Use this URL to cite or link to this record in EThOS:
Title: A separation-of-powers model for a trustworthy and open cloud computing ecosystem
Author: Ruan, Anbang
ISNI:       0000 0004 6498 5750
Awarding Body: University of Oxford
Current Institution: University of Oxford
Date of Award: 2014
Availability of Full Text:
Access from EThOS:
Full text unavailable from EThOS. Restricted access.
Access from Institution:
Most existing security enhancements lack a widely-agreed definition of trust. Trusted Cloud models have been proposed, which establish a Root-of-Trust inside the cloud and vouch for the trustworthiness of the cloud services. However, these are often impractical and ineffective due to the cloud's characteristics of complexity, heterogeneity, and dynamism. This dissertation thus focuses on how to effective manage the trust dynamics inside the cloud, and how to export trust to achieve practical cloud attestations. Firstly, a Separation-of-Powers (SoP) model is designed. It separates the authorities of a Cloud Service Provider, and allows different independent roles to participate in managing trust inside the cloud. The collaborative-restrictive relationship among these roles encourages a trustworthy and open cloud ecosystem. Secondly, three core components for implementing this model are designed, solving the problems of: how to effectively determine a Cloud Trusted Computing Base (cTCB) for a cloud application; how to define a Cloud Root-of-Trust (cRoT) for managing the trust evidence for this cTCB; and how to construct a Cloud Chain-of-Trust (cCoT) from the cRoT to export the trust evidence, and achieve cloud application attestations. Thirdly, simulators and prototypes are implemented to evaluate these core components. A Trusted MapReduce (TMR) system is also built as a case study to demonstrate how to utilize the trust services achieved by the SoP model. This dissertation demonstrates that, by correctly managing trust inside the cloud, the genuine behaviours of the cloud can be effectively inspected and verified. The SoP model builds trust from customers to the Cloud Services Providers. Trustworthiness supports security-critical cloud applications, which encourages a wider range of cloud users. Openness further brings a flourishing market to the ecosystem. It encourages many more diverse Cloud Service Providers to equally participate in the cloud ecosystem, regardless of their scale or capabilities. We believe that a model of this kind is important for achieving trustworthy governance in the cloud ecosystem. It could in turn help to promote a wider cloud model adoption.
Supervisor: Martin, Andrew Sponsor: Not available
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID:  DOI: Not available