8 Establishing Trust in Clouds

This chapter presents a framework which draws the roadmap and building blocks to address the last challenge discussed in Chapter 7; that is, the transparency strategy agenda. The framework addresses the question of how to allow users to establish trust in the Cloud without the need to get involved in complex technical details. The chapter identifies a set of requirements, discusses how some of the requirements could be addressed, and leaves other requirements as planned future research work.

8.1 Introduction

There are a number of techniques that enable one party to establish trust in an unknown entity: direct interaction, trust negotiation, reputation, and trust recommendation and propagation. Most of these establish trust based on identity. Trust negotiation, by contrast, establishes trust based on properties. In a Cloud context, establishing trust would be based on both identities and properties [1]. The properties that an attestor requires when establishing trust in Clouds has been discussed in Chapter 4.

This chapter focuses on the provision of a secure and trustworthy environment which assures users that Cloud providers continually enforce their requirements, do not interfere with their application data, and move control of users’ application data from the hands of Cloud providers to users. The chapter demonstrates the framework using the IaaS Cloud service and assumes the Cloud user is an organization. The concepts presented throughout ...

Get Cloud Management and Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.