Trust framework for IAAS—A tool based on security checks through standards and certifications

Abstract

The admiration and acceptance of cloud computing by masses has fuelled the concern to look into the critical issues faced by technology to make it a seamless and trusty solution of information systems, communication, and information security. Two challenges that are hampering the success of this technology are: security and trust. When security is assured, trust will forte and security lapse will definitely have a negative impact on trust. In this paper, we introduce a novel trust model that is based on security coverage through standards and certifications. To address these issues, author has kept a twofold aim for this paper: firstly logged all the factors that are considered imperative for IAAS security and verify how provider is assuring security related to these factors. Second is to present a “trust framework” that will calculate trustworthiness of cloud provider on the basis of security coverage of above-mentioned factors through standards and certification attained by cloud provider. The proposed solution can calculate two types of trust factors: overall trust factor (OTF) and service-specific trust factor (SSTF). This framework can assist cloud consumer in electing cloud provider for IAAS.