Evaluating Identity Theft Protections by Trust-based Model for Cloud Computing

Ghazi Zadeh, Eghbal
Cusack, Brian
T. Litchfield, Alan
Item type
Degree name
Doctor of Philosophy
Journal Title
Journal ISSN
Volume Title
Auckland University of Technology

The trust level in Cloud Computing (CC) is a topic that is currently attracting significant interest. Federated clouds with different attributes and secure elements present a complex decision-making context for the cloud services customers. Cloud identity federation can help maintain users’ identity and their ability to use their identity in the distributed environment (Cloud). Therefore, due to the vast diversity of capability, capacity, and security in the available Cloud Identity Providers (CIdPs), from the Cloud identity Users’ (CIdU) point of view, the lack of evidence is the main decision making problem. A decision to decide which providers a CIdU should use and what is the evidence basis for their decision and selection, is currently difficult and under addressed by CIdPs. Currently, there is no comprehensive framework that can allow CIdUs to evaluate identity service offerings and rank them based on their ability to meet a trust framework (attributes, characteristics, features, and secure elements) requirements and this is a gap and an opportunity to research in this thesis. To address the gap, the objective is to establish a trust management framework that measures, aggregates and manages trust-related information from different sources which are available and relevant when assessing the trustworthiness of the CIdPs. Consequently, as a response to the gap, this study involves developing to a new cloud identity trust framework to answer the research questions and to make sure that the new artefact is evaluated and refined to a high standard. A mixed (Design Science (DS), Trust and Reputation System, Reputation System, and DeSPoT Trust System) trust and Design Science (TDS) research method is designed and employed to guide the study. The mixed method is used to mature the design artefact and to benefit the processes from problem identification, to evaluation and trust dissemination. The TDS method influences the design of the study and the evaluation methodology employed to evaluate the artefact which is done in the fifth phase of the DS research method. The literature review showed there are many trust models and frameworks, but, they are either developed for a specific sub-field such as infrastructure, mobile, and network, or, a generic cloud trust framework model. This study is aimed to fill the gap identified in the literature where no comprehensive and useful trust framework model is currently available to help CIdUs to make a knowledge-based decision that considers both service provider and customer perspectives. Therefore, the primary aim of the proposed trust framework is to consider the full cloud identity environment and to capture all potential trust attributes and elements as evidence, including functional and non-functional elements. In this regard, by utilising evaluation theory, Importance-Performance Analysis, Expert Interviews, and the Analytical Hierarchy Process, the modelling of trust a framework is done including, priorities, attributes, characteristics, the measurement processes, and an aggregate result for granular level trust metrics. Therefore, the potential outcome of this research is to make an innovative structure based on the existing works and present it in a systematic way that helps the CIdUs to make the best decision for a CIdP or combinations of them for specific requirements. The impact of this research is to facilitate the knowledge base decision making for both identity providers and end users. Such a framework can bring a significant impact on the trust between a provider and the customers, and improve the decision-making process for users’ identity management. Moreover, it helps CIdUs directly, without involving IT experts. As a result, the application artefact has been designed, built, and implemented to test and evaluate the usability and feasibility of the proposed model. The application has passed the usability testing by the industry experts, but it still needs continuous improvement. Standardisation and technology updates are required before generalisation and release as a market version. The recommendations for further research from thesis are: • Utilize the semantic web to determine the Service Level Agreement (SLA) • Test the Trusted Platform Module hardware with trusted computing • Further research to redesign the input sources of consumer opinion • Utilize different threat models to test the artefact • Improve the artefact to integrate with Cloud Access Security Brokers options • Further research to improve the discovery database of cloud identity service providers • Provide further aggregated information in the application dashboard • Expand the scope to the Internet of Things (IoT) and Mobile Cloud Computing (MCC)

Cloud Computing , Cloud Identity , Cloud Security , Identity and access management , Trust Computing , Design Science , AHP , Evaluation Theory , IPA
Publisher's version
Rights statement