INTER CLOUD SECURITY FRAMEWORK FOR HANDLING OF DATA

Abstract

Cloud computing is one of the most adopted technologies of the 21st century. Prospects of cloud computing as a technology that optimizes resources, reduces complexity, and provides cost-effective solutions to its consumers are well established. The growing use of cloud is leading to ‘cloud of clouds’ where cloud service providers (CSPs) collaborate with each other to provide ever-scalable solutions to their customers. This has the potential to transform into Intercloud revolution as has been the Internet revolution. However, one most restricting factor towards the use of cloud by its consumers is their concerns about data security. In cloud computing, the data does not reside at user premises, rather it is located in the cloud, which could be anywhere in the world, with very limited control of the user to ensure its security. To overcome this shortcoming of cloud computing, we need to devise a mechanism that not only ensures essential security safeguards but also ascertains the Trustworthiness of CSP. Most sensitive to any organization is its data, thus to give confidence to these organizations to put their data in the cloud requires a trust framework. This thesis, therefore, proposes an inter-cloud data security framework which is a set of controls, and a mechanism to measure trust for data sharing based on compliance with the framework. The proposed, Framework for Building Inter-cloud Trust for Data Security (FBI-TDS), is established on data security controls derived against the possible data-related threats emerging from various inter-cloud use cases. It is a very systematic derivation of data security controls, consolidated as a data security framework. As part of FBI-TDS, a mechanism is suggested, that can enable CSPs to view compliance with data security controls and the overall Trustworthiness of other CSPs; thus, enabling them to decide the level of interaction that they might undertake, depending upon their data security commitments to their consumers. A Data Security Compliance Monitor service is proposed which measures compliance with data security controls. This service communicates with Data Trust as a Service, which measures the Trustworthiness of a cloud based on its Total Compliance Value, Users’ Feedback Rating, and Cloud Security Auditor Rating. Two additional factors namely Accuracy of Compliance Measurement and Control Significance Factor have also been built in, to cater to other nonstandard conditions. CSPs who subscribe to Data Trust as a Service would be able to view the Trustworthiness of other CSPs, yet they would be bound to provide access to the service to measure theirs as well. This research is unique because of its approach and all-inclusive parameters to measure Trustworthiness. ix Our implementation of proposed framework, along with three CSPs, each with ten different settings, has supported our proposition through the devised formula. Experimental outcomes show changes in the trustworthiness value with changes in compliance level, user feedback and auditor rating. CSPs with better compliance have better trustworthiness values. However, if the Accuracy of Compliance Measurement and Control Significance Factor are low the trustworthiness is also proportionately less. This creates a balance and realism in our calculations. This model will help in creating users’ trust in CSPs and thus promote cloud computing.