introduction cloud characteristics security and privacy aspects principal parties in the cloud trust...
Post on 18-Dec-2015
215 Views
Preview:
TRANSCRIPT
• Introduction• Cloud characteristics• Security and Privacy aspects• Principal parties in the cloud• Trust in the cloud 1.Trust-based privacy protection 2.Subjective logic
• Privacy enhanced cloud services• Summary
AGENDA
• Scope of the privacy is potentially the lifetime of the privacy subject
• Investigated trust issues and privacy aspects for cloud service users, using subjective logic as a primary tool.
• Subjective logic can be a useful tool for developing trust models for cloud computing.
INTRODUCTION
• Location Independent and Mobility as a basic premise
• Lifetime of security and privacy protection 1.Communications Security 2.Device Security 3.Data Storage Security 4.Archival Storage 5.Personal Storage
CLOUD CHARACTERISTICS
• Security aspects 1.Service aspects 2.Service execution security
• Right to privacy• Privacy aspects• Long-Term view of privacy• Privacy points and counterpoints
SECURITY AND PRIVACY ASPECTS
• Individual users• Aggregate users• Cloud service providers 1.Private vs Public cloud service provider 2.Virtual cloud service provider 3.Physical cloud service provider
• Cloud intruders
PRINCIPAL PARTIES IN TE CLOUD
• Economically feasible to provide trust in a cloud service provider with encryption techniques alone
• To enhance privacy, investigates trust and
trust relationships between the principal parties using
1.Trust-based privacy protection 2.Subjective logic
TRUST IN THE CLOUD
• Level of trust will vary during the lifetime and depends on various factors.
• Opinion in below two points by a specific client and other clients are considered as trustworthy.
1.Reputation on keeping private data protected 2.Reputation of behaving according to agreement
• A long term privacy can be protected by monitoring trustworthiness of service providers.
TRUST-BASED PRIVACY PROTECTION
• Anonymization is an approach that can be used to achieve the needed level of privacy protection.
• To provide privacy protection, user should be able to measure and continually monitor trustworthiness of Anonymizers.
• Another approach would be to split data into separate parts.
ANONYMIZATION
• It express the level of trust.• ω expresses opinion about trustworthiness
level
• ω={t,d,u},t+d+u=1,t=trust,d=distrust,u=uncertainty
• ={, , } trustworthiness of .
• Trustworthiness on and is = ^ ={, , }
• Let s1 and s2 are two users then represents the opinion of se about the trustworthiness of recommendation given by s2.
SUBJECTIVE LOGIC
• Combined opinion of s1 and s2 on a is . = ={, , }
• If there are several independent opinions on a then
= ={, , }
=( +)/( + -)=( +)/( + -)=()/( + -)
SUBJECTIVE LOGIC
• Scope of the privacy is potentially the lifetime of the privacy subject
• User either select trustworthy service provider
• Or try to reduce privacy sensitivity of data ie. r
• π(r) denote privacy sensitivity of r,defined by user
• Privacy sensitivity of r can be reduced by Encryption Anonymization Splitting data
PRIVACY ENHANCED CLOUD SERVICES
• Cryptographic techniques cannot always provide protection(especially in long term)
• This research proposed a trust-based privacy protection
• The approach based on subjective logic.• The users have to handle their data to
minimize privacy threats in the cloud
SUMMARY
top related