Trust Evaluation Strategy for Single Sign-on Solution in Cloud

Trust Evaluation Strategy for Single Sign-on Solution in Cloud

Guangxuan Chen (Zhejiang Police College, Institute of Software Application Technology, CAS, Guangzhou, China), Liping Ding (Digital Forensics Lab, Institute of Software Application Technology, CAS, Guangzhou, China), Jin Du (Digital Forensics Lab, Institute of Software Application Technology, CAS, Guangzhou, China), Guomin Zhou (Zhejiang Police College, Guangzhou, China), Panke Qin (Henan Polytechnic University, Jiaozuo, China), Guangxiao Chen (Universidad Carlos III de Madrid, Madrid, Spain) and Qiang Liu (Zhejiang Police College, Guangzhou, China)
Copyright: © 2018 |Pages: 11
DOI: 10.4018/IJDCF.2018010101

Abstract

In order to solve the security problems like single point failure, maliciously access or even destruction of the authorizing node that was caused by the lack of knowledge of trust evaluation of interactional nodes, this article proposes a trust evaluation strategy for single sign-on solutions in the cloud. The strategy improved the D-S evidence theory to verify the security of the peer nodes in cloud, including the calculation, combination and transfer of the direct trust and recommended trust. This solved the security problems brought on by evidence conflicts in trust combination and provides security insurance for single sign-on solutions in the cloud.
Article Preview

Design Of Trust Evaluation Model Of Node

In this paper, each cloud server node is regarded as a unified entity of SP (Service Provider) and IDP (Identity Provider) and as a peer node for single sign-on in cloud. The distributed and dynamic characteristics of the cloud resources determine that SP adopted the policy of “fully trust” or “totally do not trust” to the verification certificate provided by the IDP. As for the previous centralized single sign-on model, the credibility and determinacy will decrease with the increase of the number of the entities. Usually, for a certain peer node in the group which contains a large number of peer nodes often can’t obtain the whole information of the other peer nodes. Therefore, this paper proposed a trust evaluation model for the peer node Ni.

Each peer node Ni has a list that records trust evaluation value of the other peer nodes. The trust value of the peer node can be represented by triples Ttuple(α, β, γ), and 0 ≤ α, β, γ ≤ 1, α+β+γ=1. Here, α refers to the probability of “can trust” of the peer node; β means to the probability of “can’t trust” of the peer node; γ represents the probability of uncertainty of the peer node. According to the different understandings of the trust of the peer node (for example, peer node Ni considers it is trustable only when α > 0.9, while Nj thinks it is fully trustable as long as α > 0.7), the values of α, β and γ are continuous rather than discrete. According to the role and function, there’re four types of trust: trust of SP, trust of IDP, recommended trust of the SP and recommended trust of the IDP.

Suppose the trust evaluation value of source peer node Ns to destination peer node Nd is 1, β1, γ1) and trust evaluation value of the other peer nodes to Nd is 2, β2, γ2), the finally trust value of Ns to can be calculated through:

t(α, β, λ) = (α1, β1, λ1) * t1 + (α2, β2, λ2) * t2(1)

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 11: 4 Issues (2019): Forthcoming, Available for Pre-Order
Volume 10: 4 Issues (2018)
Volume 9: 4 Issues (2017)
Volume 8: 4 Issues (2016)
Volume 7: 4 Issues (2015)
Volume 6: 4 Issues (2014)
Volume 5: 4 Issues (2013)
Volume 4: 4 Issues (2012)
Volume 3: 4 Issues (2011)
Volume 2: 4 Issues (2010)
Volume 1: 4 Issues (2009)
View Complete Journal Contents Listing