earticle

영어

Network-centric applications are built on an intricate infrastructure that binds the communication services to distribute across heterogeneous environments. These services are becoming increasingly innovative and autonomic to execute on demand processes on a virtual platform. This kind of collaboration has fueled the growth of business for a landscape change, creating the era of cloud computing. Present security exploits in this uncharted landscape require a fabric of a trustworthy networked society, which must be inherently secure and reliable. Consequently, every resource that is shared in the cloud is not secure enough, hence, the need to monitor these shared services for its trustworthiness has aroused. In our work, we propose a trusted computing model that monitors services offered to a user through behavior analytics. An Application Monitoring Engine (AME) gets invoked at runtime to detect any changes in the behavior and analysis its pattern. Deviations if any, is escalated into a threat, which is verified through a centralized trust repository and subsequently attested by Behavior Analytics and Attestation Server (BAAS). Earlier models assess trust based on reputation, service agreements, fuzzy and probability, which are mostly static in nature and does not certify the trust value. Our model focuses trust in dynamic nature, and also certifies it through remote attestation protocol. The model is implemented in an OpenStack cloud setup for its feasibility and the performance is analyzed for an image editing software service.