Trust ticket deployment : a notion of a data owner's trust in cloud computing

While cloud computing (CC) is a scalable model of shared infrastructure and on-demand computing, it lacks a transparent trust and security mechanism. A data owner (DO) loses control over the data outsourced to a machine in the cloud controlled and operated by a cloud service provider (CSP). This machine is at a location unknown to a data owner. This loss of control over data is further intensified with the lack of managing users' access to the data from practical cloud computing perspectives. In this paper, we introduce a new mechanism of ensuring trust and security in Software as a Service (SaaS) CC. Trust Ticket, with the supporting protocols, is our mechanism that helps a data owner in establishing a link between a CSP and a registered user. In our mechanism, a user first gets registered with a DO before receiving a Trust Ticket and a secret key from that DO. Each Trust Ticket is unique and encrypted. On completing the registration of each user, the DO apprises the CSP of the Trust Ticket. Trust Ticket and secret key are respectively for the registered user's getting accepted to the CSP and having a view of the data owner's data upon a successful verification by the CSP. We have done our experiment in Java network programming by creating an emulated cloud computing framework under the VMware ESXi 4.1 hyper visor based platform. Using the framework, we have evaluated our algorithmic protocol for Trust Ticket. We have also compared our work with prior work. Overall performance of our work is better. We argue that our proposed algorithmic protocol for Trust Ticket deployment establishes a data owner's trust. This trust is established through a data owner's control over data and a registered user, because a registered user is linked with a CSP by a data owner through Trust Ticket.