• No results found

A TRUST SCHEME FOR SERVICE OPERATOR CLOUD SERVICES

N/A
N/A
Protected

Academic year: 2020

Share "A TRUST SCHEME FOR SERVICE OPERATOR CLOUD SERVICES"

Copied!
7
0
0

Loading.... (view fulltext now)

Full text

(1)

A TRUST SCHEME FOR SERVICE OPERATOR

CLOUD SERVICES

Ms.PARIMALAM. V ME-CSE II YEAR Department of CSE Jay Shriram Group of Institutions

Avinashipalayam, Tirupur

vbparimalam@gmail.com

Ms.ANITHA.R Assistant Professor Department of CSE Jay Shriram Group of Institutions

Avinashipalayam, Tirupur anee.ragu@gmail.com

Dr. RAJALAKSHMI.S Associate Professor Department of CSE Jay Shriram Group of Institutions

Avinashipalayam, Tirupur mrajislm@gmail.com

ABSTRACT---

Traditionally, cloud service providers provide assurances by specifying technical and

functional descriptions in Service Level Agreements (SLAs) for the services they offer.

Service operator-aware

trust scheme (SOTS) for resource matchmaking across multiple clouds. For multidimensional resource service

operators, we formed the problem of trust evaluation as a method of multi attribute decision making, and

develop an adaptive trust evaluation approach based on information entropy theory. This adaptive approach

can reduce the limitations of existing trust schemes, whereby the trusted operators are weighted manually or

subjectively. Using SOTS, the broker can accurately finds the most trusted resources in advance, and thus

provide more dependable resources to cloud users. Our experiments demonstrate interesting and meaningful

observations that can provide the effective utilization of SOTS in a large-scale multi-cloud environment.

Keywords----

Cloud Computing, Trust scheme, Service operator, and Cloud Brokering.

1. INTRODUCTION

The monitoring system needs to designed and

built for fit for the purpose of infrastructure and service

monitoring. It needs for the whole of service

management, and so it should cover SLAs, elasticity,

QoS, etc. It is important to recognize that it is the

monitoring mechanism that closes the loop from the

initial deployment, through execution, and back to

Service Manager. The monitoring system is there to

gather data from all the components within cloud

architecture and monitoring is a fundamental aspect of

the service cloud that is used by the infrastructure and

for service management. The monitoring system for the

service cloud needs to feed data into the Service

Manager so that it can manage the services deployed on

the cloud. Extra time it is expected that the management

capabilities of the Service Manager will expand to

include new functions. As a consequence we need the

Monitoring system to be adaptable, flexible,

and extensible in order to support the expanding

functionality.

It did not support fully dynamic on-the-fly

functionality these lifecycle and control functions will

need to use a control plane of monitoring framework.

Using this control plane the Service Manager will be

able to activate, deactivate, and set the data rate of

probes, as necessary.

Motivation

(2)

Few studies have focused on a trust-aware brokering framework for multi-cloud environments. Cloud brokers can be provide intermediation and aggregation capabilities to enable providers to deploy their virtual infrastructures across multiple clouds. The future of cloud computing will be permeated with the emergence of cloud brokers acting as intermediaries between cloud providers and users to negotiate and allocate resources among multiple data centers. Based on integrated comparison, a number of innovative platforms have been developed for cloud brokers, such as RESERVOIR, PCMONS, RightScale, and SpotCloud. However, most of these platforms do not provide trust management capabilities for making trust decisions, such as selecting an optimal cloud resource to deploy a service, or optimally distributing the different component of a service among different clouds. Therefore, to increase the adoption of cloud services, a cloud broker should be establish and provide trust management capacity to alleviate the worries of their users.

Few studies have focused on an expanded trust model based on dynamic service factors of a cloud resource. From a user’s perspective, trust is a comprehensive index for service guarantee and there are several trust factors in a system, i.e., security, availability, and reliability. As observed trust is beyond security, and an expanded trust model should

incorporate security, reliability, and availability factors (and other factors if possible) into a trust vector. This data can be imported from existing models to form a comprehensive trust model. This highlights the fact that the level of trust in service resources should be objectively evaluated by dynamic service operators. However, in, Hoffman et al. did not cover trust in detail, omitting numerous key issues of trust management and computing. To the best of our knowledge, most current studies either ignore service-related operators in trust evaluation or use a unilateral context to model the trust relationship. For example, in, they only considered the security of services, without other trust factors. In, the authors only considered service operators of reliability. In, the authors completely ignored dynamic operators of services.

Some schemes lack adaptability with a trust fusion calculation based on multi-dimensional service operators. Avoiding to the effect of individual favoritism on weight allocation, and confirming the weight allocation of multi-operators adaptively very important in trust fusion calculation. In reality, some previous schemes are based on the expert opinion to weight trust factors; however, this approach lacks adaptability and may lead to inaccurate results in trust evaluation.

2 RELATED WORKS

Cloud computing is new paradigm in which

dynamically scalable virtualized computing resources

are provided as a service over the Internet. However,

resources are limited, it is very important that cloud

providers efficiently provide their resources. a trust

model for efficient reconfiguration and allocation of

computing resources satisfying various user requests.

Our model collects for analyzes reliability based on

historical information of servers in a Cloud data center.

Then it prepares the best available resources for each

service request in advance, providing the best resources

(3)

Trust Model Implementation:

Our trust evaluation model aims to configure to

complex set of services dynamically in a cloud

environment, according to predictive performance in

terms of stability and availability of all resources that

are to be provided as cloud services. Therefore, it is

very important to build an adequate trust model for

prediction of service’s performance and stability.

The main contributions of trust scheme are based on many existing representative work. In this section, we first review the typical work cloud brokers. We then analyze the developments of trust management in cloud computing.

A. Development of Cloud Brokers

In recent years, there are many service brokers or monitoring systems emerged as a promising concept to offer enhanced service delivery over large-scale environments. Some private companies offer brokering solutions for the current cloud market, e.g., RightScale or SpotCloud. In, the authors use the Lattice monitoring framework as a real-time feed for the management of a service. Monitoring is a fundamental aspect of Future Internet elements, and in particular for service, where it is used for both the infrastructure and service management. The authors present the issues relating to the management of service clouds, discussing the key design requirements and how these are addressed in the RESERVOIR project.

The author also present the Lattice monitoring framework, discussing its main features and also giving an overview of design and implementation, together with a presentation of use within RESERVOIR. In, the authors point out, although many solutions are available, cloud management and monitoring technology has not kept pace, partially because of the lack of open source solutions. To address limitation, the authors describe their experience with a private cloud,

and discuss the design and implementation of private cloud monitoring system (PCMONS) and its application via a case study for the proposed architecture. An important finding of work is that it is possible to deploy a private cloud within the organization using source solutions and integrating with traditional tools like Nagios. However, there is significant development work to be done while integrating this tools. RightScale is a web based cloud computing managing tool for managing cloud infrastructure to multiple providers. RightScale enables organizations to easily deploy and manage business-critical applications across public, private, and hybrid clouds. SpotCloud provides a structured cloud capacity marketplace where service providers sell the extra capacity they have and the buyers can take advantage of cheap rates selecting the best service provider at each moment. The broker in also provides this feature but in an automatized way, without checking manually prices of each cloud provider at each moment. Thus, optimization algorithms can be used to select the best way to place VM according to the actual rates of the cloud providers.

3 OUR WORK

Global Trust Degree (GTD) Calculation:

Step1: Calculate the values for CPU frequency,

memory size, hard disk capacity and the average

bandwidth using evaluation of matrix normalization.

Step2: Calculate the information entropy expression of

the trust decision factor, based on their self-information

using entropy based and adaptive weight calculation.

Step3: RTD (Real-time Trust Degree) is used to

evaluate recent cloud resource service operators. RTD

is generated in the time window when an interaction

takes place between a user and a resource.

Step4: Hence the GTD is calculated using time –based

attenuation function for resource matchmaking

(4)

Trust Initialization for Newly Registered Resources:

It uses FSLA (First Service-Last Audit)

mechanism. The FSLA mechanism will give the

resource a chance to obtain user’s computing tasks. In

the interaction between the user and the resource, the

broker will monitor its service operators, and then

calculate its GTD. If the commitment QoS is lower than

the actual GTD that is computed by broker, the broker

will take a strict punitive step.

Inspired by the idea of an expanded trust evaluation approach in, in service operator-aware trust scheme (SOTS), we define trust as a quantified belief by a cloud broker with respect to the security, availability, and reliability of a resource within several specified time windows. This definition belongs to an approach based on trusted third party (TTP) . The broker acts as the TTP, which is composed of many registered resources. The key innovations of SOTS go beyond those of existing schemes in terms of the following aspects:

A systematic trust management scheme for multi-cloud environment, based on multi-dimensional resource service operators. SOTS evaluate the trust of cloud resource in contrast to traditional trust schemes that always focus on unilateral trust factors of service resources. It incorporates multiple factor into a trust vector to form an expanded trust scheme to evaluate a resource. This trust scheme is more consistent with the essential attributes of a trust relationship, thus, it is more in line with the expectations of cloud users.

An adaptive fused computing approach of dynamic service operators, based on information entropy theory. SOTS models the problem of trust evaluation as the process of multi-attribute decision-making, and then develops an adaptive trust evaluation approach. This adaptive fused computing approach can be overcome the limitations of traditional trust schemes,

in which the trusted attributes are weighted manually or subjectively.

A first service, last audit (FSLA) mechanism for overcome the trust initialization problem of newly registered resources. When resource initially registers for business, no user has interacted with it, and consequently, information on past service operators is non-existent.

In SOTS, we introduce a penalty factor-based FSLA mechanism, which can effectively remedy this problem of newly registered resources. These designs and other specific features collectively make SOTS an accurate and efficient solution that can be used in multi-cloud environments.

Aeolus is an open source cloud management software sponsored by Red Hat, which runs on Linux systems. It provides both ease the burden of managing large number of clouds, as well as ensure that cloud consumers can use large numbers of clouds to avoid for getting locked into the offering of any single provider. Besides managing virtual machines in various clouds, cross-cloud broker like Aeolus needs to be able to build images for these clouds from a single specification, track that images have been convert and upload into what cloud, as well as automate image updates. To further simplify the management of complicated cloud uses, Aeolus makes it possible to describe multi-instance applications like three-tier web applications as one unit, from image definition to upload and launch into target clouds. The main components of Aeolus are Conductor, the application that users and administrators interact with, Composer, an application and tools for building and managing images, and Orchestrator, tooling for treating groups of virtual machines as one application.

(5)

provider and data owner. The authors build reputation systems using a Distributed-hash-table (DHT)based trust-overlay network among virtualized data centers and distributed file systems. These networks over cloud resources provision from multiple data center for trust management and distributed security enforcement. Data coloring and software watermarking techniques protect to shared data objects and massively distributed software modules. These technique safeguard multi way authentications, enable single sign-on in the cloud, and tighten access control for sensitive data in both public and private clouds. In, Hwang and Kulkarni also presented an integrated cloud architecture to reinforce the security and privacy in cloud applications. They propose an approach to integrating virtual clusters, security-reinforced datacenters, and trusted data accesses guided by reputation systems. However, in and, the authors only focused on the trust and privacy issues of user-side, and they did not mention about server-side trust problem.

Fig. 2. A trust broker for multi-cloud environments.

Trust-Aware Brokering System Architecture

The above figure shows a schematic of our architecture. Conceptually, the proposed middleware architecture consists of a number of core modules, include the trusted resource matchmaking and distributing module, the adaptive trust evaluation module, the agent-based on service operator acquisition module, and the resource management module, among others. Adaptive trust evaluation module. This module is core of the trust-aware cloud computing system, and

is the major focus of this paper. Using this module, broker can dynamically sort high-performance resources by analyzing the historic resource information in terms of providing highly trusted resources.

Trusted resource matchmaking and distributing module. In general, each cloud manager registers its service resources through the cloud broker. The service user negotiates with the service broker on the service-level agreement (SLA) details; they eventually prepare an SLA contract. According to this contract, the broker selects, and then presents highly trusted resources to users from the trusted resource pool. Agent publish and service operator acquisition module. This module is used to monitor the usage of allocated resources in order to guarantee the SLA with the user. In interaction, the module monitors the resource operators and is responsible for getting run-time service operators. Another task of the module is to publish automatically the monitoring agents (MA) in a remote site when a computing task is assigned to the site.

Resource register module. It manages and indexes all the resources available from multi cloud providers, and obtains information from each particular cloud resource, acting as pricing interface for users, updating the database when new information is available.

Experimental Methodology

(6)

hypervisor. In machines each cluster act as VM providers, in which an agent-based service operator acquisition module is deployed. A separate machine acts as the trust management server (cloud broker) where the core functional modules of the broker are deployed, including a trusted resource matchmaking and distributing module, an adaptive trust evaluation module, and a resource management module. We have designed several performance mechanisms for a comprehensive trust evaluation scheme. Due to the restrictions of paper length, we mainly evaluate the performance of SOTS based on the following two aspects:

Accuracy is used to check whether the proposed scheme and its related algorithms can accurately and consistently provide trust calculation; Efficiency is used to evaluate the overhead and the average job failure rate (AJFR) of the proposed scheme;

User request. In the experimental environment, there are nearly 100 VMs in the resource pool of the cloud broker system (we deployed about 30 VMs in each cluster). According to Algorithm 1 in Appendix E, available in the online supplementary material, our resource matchmaking approach should be “trust with cost.” The user’s request contains the job descriptions; namely, Job ID, minimum GTD required, and cost limits. Considering the job requirements, a resource is selected from a resource pool that has more than the minimum GTD given by the user.

Fig. 3. Multiple cloud experimental environment.

Types of VMs. To reduce complexity, in the initial stage of the experimental environment, we mainly observe the results according to the following 6 key operators: CPU frequency (CPU), average response time, average task success rate (ATSR), authentication type, authorization type, and self-security competence. Types of VMs in the resource pool and the classification threshold are listed, including high trusted node (H), normal trusted node (N), low trusted node (L) and malicious node (M).

CONCLUSIONS

In this work, we propose SOTS for trustworthy resource matchmaking across multiple clouds. We have shown that SOTS yields very good results in many typical cases. However, there are still some open issues we can apply to the current scheme. First, we are interested in combining our trust scheme with reputation management to address concerns in users’ feedback. A universal measurement and quantitative method to assess the security levels of a resource is another interesting direction. Evaluation of the proposed scheme in a larger-scale multiple cloud environments is also an important task to be addressed in future research.

REFERENCES

[1] K. M. Khan and Q. Malluhi, “Establishing trust in cloud computing,” IT Prof., vol. 12, no. 5, pp. 20– 27, Sep./Oct. 2010.

[2] K. Hwang and D. Li, “Trusted cloud computing with secure resources and data coloring,” IEEE Internet Comput., vol. 14, no. 5, pp. 14–22, Sep./Oct. 2010.

(7)

systems,” Int. J. Grid Distrib. Comput., vol. 3, no. 1, pp. 1–10, 2010.

[4] P. D. Manuel, S. Thamarai Selvi, and M. I. A. E. Barr, “Trust management system for grid and cloud resources,” in Proc. 1st Int. Conf. Adv. Comput., Dec. 2009, pp.176–181.

[5] S. M. Habib, S. Ries, and M. Muhlhauser, “Towards a trust management system for cloud computing,” in Proc. IEEE 10th Int. Conf. Trust, Security Privacy Comput. Commu., 2011, pp. 933–939.

[6] N. Dragoni, “A survey on trust-based web service provision approaches,” in Proc. 3rd Int. Conf. Dependability, 2010, pp. 83–99.

[7] Z. Liang and W. Shi, “A reputation-driven scheduler for autonomic and sustainable resource sharing in grid computing,” J. Parallel Distrib. Comput., vol. 70, no. 2, pp. 111–125, 2010.

[8] S. A. de Chaves, R. B. Uriarte, C. B. Westphall, “Toward an architecture for monitoring private clouds, ” IEEE Commun. Mag.,vol.49, no. 2, pp. 130–137, 2011.

[9] S. Clayman, A. Galis, C. Chapman, G. Toffetti, L. Rodero-Merino, L. M. Vaquero, K. Nagin and B. Rochwerger, “Monitoring service clouds in the future internet,” in Future Internet Assembly. Amsterdam,The Netherlands: IOS Press, 2010, pp. 115–126.

[10] RightScale. [Online]. Available:

Figure

Fig. 3. Multiple cloud experimental environment.

References

Related documents

In this paper data from a school survey in India is used to ask if there is evidence for the payment of performance related pay and whether such pay structures do impact on student

(ii) The weakness or even the absence of emission lines in WLQs is likely caused by a low covering factor of the BLR rather than by a very soft ionizing continuum. The comparison of

Like most VCU Libraries events, Copyright for Creators was free and open to the public, and the topics covered by the series were relevant to this large creative community both

Koristila se elektivna djelidbena kalkulacija s ekvivalentnim brojevima iz razloga što se ona primjenjuje kada ne postoji jedinstveni finalni proizvod već, iako

Cı´lem te´to pra´ce je provedenı´ analy´zy mozˇnostı´ synchronizace mobilnı´ch zarˇı´zenı´ po- staveny´ch na platforma´ch Microsoft Windows Mobile 6.5 a Microsoft

Sc´en´aˇre ˇr´ızen´e obnovy po hav´arii jsou zamˇeˇreny pouze na poˇskozen´ı a ztr´atu aktiv poˇstov- n´ıho syst´emu Exchange Server 2007 a odpov´ıdaj´ıc´ıch

The statistical maps represent regions for which temporal fluctuations in functional connectivity of the left amygdala (panel A) and primary visual cortex (panel B),

DI's Ways Daily, like the daily market leader in East Java, Jawa Pos, is seen trying to find exclusive content by searching for news that is exclusive and faster than other