Risk-Based Service Selection in Federated Clouds

Usama Ahmed, Ioan Petri, Omer Rana, Imran Raza, Syed Asad Hussain
2018 2018 IEEE/ACM International Conference on Utility and Cloud Computing Companion (UCC Companion)  
The Cloud Service Provider (CSP) marketplace has continued to expand in recent years. Although a few major providers dominate (e.g. AWS, Google Cloud, Microsoft Azure), there are also a number of specialist providers offering hosting services and computing platforms 1 . A single Cloud provider can also offer a marketplace for their own offeringse.g. the AWS Marketplace 2 , which enables third party libraries to be deployed as services within AWS instances. In order to determine whether a
more » ... lar CSP should be used, clients need to apply preliminary assessment and evaluation when provisioning services on such a provider. Service selection can be realised based on different decision-making criteria, to enable a more informed selection process for clients. Trust can be utilised as a mechanism to inform such selection decisions. Trust can have different representations and utilise parameters derived from past interactions. Trust therefore represents an expression of risk associated with a service exchange between clients and providers. We present a trust-based risk evaluation for CSP selection in federated clouds, with a particular focus on security & data privacy. We use a scenario from an Architecture, Engineering & Construction (AEC) project to demonstrate how such a selection can be made, and is of benefit in developing the federated system. A methodology for the selection process is outlined, making use of metrics and certification processes from the Cloud Security Alliance (CSA). The proposed approach can also be generalised to other application domains with similar requirements.
doi:10.1109/ucc-companion.2018.00038 dblp:conf/ucc/AhmedPRRH18 fatcat:2wwpevwflbbbnhpzymzxeqk2xu