud computing can be realized by service interoperation and its essence is to provide cloud services through network. The development of effective methods to assure the trustworthiness of service interoperation in c...Cloud computing can be realized by service interoperation and its essence is to provide cloud services through network. The development of effective methods to assure the trustworthiness of service interoperation in cloud environment is a very important problem. The essence of cloud security is trust and trust management. Combining quality of service (QoS) with trust model, this paper constructs a QoS-aware and quantitative trust-model that consists of initial trust value, direct trust value, and recommendatory trust value of service, making the provision, discovery, and aggregation of cloud services trustworthy. Hence, it can assure trustworthiness of service interoperation between users and services or among services in cloud environment. At the same time, based on this model, service discovery method based on QoS-aware and quantitative trust-model (TQoS-WSD) is proposed, which makes a solid trust relationship among service requestor, service provider and service recommender, and users can find trustworthy service whose total evaluation value is higher. Corapared to QoS-based service discovery (QoS-WSD) method, it is proved by the experiment for TQoS-WSD method that more accurate result of service discovery will be achieved by service requestor, while reasonable time cost is increased. Meanwhile, TQoS-WSD method strongly resists the effect of service discovery by untrustworthy QoS values and improves service invocation success-rate and thus assures trustworthiness of services interoperation.展开更多
The collaboration tools offered by Cloud Computing have increased the need to share data and services within companies or between autonomous organizations. This has led to the deployment of community cloud infrastruct...The collaboration tools offered by Cloud Computing have increased the need to share data and services within companies or between autonomous organizations. This has led to the deployment of community cloud infrastructures. However, several challenges will arise from this grouping of heterogeneous organizations. One of the main challenges is the management of trust between the actors of the community. Trust issues arise from the uncertainty about the quality of the resources and entities involved. The quality of a resource can be examined from a security or functional perspective. Therefore, ensuring security and monitoring the quality of resources is to ensure a high level of trust. Therefore, we propose in this paper a technique for dynamic trust management and quality monitoring of resources shared between organizations. Our approach consists, on the one hand, in evaluating the quality of resources based on quality of service measurement attributes and, on the other hand, in updating the trust values according to the information deduced from these measurements. The proposed framework is evaluated in terms of resource sharing success rate and execution time. Experimental results and comparison with TNA-SL and InterTrust models show that the framework can identify and track the behavior of malicious organizations with relatively low execution time.展开更多
Cloud computing has emerged as a new style of computing in distributed environment. An efficient and dependable Workflow Scheduling is crucial for achieving high performance and incorporating with enterprise systems. ...Cloud computing has emerged as a new style of computing in distributed environment. An efficient and dependable Workflow Scheduling is crucial for achieving high performance and incorporating with enterprise systems. As an effective security services aggregation methodology, Trust Work-flow Technology (TWT) has been used to construct composite services. However, in cloud environment, the existing closed network services are maintained and functioned by third-party organizations or enterprises. Therefore service-oriented trust strategies must be considered in workflow scheduling. TWFS related algorithms consist of trust policies and strategies to overcome the threats of the application with heuristic workflow scheduling. As a significance of this work, trust based Meta heuristic workflow scheduling (TMWS) is proposed. The TMWS algorithm will improve the efficiency and reliability of the operation in the cloud system and the results show that the TMWS approach is effective and feasible.展开更多
基金supported by National Basic Research Program of China (973 Program) (No. 2007CB310800)China Postdoctoral Science Foundation (No. 20090460107 and No. 201003794)
文摘With the development of Internet technology and human computing, the computing environment has changed dramatically over the last three decades. Cloud computing emerges as a paradigm of Internet computing in which dynamical, scalable and often virtuMized resources are provided as services. With virtualization technology, cloud computing offers diverse services (such as virtual computing, virtual storage, virtual bandwidth, etc.) for the public by means of multi-tenancy mode. Although users are enjoying the capabilities of super-computing and mass storage supplied by cloud computing, cloud security still remains as a hot spot problem, which is in essence the trust management between data owners and storage service providers. In this paper, we propose a data coloring method based on cloud watermarking to recognize and ensure mutual reputations. The experimental results show that the robustness of reverse cloud generator can guarantee users' embedded social reputation identifications. Hence, our work provides a reference solution to the critical problem of cloud security.
文摘As online trade and interactions on the internet are on the rise, a key issue is how to use simple and effective evaluation methods to accomplish trust decision-making for customers. It is well known that subjective trust holds uncertainty like randomness and fuzziness. However, existing approaches which are commonly based on probability or fuzzy set theory can not attach enough importance to uncertainty. To remedy this problem, a new quantifiable subjective trust evaluation approach is proposed based on the cloud model. Subjective trust is modeled with cloud model in the evaluation approach, and expected value and hyper-entropy of the subjective cloud is used to evaluate the reputation of trust objects. Our experimental data shows that the method can effectively support subjective trust decisions and provide a helpful exploitation for subjective trust evaluation.
基金supported by the National Basic Research Program of China (973 Program) (No. 2012CB821200 (2012CB821206))the National Nature Science Foundation of China (No.61003281, No.91024001 and No.61070142)+1 种基金Beijing Natural Science Foundation (Study on Internet Multi-mode Area Information Accurate Searching and Mining Based on Agent, No.4111002)the Chinese Universities Scientific Fund under Grant No.BUPT 2009RC0201
文摘Goud computing is a new paradigm in which dynamic and virtualized computing resources are provided as services over the Internet. However, because cloud resource is open and dynamically configured, resource allocation and scheduling are extremely important challenges in cloud infrastructure. Based on distributed agents, this paper presents trusted data acquisition mechanism for efficient scheduling cloud resources to satisfy various user requests. Our mechanism defines, collects and analyzes multiple key trust targets of cloud service resources based on historical information of servers in a cloud data center. As a result, using our trust computing mechanism, cloud providers can utilize their resources efficiently and also provide highly trusted resources and services to many users.
文摘The adoption of Cloud Computing services in everyday business life has grown rapidly in recent years due to the many benefits of this paradigm. The various collaboration tools offered by Cloud Computing have eliminated or reduced the notion of distance between entities of the same company or between different organizations. This has led to an increase in the need to share resources (data and services). Community Cloud environments have thus emerged to facilitate interactions between organizations with identical needs and with specific and high security requirements. However, establishing trust and secure resource sharing relationships is a major challenge in this type of complex and heterogeneous environment. This paper proposes a trust assessment model (SeComTrust) based on the Zero Trust cybersecurity strategy. First, the paper introduces a community cloud architecture subdivided into different security domains. Second, it presents a process for selecting a trusted organization for an exchange based on direct or recommended trust value and reputation. Finally, a system for promoting or relegating organizations in the different security domains is applied. Experimental results show that our model guarantees the scalability of a community cloud with a high success rate of secure and quality resource sharing.
基金supported by The National Natural Science Foundation for Young Scientists of China under Grant No.61303263the Jiangsu Provincial Research Foundation for Basic Research(Natural Science Foundation)under Grant No.BK20150201+4 种基金the Scientific Research Key Project of Beijing Municipal Commission of Education under Grant No.KZ201210015015Project Supported by the National Natural Science Foundation of China(Grant No.61370140)the Scientific Research Common Program of the Beijing Municipal Commission of Education(Grant No.KMKM201410015006)The National Science Foundation of China under Grant Nos.61232016 and U1405254and the PAPD fund
文摘This paper sums up four security factors after analyzing co-residency threats caused by the special multitenant environment in the cloud.To secure the factors,a multiway dynamic trust chain transfer model was proposed on the basis of a measurement interactive virtual machine and current behavior to protect the integrity of the system.A trust chain construction module is designed in a virtual machine monitor.Through dynamic monitoring,it achieves the purpose of transferring integrity between virtual machine.A cloud system with a trust authentication function is implemented on the basis of the model,and its practicability is shown.
文摘In cloud computing environment, as the infrastructure not owned by users, it is desirable that its security and integrity must be protected and verified time to time. In Hadoop based scalable computing setup, malfunctioning nodes generate wrong output during the run time. To detect such nodes, we create collaborative network between worker node (i.e. data node of Hadoop) and Master node (i.e. name node of Hadoop) with the help of trusted heartbeat framework (THF). We propose procedures to register node and to alter status of node based on reputation provided by other co-worker nodes.
基金supported by the National Natural Science Foundation of China (61772196 61472136)+3 种基金the Hunan Provincial Focus Social Science Fund (2016ZDB006)Hunan Provincial Social Science Achievement Review Committee results appraisal identification project (Xiang social assessment 2016JD05)Key Project of Hunan Provincial Social Science Achievement Review Committee (XSP 19ZD1005)the financial support provided by the Key Laboratory of Hunan Province for New Retail Virtual Reality Technology (2017TP1026)
文摘This paper analyzes the reasons for the formation of security problems in mobile agent systems, and analyzes and compares the security mechanisms and security technologies of existing mobile agent systems from the perspective of blocking attacks. On this basis, the host protection mobile agent protection technology is selected, and a method to enhance the security protection of mobile agents (referred to as IEOP method) is proposed. The method first encrypts the mobile agent code using the encryption function, and then encapsulates the encrypted mobile agent with the improved EOP protocol IEOP, and then traces the suspicious execution result. Experiments show that using this method can block most malicious attacks on mobile agents, and can protect the integrity and confidentiality of mobile agents, but the increment of mobile agent tour time is not large.
基金supported by National Natural Science Foundation of China(Nos.71131002,71071045,71231004 and 71201042)
文摘In the last few years, cloud computing as a new computing paradigm has gone through significant development, but it is also facing many problems. One of them is the cloud service selection problem. As increasingly boosting cloud services are offered through the internet and some of them may be not reliable or even malicious, how to select trustworthy cloud services for cloud users is a big challenge. In this paper, we propose a multi-dimensional trust-aware cloud service selection mechanism based on evidential reasoning(ER) approach that integrates both perception-based trust value and reputation based trust value, which are derived from direct and indirect trust evidence respectively, to identify trustworthy services. Here, multi-dimensional trust evidence, which reflects the trustworthiness of cloud services from different aspects, is elicited in the form of historical users feedback ratings. Then, the ER approach is applied to aggregate the multi-dimensional trust ratings to obtain the real-time trust value and select the most trustworthy cloud service of certain type for the active users. Finally, the fresh feedback from the active users will update the trust evidence for other service users in the future.
基金supported by National Basic Research Program of China (973 Program) (No. 2007CB310801)National Natural Science Foundation of China (No. 60873083, No. 60803025, No. 60970017, No. 60903034, No. 60873225)+3 种基金Natural Science Foundation of Hubei Province for Distinguished Young Scholars (No. 2008CDB351)Natural Science Foundation of Hubei Province (No. 2008ABA358, No. 2008ABA379)Research Fund for the Doctoral Program of Higher Education of China (No. 20070486065)Open Foundation of State Key Laboratory of Software Engineering (No. SKLSE20080718)
文摘Cloud computing can be realized by service interoperation and its essence is to provide cloud services through network. The development of effective methods to assure the trustworthiness of service interoperation in cloud environment is a very important problem. The essence of cloud security is trust and trust management. Combining quality of service (QoS) with trust model, this paper constructs a QoS-aware and quantitative trust-model that consists of initial trust value, direct trust value, and recommendatory trust value of service, making the provision, discovery, and aggregation of cloud services trustworthy. Hence, it can assure trustworthiness of service interoperation between users and services or among services in cloud environment. At the same time, based on this model, service discovery method based on QoS-aware and quantitative trust-model (TQoS-WSD) is proposed, which makes a solid trust relationship among service requestor, service provider and service recommender, and users can find trustworthy service whose total evaluation value is higher. Corapared to QoS-based service discovery (QoS-WSD) method, it is proved by the experiment for TQoS-WSD method that more accurate result of service discovery will be achieved by service requestor, while reasonable time cost is increased. Meanwhile, TQoS-WSD method strongly resists the effect of service discovery by untrustworthy QoS values and improves service invocation success-rate and thus assures trustworthiness of services interoperation.
文摘The collaboration tools offered by Cloud Computing have increased the need to share data and services within companies or between autonomous organizations. This has led to the deployment of community cloud infrastructures. However, several challenges will arise from this grouping of heterogeneous organizations. One of the main challenges is the management of trust between the actors of the community. Trust issues arise from the uncertainty about the quality of the resources and entities involved. The quality of a resource can be examined from a security or functional perspective. Therefore, ensuring security and monitoring the quality of resources is to ensure a high level of trust. Therefore, we propose in this paper a technique for dynamic trust management and quality monitoring of resources shared between organizations. Our approach consists, on the one hand, in evaluating the quality of resources based on quality of service measurement attributes and, on the other hand, in updating the trust values according to the information deduced from these measurements. The proposed framework is evaluated in terms of resource sharing success rate and execution time. Experimental results and comparison with TNA-SL and InterTrust models show that the framework can identify and track the behavior of malicious organizations with relatively low execution time.
文摘Cloud computing has emerged as a new style of computing in distributed environment. An efficient and dependable Workflow Scheduling is crucial for achieving high performance and incorporating with enterprise systems. As an effective security services aggregation methodology, Trust Work-flow Technology (TWT) has been used to construct composite services. However, in cloud environment, the existing closed network services are maintained and functioned by third-party organizations or enterprises. Therefore service-oriented trust strategies must be considered in workflow scheduling. TWFS related algorithms consist of trust policies and strategies to overcome the threats of the application with heuristic workflow scheduling. As a significance of this work, trust based Meta heuristic workflow scheduling (TMWS) is proposed. The TMWS algorithm will improve the efficiency and reliability of the operation in the cloud system and the results show that the TMWS approach is effective and feasible.
