A Distributed Trust Evaluation Protocol with Privacy Protection for Intercloud

INTRODUCTION OF THE PROJECT

Intercloud seeks to facilitate resource sharing among clouds. To support Intercloud, a trust evaluation framework among clouds and users is required. For trust evaluation, conventional protocols are typically supported a centralized architecture that specialize in a one-way relationship. For Intercloud, the environment is very dynamic and distributed, and relationships are often one-way or two-way (i.e., clouds provide services to every other). This paper presents a distributed trust evaluation protocol with privacy protection for Intercloud. The new contributions and innovative features are summarized below. First, feedback is protected by homomorphic encryption with verifiable secret sharing. Second, to cater to the dynamic nature of Intercloud, trust evaluation are often conducted during a distributed manner and is functional even when a number of the parties are offline. Third, to facilitate customized trust evaluation, an innovative mechanism is employed to store feedback, such it are often processed flexibly while protecting feedback privacy. The protocol has been proved supported a proper security model. Simulations are performed to demonstrate the effectiveness of the protocol. The results show that even when half the clouds are malicious or offline, by choosing suitable operational parameters the protocol can still support effective trust evaluation with privacy protection.

EXISTING SYSTEM

Clark et al. proposed a reputation system with privacy protection for mobile ad-hoc networks with the main target on handling dynamic configuration (i.e., parties may join and leave dynamically). Since each party in Clark et al.’s scheme shares its feedback with all other participants, the complexity of message exchange in Clark et al.’s scheme is O. Schaub et al. proposed an anonymous reputation system for e-commerce websites, with the aim of guaranteeing user anonymity within the trust evaluation process. However, feedback privacy can't be protected.

Tormo et al. proposed a reputation management system for hybrid broadcast broadband TV (HbbTV), which aims to compute personalized trust results supported the similarity of two users when making choices. However, the scheme must disclose both feedback and user identities to trusted third parties. Hasan et al. designed a privacy-preserving reputation protocol which will tackle attacks by malicious participants during a multi-agent environment . However, this scheme leaks the prevailing trust relationships between users of an equivalent CSP. And it cannot compute customized evaluation results and ensure user anonymity. Although a number of these protocols could also be adapted for Intercloud with some modifications, it's still desirable to develop an Intercloud-specific trust evaluation protocol with the arrival of cloud computing, also as for effectiveness and efficiency considerations.

Zhu et al. studied a probabilistic misbehavior detection scheme toward efficient trust evaluation in delay/disruption tolerant networks (DTNs) . As highlighted by [39], malicious nodes (i.e., drop or modify messages) and selfish nodes (i.e., refuse to forward messages) seriously affect trust evaluation and network performance. As shown by the aforementioned simulation results, our protocol can handle this type of attack effectively. Our protocol can compute customized trust evaluation results while protecting feedback privacy.

Disadvantages

• within the existing work, the system proposed a reputation management system for hybrid broadcast broadband, which aims to compute personalized trust results supported the similarity of two users when making choices which leads less security.
• The prevailing scheme leaks the prevailing trust relationships between users of an equivalent CSP. And it cannot compute customized evaluation results and ensure user anonymity.

PROPOSED SYSTEM

Cloud user protection. To encourage honest feedback ratings and to stop possible retaliatory attacks, both user identity and user feedback privacy should b protected. Ideally, feedback shouldn't be linked with the user and business privacy of the user (i.e., which user has performed business with which cloud service provider shouldn't be disclosed). Our protocol uses an innovative mechanism to store feedback, and employs homomorphic encryptions and with verifiable secret sharing to guard feedback privacy. Finally, neither the cloud service provider nor the enquirer can obtain individual feedback.

Cloud service provider protection. Malicious users can generate an outsized volume of misleading feedback or faked ratings to wreck the reputation of a cloud service provider. to deal with this important issue, our proposed protocol allows a cloud service provider to certify a rater’s eligibility. Furthermore, as explained later, our protocol allows the filtering of utmost ratings without leaking privacy information.

Trust result availability. Existing distributed protocols typically require all concerned parties to stay online to facilitate feedback collection. This requirement isn't practical within the Intercloud environment. The proposed protocol can still function well, albeit concerned parties aren't available to contribute to trust evaluation.

Flexible processing of protected feedback. To facilitate customized trust evaluation and reduce the influence of misleading ratings, it's desirable to supply a versatile thanks to subjectively process protected feedback results. for instance , suppose there are two sets of ratings: 1, 5, 5, 5 and 4, 4, 4, 4. Although they both give a mean rating of 4, one or the opposite set could also be preferred by different enquirers. Our protocol provides an innovative mechanism to store and process ratings during a flexible manner (e.g., assigning a lower weight to de-emphasize or filter extreme ratings) while protecting feedback privacy.

Advantages

• The system is simpler since within the Inter cloud context, a cloud service provider (or user) typically trusts another cloud service provider supported certain trust attributes, like service reliability, quality of service and repair efficiency together.
• The system is more secured since the key sharing network are often formed by the users/raters to guard their feedback privacy.