Wireless Personal Communications

, Volume 85, Issue 1, pp 77–99 | Cite as

Building Customer Trust in Cloud Computing with an ICT-Enabled Global Regulatory Body

  • Al-Sakib Khan Pathan
  • Mohssen M. Z. E. Mohammed
Article

Abstract

Building customer trust is a huge problem in the cloud computing paradigm. Today, hundreds of companies around the world are offering cloud services in major or minor scale with global or local reach. In spite of the availability of numerous establishments for cloud services, there is a critical link missing with the customers—and that is the lack of appropriate customer trust in the cloud provider’s services. The issue of trust in clouds has already been addressed from multiple technical perspectives where the researchers suggested solutions based on existing knowledge in other computing and communications systems. In this paper, we suggest a different concept of ensuring trust in cloud services by using the power of Information and Communications Technology. The basic idea lies in the fact that there should be a global standardization authority which would certify trusted cloud providers which in turn would earn customer trust. Novelty in this concept is mainly in its operational details presented in the paper. The main objective is to analyze various aspects of this proposed model from the policy making issues alongside slightly addressing technical issues. To make our work easily accessible to general readers and the experts, we also present the backgrounds of cloud computing and analyze the conceptual model with real-life challenges and issues.

Keywords

Center Certificate Cloud Computing Security Trust 

References

  1. 1.
    Computing Curricula 2005. (2005). The overview report. The joint task force for computing curricula 2005 by ACM, AIS, IEEE-CS, 30 September 2005. http://www.acm.org/education/curric_vols/CC2005-March06Final.pdf. Last accessed July 18, 2014.
  2. 2.
    Mell, P., & Grance, T. (2011). The NIST definition of cloud computing. NIST Special Publication 800-145, September 2011.Google Scholar
  3. 3.
    Pathan, A.-S. K. (2013). Fi-Wi network for future cloud. International Journal of Applied Research on Information Technology and Computing, 4(3), 122–132.CrossRefGoogle Scholar
  4. 4.
    Pathan, A.-S. K. (2013). When the cloud computing becomes mobile! International Journal of Internet and Distributed Systems, 1(3), 17. doi:10.4236/ijids.2013.13003.CrossRefGoogle Scholar
  5. 5.
    Potential and Impacts of Cloud Computing Services and Social Network Websites. In Science and technology options assessment report, PE 513.546, European Parliamentary Research Service, January 2014.Google Scholar
  6. 6.
    Abdalla, A.-K. A., & Pathan, A.-K. A. (2014). On protecting data storage in mobile cloud computing paradigm. IETE Technical Review, 31(1), 82–91. doi:10.1080/02564602.2014.891382.CrossRefGoogle Scholar
  7. 7.
    Viriyasitavat, W., & Martin, A. (2010). Formal trust specification in service workflows. In 2010 IEEE/IFIP 8th international conference on embedded and ubiquitous computing (EUC), 11–13 December, 2010, pp. 703–710.Google Scholar
  8. 8.
    Viriyasitavat, W., & Martin, A. (2012). A survey of trust in workflows and relevant contexts. IEEE Communications Surveys & Tutorials, 14(3), 911–940.Google Scholar
  9. 9.
    Pathan, A.-S. K. (2014). On the boundaries of trust and security in computing and communications systems. International Journal of Trust Management in Computing and Communications, 2(1), 1–6.CrossRefGoogle Scholar
  10. 10.
    Grandison, T., & Sloman, M. (2000). A survey of trust in internet applications. IEEE Communications Surveys and Tutorials, 3(4), 2–16.CrossRefGoogle Scholar
  11. 11.
    Quercia, D., Hailes, S., & Capra, L. (2006). B-Trust: Bayesian trust framework for pervasive computing. In Proceedings of the 4th international conference on Trust (iTrust’06), 2006, LNCS 3986, Springer, pp. 298–312.Google Scholar
  12. 12.
    Tabaki, H., Joshi, J. B. D., & Ahn, G.-J. (2010). Security and privacy challenges in cloud computing environments. IEEE Security and Privacy, 8(6), 24–31.CrossRefGoogle Scholar
  13. 13.
    Khan, K. M., & Malluhi, Q. (2010). Establishing trust in cloud computing. IT Professional, 12(5), 20–27.CrossRefGoogle Scholar
  14. 14.
    Ranchal, R., Bhargava, B., Othmane, L. B., Kim, A., Kang, M., & Linderman, M. (2010). Protection of identity information in cloud computing without trusted third party. In 2010 29th IEEE symposium on reliable distributed systems, October 31 2010–November 3 2010, pp. 368–372.Google Scholar
  15. 15.
    Lin, K.-J., Lu, H., Yu, T., & Tai, C.-E. (2005). A reputation and trust management broker framework for web applications. In The 2005 IEEE international conference on e-technology, e-Commerce and e-Service, 2005 (EEE ‘05), 29 March–1 April 2005, pp. 262–269.Google Scholar
  16. 16.
    Li, X., & Du, J. (2013). Adaptive and attribute-based trust model for servicelevel agreement guarantee in cloud computing. IET Information Security, 7(1), 39–50.CrossRefGoogle Scholar
  17. 17.
    Goyal, M. K., Gupta, P., Aggarwal, A., & Kumar, P. (2012). QoS based trust management model for Cloud IaaS. In 2012 2nd IEEE international conference on parallel distributed and grid computing (PDGC), 6–8 December 2012, pp. 843–847.Google Scholar
  18. 18.
    Raghebi, Z., & Hashemi, M. R., (2013). A new trust evaluation method based on reliability of customer feedback for cloud computing. In 2013 10th international ISC conference on information security and cryptology (ISCISC), 29–30 August 2013, pp. 1–6.Google Scholar
  19. 19.
    Barsoum, A., & Hasan, A. (2013). Enabling dynamic data and indirect mutual trust for cloud computing storage systems. IEEE Transactions on Parallel and Distributed Systems, 24(12), 2375–2385.CrossRefGoogle Scholar
  20. 20.
    Lin, G., Wang, D., Bie, Y., & Lei, M. (2014). MTBAC: A mutual trust based access control model in cloud computing. China Communications, 11(4), 154–162.CrossRefGoogle Scholar
  21. 21.
    Pal, S., Khatua, S., Chaki, N., & Sanyal, S. (2012). A new trusted and collaborative agent based approach for ensuring cloud security. Annals of Faculty Engineering HunedoaraInternational Journal of Engineering, 10(1), 71–78.Google Scholar
  22. 22.
    Manuel, P. D., Selvi, S. T., & Barr, M. I. A.-E. (2009). Trust management system for grid and cloud resources. In First international conference on advanced computing, 2009 (ICAC 2009), 13–15 December 2009, pp. 176–181.Google Scholar
  23. 23.
    Somasundaram, T. S., Amarnath, B. R., Kumar, R., Balakrishnan, P., Rajendar, K., Rajiv, R., et al. (2010). CARE resource broker: A framework for scheduling and supporting virtual resource management. Future Generation Computer Systems, 26, 337–347.CrossRefGoogle Scholar
  24. 24.
    Habib, S. M., Hauke, S., Ries, S., & Mühlhäuser, M. (2012). Trust as a facilitator in cloud computing: a survey. Journal of Cloud Computing: Advances, Systems and Applications,. doi:10.1186/2192-113X-1-19.Google Scholar
  25. 25.
    Pathan, A.-S. K., & Kindy, D. A. (2014). Lethality of SQL injection against current and future internet-technologies. International Journal of Computational Science and Engineering, 9(4), 386–394.CrossRefGoogle Scholar
  26. 26.
    Building customer trust—A perspective on Service Organization Controls reporting options. In Technical report. PwC network, Canada. http://www.pwc.com/en_CA/ca/controls/performance-assurance/publications/pwc-building-customer-trust-2013-10-en.pdf. Last accessed July 26, 2014.
  27. 27.
    Kindy, D. A., & Pathan, A.-S. K. (2013). A detailed survey on various aspects of SQL injection in web applications: Vulnerabilities, innovative attacks and remedies. International Journal of Communication Networks and Information Security, 5(2), 80–92.Google Scholar
  28. 28.
    Shin, J., Kim, Y., Park, W., & Park, C., (2012). DFCloud: A TPM-based secure data access control method of cloud storage in mobile devices. In Proceedings of 2012 IEEE CloudCom, 3–6 December 2012, pp. 551–556.Google Scholar
  29. 29.
    Jia, W., Zhu, H., Cao, Z., Wei, L., & Lin, X., (2011). SDSM: A secure data service mechanism in mobile cloud computing. In 2011 IEEE INFOCOM workshops, 1015 April 2011, pp. 1060–1065.Google Scholar
  30. 30.
    Parann-Nissany, G. (2014). Top cloud computing security issues and solutions. May 5, 2014. http://www.cloudave.com/34670/top-cloud-computing-security-issues-solutions/. Last accessed July 26, 2014.
  31. 31.
    Khalil, I. M., Khreishah, A., & Azeem, M. (2014). Cloud computing security: A survey. Computers, 3, 1–35.CrossRefGoogle Scholar
  32. 32.
    Adams, M. (2014). Three ways to build customer trust. Forbes Magazine, 22 April, 2014. http://www.forbes.com/sites/yec/2014/04/22/three-ways-to-build-customer-trust/. Last accessed July 26, 2014.
  33. 33.
    General information on ISO. http://www.iso.org/iso/support/faqs/faqs_general_information_on_iso.htm. Last accessed July 26, 2014.
  34. 34.
    Brenner, M., Wiebelitz, J., Voigt, G. V., & Smith, M. (2011). Secret program execution in the cloud applying homomorphic encryption. In 2011 Proceedings of 5th IEEE DEST, 31 May–3 June 2011, pp. 114–119.Google Scholar
  35. 35.
    Mohammed, M. M. Z. E., & Pathan, A.-S. K.. (2014). International center for monitoring cloud computing providers (ICMCCP) for ensuring trusted clouds. In The 11th IEEE international conference on autonomic and trusted computing (ATC-2014), December 9–12, 2014, Ayodya Resort, Bali, Indonesia.Google Scholar
  36. 36.
    Focus Group on Cloud Computing Technical Report. Version 1.0, parts 1 to 7. ITU-T (for Telecommunication Standardization Sector of the International Telecommunications Union), 2012.Google Scholar
  37. 37.
    Cloud for Europe. http://ec.europa.eu/digital-agenda/en/news/cloud-europe-stage. Last accessed December 20, 2014.
  38. 38.
    US Government Cloud Computing Technology Roadmap, Volume I, Release 1.0 (Draft), NIST, USA, November 2011. http://www.nist.gov/itl/cloud/upload/SP_500_293_volumeI-2.pdf. Last accessed December 26, 2014.
  39. 39.
    US Government Cloud Computing Technology Roadmap Volume I: High-Priority Requirements to Further USG Agency Cloud Computing Adoption, NIST, USA, October 2014. http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.500-293.pdf. Last accessed December 26, 2014.

Copyright information

© Springer Science+Business Media New York 2015

Authors and Affiliations

  • Al-Sakib Khan Pathan
    • 1
  • Mohssen M. Z. E. Mohammed
    • 2
  1. 1.Department of Computer ScienceInternational Islamic University MalaysiaKuala LumpurMalaysia
  2. 2.College of Computer and Information SciencesAl-Imam Muhammad Ibn Saud Islamic UniversityRiyadhSaudi Arabia

Personalised recommendations