Skip to main content
SpringerLink
Log in

Taxonomy of trust relationships in authorization domains for cloud computing

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Cloud computing is revealing a new scenario where different cloud customers need to collaborate to meet client demands. The cloud stack must be able to support this situation by enabling collaborative agreements between cloud customers. However, these collaborations entail new security risks since participating entities should trust each other to share a set of resources. The management of trust relationships in the cloud is gaining importance as a key element to establish a secure environment where entities are given full control in the definition of which particular services or resources they are willing to share. Entities can cooperate at different levels of trust, according to their willingness of sharing information. This paper analyses these collaboration agreements defining a taxonomy of different levels of trust relationships among customers for the cloud. Privacy concerns, assumed risk, as well as easiness in the definition of the trust relationships have been taken into account. A set of different trust relationships have been identified and modeled, enabling entities to control the information they share with others in the cloud. The proposed model has been validated with a prototypical implementation. Likewise, some examples to illustrate the application of these trust models to common cloud collaboration scenarios are provided.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. OpenStack (2011) Open source cloud computing software. http://openstack.org

  2. Vijayakumar V, Banu R (2008) Security for resource selection in grid computing based on trust and reputation responsiveness. Int J Comput Sci Netw Secur 8(11):105–107

    Google Scholar 

  3. Taige J, Xiaolin Q (2009) A trustworthiness-based access control model in grid system. Int Conf Comput Intell Softw Eng CiSE 2009:1–6

    Google Scholar 

  4. Muchahari MK, Sinha SK (2012) New trust management architecture A, for cloud computing environment. In: International symposium on cloud and services computing, pp 136–140

  5. Wang S, Zhang L, Ma N, Wang S (2008) An evaluation approach of subjective trust based on cloud model. Transform 21:1062–1068

    Google Scholar 

  6. Abawajy J (2009) Determining service trustworthiness in inter loud computing environments. In: ISPAN 2009: proceedings of the 2009 10th international symposium on the pervasive systems, algorithms and networks, pp 784–788

  7. Boursas L, Hommel W (2009) Multidimensional dynamic trust management for federated services. In: IEEE international conference on computational science and engineering, vol 2, pp 684–689

  8. Hu R, Liu J, Liu XF (2011) A trustworthiness fusion model for service cloud platform based on D-S evidence theory. In: IEEE international symposium on cluster computing and the grid, vol 0, pp 566–571

  9. Tran H, Watters P, Hitchens M, Varadharajan V (2005) Trust and authorization in the grid: a recommendation model. In: IEEE (ed) Proceedings. International conference on pervasive services, pp 433–436

  10. Xudong Ni JL (2007) A trust aware access control in service oriented grid environment. In: IEEE (ed) Sixth international conference on grid and cooperative computing, pp 1–6

  11. Lang B, Wang Z, Wang Q (2007) Trust representation and reasoning for access control in large scale distributed systems. In: IEEE (ed) 2nd international conference on pervasive computing and applications, IEEE, pp 436–441

  12. Zhao T, Dong S (2010) A trust aware grid access control architecture based on ABAC. In: 2010 fifth IEEE international conference on networking, architecture, and storage, pp 1–6

  13. Fakhar F, Shibli MA (2013) Comparative analysis on security mechanisms in cloud. In: 2013 15th international conference on advanced communication technology (ICACT), pp 145–50

  14. Yang R, Lin C, Jiang Y, Chu X (2011) Trust based access control in infrastructure-centric environment. In: IEEE (ed) IEEE international conference on communications (ICC), pp 1–5

  15. Fujun F, Junshan L (2009) Trust based authorization and access control. In: IEEE (ed) 2009 international forum on information technology and applications, pp 162–165

  16. Xiong H, Zhang B (2010) Research on context and trust-based grid service authorization model. In: IEEE (ed) 2010 international conference on multimedia information networking and security, pp 433–437

  17. Xiao-jun Z, Shi-qin L, Xue-li Y, Guang-Ping Z (2010) Dynamic authorization of grid based on trust mechanism. In: IEEE (ed) 2010 international symposium on intelligence information processing and trusted computing, pp 417–421

  18. Ngo C, Membrey P, Demchenko Y, de Laat C (2012) Policy and context management in dynamically provisioned access control service for virtualized cloud infrastructures. In: 2012 seventh international conference on availability, reliability and security, pp 343–349

  19. Gomez-Farmo F, Martinez-Perez G (2010) Towards pre-standardization of trust and reputation models for distributed and heterogeneous systems. Comput Stand Interf 32(4):185–196

    Google Scholar 

  20. Viriyasitavat W, Martin A (2011) A survey of trust in workflows and relevant contexts, communications surveys tutorials, IEEE PP, vol 99, pp 1–30

  21. Bernal-Bernabe J, Marin Perez JM, Alcaraz-Calero JM, Gomez Skarmeta AF, Garcia Clemente FJ, Martinez Perez G (2014) Semantic-aware multi-tenancy authorization system for cloud architectures. Future Gener Comput Syst 32:154–167

    Google Scholar 

  22. Alcaraz-Calero JM, Edwards N, Kirschnick J, Wilcock L, Wray M (2010) Towards a multi-tenancy authorization system for cloud services. IEEE Secur Privacy 8(6):48–55

    Article  Google Scholar 

  23. Lenk A, Klems M, Nimis J, Tai S, Sandholm T (2009) Whats inside the cloud? An architectural map of the cloud landscape. In: Proceeding at ICSE workshop on software engineering challenges of cloud, computing, pp 1–6

  24. Sirin E, Parsia B, Grau BC, Kalyanpur A, Katz Y (2007) Pellet: a practical OWL-DL reasoner. J Web Semant. 5(2):51–53

    Article  Google Scholar 

  25. Carroll JJ, Dickinson I, Dollin C, Reynolds D, Seaborne A, Wilkinson Jena K (2004) Implementing the semantic web recommendations. In: Proceedings of the 13th international World Wide Web conference. ACM Press, New York, pp 74–83

Download references

Acknowledgments

This work has been partially funded with support from the Spanish MICINN (project RECLAMO—Virtual and Collaborative Honeynets based on Trust Management and Autonomous Systems applied to Intrusion Management—with code TIN2011-28287-C02-02) and the European project “Interoperable Trust Assurance Infrastructure” (INTER-TRUST-ICT FP7-G.A. 317731), within the European Commission 7th Framework Programme (FP7-ICT-2011-8).

Author information

Authors and Affiliations

  1. Departamento de Ingenieria de la Informacion y las Comunicaciones, University of Murcia, Murcia, Spain

    Juan M. Marin Perez, Jorge Bernal Bernabe, Gregorio Martinez Perez & Antonio F. Gomez Skarmeta

  2. School of Computing, University of the West of Scotland, Glasgow, Scotland

    Jose M. Alcaraz Calero

  3. Departamento de Ingenieria y Tecnologia de Computadores, University of Murcia, Murcia, Spain

    Felix J. Garcia Clemente

Authors
  1. Juan M. Marin Perez
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jorge Bernal Bernabe
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jose M. Alcaraz Calero
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Felix J. Garcia Clemente
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Gregorio Martinez Perez
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Antonio F. Gomez Skarmeta
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jose M. Alcaraz Calero.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Marin Perez, J.M., Bernal Bernabe, J., Alcaraz Calero, J.M. et al. Taxonomy of trust relationships in authorization domains for cloud computing. J Supercomput 70, 1075–1099 (2014). https://doi.org/10.1007/s11227-014-1117-x

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-014-1117-x

Keywords

Search

Navigation