IJDCST @ Nov,-2016, Issue- V-4, I-7, SW-28 ISSN-2320-7884 (Online) ISSN-2321-0257 (Print)

43 www.ijdcst.com

Transparency of Cloud Service Providers Using SelCSP CH. Durga Bhavani1, Roy Choudary, M.Tech .PH.D2

1M.Tech (CSE), UshaRama College of Engineering & Technology, A.P., India. 2Assistant Professor , Dept. of Computer Science & Engineering, UshaRama College of Engineering & Technology, A.P.,

India.

Abstract — Service level agreements (SLAs) are one

of the major considerations for every buyer of cloud

computing services. Each service is typically

accompanied by a service level agreement (SLA)

which defines the minimal guarantees that a provider

offers to its customers. The lack of standardization in

cloud-based services implies a corresponding lack of

clarity in the service level agreements offered by

different providers. . In service outsourcing

environments, like cloud, the quality of service levels

are of prime importance to customers, as they use

third-party cloud services to store and process their

clients’ data. If loss of data occurs due to an outage,

the customer’s business gets affected. Therefore, the

major challenge for a customer is to select an

appropriate service provider to ensure guaranteed

service quality. To support customers in reliably

identifying ideal service provider, this work proposes

a framework, SelCSP, which combines

trustworthiness and competence to estimate risk of

interaction. Trustworthiness is computed from

personal experiences gained through direct

interactions or from feedbacks related to reputations of

vendors. Competence is assessed based on

transparency in provider’s SLA guarantees. Cloud

Service Level Agreements (Cloud SLAs) form an

important component of the contractual relationship

between a cloud service customer and a cloud service

provider of a cloud service. Given the global nature of

the cloud, SLAs usually span many jurisdictions, with

often varying applicable legal requirements, in

particular with respect to the protection of the personal

data hosted in the cloud service.

Keywords — Cloud Computing, SLAs , Services

Quality, CSP, SelCSP .

1. Introduction

Cloud computing is a model for enabling convenient,

on-demand network access to a shared pool of

configurable computing resources (e.g., networks,

servers, storage, applications, and services) that can be

rapidly provisioned and released with minimal

management effort or service provider interaction.

Cloud computing provides an emerging paradigm

where computing resources make available as service

of the Internet. For any service, a cloud customer may

have many service providers to choose from. Major

challenge lies in choosing an “ideal” service provider

among them. By the term ideal, we suggest that a

service provider is trustworthy as well as competent.

Range of an ideal service provider is non-trivial

because a customer practises third-party cloud

services to serve its clients in cost-effective and

efficient manner. In this situation, from the cloud

customer’s perspective, persevering to a guaranteed

level of service, as negotiated through starting service

level agreement (SLA), is crucial.[10] Data loss owing

to provider’s incompetence or malicious intent can

never be replaced by service credits. In the present

work, we focus on selection of a trustworthy and

competent service provider for business outsourcing.

In 2010-11, a series of cloud outages1,2 have been

reported which include commercial service providers

viz. Amazon EC2, Google Mail, Yahoo Mail, Heroku,

Sony, and soon. In most cases, it has been observed

that the failover time is quite long and customers’

businesses were hugely affected owing to lack of

recovery strategy on vendor side. Moreover, in some

instances, customers were not even intimated about

the outage by providers. Cloud providers may use the

high-quality first-replication (HQFR) strategy

proposed in [4] to model their recovery mechanism. In

this work, authors propose algorithms to minimize

replication cost and the number of QoS-violated data

replicas. It is desirable from customer’s point-of-view

to avoid such loss, rather than getting guarantees of

service credits following a cloud outage. Averting of

data loss needs consistent identification of capable

service provider. As customer does [16] not have

control over its data deployed in cloud, there is a need

to evaluation risk prior to outsourcing any business

onto a cloud. A risk estimation scheme which makes a

quantitative assessment of risk involved while

interacting with a given service provider. The

IJDCST @ Nov,-2016, Issue- V-4, I-7, SW-28 ISSN-2320-7884 (Online) ISSN-2321-0257 (Print)

44 www.ijdcst.com

estimation of risk of collaboration in cloud

environment has not been addressed in prior works .

The assistances of the scheme are: developing a

framework, called SelCSP, to calculate overall

perceived interaction risk, establish a relationship

among perceived interaction risk, trustworthiness and

capability of service provider, a mechanism by which

credibility of a service provider may be projected.

2. Literature Survey

1) A metric-based approach to assess risk for “on

cloud” federated identity management

AUTHORS: P. Arias-Cabarcos, F. Almenarez-

Mendoza, A. Marın-Lopez, D. Dıaz-Sanchez, and R.

Sanchez-Guerrero

The cloud computing paradigm is set to become the

next explosive revolution on the Internet, but its

adoption is still hindered by security problems. One of

the fundamental issues is the need for better access

control and identity management systems. In this

context, Federated Identity Management (FIM) is

identified by researchers and experts as an important

security enabler, since it will play a vital role in

allowing the global scalability that is required for the

successful implantation of cloud technologies.

However, current FIM frameworks are limited by the

complexity of the underlying trust models that need to

be put in place before inter-domain cooperation. Thus,

the establishment of dynamic federations between the

different cloud actors is still a major research

challenge that remains unsolved. Here we show that

risk evaluation must be considered as a key enabler in

evidence-based trust management to foster

collaboration between cloud providers that belong to

unknown administrative domains in a secure manner.

In this paper, we analyze the Federated Identity

Management process and propose a taxonomy that

helps in the classification of the involved risks in order

to mitigate vulnerabilities and threats when decisions

about collaboration are made. Moreover, a set of new

metrics is defined to allow a novel form of risk

quantification in these environments. Other

contributions of the paper include the definition of a

generic hierarchical risk aggregation system, and a

descriptive use-case where the risk computation

framework is applied to enhance cloud-based service

provisioning.

2) Security and privacy challenges in cloud

computing environments

AUTHORS: H. Takabi, J. B. D. Joshi, and G. J. Ahn

Cloud computing is an evolving paradigm with

tremendous momentum, but its unique aspects

exacerbate security and privacy challenges. This

article explores the roadblocks and solutions to

providing a trustworthy cloud computing environment.

3) Cloud computing landscape and research

challenges regarding trust and reputation

AUTHORS: S. K. Habib, S. Ries, and M.

Muhlhauser

Cloud Computing is an emerging computing paradigm.

It shares massively scalable, elastic resources (e.g.,

data, calculations, and services) transparently among

the users over a massive network. The Cloud market is

growing rapidly and bringing up numerous research

challenges. This paper provides a landscape of Cloud

Computing and its research challenges, especially

considering the areas of service selection, quality

assurance of Cloud services, and trust establishment in

Cloud environments. As the latter is known to be one

of the major challenges of Cloud Computing, We also

provide an overview of the important aspects that need

to be considered when integrating trust and reputation

concepts into Cloud Computing.

4) Filtering out unfair ratings in Bayesian

reputation systems

AUTHORS: A. Withby, A. Jøsang, and J. Indulska

The quality of a reputation system depends on the

integrity of the ratings it receives as input. A

fundamental problem is that a rater can rate an agent

more positively or more negatively than the real

experience with the agent would dictate. When ratings

are provided by agents outside the control of the

relying party, it is a priori impossible to know when a

rater provides such unfair ratings. However, it is often

the case that unfair ratings have a different statistical

pattern than fair ratings. This paper uses that idea, and

describes a statistical filtering technique for excluding

unfair ratings, and illustrates its effectiveness through

simulations.

5) Towards a trust management system for cloud

computing

AUTHORS: S. K. Habib, S. Ries, and M. Muhlhauser

Cloud computing provides cost-efficient opportunities

for enterprises by offering a variety of dynamic,

scalable, and shared services. Usually, cloud providers

provide assurances by specifying technical and

functional descriptions in Service Level Agreements

(SLAs) for the services they offer. The descriptions in

IJDCST @ Nov,-2016, Issue- V-4, I-7, SW-28 ISSN-2320-7884 (Online) ISSN-2321-0257 (Print)

45 www.ijdcst.com

SLAs are not consistent among the cloud providers

even though they offer services with similar

functionality. Therefore, customers are not sure

whether they can identify a trustworthy cloud provider

only based on its SLA. To support the customers in

reliably identifying trustworthy cloud providers, we

propose a multi-faceted Trust Management (TM)

system architecture for a cloud computing

marketplace. This system provides means to identify

the trustworthy cloud providers in terms of different

attributes (e.g., security, performance, compliance)

assessed by multiple sources and roots of trust

information.

3.PROPOSED SYSTEM DESCRIPTION

The current work is significant as it proposes a

framework, SelCSP, which attempts to compute risk

involved in interacting with a given cloud service

provider (CSP). The framework estimates perceived

level of interaction risk by combining trustworthiness

and competence of cloud provider. Trustworthiness is

computed from ratings obtained through either direct

interaction or feedback. Competence is estimated from

the transparency of SLA guarantees. A framework,

termed as SelCSP, has been proposed to facilitate

customers in selecting an ideal cloud service provider

for business outsourcing which depicts different

modules of the framework and how these modules are

functionally related. SelCSP framework provides APIs

through which both customers and providers can

register themselves. After registering, customer can

provide trust ratings based on interactions with

provider. Cloud provider needs to submit its SLA to

compute competence. At present, verifying the

correctness of submitted ratings or sanitizing the

erroneous data in the framework is beyond the scope.

We assume that only registered customers can provide

referrals/feedbacks and they do not have any

malicious intents of submitting unfair ratings.

The proposed system has following advantages.

Percentage of successful requests: describes the

number of requests processed by the service without

an error over the total number of submitted requests,

expressed as a percentage.

Percentage of timely service provisioning requests:

describes the number of service provisioning requests

completed within a defined time period over the total

number of service provisioning requests, expressed as

a percentage. Average response time: refers to the

statistical mean over a set of cloud service response

time observations for a particular form of request.

Maximum response time: refers to the maximum

response time target for a given particular form of

request.

Maximum resource capacity: refers to the maximum

amount of a given resource available to an instance of

the cloud service for a particular cloud service

customer. Example resources include data storage,

memory, number of CPU cores. It compares the new

coming cloud service providers with existing cloud

providers.

4.RELATED WORK

SYSTEM DESIGN: SELCSP FRAMEWORK:

Sel CSP framework runs APIs through which both

customers and providers can list themselves. After

registration, customer can provide trust ratings based

on communications with provider. Cloud provider

requests to submit its SLA to compute proficiency. At

present, confirming the correctness of submitted

ratings of the erroneous data in the framework is

beyond the scope. A supposition that only registered

customers can provide referrals and they do not have

any malicious intents of submitting unfair ratings.

Different modules constituting the framework are as

follows:[12] 1) Risk estimate: Estimating professed

communication risk pertinent to a customer-CSP

interaction by coalescing reliability and competency. 2)

Trust estimate: It calculates trust between a customer-

CSP pair provided straight interaction has happened

among them. 3) Reputation estimate: It evaluates

reputation of a CSP based on referrals from many

sources and calculates the belief a customer has on

former’s reputation. 4) Trustworthiness computation:

Function to evaluate a customer’s trust on a given CSP.

5) SLA manager: This module manages SLAs from

different CSPs. It takes into account unlike standards

and controls which are supposed to be satisfied by the

SLAs. 6) Competence estimate: It evaluates

competence of a CSP based on the information

available from its SLA. 7) Competence computation:

It computes limpidity with respect to a given SLA and

hence evaluates the competence of the CSP. 8) Risk

computation: It computes perceived interaction risk

relevant to a customer-CSP interaction. 9) Interaction

ratings: It is a data repository where customer

provides feedback/ratings for CSP.

Good SLA sets boundaries and expectations of service

provisioning and provides the following benefits:

Enhanced customer satisfaction level: A clearly and

concisely defined SLA increases the customer

IJDCST @ Nov,-2016, Issue- V-4, I-7, SW-28 ISSN-2320-7884 (Online) ISSN-2321-0257 (Print)

46 www.ijdcst.com

satisfaction level, as it helps providers to focus on the

customer requirements and ensures that the effort is

put on the right direction.

Improved Service Quality: Each item in an SLA

corresponds to a Key Performance Indicator (KPI) that

specifies the customer service within an internal

organisation.

Improved relationship between two parties: A clear

SLA indicates the reward and penalty policies of a

service provision. The consumer can monitor services

according to Service Level Objectives (SLO) specified

in the SLA. Moreover, the precise contract helps

parties to resolve conflicts more easily.

Algortihm 1. SLA-oriented Dynamic Provisioning

When a task finishes or a new job is received: Updates

estimation of task runtime; Defines estimated job

completion time with current amount of resources;

If completion time > deadline Determines number of

extra resources required Submits a request for

resources to the Provisionary

Else

If resources can be released Submits request for

release of resources to the Provisioner

SLAs are defined in terms of deadline for execution of

applications. The deadline, along with an estimation of

execution time of each task of the application is

supplied by the user during a job submission. This

process is briefly described proposed algorithm.

5.CONCLUSION & FUTURE WORK

In this Sel CSP-a frame work to enable selection with

transparency of cloud service providers, the main task

for a cloud customer is to choose an suitable service

provider from the cloud market place to backing its

business essentials. Nevertheless, service guarantees

provided by vendors through SLAs contain mystifying

openings which makes the job of selecting an perfect

provider even more problematic. As customers use

cloud services to route and hoard their individual

client’s data, assurances related to service quality level

is of utmost importance. It is imperative from a

customer’s perspective to create trust relationship with

a provider. Furthermore, as customers are outsourcing

their businesses onto a third-party cloud, competence

of CSP determines if former’s objectives are going to

be accomplished. In future, for selecting the cloud

service providers, data mining techniques and

aggregation methodologies may apply for combines

trustworthiness and competence to estimate risk of

interaction and compute the Trustworthiness from

personal experiences gained through direct

interactions or from feedbacks related to reputations of

vendors If the experimental study is tested with real

environment, then it can assist the further proceeding

of the algorithm implementation practically.

REFERENCES

[1] Y. Chen, V. Paxson, and R. H. Katz, “What’s new

about cloud computing security,” EECS Dept., Univ.

California, Berkeley, CA, USA, Tech. Rep.

UCB/EECS-2010-5, Jan. 20, 2010.

[2] S. K. Habib, S. Ries, and M. Muhlhauser,

“Towards a trust management system for cloud

computing,” in Proc. IEEE 10th Int. Conf. Trust,

Secur. Privacy Comput. Commun., 2011, pp. 933–939.

[3] K. M. Khan and Q. Malluhi, “Establishing trust in

cloud computing,” IT Prof., vol. 12, no. 5, pp. 20–27,

Oct. 2010.

[4] J. Lin, C. Chen, and J. Chang, “Qos-aware data

replication for data intensive applications in cloud

computing systems,” IEEE Trans. Cloud Comput., vol.

1, no. 1, pp. 101–115, Jan.–Jun. 2013.

[5] D. Gambetta, “Can we trust trust?” in Trust:

Making and Breaking Cooperative Relations, D.

Gambetta, Ed. Oxford, U.K.: Blackwell, 1990, ch. 13,

pp. 213–237.

[6] D. H. Mcknight and N. L. Chervany, “The

meanings of trust,” Manage. Inf. Syst. Res. Center,

Univ. Minnesota, Minneapolis, MN, USA, Tech. Rep.

MISRC Working Paper Series 96-04, 1996.

[7] D. Manchala, “Trust metrics, models and protocols

for electronic commerce transactions,” in Proc. 18th

Int. Conf. Distrib. Comput. Syst., 1998, pp. 312–321.

[8] A. Jøsang and S. L. Presti, “Analysing the

relationship between risk and trust,” in Proc. 2nd Int.

Conf. Trust Manage., Mar. 2004, pp. 135–145.

[9] L. Freeman, “Centrality on social networks,”

Social Netw., vol. 1, pp. 215–239, 1979.

[10] T. Grandison and M. Sloman, “A survey of trust

in internet applications,” IEEE Commun. Surv.

Tutorials, vol. 3, no. 4, pp. 2– 16, Fourth Quarter 2000.

[11] A. Jøsang, R. Ismail, and C. Boyd, “A survey of

trust and reputation systems for online service

provision,” Decision Support Sys., vol. 43, no. 2, pp.

618–644, Mar. 2007.

[12] P. Resnick and R. Zeckhauser, “Trust among

strangers in internet transactions: Empirical analysis

of ebay’s reputation system,” in The Economics of

the Internet and ECommerce, series Advances in

IJDCST @ Nov,-2016, Issue- V-4, I-7, SW-28 ISSN-2320-7884 (Online) ISSN-2321-0257 (Print)

47 www.ijdcst.com

Applied Microeconomics, vol. 11, M. Baye, Ed.

Amsterdam, The Netherlands: Elsevier, 2002, pp.

127–157.

Student:

CH. Durga Bhavani is a student of

Usha Rama College of Engineering

and Technology, Telaprolu,

VIJAYAWADA. She is presently

pursuing her M.Tech degree from

JNTU, Kakinada. She has obtained B.Tech, degree

from JNTU, Kakinada.

Guide :

Roy Choudary is presently working

as Assistant professor in CSE

department, Usha Rama College of

Engineering and Technology,

Telaprolu Vijayawada.