Design and implementation of an automatic security response mechanism for cloud services based on trust attributes.
Cloud computing offers virtually unlimited resources in CPU, memory, and bandwidth, under a service agreement scheme. Operators leverage on this model to achieve economies of scale, by hosting as much customers as possible on such infrastructure. The detected gap is that the Communication Service Providers (CSP) must take into consideration trust as a parameter into the service offering to its customers. This way, customers obtain tools and design capabilities to choose a cloud service offer according to trust-related internal security policies. Therefore, the CSP must ensure that the chosen trust level is maintained through the whole time that the service contract is valid leveraging on a continuous monitoring of the infrastructure, collection of contextual information and automatic response mechanisms that are triggered as the trust level varies through time. This action flow assures security and trust on the set of entities that provide service.