The Journal of Supercomputing

, Volume 70, Issue 3, pp 1075–1099 | Cite as

Taxonomy of trust relationships in authorization domains for cloud computing

  • Juan M. Marin Perez
  • Jorge Bernal Bernabe
  • Jose M. Alcaraz Calero
  • Felix J. Garcia Clemente
  • Gregorio Martinez Perez
  • Antonio F. Gomez Skarmeta


Cloud computing is revealing a new scenario where different cloud customers need to collaborate to meet client demands. The cloud stack must be able to support this situation by enabling collaborative agreements between cloud customers. However, these collaborations entail new security risks since participating entities should trust each other to share a set of resources. The management of trust relationships in the cloud is gaining importance as a key element to establish a secure environment where entities are given full control in the definition of which particular services or resources they are willing to share. Entities can cooperate at different levels of trust, according to their willingness of sharing information. This paper analyses these collaboration agreements defining a taxonomy of different levels of trust relationships among customers for the cloud. Privacy concerns, assumed risk, as well as easiness in the definition of the trust relationships have been taken into account. A set of different trust relationships have been identified and modeled, enabling entities to control the information they share with others in the cloud. The proposed model has been validated with a prototypical implementation. Likewise, some examples to illustrate the application of these trust models to common cloud collaboration scenarios are provided.


Cloud computing Trust management Access control  Taxonomy 



This work has been partially funded with support from the Spanish MICINN (project RECLAMO—Virtual and Collaborative Honeynets based on Trust Management and Autonomous Systems applied to Intrusion Management—with code TIN2011-28287-C02-02) and the European project “Interoperable Trust Assurance Infrastructure” (INTER-TRUST-ICT FP7-G.A. 317731), within the European Commission 7th Framework Programme (FP7-ICT-2011-8).


  1. 1.
    OpenStack (2011) Open source cloud computing software.
  2. 2.
    Vijayakumar V, Banu R (2008) Security for resource selection in grid computing based on trust and reputation responsiveness. Int J Comput Sci Netw Secur 8(11):105–107Google Scholar
  3. 3.
    Taige J, Xiaolin Q (2009) A trustworthiness-based access control model in grid system. Int Conf Comput Intell Softw Eng CiSE 2009:1–6Google Scholar
  4. 4.
    Muchahari MK, Sinha SK (2012) New trust management architecture A, for cloud computing environment. In: International symposium on cloud and services computing, pp 136–140Google Scholar
  5. 5.
    Wang S, Zhang L, Ma N, Wang S (2008) An evaluation approach of subjective trust based on cloud model. Transform 21:1062–1068Google Scholar
  6. 6.
    Abawajy J (2009) Determining service trustworthiness in inter loud computing environments. In: ISPAN 2009: proceedings of the 2009 10th international symposium on the pervasive systems, algorithms and networks, pp 784–788Google Scholar
  7. 7.
    Boursas L, Hommel W (2009) Multidimensional dynamic trust management for federated services. In: IEEE international conference on computational science and engineering, vol 2, pp 684–689Google Scholar
  8. 8.
    Hu R, Liu J, Liu XF (2011) A trustworthiness fusion model for service cloud platform based on D-S evidence theory. In: IEEE international symposium on cluster computing and the grid, vol 0, pp 566–571Google Scholar
  9. 9.
    Tran H, Watters P, Hitchens M, Varadharajan V (2005) Trust and authorization in the grid: a recommendation model. In: IEEE (ed) Proceedings. International conference on pervasive services, pp 433–436Google Scholar
  10. 10.
    Xudong Ni JL (2007) A trust aware access control in service oriented grid environment. In: IEEE (ed) Sixth international conference on grid and cooperative computing, pp 1–6Google Scholar
  11. 11.
    Lang B, Wang Z, Wang Q (2007) Trust representation and reasoning for access control in large scale distributed systems. In: IEEE (ed) 2nd international conference on pervasive computing and applications, IEEE, pp 436–441Google Scholar
  12. 12.
    Zhao T, Dong S (2010) A trust aware grid access control architecture based on ABAC. In: 2010 fifth IEEE international conference on networking, architecture, and storage, pp 1–6Google Scholar
  13. 13.
    Fakhar F, Shibli MA (2013) Comparative analysis on security mechanisms in cloud. In: 2013 15th international conference on advanced communication technology (ICACT), pp 145–50Google Scholar
  14. 14.
    Yang R, Lin C, Jiang Y, Chu X (2011) Trust based access control in infrastructure-centric environment. In: IEEE (ed) IEEE international conference on communications (ICC), pp 1–5Google Scholar
  15. 15.
    Fujun F, Junshan L (2009) Trust based authorization and access control. In: IEEE (ed) 2009 international forum on information technology and applications, pp 162–165Google Scholar
  16. 16.
    Xiong H, Zhang B (2010) Research on context and trust-based grid service authorization model. In: IEEE (ed) 2010 international conference on multimedia information networking and security, pp 433–437Google Scholar
  17. 17.
    Xiao-jun Z, Shi-qin L, Xue-li Y, Guang-Ping Z (2010) Dynamic authorization of grid based on trust mechanism. In: IEEE (ed) 2010 international symposium on intelligence information processing and trusted computing, pp 417–421Google Scholar
  18. 18.
    Ngo C, Membrey P, Demchenko Y, de Laat C (2012) Policy and context management in dynamically provisioned access control service for virtualized cloud infrastructures. In: 2012 seventh international conference on availability, reliability and security, pp 343–349Google Scholar
  19. 19.
    Gomez-Farmo F, Martinez-Perez G (2010) Towards pre-standardization of trust and reputation models for distributed and heterogeneous systems. Comput Stand Interf 32(4):185–196Google Scholar
  20. 20.
    Viriyasitavat W, Martin A (2011) A survey of trust in workflows and relevant contexts, communications surveys tutorials, IEEE PP, vol 99, pp 1–30Google Scholar
  21. 21.
    Bernal-Bernabe J, Marin Perez JM, Alcaraz-Calero JM, Gomez Skarmeta AF, Garcia Clemente FJ, Martinez Perez G (2014) Semantic-aware multi-tenancy authorization system for cloud architectures. Future Gener Comput Syst 32:154–167Google Scholar
  22. 22.
    Alcaraz-Calero JM, Edwards N, Kirschnick J, Wilcock L, Wray M (2010) Towards a multi-tenancy authorization system for cloud services. IEEE Secur Privacy 8(6):48–55CrossRefGoogle Scholar
  23. 23.
    Lenk A, Klems M, Nimis J, Tai S, Sandholm T (2009) Whats inside the cloud? An architectural map of the cloud landscape. In: Proceeding at ICSE workshop on software engineering challenges of cloud, computing, pp 1–6Google Scholar
  24. 24.
    Sirin E, Parsia B, Grau BC, Kalyanpur A, Katz Y (2007) Pellet: a practical OWL-DL reasoner. J Web Semant. 5(2):51–53CrossRefGoogle Scholar
  25. 25.
    Carroll JJ, Dickinson I, Dollin C, Reynolds D, Seaborne A, Wilkinson Jena K (2004) Implementing the semantic web recommendations. In: Proceedings of the 13th international World Wide Web conference. ACM Press, New York, pp 74–83Google Scholar

Copyright information

© Springer Science+Business Media New York 2014

Authors and Affiliations

  • Juan M. Marin Perez
    • 1
  • Jorge Bernal Bernabe
    • 1
  • Jose M. Alcaraz Calero
    • 2
  • Felix J. Garcia Clemente
    • 3
  • Gregorio Martinez Perez
    • 1
  • Antonio F. Gomez Skarmeta
    • 1
  1. 1.Departamento de Ingenieria de la Informacion y las ComunicacionesUniversity of MurciaMurciaSpain
  2. 2.School of ComputingUniversity of the West of ScotlandGlasgowScotland
  3. 3.Departamento de Ingenieria y Tecnologia de ComputadoresUniversity of MurciaMurciaSpain

Personalised recommendations