Yanru Zhang,Xiang-Yang Li,Zhu Han

DOI: https://doi.org/10.1109/glocom.2017.8254090

2017-01-01

Abstract:Nowadays, cloud computing has been identified as new opportunities for migrating to the expected agility, reuse, and adaptive capabilities that can support the ever changing IT trends, requirements and environments. However, for benefits of their own, there are various motivations for cloud service providers (CSPs) to behave unfaithfully toward cloud customers, such as invading data privacy and providing inaccurate data processing results to customers. On the other hand, constrained by computation resources and capabilities, customers mostly cannot independently process big data and perform verification on correctness and completeness. Under this information asymmetry, how to ensure the correctness and completeness of data processing, computation, and mining becomes a practically crucial issue that greatly impacts the widely deployment of cloud computing, as well as the future Internet. Though verifiable computing provides us with approaches to verify the computation results. There is hardly an approach that can ensure a 100% detection accuracy. In this paper, the concept of using penalty to decrease CSP's incentive to cheat is proposed from a contract theoretical aspect, where cloud service customers can resort to an external auditor to verify the computation results when needed. Then, an auditing contract which consists of penalty and service fee is proposed so that the CSP will be fined when being found out cheating. Subsequently, the problem is formulated to solve the efficient contract under incomplete information market. Furthermore, we give the simulation results to show the audit contract improve the efficiency of the system.

Zhigang Zhou,Hongli Zhang,Xiangzhan Yu,Junwu Guo

DOI: https://doi.org/10.1109/icc.2015.7249518

2015-01-01

Abstract:Cloud computing provides convenient on-demand computing resources which enables users to outsource their computational tasks to the cloud. However, users lose direct control of tasks, which inevitably causes new challenges: users have no way to audit whether the cloud server provides services along the service level agreement (SLA). To this end, we present an audit model based on cloud service broker (CSB) that can verify the reliable execution of SLA for compute-intensive program in cloud. Specifically, we propose a program structure mapping model called concept tree, which transforms the target application into a tree structure. Then, we split it into several independent computable units. Based on this, CSB can fine-grained audit the task execution process in cloud by comparing the running time and the similarity of the computable units. We also adopt game theory to motivate the credible implementation of SLA, in addition to defend against the semi-honest cloud model. We implement our scheme on Hadoop and the extensive experiments demonstrate that our scheme has the high prediction accuracy.

Shengli Zhou,Lifa Wu,Canghong Jin

DOI: https://doi.org/10.1109/cc.2017.8068773

2017-01-01

China Communications

Abstract:A Service Level Agreement（SLA） is a legal contract between any two parties to ensure an adequate Quality of Service（Qo S）. Most research on SLAs has concentrated on protecting the user data through encryption. However, these methods can not supervise a cloud service provider（CSP） directly. In order to address this problem, we propose a privacy-based SLA violation detection model for cloud computing based on Markov decision process theory. This model can recognize and regulate CSP’s actions based on specific requirements of various users. Additionally, the model could make effective evaluation to the credibility of CSP, and can monitor events that user privacy is violated. Experiments and analysis indicate that the violation detection model can achieve good results in both the algorithm’s convergence and prediction effect.

Peiyang Li,Ye Wang,Zhuotao Liu,Ke Xu,Qian Wang,Chao Shen,Qi Li

DOI: https://doi.org/10.1007/978-3-031-17146-8_7

2022-01-01

Abstract:Deep learning training is often outsourced to clouds due to its high computation overhead. However, clouds may not perform model training correctly due to the potential violations on Service Level Agreement (SLA) and attacks, incurring low quality of outsourced training. It is challenging for customers to understand the quality of outsourced training on clouds. They cannot measure the quality by simply testing the trained models because the testing performance is impacted by various factors, e.g., the quality of training and testing data. In order to address these issues, in this paper, we propose a novel framework that allows customers to verify the quality of outsourced training without modifying the processes of model training. Particularly, our framework achieves black-box verification by utilizing an extra training task that can be learned by the model only after the model converges on the original training task. We construct well-designed extra training tasks according to the original tasks, and develop a training quality verification method to measure the model performance on the extra task with a hypothesis testing-based threshold. The experiment results show that the models passing the quality verification achieve at least 96% of their best performance with negligible accuracy loss, i.e., less than 0.25%.

Wang Chunlu,Liu Chuanyi,Wang Xiaoliang,Dong Yingfei

DOI: https://doi.org/10.1109/GLOCOM.2013.6831151

2013-01-01

Abstract:Cloud computing is broadly recognized as one of major factors in achieving more flexible, scalable, and efficient systems. However, as customers lose the direct control of their data and applications hosted by cloud providers, the trustworthiness of cloud services is a main issue that hinders the deployment of cloud applications. In this paper, we have developed a novel framework to detect compromises on physical servers in cloud services, via remote attestation with a Trusted Third Party (TTP). Furthermore, to avoid the TTP becoming a bottleneck, we have designed a cloud based TTP platform, using a small private cloud to audit large clouds. We have implemented a prototype system, and evaluated it with several common benchmarks to demonstrate its efficiency. Our experimental results show that the proposed framework is effective in detecting compromise and adds little overhead to a common IaaS cloud environment.

Ying Zhang,Wenfei Wu,Sujata Banerjee,Joon-Myung Kang,Mario A. Sanchez

DOI: https://doi.org/10.1109/infocom.2017.8057041

2017-01-01

Abstract:Network verification has been recently proposed to detect network misconfigurations. Existing work focuses on the reachability. This paper proposes a framework that verifies the Service Level Agreement (SLA) compliance of the network using static verification. This work proposes a quantitative model and a set of algorithms for verifying performance properties of a network with switches and middleboxes, i.e., service chains. We develop SLA-Verifier and evaluate its efficiency using simulation on real-world data and testbed experiments. To improve the SLA violation detection accuracy, our system uses verification results to optimize online monitoring.

LIU Chuan-yi,PAN He-zhong,LIANG Lu-lu,WANG Guo-feng,FANG Bin-xing

DOI: https://doi.org/10.11959/j.issn.2096-109x.2016.00102

2016-01-01

Abstract:A ＂big clouds audited by a small cloud＂ scheme was proposed,by introducing an independent trusted third party (TTP) dealing with run-time data collection,verification,audit and evaluation remotely,in a continuous and data-driven model,compared with traditionally certification based audit.The TTP mainly adopts data flow visualization,data monitoring and encryption to protect the rights of users.It provides the basis for users to choose a trusted cloud platform and for cloud platform to prove own trusted credentials.In-depth study,the following key technologies were broken through:1) the introduction of an independent trusted third party as an intermediate layer between cloud platform and users as well as administrators; 2) continuous,real-time remote data collection and data analysis; 3) strong non-intrusive evidence gathering.

Frank S. de Boer,Elena Giachino,Stijn de Gouw,Reiner Hähnle,Einar Broch Johnsen,Cosimo Laneve,Ka I Pun,Gianluigi Zavattaro

DOI: https://doi.org/10.4204/EPTCS.302.1

2019-08-27

Abstract:Service Level Agreements (SLA) are commonly used to specify the quality attributes between cloud service providers and the customers. A violation of SLAs can result in high penalties. To allow the analysis of SLA compliance before the services are deployed, we describe in this paper an approach for SLA-aware deployment of services on the cloud, and illustrate its workflow by means of a case study. The approach is based on formal models combined with static analysis tools and generated runtime monitors. As such, it fits well within a methodology combining software development with information technology operations (DevOps).

Distributed, Parallel, and Cluster Computing,Software Engineering

Chunwen Li,Xu Wu,Chuanyi Liu,Xiaqing Xie

DOI: https://doi.org/10.1007/978-3-642-35795-4_25

2013-01-01

Abstract:The hosting service model of cloud computing brings trustworthinessissue of cloud providers, which is a serious obstacle for wider adoption of cloud-based services. Based on open source components of TCG (Trusted Computing Group)and IBM's IMA (Integrity Measurement Architecture), this paper designed and implementeda remote attestation architecture and protocol to verify the trustworthiness of users' virtual machineinIaaS cloud. Meanwhile, as theverification agent, Trusted Third Partyminimized cloud configuration information disclosure, ensured the privacy of cloud.The experiments demonstratedthat this architecture brought little extra cost while provided trustworthiness guarantee. © Springer-Verlag Berlin Heidelberg 2013.

GAO Yun-lu,SHEN Bei-jun,KONG Hua-feng

DOI: https://doi.org/10.3969/j.issn.1000-3428.2012.07.010

2012-01-01

Abstract:(Abstract )In order to solve the problem that users have little trust in Cloud Service Provider(CSP), this paper proposes a trust model based on Service Level Agreement(SLA) and user ratings. It determines the service quality by analyzing the SLA supplied by the cloud service provider, observes their fulfillment of SLA through user ratings, and combines the two aspects to calculate the trust degree of the service. Analysis results show that users can accurately find a trustworthy CSP by this model.

Wenan Tan,Hai Zhu,Jinjing Tan,Yao Zhao,Li Da Xu,Kai Guo

DOI: https://doi.org/10.1080/17517575.2021.1939426

2021-06-13

Enterprise Information Systems

Abstract:<span>The number of service offerings in cloud manufacturing continues to grow, so that service level agreement (SLA) within cloud manufacturing is increasingly used to ensure the coordination of the cross-organisational business processes between the cloud service providers (CSP) and cloud service consumers (CSC). The definition of SLA and monitoring SLA's performance are significant and should be highly valued to ensure the effectiveness and efficiency of business services. At present, the third-party monitoring methods based on service credit are mainly applied in cloud manufacturing environments. There is no effective supervision mechanism to monitor the third party and no efficient punishment mechanism on SLA violation. To address aforementioned issues, this paper proposes a novel Service Level Agreement model by integrating Blockchain and Smart Contract (SLABSC), in which trust issues among CSP, CSC, and the third-party monitoring can be addressed through Blockchain technologies. The method proposed in this paper realises the full functionality of SLABSC and facilitates data security, and it can be used to supervise CSP to provide better services. Experiments results show that the performance of the proposed model is valid and efficient.</span>

computer science, information systems

Chuanyi Liu,Jie Lin,Binxing Fang

DOI: https://doi.org/10.1587/transinf.e96.d.2344

2013-01-01

IEICE Transactions on Information and Systems

Abstract:However, in cloud computing mode, customers lose the direct control of their data and applications hosted by the cloud providers, which leads to the trustworthiness issue of the cloud providers, hindering the widespread use of cloud computing. This paper proposes a trustworthiness verification and audit mechanism on cloud providers called T-YUN. It introduces a trusted third party to cyclically attest the remote clouds, which are instrumented with the trusted chain covering the whole architecture stack. According to the main operations of the clouds, remote verification protocols are also proposed in T-YUN, with a dedicated key management scheme. This paper also implements a proof-of-concept emulator to validate the effectiveness and performance overhead of T-YUN. The experimental results show that T-YUN is effective and the extra overhead incurred by it is acceptable.

Faen Zhang,Xinyu Fan,Pengcheng Zhou,Wenfeng Zhou

DOI: https://doi.org/10.48550/arXiv.1912.02089

2019-12-01

Cryptography and Security

Abstract:Data security and privacy is an important but challenging problem in cloud computing. One of the security concerns from cloud users is how to efficiently verify the integrity of their data stored on the cloud server. Third Party Auditing (TPA) is a new technique proposed in recent years to achieve this goal. In a recent paper (IEEE Transactions on Computers 62(2): 362-375 (2013)), Wang et al. proposed a highly efficient and scalable TPA protocol and also a Zero Knowledge Public Auditing protocol which can prevent offline guessing attacks. However, in this paper, we point out several security weaknesses in Wang et al's protocols: first, we show that an attacker can arbitrarily modify the cloud data without being detected by the auditor in the integrity checking process, and the attacker can achieve this goal even without knowing the content of the cloud data or any verification metadata maintained by the cloud server; secondly, we show that the Zero Knowledge Public Auditing protocol cannot achieve its design goal, that is to prevent offline guessing attacks.

Huahui Lyu,Yuning Xiao,Ruihong Yan,Yong Jin,Ruimin Shen,Bin Sheng

DOI: https://doi.org/10.1109/ithings-greencom-cpscom-smartdata.2017.129

2017-01-01

Abstract:Service Level Agreement (SLA) is a contract between service providers and users. Our high availability evaluation approach utilizing SLA strikes a balance between the service offered by the provider and the user's demand through SLA. The method is revealed in the form of contract, which renders evaluation of traceable service quality. We then designed the implementation steps and simulative software to verify our SLA-based high availability evaluation approach. We have deigned the static evaluation with pre-set functions, and designed the implementation evaluation for evaluating the subjective indicators. The accuracy of subjective evaluation was improve using machine learning. The experimental results show that the proposed SLA approach achieved high performance as compared to some existing state of art methods.

Ming Jiang,James Byrne,Karsten Molka,Django Armstrong,Karim Djemame,Tom Kirkham

DOI: https://doi.org/10.5220/0004377302070212

2013-01-01

Abstract:Automated control of Cloud Service Level Agreements (SLA) is typically focused on Quality of Service (QoS) management and monitoring of the Cloud Infrastructure in-line with the SLA. Using risk assessments to bridge the needs of the Service Provider and Infrastructure Provider is one way in which the management of the whole Cloud SLA life-cycle can be achieved automatically. In this paper we adapt the QoS based risk approach and combine it with business orientated goal monitoring to improve the business input into the management of SLA from both a Cloud IP and SP perspective. We demonstrate this approach using probability of failure QoS risk linked to economic modelling of cost from the business goals of a SP.

Hui Tian,Yuxiang Chen,Hong Jiang,Yongfeng Huang,Fulin Nan,Yonghong Chen

DOI: https://doi.org/10.1109/msec.2018.2875880

IF: 3.105

2019-01-01

IEEE Security & Privacy

Abstract:Cloud storage can provide on-demand outsourcing of data services for organizations and individuals. However, because customers may not fully trust that cloud service providers meet their legal expectations for data security, techniques for auditing the cloud have attracted increasing attention. Here, we present an architecture of public data auditing, review existing methods or mechanisms for various auditing objectives, and discuss trends and possible future developments.

Huan Zhou,Xue Ouyang,Jinshu Su,Cees de Laat,Zhiming Zhao

DOI: https://doi.org/10.1002/cpe.5511

2021-07-25

Abstract:There lacks trust between the cloud customer and provider to enforce traditional cloud SLA (Service Level Agreement) where the blockchain technique seems a promising solution. However, current explorations still face challenges to prove that the off-chain SLO (Service Level Objective) violations really happen before recorded into the on-chain transactions. In this paper, a witness model is proposed implemented with smart contracts to solve this trust issue. The introduced role, "Witness", gains rewards as an incentive for performing the SLO violation report, and the payoff function is carefully designed in a way that the witness has to tell the truth, for maximizing the rewards. This fact that the witness has to be honest is analyzed and proved using the Nash Equilibrium principle of game theory. For ensuring the chosen witnesses are random and independent, an unbiased selection algorithm is proposed to avoid possible collusions. An auditing mechanism is also introduced to detect potential malicious witnesses. Specifically, we define three types of malicious behaviors and propose quantitative indicators to audit and detect these behaviors. Moreover, experimental studies based on Ethereum blockchain demonstrate the proposed model is feasible, and indicate that the performance, ie, transaction fee, of each interface follows the design expectations.

Xuan Liu,Feng Xu

DOI: https://doi.org/10.1109/DCABES.2013.32

2013-01-01

Abstract:In recent years, Cloud Computing has been rapidly developed and become more and more popular. In order to convince the users the reliability of the services, Service Level Agreement (SLA) is subscribed between the providers and users. In this paper, a cloud service monitoring system is proposed to surveillance SLA operation and the behaviors of service provider. The monitoring system achieves dynamic monitoring by using Web Services technology.

Cong Wang,Kui Ren,Wenjing Lou,Jin Li

DOI: https://doi.org/10.1109/mnet.2010.5510914

IF: 10.294

2010-01-01

IEEE Network

Abstract:Cloud computing is the long dreamed vision of computing as a utility, where data owners can remotely store their data in the cloud to enjoy on-demand high-quality applications and services from a shared pool of configurable computing resources. While data outsourcing relieves the owners of the burden of local data storage and maintenance, it also eliminates their physical control of storage dependability and security, which traditionally has been expected by both enterprises and individuals with high service-level requirements. In order to facilitate rapid deployment of cloud data storage service and regain security assurances with outsourced data dependability, efficient methods that enable on-demand data correctness verification on behalf of cloud data owners have to be designed. In this article we propose that publicly auditable cloud data storage is able to help this nascent cloud economy become fully established. With public auditability, a trusted entity with expertise and capabilities data owners do not possess can be delegated as an external audit party to assess the risk of outsourced data when needed. Such an auditing service not only helps save data owners' computation resources but also provides a transparent yet cost-effective method for data owners to gain trust in the cloud. We describe approaches and system requirements that should be brought into consideration, and outline challenges that need to be resolved for such a publicly auditable secure cloud storage service to become a reality.

Jiahao Jiang,Xiao Tan,Lidong Han,Qi Xie,Shengbao Wang

DOI: https://doi.org/10.1109/access.2023.3295248

IF: 3.9

2023-01-01

IEEE Access

Abstract:We propose a credible alliance-chain-based public auditing scheme (CACPA) to properly address the trust problem of third-party auditor (TPA) in the traditional audit scheme for cloud storage. Based on the non-tamperability and traceability of blockchain, we design a novel incentive mechanism to enforce honest and reliable behaviors of TPA. The basic idea is to organize TPA as a group of blockchain nodes conducting mutual surveillance. Any behavior of a TPA node will be inspected by other nodes to maintain good reputation of the group, and malicious behaviors will bring severe punishments. Accordingly, we develop system model of the proposed CACPA, as well as smart contracts to deal with transactions-related issues, such as dispute resolution. Finally, performance evaluation validates that our scheme enjoys acceptable efficiency and suits for real-world applications.

computer science, information systems,telecommunications,engineering, electrical & electronic