Rodrigue N’goran¹, Jean-Louis Tetchueng², Ghislain Pandry¹, Yvon Kermarrec³, Olivier Asseu^1
1Lastic, ESATIC, Abidjan, Ivory Coast.
²University of Rennes 1, Rennes, France.
³Lab-STICC, IMT-Atlantique, Brest, France.
DOI: 10.4236/eng.2022.1411036   PDF    HTML   XML   169 Downloads   802 Views   Citations

Abstract

The adoption of Cloud Computing services in everyday business life has grown rapidly in recent years due to the many benefits of this paradigm. The various collaboration tools offered by Cloud Computing have eliminated or reduced the notion of distance between entities of the same company or between different organizations. This has led to an increase in the need to share resources (data and services). Community Cloud environments have thus emerged to facilitate interactions between organizations with identical needs and with specific and high security requirements. However, establishing trust and secure resource sharing relationships is a major challenge in this type of complex and heterogeneous environment. This paper proposes a trust assessment model (SeComTrust) based on the Zero Trust cybersecurity strategy. First, the paper introduces a community cloud architecture subdivided into different security domains. Second, it presents a process for selecting a trusted organization for an exchange based on direct or recommended trust value and reputation. Finally, a system for promoting or relegating organizations in the different security domains is applied. Experimental results show that our model guarantees the scalability of a community cloud with a high success rate of secure and quality resource sharing.

Keywords

Trust Management, Resources Sharing, Community Cloud, Zero Trust

Share and Cite:

1. Introduction

Cloud Computing (CC), described as the fifth utility service, provides on-demand computing resources (hardware and software) via the Internet [1]. The significant gains in terms of financial revenues linked to the use of Cloud services and to rich and diversified service offerings have favored its adoption by companies [2]. However, organizations with high security requirements and legal considerations are reluctant to use Cloud services. This distrust of CC by these companies is due to the dependency on Cloud service providers and the security of sensitive data [3]. One solution to this problem is the use of the Community Cloud (3C) deployment model. The 3C is defined as an infrastructure shared by several organizations and supported by a specific community for the purpose of exchanging resources [4]. Each organization can offer services or make its excess or unused resources available to the community. As an example, a Community Cloud for the agricultural sector can provide relevant services with specific requirements (seed orders, crop rotation, stakeholder investments, soil management techniques, product exposure, etc.) and a required level of security (authentication, confidentiality, communication security, data protection, denial of service protection, supply chain traceability, etc.) for farmers and companies in the sector. In such an environment, managing trust between different entities is a major challenge to meet security requirements and encourage resource sharing [5]. Trust is a prerequisite for building sustainable relationships [6]. Several works related to trust management in CC have been done. L. Guo et al. presented in [7], a trust management model based on mutual trust with a reward and punishment mechanism. The special feature of this system is that it considers the opinions of the user and the provider by expressing mutual trust between them. InterTrust, a trust management technique based on subjective logic was introduced in [8]. It shows an improvement of the Trust Network Analysis with Subjective Logic (TNA-SL) trust management algorithm [9] in terms of the significant reduction in execution time. In addition, work has been done to ensure trust in federated cloud environments. Performance-based Risk driven Trust (PRTrust) was presented in [10]. This model allows the establishment of performance and risk-based trust for secure service sharing. It is an extension of the EigenTrust model [11] and is an effective tool for recommending services to users. A study in [12] presented TrustyFeer, a trust management system for improving service quality using subjective logic. This technique shows better results in terms of reducing non-SLA compliant services compared to TNA-SL and EigenTrust models. Most of the models mentioned above only address trust from a cloud service provider and or user perspective. Moreover, most of these trust assessment models are based on feedback from previous exchanges that may be biased by malicious entities [13] [14]. Furthermore, these assessments are made without considering the specificities of an environment such as the Community Cloud. It is important to address trust management in 3C by considering the social and community aspects on the one hand and the security threats internal and external to the system on the other. Therefore, this article proposes, a trust management model (SeComTrust) based on Zero Trust strategy principles in a community cloud. Zero Trust is an architectural concept that aims to enhance the security of resources and services of an information system [15] [16]. Our strategy is based on the subdivision of our 3C into security zones as in [17]. These security perimeters are groupings of organizations providing resources with levels of sensitivities established based on the common vulnerability assessment system (CVSS) [18]. The contributions of our approach are as follows:

A community cloud architecture model segmented into security domains for sharing resources with well-defined levels of vulnerabilities;

- A technique for evaluating and selecting a trusted organization;

- A mechanism for updating trust values allowing the promotion or relegation of organizations in the security domains.

In the rest of this paper, Section 2 presents the model and its operation. Section 3 describes the experiments and the associated results. Finally, section 4 concludes the article and proposes perspectives for the improvement of our model.

2. Community Cloud Trust Management Model (SeComTrust)

2.1. Research Hypothesis

The SeComTrust, is based on a community cloud consisting of organizations interacting with each other for the purpose of sharing resources. Our 3C is subdivided into three security domains: the Low Security Domain (L_sd), the Intermediate Security Domain (M_sd) and the High Security Domain (H_sd). A security domain is a grouping of organizations that demonstrate the ability to provide resources of a given sensitivity level. Exchanges can be made between organizations of the same or different security domains. From these interactions, trust relationships can be deduced. These trust relationships are described by opinions expressing the level of trust between the organizations. An opinion is a subjective belief based on trust and allows one to express the trust value given to an organization [19] [20]. Figure 1 below represents a trust network overlay (TON) to our community resource sharing cloud like the proposal in [21]. The vertices or nodes of this network illustrate organizations and the edges represent interactions between them. A trust relationship between two entities is represented by an arrow whose source is the requester and the tip is the resource provider. The label of an edge expresses the trust opinion of the requester towards the supplier. An organization requesting a resource will be referred to as a partner or applicant.

● C the community cloud shown in Figure 1 below.

$C=\left\{O_3,O_4,O_5,O_6,O_7,O_8,O_9\right\}$ (1)

● $\mathcal{R}$ The set of sharing relations, such as:

$\begin{array}{l}\mathcal{R}=\{\left(O_4,O_7\right),\left(O_8,O_4\right),\left(O_3,O_9\right),\left(O_9,O_6\right),\left(O_9,O_8\right),\left(O_9,O_5\right),\\ \left(O_8,O_6\right),\left(O_8,O_9\right),\left(O_5,O_3\right),\left(O_6,O_3\right),\left(O_3,O_6\right)\}\end{array}$ (2)

● Confidence opinions are deduced from the different interactions between organizations in Figure 1. Thus, ${\mathcal{R}}_O$ the set of confidence opinions is expressed as follows:

${\mathcal{R}}_O=\left\{{\omega }_{O_7}^{O_4},{\omega }_{O_4}^{O_8},{\omega }_{O_9}^{O_3},{\omega }_{O_3}^{O_5},{\omega }_{O_5}^{O_9},{\omega }_{O_9}^{O_8},{\omega }_{O_6}^{O_9},{\omega }_{O_8}^{O_6},{\omega }_{O_8}^{O_9},{\omega }_{O_6}^{O_3},{\omega }_{O_3}^{O_6}\right\}$ (3.1)

● Based on this set, the opinion matrix is obtained $M_{RO}$ :

$\begin{array}{l}\begin{array}{ccccccc}{O}_3& O_4& O_5& O_6& O_7& O_8& O_9\end{array}\\ M_{RO}=\left[\begin{array}{ccccccc}{\omega }_{O_3}^{O_3}& 0& 0& {\omega }_{O_6}^{O_3}& 0& 0& {\omega }_{O_9}^{O_3}\\ 0& {\omega }_{O_4}^{O_4}& 0& 0& {\omega }_{O_7}^{O_4}& 0& 0\\ {\omega }_{O_3}^{O_5}& 0& {\omega }_{O_5}^{O_5}& 0& 0& 0& 0\\ {\omega }_{O_3}^{O_6}& 0& 0& {\omega }_{O_6}^{O_6}& 0& {\omega }_{O_8}^{O_6}& 0\\ 0& 0& 0& 0& {\omega }_{O_7}^{O_7}& 0& 0\\ 0& {\omega }_{O_4}^{O_8}& 0& 0& 0& {\omega }_{O_8}^{O_8}& {\omega }_{0_9}^{O_8}\\ 0& 0& {\omega }_{O_5}^{O_9}& {\omega }_{O_6}^{O_9}& 0& {\omega }_{O_8}^{O_9}& {\omega }_{O_9}^{O_9}\end{array}\right]\end{array}$ (3.2)

● The low, intermediate, and high security domains are represented by L, M, H respectively. The security domains are formulated below as subsets of community organizations:

$\begin{array}{l}L=\left\{O_4,O_7,O_9\right\}\\ M=\left\{O_3,O_8\right\}\\ H=\left\{O_5,O_6\right\}\end{array}$ (4.1)

● Based on the sets of security domains and the opinion matrix, the following safety domain matrix $M_s$ is obtained:

$\begin{array}{l}\begin{array}{ccccccc}{O}_3& O_4& O_5& O_6& O_7& O_8& O_9\end{array}\\ M_s=\left[\begin{array}{ccccccc}M/M& 0& 0& M/H& 0& 0& M/L\\ 0& L/L& 0& 0& L/L& 0& 0\\ H/M& 0& H/H& 0& 0& 0& 0\\ H/M& 0& 0& H/H& 0& H/M& 0\\ 0& 0& 0& 0& L/L& 0& 0\\ 0& M/L& 0& 0& 0& M/M& M/L\\ 0& 0& L/H& L/H& 0& L/M& L/L\end{array}\right]\end{array}$ (4.2)

The security domain relationships in this matrix allow for thresholds of required opinion values for vendor selection. These thresholds are defined by the following governance matrices:

n T_op: the supplier governance matrix that expresses the minimum threshold of the supplier’s opinion of an applicant (overall reputation of an applicant). $O_{L_{sd}}$, $O_{M_{sd}}$ and $O_{H_{sd}}$ represent respectively of the low, intermediate, and high security domain organizations.

$\begin{array}{l}\begin{array}{ccc}{O}_{L_{sd}}& O_{M_{sd}}& O_{H_{sd}}\end{array}\\ T_{op}=\begin{array}{c}{O}_{L_{sd}}\\ O_{M_{sd}}\\ O_{H_{sd}}\end{array}\left[\begin{array}{ccc}{\lambda }_{\max }& {\lambda }_{med}& {\lambda }_{\min }\\ {\lambda }_{\max }& {\lambda }_{med}& {\lambda }_{\min }\\ {\lambda }_{\max }& {\lambda }_{med}& {\lambda }_{\min }\end{array}\right]\end{array}$ (5.1)

n T_ou : the partner governance matrix that expresses the minimum threshold of the applicant’s opinion of the supplier.

$\begin{array}{l}\begin{array}{ccc}{O}_{L_{sd}}& O_{M_{sd}}& O_{H_{sd}}\end{array}\\ T_{ou}=\begin{array}{c}{O}_{L_{sd}}\\ O_{M_{sd}}\\ O_{H_{sd}}\end{array}\left[\begin{array}{ccc}{ϵ}_{\max }& {ϵ}_{\text{med}}& {ϵ}_{\min }\\ {ϵ}_{\max }& {ϵ}_{\text{med}}& {ϵ}_{\min }\\ {ϵ}_{\max }& {ϵ}_{\text{med}}& {ϵ}_{\min }\end{array}\right]\end{array}$ (5.2)

As an example, a share is allowed between a high security domain O_{pjH provider} and a low security domain O_uiL requester, if:

${\omega }_{O_{pjH}}^{O_{uiL}}\ge {ϵ}_{\min }\text{and}{\omega }_{O_{uiL}}^{O_{pjH}}\ge {\lambda }_{\max }$ (5.3)

2.2. Workflow of SeComTrust

The SeComTrust operating process consists of first identifying and selecting the trusted provider for a given resource, then updating the trust values and transaction lists, and finally applying the promotion relegation protocol to update the security domains. The different selection phases are presented below:

● Supplier selection from the supplier transaction list: This phase consists in first determining the suppliers of a requested resource. This process is described by (Algorithm 1 in the Appendices). Once the suppliers have been identified, the ideal supplier is selected from the supplier’s transaction list (TraM). This selection is done based on direct interaction (Algorithm 2 of the Appendices) at first. Then, if no supplier is found during the direct selection, the choice is made based on the recommendation of friendly suppliers. The types of indirect interactions are presented in the form of Friend of a Friend (FoF) or Friend of Multiple friends (FoM) relationships [8] described in Figure 2 below. The recommendation-based selection procedure is outlined in Algorithm 3 in the Appendices.

● Selection from the reputation lists: a recourse to the base of specific reputations is triggered if no supplier is found following the TraM searches. If the resource request is not satisfied, a final selection operation from the global reputation list is performed. Algorithm 4 in the Appendices describes the different phases of selection through the reputation lists.

2.3. Components of SeComTrust

The architecture of our model is shown in Figure 3 below. It consists of the following components: the Resource Manager (ResM), the Transaction Manager (TraM), the Trust Value Calculator (TruC), the Update Manager (UpdM), and the Reputation Value Manager (RepM). The different components are described in the sections below.

2.3.1. The Resource Manager (ResM)

The Resource Manager consists of a registry that contains a list of organizations in the community and the resources they offer. This list is expressed in the form below:

$L_{resm}=\left\{\left(O_{p1},r_{p1},g_{rp1}\right),\left(O_{p2},r_{p2},g_{rp2}\right),\cdots ,\left(O_{pj},r_{pj},g_{rpj}\right)\right\}$ (6)

with O_pj a resource provider organization r_pj of sensitivity degree g_rpj.

2.3.2. The Transaction Manager (TraM)

The transaction manager is the local repository of an organization’s shares. It records and references all the shares made. As such, it is the priority consultation element in the trusted provider selection process. The information in the TraM is presented as follows:

$\begin{array}{l}{L}_{tram}=\{\left(O_{p1},r_{p1},g_{rp1},{\omega }_{O_{p1}}^{O_{ui}},s{r}_{O_{p1}},s{d}_{O_{p1}}\right),\left(O_{p2},r_{p2},g_{rp2},{\omega }_{O_{p2}}^{O_{ui}},s{r}_{O_{p2}},s{d}_{O_{p2}}\right),\cdots ,\\ \left(O_{pj},r_{pj},g_{rpj},{\omega }_{O_{pj}}^{O_{ui}},s{r}_{O_{pj}},s{d}_{O_{pj}}\right)\}\end{array}$ (7)

with O_pj the resource provider, r_pj the resource provided, g_rpj the degree of sensitivity of the resource, ${\omega }_{O_{pj}}^{O_{ui}}$, the partner’s opinion value of trust, $s{r}_{O_{pj}}$ the specific reputation of the provider and $s{d}_{O_{pj}}$ the supplier’s security domain.

As in [22], the applicant’s overall trust opinion of the supplier is defined as the weighted sum of the supplier’s direct or recommended relationship and the supplier’s reputation:

${\omega }_{O_{pj}}^{O_{ui}}\left(r,g\right)=\beta DR{T}_{O_{pj}}^{O_{ui}}\left(r,g\right)+\left(1-\beta \right)s{r}_{O_{pj}}\left(r,g\right)$ (8)

with $s{r}_{O_{pj}}\left(r,g\right)$ specific reputation, $DR{T}_{O_{pj}}^{O_{ui}}\left(r,g\right)$ is the trust opinion based on direct or indirect interactions between the supplier and the partner. This trust opinion value is calculated using subjective logic (SL) and its four basic parameters namely: belief (b), disbelief (d), uncertainty (u) and base rate (α) [23] [24]. The trust opinion of the O_ui organization towards the O_pj organization for direct interaction is formulated as follows:

$DR{T}_{O_{pj}}^{O_{ui}}\left(r,g\right)=b+\left(\alpha \ast u\right)\text{with}b,d,u\in \left[0,1\right]\text{and}b+d+u=1$ (9)

with

$\{\begin{array}{l}b=\frac{p_t}{p_t+n_t+2}\\ d=\frac{n_t}{p_t+n_t+2}\\ u=\frac{2}{p_t+n_t+2}\end{array}\iff \{\begin{array}{l}{p}_t=\frac{2b}{u}\\ n_t=\frac{2d}{u}\end{array}$ (10)

p_t the number of previous positive trades between O_ui and O_pj, and n_t the number of negative trades. The base rate α is paramount for new or inactive community members.

$\alpha =0.5$ (11)

For indirect interactions, several operators are defined by the SL to determine the trust values [23]. For two organizations O_ui and O_pj without prior direct interactions (Equation (12) below). The trust derived between O_ui and O_pj is called transitive trust and will be computed as the opinion ${\omega }_{O_{pj}}^{O_{ui}:O_{tz}}$ using the discounting operator ( $\otimes$ ):

${\omega }_{O_{pj}}^{O_{ui}:O_{tz}}={\omega }_{O_{tzj}}^{O_{ui}}\otimes {\omega }_{O_{pj}}^{O_{tz}}\{\begin{array}{l}{b}_{O_{pj}}^{O_{ui}:O_{tz}}=b_{O_{tz}}^{O_{ui}}{b}_{O_{pj}}^{O_{tz}}\\ d_{O_{pj}}^{O_{ui}:O_{tz}}=b_{O_{tz}}^{O_{ui}}{d}_{O_{pj}}^{O_{tz}}\\ u_{O_{pj}}^{O_{ui}:O_{tz}}=d_{O_{tz}}^{O_{ui}}+u_{O_{tj}}^{O_{ui}}+b_{O_{tz}}^{O_{ui}}{u}_{O_{pj}}^{O_{tz}}\\ {\alpha }_{O_{pj}}^{O_{ui}:O_{tz}}={\alpha }_{O_{pj}}^{O_{tz}}\end{array}$ (12)

On the other hand, if there are two intermediate organizations O_tz1 and O_tz2, such that O_pj has already interacted with O_tz1 and O_tz2, and there is no previous interaction between O_ui and O_pj (Equation (13) below). The confidence derived between O_ui and O_pj is parallel confidence and is represented as the opinion ${\omega }_{O_{pj}}^{O_{tz1}:O_{tz2}}$. It is expressed below using SL and its consensus operator ( $\oplus$ ) [23]:

${\omega }_{O_{pj}}^{O_{tz1}:O_{tz2}}={\omega }_{O_{pj}}^{O_{tz1}}\oplus {\omega }_{O_{pj}}^{O_{tz2}}\{\begin{array}{l}{b}_{O_{pj}}^{O_{tz1}:O_{tz2}}=\frac{b_{O_{pj}}^{O_{tz1}}{u}_{O_{pj}}^{O_{tz2}}+b_{O_{pj}}^{O_{tz2}}{u}_{O_{pj}}^{O_{tz1}}}{u_{O_{pj}}^{O_{tz1}}+u_{O_{pj}}^{O_{tz2}}-u_{O_{pj}}^{O_{tz1}}{u}_{O_{pj}}^{O_{tz2}}}\\ d_{O_{pj}}^{O_{tz1}:O_{tz2}}=\frac{d_{O_{pj}}^{O_{tz1}}{u}_{O_{pj}}^{O_{tz2}}+d_{O_{pj}}^{O_{tz2}}{u}_{O_{pj}}^{O_{tz1}}}{u_{O_{pj}}^{O_{tz1}}+u_{O_{pj}}^{O_{tz2}}-u_{O_{pj}}^{O_{tz1}}{u}_{O_{pj}}^{O_{tz2}}}\\ u_{O_{pj}}^{O_{tz1}:O_{tz2}}=\frac{u_{O_{pj}}^{O_{tz1}}{u}_{O_{pj}}^{O_{tz2}}}{u_{O_{pj}}^{O_{tz1}}+u_{O_{pj}}^{O_{tz2}}-u_{O_{pj}}^{O_{tz1}}{u}_{O_{pj}}^{O_{tz2}}}\\ {\alpha }_{O_{pj}}^{O_{tz1}:O_{tz2}}={\alpha }_{O_{pj}}^{O_{tz1}}\end{array}$ (13)

2.3.3. The Confidence Value Calculator (TruC)

The TruC executes the various algorithms for calculating and selecting confidence values.

2.3.4. The Update Manager (UpdM)

The role of the update manager is to update the trust information. The updated values are the specific reputation of the supplier, the global reputation of the partner and the supplier. In addition, the security domains are also updated through the promotion and relegation mechanism.

2.3.5. The Reputation Manager (RepM)

The RepM is the register of reputations of organizations in the community. We distinguish between two types of reputation: the reputation of a specific provider of a given resource and the overall reputation of an organization derived from its general behavior in the community. The information in this register is formulated as follows:

$\begin{array}{c}{L}_{repm}=\{\left(O_{p1},r_{p1},g_{rp1},s{r}_{O_{p1}},g{r}_{O_{p1}},s{d}_{O_{p1}}\right),\left(O_{p2},r_{p2},g_{rp2},s{r}_{O_{p2}},g{r}_{O_{p2}},s{d}_{O_{p2}}\right),\cdots ,\\ \left(O_{pj},r_{pj},g_{rpj},s{r}_{O_{pj}},g{r}_{O_{pj}},s{d}_{O_{pj}}\right)\}\end{array}$ (14)

with O_pj the resource provider, r_pj the resource provided, g_rpj the degree of sensitivity of the resource provided, $s{r}_{O_{pj}}$ the reputation of the organization as a provider of r_pj of degree g_rpj, $g{r}_{O_{pj}}$ the overall reputation value, and $s{d}_{O_{pj}}$ the organization’s security domain.

2.4. Updating System Trust Values

2.4.1. Updating the Specific Reputation

The specific reputation of a supplier is updated after each transaction (Figure 4). To encourage the sharing of secure resources, a weight is assigned to each exchange according to the resource’s sensitivity level. The sensitivity level describes the degree of vulnerability of a resource. The g_rpj degrees of resource sensitivities are defined from the common computer resource vulnerability system CVSS v2.0 score range [18].

$\{\begin{array}{l}{g}_{rpj}\in \left[7,10\right],{\gamma }_i=0.2\\ g_{rpj}\in \left[4,7\right[,{\gamma }_i=0.35\\ g_{rpj}\in \left[0,4\right[,{\gamma }_i=0.45\end{array}$ (15)

Like the contribution in [10], the specific reputation is expressed as follows:

$s{r}_{O_{pj}}=\{\begin{array}{l}s{r}_{O_{pj}}^c+{\Delta }_i\text{if positive result}\\ s{r}_{O_{pj}}^c+{\Delta }_i/2\text{if positive result with violation}\\ s{r}_{O_{pj}}^c-{\Delta }_i\text{if}\text{positive result}\\ \text{with}{\Delta }_i={\gamma }_i{\delta }_i\text{and}{\delta }_i\left(j\right)=\frac{\left(I_{l\min }\left(j\right)+I_{l\max }\left(j\right)\right)/2}{I_{l\max }}\end{array}$ (16)

I_lmin(j) the minimum value of assurance level of security domain j, I_lmax(j) the maximum value of assurance level j, I_lmax the maximum value of the assurance level, γ_i is the weight of an exchange.

The assurance level I_l is the ability of an organization to provide a resource of a given sensitivity level. Organizations are grouped into security domains based on their assurance level.

$\begin{array}{l}{O}_{pj}\in H_{SD}\text{if}{I}_l\in \left[7,10\right]\\ O_{pj}\in M_{SD}\text{if}{I}_l\in \left[4,7\right[\\ O_{pj}\in L_{SD}\text{if}{I}_l\in \left[0,4\right[\end{array}$ (17)

2.4.2. Updating the Global Reputation

Global reputation is based on the overall results of an organization’s interactions as a provider within the community. It is formulated as follows:

$g{r}_{O_{pj}}=\alpha +\rho {\displaystyle \underset{k=1}{\overset{n}{\sum }}s{r}_{O_{pj}}}\left(k\right),\rho =\frac{S{T}_{O_{pj}}}{S{T}_C}$ (18)

with α the prime rate (α = 0.5), n the number of organization-specific reputations O_pj, $S{T}_{O_{pj}}$ the total number of exchanges for a given resource provider, ST_C the total number of shares within the community, and ρ the weight of the organization’s exchanges. After each update operation, the organization is promoted, relegated, or retained in a security domain.

3. Experiments and Results

3.1. Experimentation Environment

This article proposes a community cloud experimentation environment established in two phases. During the first phase, the 3C architecture is initialized. This involves generating dataset files describing organizations, provided resources, and resource requirements queries. Then, in the second phase, statistical data are produced through simulations of resource sharing between organizations. The information deduced from these experiments is used to evaluate the performance of our trust model. The experiments are conducted on a MacBook Pro (Retina, 15-inch, mid-2015), 2.2 GHz Intel Core i7 quad-core processor, 16 GB 1600 MHz DDR3 memory. Programming is performed in a Pycharm development environment (IDE) and the Python language Python 3.9. We distinguish two types of resource provider organizations. On the one hand, organizations provide resources in accordance with service level agreements (SLA) established between the actors involved in a transaction. These are referred to as good providers or G organizations. On the other hand, those providing unreliable resources. They are said to be malicious or M organizations. The number of organizations being an essential characteristic in the setting up of a perennial and prosperous community, the experiments are carried out on groups of organizations of the beach [80,250] members. The rate of malicious organizations is 20%. Rounds consisting of 500 resource requests are performed in each experimentation set. The experimentation parameters are summarized in Table 1 below.

The main metrics used to measure the performance of our model are:

$\text{SRTG}=\frac{\text{number of resources provides by organizations G}}{\text{total number of resources provided by organizations G}}$ (19)

● SRTG: Transaction success rate of G organizations

● RPOT: Rate of participation of organizations in transactions. This rate measures the number of different organizations involved in successful exchanges.

3.2. Selection Threshold and Parameter β Value

The selection confidence value of a vendor from the SeComTrust is calculated through Equation (8). To determine the value of β, representing the weight of the direct or recommended confidence value (DRT) in this equation, we examine the rate of participation of different organizations in transactions (RPOT) and the success rate of G providers (SRTG). RPOT measures the number of providers actively participating in transactions, limiting the possibility of selecting the same organizations repeatedly to increase the SRTG. The GTRS is an important performance indicator for trust models. It expresses the ability of the trust model to resist malicious attacks.

We perform simulations by setting the value of β between 0.3 and 0.7. The experimental results presented in Figure 5 show that the RPOT and STGR values are jointly higher (RPOT = 0.21, STGR = 0.98) when β is equal to 0.6 and the threshold is equal to 0.3. Ultimately, β is set to 0.6 and the selection threshold to 0.3 to provide a model with a high G-supplier transaction success rate and high organization participation.

3.3. Results and Discussion

To analyze the performance of our model, we compared our model to the TNA-SL model [9] [24] and to the Intertrust algorithm [8]. The simulations consisted in evaluating the scalability of the model by increasing the number of organizations in the community. The SeComTrust G-supplier success rate is compared to the other two models mentioned above. Scalability is one of the major characteristics of a Cloud environment [4]. In this paper, the resource sharing framework is modeled around sets of various sizes of organizations. The communities of organizations range from 80 to 250 members. For each group of organizations, 20% of malicious people are integrated. The results in Figure 6 below show the success rates of the three models (SeComTrust, InterTrust, TNA-SL). Each model is run in 15 rounds of 500 transaction requests per organization

group. From these results, the success rate of SeComTrust is significantly higher than the success rate of the Intertrust and TNA-SL algorithms for all experienced user groups.

This is due to the selection confidence value which is obtained by the weighted sum of the direct or recommended confidence and the specific reputation value, unlike Intertrust and TNA-SL only based on SL parameters. Moreover, the proposed reputation value update mechanism and the selection of the provider from several lists (L_tram, L_repm) according to a well-defined order justify the success rates of SeComTrust. In conclusion, we can state that our model allows the deployment of scalable 3Cs.

4. Conclusions

Trust management in cloud environments is a major challenge for adoption. However, trust management systems in cloud environments are primarily focused on public deployment types and focused on feedback between users and cloud service providers or between cloud service providers. These techniques do not focus on community cloud architectures. In view of this observation, we propose in this paper the SeComTrust, a model for managing, evaluating, and selecting trusted organizations in a Community Cloud environment based on a Zero Trust strategy. SeComTrust evaluates trusted organizations grouped in security domains by considering the direct interactions between them and their reputation within the community. In addition, this model is associated with a promotion and relegation mechanism to ensure that trust is monitored over time.

Through a series of experiments, we compared the results of our model to InterTrust and TNA-SL algorithms. We have shown that SeComTrust guarantees the scalability of a 3C by presenting success rates (SRTG) largely superior to those of InterTrust and TNA-SL. In future work, we will propose to incorporate resource quantity attributes and quality metrics into the exchange validation process and evaluate the attack resistance and execution time of SeComTrust.

Appendices

Conflicts of Interest

The authors declare no conflicts of interest regarding the publication of this paper.

References

[1]	Buyya, R., Yeo, C.S., Venugopal, S., Broberg, J. and Brandic, I. (2009) Cloud Computing and Emerging IT Platforms: Vision, Hype, and Reality for Delivering Computing as the 5th Utility. Future Generation Computer Systems, 25, 599-616. https://doi.org/10.1016/j.future.2008.12.001
[2]	Coret, S. (2021) Gartner: Les revenus mondiaux du cloud s'élèveront à 474 milliards de dollars en 2022, contre 408 milliards de dollars en 2021. https://cloud-computing.developpez.com/actu/328766/Gartner-Les-revenus-mondiaux-du-cloud-s-eleveront-a-474-milliards-de-dollars-en-2022-contre-408-milliards-de-dollars-en-2021-le-cloud-sera-la-piece-maitresse-des-nouvelles-experiences-numeriques/
[3]	Pearson, S. (2013) Privacy, Security and Trust in Cloud Computing. In: Pearson, S. and Yee, G., Eds., Computer Communications and Networks, Springer, London, 3-42. https://doi.org/10.1007/978-1-4471-4189-1_1
[4]	Parmar, V. and Bhavsar, C. (2011) Implementing Community Cloud to Overcome the Problems of Complexity and Security in Business Environment. Indian Journal of Applied Research, 2, 1-3. https://doi.org/10.15373/2249555X/MAY2014/214
[5]	Armbrust, M., Fox, A., Griffith, R., Joseph, A., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I. and Zaharia, M. (2010) View of Cloud Computing—A Critique. Computer Communications of the ACM, 53, 50-58. https://doi.org/10.1145/1721654.1721672
[6]	Coste, B. (2019) Contextual Detection of Cyber-Attacks by Trust Management on Board a Ship. Ecole Nationale Supérieure Mines-Télécom Atlantique, Palaiseau.
[7]	Guo, L., Yang, H., Luan, K., Luo, Y., Sun, L. and Zheng, X. (2021) Trust Management Model Based on Mutual Trust and a Reward-with-Punishment Mechanism for Cloud Environments. Concurrency and Computation: Practice and Experience, 33, e6283. https://doi.org/10.1002/cpe.6283 https://onlinelibrary.wiley.com/doi/10.1002/cpe.6283
[8]	Kurdi, H., Alfaries, A., Al-Anazi, A., Alkharji, S., Addegaither, M., Altoaimy, L. and Ahmed. S.H. (2019) A lightweight trust management algorithm based on subjective logic for interconnected cloud computing. Journal of Supercomputing, 75, 3534-3554. https://doi.org/10.1007/s11227-018-2669-y
[9]	Jøsang, A. and Simon, R. (2006) Trust Network Analysis with Subjective Logic. Angewandte Chemie International Edition, 6, 951-952.
[10]	Kumar, R. and Goyal, R. (2021) Performance Based Risk Driven Trust (PRTrust): On Modeling of Secured Service Sharing in Peer-to-Peer Federated Cloud. Computer Communications, 183, 136-160. https://doi.org/10.1016/j.comcom.2021.11.013
[11]	Kamvar, S.D., Schlosser, M.T. and Garcia-Molina, H. (2003) The Eigentrust Algorithm for Reputation Management in P2P Networks. Proceedings of the 12th international Conference on World Wide Web, New York, 20-24 May 2003, 640-651. https://doi.org/10.1145/775152.775242
[12]	Kurdi, H., Alshayban, B., Altoaimy, L. and Alsalamah, S. (2018) TrustyFeer: A Subjective Logic Trust Model for Smart City Peer-to-Peer Federated Clouds. Wireless Communications and Mobile, 2018, Article ID: 1073216. https://doi.org/10.1155/2018/1073216
[13]	PoojaGoyal and Deora, S.S. (2022) A Review: Trust Management Techniques Used for Cloud Computing. In: Gupta, D., Polkowski, Z., Khanna, A., Bhattacharyya, S. and Castillo, O., Eds., Proceedings of Data Analytics and Management. Lecture Notes on Data Engineering and Communications Technologies, Vol. 90, Springer, Singapore, 117-132. https://doi.org/10.1007/978-981-16-6289-8_12
[14]	Damera, V.K., Nagesh, A. and Nagaratna, M. (2020) Trust Evaluation Models for Cloud Computing. International Journal of Scientific & Technology Research, 9, 1964-1971.
[15]	Mehraj, S. and Banday, M.T. (2020) Stablishing a Zero Trust Strategy in Cloud Computing Environment. 2020 International Conference on Computer Communication and Informatics, Coimbatore, 22-24 January 2020, 20-25. https://doi.org/10.1109/ICCCI48352.2020.9104214
[16]	Rose, S.W., Borchert, O., Mitchell, S. and Connelly, S. (2020) Zero Trust Architecture. NIST Special Publication, SP 800-207, NIST Computer Security Resource Center, Gaithersburg, 49 p.
[17]	Canadian Centre for Cyber Security (2020) Exigences de base en matière de sécurité pour les zones de sécurité de réseau (Version 2.0)-ITSP.80.022. https://cyber.gc.ca/fr/orientation/exigences-de-base-en-matiere-de-securite-pour-les-zones-de-securite-de-reseau-version
[18]	FIRST (2020) Common Vulnerability Scoring System SIG. https://www.first.org/cvss/
[19]	Cardoso, R.C., Gomes, A.J. and Freir, M.M. (2017) A User Trust System for Online Games-Part II: A Subjective Logic Approach for Trust Inference. IEEE Transactions on Computational Intelligence and AI in Games, 9, 354-368. https://doi.org/10.1109/TCIAIG.2016.2593000
[20]	Cardoso, R.C., Gomes, A.J. and Freir, M.M. (2017) A User Trust System for Online Games-Part I: An Activity Theory Approach for Trust Representation. IEEE Transactions on Computational Intelligence and AI in Games, 9, 305-320. https://doi.org/10.1109/TCIAIG.2016.2592965
[21]	Zhou, R. and Hwang, K. (2006) Trust Overlay Networks for Global Reputation Aggregation in P2P Grid Computing. 20th International Parallel and Distributed Processing Symposium, Rhodes, 25-29 April 2006.
[22]	Alunkal, B.K (2003) Grid Eigen Trust: A Framework for Computing Reputation in Grids. Illinois Institute of Technology, Chicago.
[23]	Jøsang, A. (2009) Subjective Logic. Representations, 171, 1-8.
[24]	Jøsang, A. and Bhuiyan, T. (2017) Optimal Trust Network Analysis with Subjective Logic. 2008 Second International Conference on Emerging Security Information, Systems and Technologies, Cap Esterel, 25-31 August 2008, 179-184. https://doi.org/10.1109/SECURWARE.2008.64