A Method for Trust Quantification in Cloud Computing Environments

Cloud computing and Internet of Things (IoT) are emerging technologies that have experienced rapid development in recent years. While cloud computing presents a new platform over which services are offered to the user more conveniently, IoT facilitates the collection of a large amount of data via interconnected wireless sensors for event monitoring and control. In such environments, ownership and control over the data may lead to potential conflict between the protection of data and the provision of services. Thus, cloud security has received a great deal of attention in recent years. In this paper, we propose a method for trust quantification based on fuzzy comprehensive evaluation theory for cloud computing to protect user data through trust quantification of cloud services after we introduce trust ontology for cloud services and define user preference trust values. By enhancing the existing trust concept based on dynamic requirements, we introduce some cloud service attributes to study layered service representation for trust preference and then apply the fuzzy comprehensive evaluation theory to perform trust quantification. We also perform some experiment to show that the proposed method is effective and can dynamically perform trust quantification to deal with malicious acts of nonfaithful services.


Introduction
Trust management in a cloud computing environment to ensure the security of information is a major challenge in the era of cloud computing and Internet of Things (IoT). Meanwhile, trust assessment is an indispensable part of trust management [1][2][3][4][5]. Since different technologies can be used in a cloud computing environment, trust assessment has its own characteristics and requirements. Research in recent years in this area has mostly focused on the evaluation of trust in the subject, that is, the service requester, by the object, that is, the service provider, as the basis of assigning access permissions for users to access services. In a cloud computing environment, however, cloud users and cloud services may assume dual roles. When the cloud service provider is a resource provider, trust can be used to determine whether it can accept requests from cloud users for access to cloud services such as computation or storage, among many other functions. When the cloud user becomes a resource provider, trust can be used to determine whether it can grant control over the data of the user to the cloud service provider to use the data. As IoT technologies become more mature, more and more wireless sensors will be deployed to form an interconnected network among a vast amount of things in addition to regular users for more efficient monitoring and control [6][7][8][9][10], generating tremendous volumes of data for the cloud. Some of the data are certainly sensitive as far as user privacy is concerned. There thus exists a conflict between the protection of user privacy and the convenient use of services. There is thus the requirement to perform two-way trust assessment in cloud computing environments, that is, to perform trust evaluation on behalf of the user in addition to the trust evaluation traditionally performed by the service provider on the user. Thus, trust evaluation in cloud computing environments becomes a two-level hierarchy. One is the trust evaluation on the cloud user to protect cloud services 2 International Journal of Distributed Sensor Networks from external threats. The other is the trust evaluation on the cloud computing service provider to allow the user to choose credible cloud services according to different trust values and many other aspects.
In this paper, we focus on the issue of cloud user data protection in cloud computing and propose a trust quantification method for the evaluation of cloud services. Our method will use preference trust based on cloud computing service attributes to evaluate trust on cloud services. The rest of this paper is organized as follows. In Section 2, we describe some related work. In Section 3, we explain the proposed approach in two parts: one is the relevant definitions and the other is the algorithm description. We also perform some experiment to evaluate our proposed method along with two scenarios for better illustration. Finally, we conclude this paper in Section 4.

Related Work
In a cloud computing environment, evaluation of trust on cloud services may involve various spatial and temporal factors, which has the characteristics of subjectiveness and fuzziness. Therefore, we can assess and quantify trust using fuzzy mathematical theory by following relevant approaches.
Fuzzy comprehensive evaluation is about the analysis and synthesis of fuzzy relationships that involve one or more factors to deal with vagueness and subjective judgment of multiple factors according to their importance [11][12][13]. Trust itself may be subjective. Thus, dynamic trust quantification on cloud services has to involve some fuzzy subjective information of cloud services to cloud users [14][15][16][17][18][19]. Consequently, fuzzy comprehensive evaluation to quantify the trust of cloud services has practical significance. Fuzzy comprehensive evaluation usually involves the following steps: (c) Evaluate single factor through establishing a fuzzy relationship matrix and assessing its elements individually to quantify components of so as to establish the fuzzy membership subset ( | ) and to get the fuzzy relationship matrix: ] . (1) In the matrix, element at the th row and the th column denotes the evaluation from the perspective of factor that corresponds to the fuzzy subset V . Thus, ( | ) = ( 1 , 2 , . . . , ) expresses the evaluation from the perspective of factor .
(e) Derive comprehensive evaluation results by combining with to get the fuzzy comprehensive evaluation result vector : (2) In cloud computing, services are selected based on trust to personalize the needs of data protection in a multitenant environment [20][21][22][23][24][25][26]. In this paper, we refer to the specific contexts in the life cycle of cloud computing as service properties. As another entity in cloud computing, users may release data that could relate to these service properties. Thus, a cloud user can perform trust evaluation on services in accordance with the service properties. Such service properties should be representative of cloud services, which is not only the prerequisite for trust quantification, but also the basis for service selection as well as for controlling the granularity of the release of user data during interactions. Service properties should also include service trust metrics although current research on trust metrics mainly describes the trust of object on the subject without considering the requirement for mutual trust in a cloud computing environment. This paper aims to propose a method of trust evaluation from the point of view of protecting user's data in the cloud.

Hierarchical Representation of Cloud Service Information.
To clearly describe cloud services, we need to consider service information representation. In this section, we define service trust ontology through a layered cloud service model.

Cloud Service Trust Ontology.
Cloud computing provides infrastructure, platform, or software as a service for the user. Currently, there are three different service models defined for the cloud, that is, IaaS, PaaS, and SaaS, that correspond to the above three types of services as shown in Figure 1. The IaaS layer provides the basic services such as databases, file systems, and storage, the PaaS layer provides services related to the development environments, and the SaaS layer provides software as a service to meet user application needs.
In order to accurately describe cloud services, trust evaluation must consider how service information can be expressed. Ontology is one way of describing things in an organized manner since it is a philosophical method for describing the nature of things. A formal definition of ontology in the field of information science is made by American Knowledge Systems Laboratory at Stanford University which states that ontology is an explicit specification of a conceptualization. Ontology is further defined as a concept specification that originates from the specific need of understanding the nature of knowledge [27][28][29][30][31]. It is used to interpret concepts or domains that have reached a consensus understanding. Each domain has a set of conventional concepts or words, or a group of closely related meanings, available for selection.
Ontology on the trust of cloud service providers can be described using the name of the ontology and a combination of a number of elements as follows: (a) The cloud users who are the service requesters and who perform trust evaluation on cloud services.
(b) The cloud services that are offered by a service provider and are thus evaluated by the cloud users.
(c) The type of a cloud service as described by service attributes such as temporal and spatial factors, user trust factors, and historical behavioral factors.
(d) The evaluation criteria that are used to measure the trust on each attribute of a service.
(e) Service background that refers to the nature of a service, such as "storage service." Note that each of the above elements could itself be a composite element that consists of complex data structures such as a collection of tables. For example, service evaluation criterion could be a group of elements. The ontology of trust on cloud services is shown in Figure 2.  The above characterization of cloud services has the following features. Firstly, the trust metrics are the measurement of cloud services by cloud users that result from the trust relationship of the past. It may also include direct trust and recommendation trust, which affects the selection of services in the future. Secondly, information about trust is stored in a database that consists of tuples with each tuple as a row in a database table. To trust a cloud service is a process of obtaining certain information about service background as well as cloud users in accordance with trust evaluation criteria for assessing the service attributes. The results are combined with past trust values to quantify the trust on the current cloud services. The key to evaluating the trust on cloud services is to define service evaluation criteria, which involves the following two issues: one is that service assessment criteria should be clearly defined to reflect the properties of cloud services to users and the other is that evaluation criteria for each service should have different weights according to personalized service needs of cloud users.

Preference Trust.
To meet the personalized service needs of cloud users and based on the ontology of trust on cloud services, we can use the notion of preference trust to evaluate the trust on service providers from the aspects of time, space, historical behavior, and so forth. A few related definitions are as follows: (a) Preference trust results from an interactive process between cloud users and cloud services, which depends on one or more attributes that should consist of the preference of individual users expressed using temporal, spatial, and other factors such as behavior and history. Cloud users could then perform trust evaluation on cloud services.
(b) Historical behavior is an aspect of evaluation based on feedback on cloud service providers to give cloud users the information that reflects the integrity of cloud services.
(c) Quantification of service trust is to establish a quantitative evaluation system to apply trust evaluation on cloud services.

Description of the Method.
Quantification of service preference trust consists of two steps. The first is to determine the best weight distribution for each factor based on different trust preferences. The second is to establish a method to quantify the factors of trust based on different trust preferences to get a comprehensive value for the cloud service preference trust.
Cloud users can build a trust cloud services quantification index table in accordance with the needs or the historical behavior information of the services. Cloud users also define the time interval according to the service need property. For each time interval [ , ], we need to establish the appropriate trust quantification interval [ , ] during which the cloud services are provided at a time ; that is, ≤ ≤ . Then, we can randomly generate the time factor to quantify the value of trust ∈ [ , ]. For the time interval [ , ], if the total number of services is provided times among which there are total number of dishonest services, then the probability of dishonest services during the period is = / . If we Table 1: Time factor trust quantification table. Time factor randomly generate a time to quantify the value of trust ∈ [ , ], then the preference trust value is = ×(1− ).
Trust quantification based on the time factor can be shown in Table 1.
Cloud user trust factor mainly refers to trusting of cloud users by a cloud service provider. The cloud service provider can read its own record to get such information with the default value being 0.5 if such information is not available. Cloud user trust quantization table can be established in a similar way as Table 1.
History behavioral factor mainly refers to the behavior of the service provider. The purpose is to make a dishonest service provider pay a higher price. The service provider record table can be established for each cloud service and stored at the cloud service agency which cloud users can access. Cloud users can then use the historical behavior information records as an important source for the confidence on the corresponding services in the future. Cloud service provider record table includes preference trust and service events which reflect temporal and spatial factors. Such a table is shown in Table 2.
In Table 2, represents the th factor for the th cloud service. Here, we only list the temporal, spatial, user trust, and historical behavioral factor and behavioral feedback +1 which is the last historical behavior trust value. When a cloud service provides services for the first time, the trust value for the history behavioral factor can be initialized to be 0.5.
Another important issue is to determine the optimal weights for the different factors. The approach is to analyze historical behavior of the services by applying the maximum entropy analysis method to determine the weight for each factor through fuzzy comprehensive evaluation. Based on the records of direct interactions between cloud users and cloud services, trust evaluation on the following attributes is performed: temporal, spatial, user trust, and historical behavior that constitute the evaluation index set = { 1 , 2 , 3 , 4 }. The evaluation results can consist of four possibilities {complete trust, trust, critical trust, distrust} expressed using the corresponding decision set The maximum entropy method is about the use of information entropy in information theory to determine the weight of each index in multiattribute decision making. The basic principle for multicriteria decision making is to select the best from satisfied solutions based on the amount of information that each index can provide as well as the weight of the index. In this paper, we analyze the history of the service providers and apply fuzzy comprehensive evaluation method and information entropy theory to determine the best combination of weights of various factors in the design of a preference trust quantification algorithm. We also analyze the effectiveness of the algorithm.
International Journal of Distributed Sensor Networks 5 The algorithm is as follows.
Step 1. Check cloud service provider's record to determine the number of service interactions that can be trusted; this value is set by the cloud user.
Step 2. If the number of interactions with the service is ℎ ≥ , initialize the weight for preference trust factor to be 0.25; go to Step 8.
Step 8. Output the value of the weight for each factor.
Step 9. Apply the fuzzy comprehensive evaluation method to judge every attribute in order to relate the attribute to a trust level. Then, establish the fuzzy relationship matrix in which is the degree of the service being named V with respect to the property , that is, the degree of being affiliated with V : ] . (4) Step 10. Synthesize the fuzzy relationships by selecting the weighted average fuzzy operator = 1 1 + 2 2 + ⋅ ⋅ ⋅ + and applying the following operation to get the final evaluation results: ] . (5)

Simulation and Analysis.
To verify the effectiveness of our proposed method for trust quantification, we performed some experiment using the cloud computing simulation software CloudSim enhanced with org.cloudbus.cloudsim.lists by adding the ServiceDirTrustsimulation entity class to allow us to define cloud users, configure their trust values, and specify service needs, service records, and other necessary parameters. The simulation experiment would simulate the different service interactive environments in which our method is applied to respond to the changes of cloud services. For the purpose of illustration, we randomly generated three cloud service provider records and the corresponding quantified values of each factor are shown in Table 3. We then standardized the data in Table 3  ] .
Here, we do not assume any preference on the weight of each index. Then, by applying Steps 5-8 on the temporal factor of the preference trust, we get the following entropy value: 6 International Journal of Distributed Sensor Networks For ease of comparison and visualization with the above assigned weights to the factors, we provide herein the results of a service that has been provided 30 times during which the first 9 are provided honestly and then becomes dishonest beginning with the 10th time. We illustrate the results using two scenarios.
In the first scenario, we changed the history behavioral factors without changing the weights. The values of the preference trust of the cloud service are shown in Figure 3.
In the second scenario, we changed both the history behavioral factors and the weights of the factor. The values of the preference trust of the cloud service are shown in Figure 4.
The results in Figures 3 and 4 clearly show that when the cloud service performs honestly, preference trust gradually increases along with the improvement of the historical behavior value. However, when the service provider's behavior becomes dishonest, feedback from cloud users would cause the value of the historical behavior factor to go lower, dragging down the preference trust values over the weights of the factors. Thus, the proposed trust quantification method is effective according to the results of the experiment.

Conclusion
In this paper, we proposed a trust quantification method in cloud computing environments in which we applied the fuzzy comprehensive evaluation theory to quantifying trust on cloud services. First, considering cloud users personalized service needs, we defined the concept of preference trust which includes factors that reflect temporal and spatial properties, cloud user trust, and historical behavior. We then designed weight distribution for each factor of the preference trust and proposed a quantification algorithm by applying information and fuzzy evaluation theory. We also performed some simulation experiment to demonstrate that our proposed approach can help users achieve more benefits and protect privacy effectively. With trust evaluation on cloud services providers, cloud users can choose suitable services with different trust values along with other aspects of the services. Our approach can certainly be used to protect cloud users' data and contain services providers' malicious behavior.