A Fuzzy-Logic Approach for Evaluating a Cloud Service Provider

John Mitchell, Syed Rizvi, Jungwoo Ryoo

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Citations (Scopus)

Abstract

Cloud computing represents the next evolutionary step in the realm of IT and offers a multitude of advantages over traditional computing models. However, there is a large trust deficit between cloud service users (CSUs) and cloud service providers (CSPs) that prevents the widespread adoption of the cloud among business professionals. Businesses are reluctant to migrate to the cloud due to the numerous security issues which affect data confidentiality and integrity. Therefore, a trust model is required to establish the positive reputation of the CSP. In this paper, we propose a fuzzy-logic based approach that allows the CSUs to determine the most trustworthy CSPs. Specifically, we develop the inference rules that will be applied in the fuzzy inference system (FIS) to provide the quantitative security index to the CSUs. One of the main advantages of the FIS is that it considers the uncertainties and ambiguities associated with measuring trust. Moreover, our proposed fuzzy based trust model is not limited to the CSU since it can be used by the CSPs in a self-evaluation process to promote improvement. To demonstrate the effectiveness of our proposed fuzzy based trust model, we present a case study where several popular CSPs are evaluated and ranked based on the security index.

Original languageEnglish (US)
Title of host publicationProceedings - 2015 1st International Conference on Software Security and Assurance, ICSSA 2015
EditorsJungwoo Ryoo, Hyoungshick Kim
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages19-24
Number of pages6
ISBN (Electronic)9781509010783
DOIs
StatePublished - Jan 10 2017
Event1st International Conference on Software Security and Assurance, ICSSA 2015 - Suwon, Gyeonggi, Korea, Republic of
Duration: Jul 27 2015 → …

Publication series

NameProceedings - 2015 1st International Conference on Software Security and Assurance, ICSSA 2015

Other

Other1st International Conference on Software Security and Assurance, ICSSA 2015
CountryKorea, Republic of
CitySuwon, Gyeonggi
Period7/27/15 → …

Fingerprint

Fuzzy logic
Fuzzy inference
Cloud computing
Industry

All Science Journal Classification (ASJC) codes

  • Software
  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications

Cite this

Mitchell, J., Rizvi, S., & Ryoo, J. (2017). A Fuzzy-Logic Approach for Evaluating a Cloud Service Provider. In J. Ryoo, & H. Kim (Eds.), Proceedings - 2015 1st International Conference on Software Security and Assurance, ICSSA 2015 (pp. 19-24). [7812941] (Proceedings - 2015 1st International Conference on Software Security and Assurance, ICSSA 2015). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICSSA.2015.014
Mitchell, John ; Rizvi, Syed ; Ryoo, Jungwoo. / A Fuzzy-Logic Approach for Evaluating a Cloud Service Provider. Proceedings - 2015 1st International Conference on Software Security and Assurance, ICSSA 2015. editor / Jungwoo Ryoo ; Hyoungshick Kim. Institute of Electrical and Electronics Engineers Inc., 2017. pp. 19-24 (Proceedings - 2015 1st International Conference on Software Security and Assurance, ICSSA 2015).
@inproceedings{3279a085c41d48f9b84e55b036297519,
title = "A Fuzzy-Logic Approach for Evaluating a Cloud Service Provider",
abstract = "Cloud computing represents the next evolutionary step in the realm of IT and offers a multitude of advantages over traditional computing models. However, there is a large trust deficit between cloud service users (CSUs) and cloud service providers (CSPs) that prevents the widespread adoption of the cloud among business professionals. Businesses are reluctant to migrate to the cloud due to the numerous security issues which affect data confidentiality and integrity. Therefore, a trust model is required to establish the positive reputation of the CSP. In this paper, we propose a fuzzy-logic based approach that allows the CSUs to determine the most trustworthy CSPs. Specifically, we develop the inference rules that will be applied in the fuzzy inference system (FIS) to provide the quantitative security index to the CSUs. One of the main advantages of the FIS is that it considers the uncertainties and ambiguities associated with measuring trust. Moreover, our proposed fuzzy based trust model is not limited to the CSU since it can be used by the CSPs in a self-evaluation process to promote improvement. To demonstrate the effectiveness of our proposed fuzzy based trust model, we present a case study where several popular CSPs are evaluated and ranked based on the security index.",
author = "John Mitchell and Syed Rizvi and Jungwoo Ryoo",
year = "2017",
month = "1",
day = "10",
doi = "10.1109/ICSSA.2015.014",
language = "English (US)",
series = "Proceedings - 2015 1st International Conference on Software Security and Assurance, ICSSA 2015",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "19--24",
editor = "Jungwoo Ryoo and Hyoungshick Kim",
booktitle = "Proceedings - 2015 1st International Conference on Software Security and Assurance, ICSSA 2015",
address = "United States",

}

Mitchell, J, Rizvi, S & Ryoo, J 2017, A Fuzzy-Logic Approach for Evaluating a Cloud Service Provider. in J Ryoo & H Kim (eds), Proceedings - 2015 1st International Conference on Software Security and Assurance, ICSSA 2015., 7812941, Proceedings - 2015 1st International Conference on Software Security and Assurance, ICSSA 2015, Institute of Electrical and Electronics Engineers Inc., pp. 19-24, 1st International Conference on Software Security and Assurance, ICSSA 2015, Suwon, Gyeonggi, Korea, Republic of, 7/27/15. https://doi.org/10.1109/ICSSA.2015.014

A Fuzzy-Logic Approach for Evaluating a Cloud Service Provider. / Mitchell, John; Rizvi, Syed; Ryoo, Jungwoo.

Proceedings - 2015 1st International Conference on Software Security and Assurance, ICSSA 2015. ed. / Jungwoo Ryoo; Hyoungshick Kim. Institute of Electrical and Electronics Engineers Inc., 2017. p. 19-24 7812941 (Proceedings - 2015 1st International Conference on Software Security and Assurance, ICSSA 2015).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - A Fuzzy-Logic Approach for Evaluating a Cloud Service Provider

AU - Mitchell, John

AU - Rizvi, Syed

AU - Ryoo, Jungwoo

PY - 2017/1/10

Y1 - 2017/1/10

N2 - Cloud computing represents the next evolutionary step in the realm of IT and offers a multitude of advantages over traditional computing models. However, there is a large trust deficit between cloud service users (CSUs) and cloud service providers (CSPs) that prevents the widespread adoption of the cloud among business professionals. Businesses are reluctant to migrate to the cloud due to the numerous security issues which affect data confidentiality and integrity. Therefore, a trust model is required to establish the positive reputation of the CSP. In this paper, we propose a fuzzy-logic based approach that allows the CSUs to determine the most trustworthy CSPs. Specifically, we develop the inference rules that will be applied in the fuzzy inference system (FIS) to provide the quantitative security index to the CSUs. One of the main advantages of the FIS is that it considers the uncertainties and ambiguities associated with measuring trust. Moreover, our proposed fuzzy based trust model is not limited to the CSU since it can be used by the CSPs in a self-evaluation process to promote improvement. To demonstrate the effectiveness of our proposed fuzzy based trust model, we present a case study where several popular CSPs are evaluated and ranked based on the security index.

AB - Cloud computing represents the next evolutionary step in the realm of IT and offers a multitude of advantages over traditional computing models. However, there is a large trust deficit between cloud service users (CSUs) and cloud service providers (CSPs) that prevents the widespread adoption of the cloud among business professionals. Businesses are reluctant to migrate to the cloud due to the numerous security issues which affect data confidentiality and integrity. Therefore, a trust model is required to establish the positive reputation of the CSP. In this paper, we propose a fuzzy-logic based approach that allows the CSUs to determine the most trustworthy CSPs. Specifically, we develop the inference rules that will be applied in the fuzzy inference system (FIS) to provide the quantitative security index to the CSUs. One of the main advantages of the FIS is that it considers the uncertainties and ambiguities associated with measuring trust. Moreover, our proposed fuzzy based trust model is not limited to the CSU since it can be used by the CSPs in a self-evaluation process to promote improvement. To demonstrate the effectiveness of our proposed fuzzy based trust model, we present a case study where several popular CSPs are evaluated and ranked based on the security index.

UR - http://www.scopus.com/inward/record.url?scp=85013672498&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85013672498&partnerID=8YFLogxK

U2 - 10.1109/ICSSA.2015.014

DO - 10.1109/ICSSA.2015.014

M3 - Conference contribution

AN - SCOPUS:85013672498

T3 - Proceedings - 2015 1st International Conference on Software Security and Assurance, ICSSA 2015

SP - 19

EP - 24

BT - Proceedings - 2015 1st International Conference on Software Security and Assurance, ICSSA 2015

A2 - Ryoo, Jungwoo

A2 - Kim, Hyoungshick

PB - Institute of Electrical and Electronics Engineers Inc.

ER -

Mitchell J, Rizvi S, Ryoo J. A Fuzzy-Logic Approach for Evaluating a Cloud Service Provider. In Ryoo J, Kim H, editors, Proceedings - 2015 1st International Conference on Software Security and Assurance, ICSSA 2015. Institute of Electrical and Electronics Engineers Inc. 2017. p. 19-24. 7812941. (Proceedings - 2015 1st International Conference on Software Security and Assurance, ICSSA 2015). https://doi.org/10.1109/ICSSA.2015.014