A framework for evaluating trust of service providers in cloud marketplaces

Sheikh Mahbub Habib, Vijay Varadharajan, Max Mühlhäuser

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review

16 Citations (Scopus)

Abstract

The Cloud Security Alliance (CSA) provides a framework for cloud platform providers that manages standardized self assessments regarding security controls. The framework as it stands does not allow consumers to specify and check their own requirements, nor does it contain any means for verifying the capabilities claimed by the providers. From a customer perspective, both these aspects are essential for evaluating the trustworthiness of cloud providers and for making an informed decision. We propose a novel concept for verifying the capabilities captured in the CSA's framework, plus a decision model that checks consumer requirements against the verification results. Our capability verification combines hard trust based on rigid validation with soft trust based on evidence about past behaviour. Elaborate formal methods are applied in both fields and combined into a single concept.

Original languageEnglish
Title of host publication28th Annual ACM Symposium on Applied Computing, (SAC 2013)
Place of PublicationNew York
PublisherAssociation for Computing Machinery (ACM)
Pages1963-1965
Number of pages3
ISBN (Print)9781450316569
DOIs
Publication statusPublished - 2013
Event28th Annual ACM Symposium on Applied Computing, SAC 2013 - Coimbra, Portugal
Duration: 18 Mar 201322 Mar 2013

Other

Other28th Annual ACM Symposium on Applied Computing, SAC 2013
Country/TerritoryPortugal
CityCoimbra
Period18/03/1322/03/13

Fingerprint

Dive into the research topics of 'A framework for evaluating trust of service providers in cloud marketplaces'. Together they form a unique fingerprint.

Cite this