| Summary: | Security enhancements to the emerging IaaS (Infrastructure as a Service) cloud computing systems have become the focus of much research, but little of this targets the underlying infrastructure. Trusted Cloud systems are proposed to integrate Trusted Computing infrastructure with cloud systems. With remote attestations, cloud customers are able to determine the genuine behaviors of their applications’ hosts; and therefore they establish trust to the cloud. However, the current Trusted Clouds have difficulties in effectively attesting to the cloud service dependency for customers’ applications, due to the cloud’s complexity, heterogeneity and dynamism. In this paper, we present RepCloud, a decentralized cloud trust management framework, inspired by the reputation systems from the research in peerto- peer systems. With RepCloud, cloud customers are able to determine the properties of the exact nodes that may affect the genuine functionalities of their applications, without obtaining much internal information of the cloud. Experiments showed that besides achieving fine-grained cloud service dependency attestation, RepCloud incurred lower trust management overhead than the existing trusted cloud systems.
|
|---|