Sage Journals: Discover world-class research

Abstract

In the process of using the cloud platform, how to ensure the safety of users is a matter we must concern. The user authentication can provide a certain degree of security, but when the user information was leaked, this method will not be effective. Therefore, this article proposes a trust evaluation model based on user behavior data. In this model, the user’s historical behavior will be used to construct a set of trusted behavior of the cloud users. On this basis, the direct trust of the user’s behavior can be obtained. Then, the recommendation trust can be calculated by the interaction between the users and other cloud users. Given the current historical trust, the comprehensive trust can be obtained using the weighted average method. Among them, the initial value of historical trust is set to a constant and then updated by the comprehensive trust. In order to control the user’s abnormal behavior more effectively, the suspicious threshold value and the abnormal threshold value were defined, which are used to punish the historical trust. Through the simulation of the virtual digital library cloud platform, the method can effectively evaluate the cloud users.

Keywords

Cloud computing behavior data trust evaluation data analysis cloud security

Introduction

Cloud computing presents a new service model, connected by a huge system pool together, to provide users with a variety of storage and computing resources. It has become one of the major trends in today’s IT development. Because of its ease of use, easy to expand, on-demand features, it attracted a lot of personal and business users. In the course of its use, safety is a major challenge. On one hand is credible, reliable cloud service provider problem, and the other is faced with security threats cloud users.¹ Thus, in the process of application and research of cloud computing, how to solve the security problems faced will be a long and important research priority.

The cloud platform is a service-oriented architecture and contains three standard models: infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS). With the explosive growth of cloud users and service content, the security of the cloud platform is getting more and more attention. Moreover, the diversity of cloud users and user’s behavior makes the security problems of the cloud platform more prominent. Furthermore, the exception of the user will bring about the abnormal access and privacy of the data. Therefore, it is necessary to develop measures to ensure data security and detect user abnormality.

The motivation in this work is based on the idea that the trust value of cloud user can be reflected by the user’s behavior. For example, consider the case of a user that is abnormal. It will bring abnormal behavior In fact, any application scenarios that involves user access can be supported by such a framework.

Our trust model can be thought of as a simple form of anomaly detection. The basis of detection depends on the degree of trust. The computation and storage of trust value are all located on the cloud platform. Therefore, the reliability of the trust value is guaranteed.

Our proposal has the following advantages. First, the realization is simple, and it is easy to deploy in a cloud environment. Second, the trust value is dynamic and can cope with the changing environment. Third, the user behavior plays a key role in the calculation of the trust value.

The rest of the article is organized as follows. This article first introduces security research in cloud computing environment. Then, the behavior of cloud users is briefly analyzed. In the third part, the trust evaluation model of cloud user behavior data will be constructed. In the fourth part, the model is verified by the simulation of the digital book cloud platform and the results and analysis are given. Finally, the article is summarized, and the further work direction is pointed out.

Related work

The security of cloud computing has been the focus in the application process. In recent years, many experts have carried out more in-depth research and produced a number of significant achievements. Lin et al.² compared the existing computing security cloud model and evaluation methods and proposed a multi-queue based on cloud computing multi-server security model. Chen et al.³ proposed user behavior model–based dynamic game, in order to strengthen the cloud user type inference accuracy and comprehensiveness. For cloud server data integrity and confidentiality issues, Lin et al.⁴ proposed an act of cloud-based access control model. Yan et al.⁵ combined the cloud virtual machine identity management and authentication issues and present a hidden identity information programs to improve the safety certification process. Tian and Cao⁶ proposed a model based on cloud user behavior identified multiple graphs, layer by behavioral evidence, and conduct multiple layer graph construction and behavior and identified layer 3 levels to solve the cloud service user behavior credibility problem. Patel et al.⁷ conducted a study on cloud computing intrusion detection and prevention. Lin et al.⁸ have proposed cross-layer mechanisms credibility of mobile cloud computing reliable recommendation and privacy issues have been studied. Anisetti et al.⁹ put forward a certified independent cloud-based system. Xiong et al.¹⁰ proposed a cloud data self-destruct program to ensure the security of data. Liu et al.¹¹ proposed a privacy rights based on shared authentication protocol, a good solution to the problem of privacy in a shared process to solve the user privacy cloud computing environment may leak when shared access issues. Zhou et al. proposed a role-based encryption (RBE) access control model to enforce access policies on encrypted data and protect data privacy in a cloud storage system. The RBE used cryptographic techniques to allow the owner of the data to encrypt the data to a specific role, so that only the authorized users in this role or the predecessors of this role can decrypt.¹² Chen et al. proposed a global social trust model in cloud to provide trustworthy communicating path and help address security issues. The model described the implicit call behavioral graph formed by users’ interactions with call and rated these relationships to form a dynamic local cloud trust. Afterward, it discussed the propagation and aggregation of local trust values for global social cloud network.¹³ Li et al. proposed a method for trust quantification based on fuzzy comprehensive evaluation theory for cloud computing to protect user data. It can dynamically perform trust quantification to deal with malicious acts of nonfaithful services.¹⁴ Wang et al. proposed a cloud service evaluation model based on trust and privacy-aware. In the design of the model, it introduces many factors, such as attenuation time and transaction volume. It can ensure that the actual quality of service, fraud, and malicious evaluation of malicious entities have a certain ability to resist.¹⁵ To increase the precision and accuracy of the trust evaluation, Hajizadeh et al. proposed a new method to evaluate the trust metric among the cloud providers. The model has better reliability and availability than the first-in first-out (FIFO) and quality of service (QoS) models and can improve the amount of availability, error-hit, precision, and reliability values.¹⁶ Chiregi et al. proposed a new method for trust and reputation evaluation on the basis of the mechanism of the opinion leaders and removing trolls. It takes into account the influence of a variety of measurement standards and has achieved good results.¹⁷

Moreover, a lot of access control models have been proposed in the literature,^18–22 most of them were based on the trusted third party and traditional cryptographic and authentication techniques. Thus, it ignores attacks launched by an inside attacker that has the legal identity and dishonest recommendations used to frame up good parties and boost trust values of malicious peers. Although the trust mechanism is introduced into access control,²³ they do not make full use of the user’s behavior. Furthermore, cloud platform has not been fully utilized. Cloud computing is big data storage, processing platform. The behavior information is generated by mass users in the process of using the cloud platform, and it is a typical big data source. So we can analyze the data generated by the process of using a cloud platform. And then it can enhance the user’s security controls.

Through the above analyses, it can be seen that trust evaluation of cloud platform is mainly concerned with the trust of the cloud platform itself. There is little research on trust for cloud users. Furthermore, the access control of the cloud users is more based on the third-party trust and the traditional encryption and authentication mechanism. So a trust evaluation model of cloud user based on behavior data is proposed in this article. The trusted behavior state of users is obtained by data analysis in the model. Based on the user’s trusted behavior state, direct trust of users will be computed. Based on the interaction of the current user and other users, recommendation trust will be calculated. Finally, comprehensive trust of users is calculated using the weighted average of three kinds of trust.

Cloud user behavior analysis

New features of cloud users

Cloud computing is a new service. It has some of their own characteristics compared with the traditional network:

The number of users is much greater. Network technology is mainly to solve the problem of sharing information resources in different organizations. Cloud computing is not only able to achieve the sharing of resources but also able to achieve the integration of large-scale scalable computing, storage, data, and application of distributed computing for collaborative work of super computing model. In addition, it is bound to accommodate and attract more users.

User behavior is more diverse. Cloud computing environment can provide more services. The users will have more interactive behavior in the use of these services. Therefore, the access control of interactive behavior is more important.

Security issues are more prominent. Cloud computing faces a greater variety of security threats, such as availability of service, data lock-in, data confidentiality and audibility, data transfer bottlenecks, performance unpredictability, bugs in large-scale distributed systems, reputation fate sharing, privacy and security, and access control.

In the cloud-computing environment, these features bring new requirements and challenges. How to guarantee the user information, data, and the privacy and security of services is a problem that must be solved.

Analysis behavior characteristics of cloud users

The behavior characteristics of cloud users are similar to the usual network users. Nevertheless, because of the change of service mode, it produced some new characteristics. The behavior analysis is as follows:

Login information has more content. It mainly includes the time, the place, login mode, and so on. Different users have different content, so it can be effective analysis for the user’s behavior.

The user has a variety of operating habits. It includes the order of operation, the type of access to resources and services, the frequency of access, the time of stay, and so on.

More information is derived from user interaction. With the popularity of cloud computing, users will interact with users registered in the same or different cloud. It will produce a large number of information in the interactive process.

More abnormal operation behavior of user is generated. Illegal links, try to override, password attempts, and so on can also be used for the evaluation of user behavior characteristics.

All of this reflect the user’s personal habits. In the process of using the cloud platform, a large number of data will be accumulated, and the statistical results of these data can be used to evaluate the user’s behavior. The establishment of the model and method can be used for the evaluation of cloud terminal user trust, which is the focus of this article.

Trust evaluation model based on behavior data

Based on user behavior, this model can form a user-trusted behavior profile. Then, the user’s behavior state can be determined using this model.

Design of trust evaluation model

User’s behavioral characteristics are diverse. Although the trusted behavior collection can be obtained through its historical behavior data, the user behavior does not only rely on the historical behavior. Thus, using only historical data to judge the user’s behavior is too arbitrary.

Therefore, four kinds of trusts are defined in this article, which are direct trust, recommendation trust, historical trust, and comprehensive trust. The definition is as follows:

Definition 1. Direct trust is the statistics of the real-time interaction between the user and the cloud platform. It can reflect the current state of the user and is affected by historical behavior data.

Definition 2. Recommendation trust is the trust obtained by the user’s real-time interactive behavior with other users. The trust is calculated jointly by the user involved in the interaction, which is affected by the trust of the user itself.

Definition 3. Historical trust is the result of the last trust calculation and is affected by the trust threshold and the abnormal threshold. Its initial value is manually set.

Definition 4. Comprehensive trust is the synthesis of direct trust, recommendation trust, and historical trust. It is used to evaluate the user.

The trusted behavior set is only the source of the direct trust value (recorded as $T_{d}$ ). The comprehensive trust (recorded as $T_{c}$ ) is calculated by direct trust degree, historical trust (recorded as $T_{h}$ ), and recommendation trust (recorded as $T_{r}$ ). When the comprehensive trust is lower than the set threshold, it is considered abnormal. Of course, in the case of abnormal results, it will be based on the changes in the value of the trust of the user to inform the user, so that users can timely access to their own account in the abnormal situation. The process of trust evaluation is shown in Figure 1.

Figure 1.

Process of trust evaluation.

Analysis of cloud user behavior data

Users’ behavior is diverse, including many types and status. For ease of analysis, this article sets the total number of cloud users behavior as N, then the behavior of cloud users can be recorded as

CB = {c b_{i} | i is a natural number, and 0 < i \leq N}

(1)

where $c b_{i}$ represents the ith acts of cloud end users.

If set the number of cloud end user equal to $i$ , then the number of user’s behavior state is $m_{i}$ . The state set of cloud user behavior can be recorded as follows

\begin{array}{l} CBS = \\ {cb s_{j} | j, i is a natural number, and 0 < j \leq m_{i}, 0 < i \leq N} \end{array}

(2)

It has defined the behavior set of cloud users and the collection of the state of each behavior the following can be the behavior data analysis of cloud users, so as to determine the credibility of cloud user’s profile. In order to simplify the evaluation process, the analysis process of the cloud user behavior is accomplished by simple statistical method. The premise is that we assume that the historical data is credible. Based on the trusted data, the behavior of each cloud user is a mathematical statistic, and the set of trusted state consists of some larger frequency states. The ith cloud user behavior has $p_{i}$ states that appear frequently. The trusted state set of user behavior consists of $p_{i}$ behavioral states. The cloud user’s trusted state set is denoted as follows

\begin{matrix} CB S^{TRUSTED} = {{{cbs}_{j}^{trusted}}^{i} | j, i \\ is a natural number, and 0 < j \leq p_{i}, 0 < i \leq N} \end{matrix}

(3)

We can simply count the trusted state set of each cloud user behavior by this method and then the value of direct trust can be designed. Of course, the weight calculation process can also be determined according to the role of each cloud user behavior in trust evaluation. The weights set by expert by experience and can also get by optimizing algorithm optimization, in which each cloud user behavior we set weights recorded as follows

ε = {ε_{i} | 0 < i \leq N}

(4)

where $0 \leq ε_{i} \leq 1$ and $\sum_{i = 1}^{N} ε_{i} = 1$ . If the behavior does not appear, the weight of the behavior may be 0.

Calculation of direct trust

After the user login to the cloud platform, the number of user behavior is $k (0 < k \leq N)$ . Obtained by comparison of which $l (l \in CB S^{TRUSTED})$ belongs to a trusted set. The direct trust can be calculated by the following formula

\begin{matrix} T_{d} = ⌊ MAX \times ((l \times \sum_{i = 1}^{l} ε_{i}) / (1 + k)) ⌋ \\ 0 < k \leq N, 0 \leq l \leq k \\ T_{d} \in [0, MAX] \end{matrix}

(5)

where $MAX$ is maximum direct trust and takes experience or set by experts.

The calculation of direct trust can also be used to calculate the statistical value of the cloud user behavior for a period of time. Set statistical time window $Tim e_{slidwd}$ . Within this time window, set $i th$ user behavior appears $r_{i}$ times, and $s_{i}$ times belong to a trusted collection. The direct trust can be calculated by the following formula

T_{d} = ⌊ MAX \times \sum_{i = 1}^{N} (ε_{i} \times s_{i} / (1 + r_{i})) ⌋

(6)

Calculation of recommendation trust

Direct trust can measure the state of user behavior. But the interaction between the users and other users cannot give a direct result of the evaluation. Therefore, this article introduces the recommendation trust. Recommendation trust is calculated by the interactive success ratio of the user and other users.

After the user login in the cloud, the number of interactive request to the other users is $Inter$ . Interactive requests include two parts. One part is the request of the internal platform, the number of requests is $Inte r^{inner}$ in which the number of successful requests is recorded as ${Inter}_{success}^{inner}$ . The other part is the cross platform interaction request, denoted as $Inte r^{outer}$ , the number of successful requests recorded as ${Inter}_{success}^{outer}$ . The number of users within the internal platform is $w$ . The recommendation trust can be calculated by the following formula

T_{r} = ⌊ (\sum_{i = 1}^{w} (T_{ci} / w) \times ({Inter}_{success}^{inner} / Inte r^{inner})) + ({Inter}_{success}^{outer} / Inte r^{outer}) ⌋

(7)

where $T_{ci}$ represents the comprehensive trust of the ith internal users.

Calculation of comprehensive trust

The value of comprehensive trust is obtained by the weighted average calculation, using direct trust, recommendation trust, and historical trust. Direct trust and recommendation trust can be calculated by the formula. The initial value of history trust is set manually and then updated according to comprehensive trust value. The calculation method is shown in formula (8)

T_{c} = ⌈ α \times T_{d} + β \times T_{r} + γ \times T_{h} ⌉

(8)

where $α, β, γ$ are weighting coefficients, and $0 < α, β, γ < 1, α + β + γ = 1$ . The user, the experts, and the experience can give the value.

Calculation of historical trust

The initial value of historical trust is set $MAX$ . It represents the complete trust of the user, and then updated according to comprehensive trust value, suspected abnormal threshold (recorded as $Th d_{susp}$ ), abnormal threshold (recorded as $Th d_{abn}$ ). The calculation method is shown in formula (9)

T_{h} = {\begin{matrix} T_{c}, T_{c} < Th d_{susp} \\ T_{c} - | T_{c} - Th d_{susp} |, Th d_{susp} < T_{c} < Th d_{abn} \\ T_{c} - τ \times | T_{c} - Th d_{abn} |, T_{c} \geq Th d_{abn} \end{matrix}

(9)

In this formula, $τ$ is penalty coefficient. It can adjust the intensity of punishment.

Exception decision

Exception decision is conducted through comprehensive trust, historical trust, and threshold. According to the extent of the anomaly, it is divided into two levels. One is called a suspected anomaly. In this case, to continue to update the history trust, do not update the list of trust. Another is an exception, in which a trust list is required to be updated, and the user will be removed from the trust list. In order to make a decision, the two thresholds are set.

The threshold values are shown in section “Calculation of historical trust.” The process of decision is shown in Figure 2.

Figure 2.

The process of exception decision.

Simulation results and analysis

In order to analyze the validity of the trust evaluation model of cloud user based on behavior data, in this article the model will be carried on verification through an experimental cloud platform.

Experimental environment

In this article, the experimental cloud platform is a simulation cloud of a digital library. Through this platform, users can search, download, upload digital document resources, and can also launch a chat request and transfer files to other users. Cloud users can be students, teachers, and administrators of the laboratory, and the user’s access control is achieved by the user’s username, password, and the IP address of the binding. In this platform environment, each user’s IP address is fixed, that is, through the IP address can be bound to a certain user. If authentication is successful, it can enjoy all the services provided by the platform, and others can do only retrieval.

According to the experimental environment, the behavior of the cloud users can be divided into five categories. The first category is user authentication behavior. The second category is retrieval behavior. The third category is download behavior. The fourth category is upload behavior. The fifth category is interactive behavior. The main behavior states of the cloud users are shown in Table 1. In Table 1, the value of the weight is set according to experience.

Table 1.

The main state of the cloud end user behavior.

User behavior	Behavior state set	Weight
User authentication	Normal users and legal IP, normal users and illegal IP, abnormal users and legal IP, abnormal users and illegal IP	0.4
Retrieval behavior	Retrieval method (single keyword search, combination search, other, any), retrieval content (certain field, some areas, other, any)	0.2
Download behavior	Download frequency (never download, accidental download, regular download, download each time, any), download mode (single download, batch download, any), download content (specific area, some areas, any), download category (pdf, doc, caj, any)	0.2
Upload behavior	Upload category (pdf, doc, caj, none, any), upload frequency (never upload, accidental upload, regular upload, upload each time, any)	0.2
Interactive behavior	Chat requests, file transfer requests	–

Experiment process

Determine the trusted behavior set

In the experiment, the working process of the model is illustrated with the example of A. According to the actual situation of the experimental platform, the number of user’s behavior that can be used to calculate the direct trust is 4 $(N = 4)$ . Its behavior set is as follows:

$CB = {c b_{i} | i is a natural number, and 0 < i \leq N}$ , where $N = 4$ .

$c b_{1} = User authentication$ ; $c b_{2} = Retrieval behavior$ ; $c b_{3} = Download behavior$ ; $c b_{4} = Upload behavior$

The set of the behavior states can be obtained by Table 1 and then the status set of trusted user is obtained using the statistics of the user behavior data. The status set of trusted user is shown as follows:

CBS ^TRUSTED = {{normal users and legal IP}, {retrieval method = combination search, retrieval content = specific area}, {download frequency = download each time, download mode = batch download, download content = specific area, download category = pdf}, {upload category = none, upload frequency = never upload}}

Calculation of direct trust

The behavior characteristics of user A is shown in Table 2.

Table 2.

Current user behaviors.

User behavior	The status set of user behavior
User authentication	Normal users and legal IP, abnormal users and legal IP
Retrieval behavior	Retrieval method = combination search, retrieval content = some areas
Download behavior	Download frequency = any, download mode = single download, download content = any, download category = any
Upload behavior	Upload category = any, upload frequency = any
Interactive behavior	To B users to launch a chat request and accepted, to send a file to the C user request but was rejected

In this article, $MAX$ is set to 100. As can be seen from Table 2, there are three user behavior which belongs to the trusted user behavior set. Combined with Table 1, it can get the weight of each user’s behavior according to formula (5), the direct trust is calculated as follows

\begin{array}{l} T_{d} = ⌊ M A X \times ((l \times \sum_{i = 1}^{l} ε_{i}) / (1 + k)) ⌋ \\ = ⌊ 100 \times (3 \times (0.4 + 0.2 + 0.2)) / 7 ⌋ = 34 \end{array}

Calculation of recommendation trust

User B and C’s trust are 80 and 90, respectively. The recommended trust of the user A is calculated from formula (7) as follows

T_{r} = ⌊ (\sum_{i = 1}^{w} (T_{c i} / w) \times (Inte r_{success}^{inner} / Inte r^{inner})) + (Inte r_{success}^{outer} / Inte r^{outer}) ⌋ = ⌊ ((80 + 90) / 2) \times 0.5 ⌋ = 42

Calculation of comprehensive trust

The historical trust of A is 90 $(T_{h} = 90)$ . According to the statistical results, the weight value of each degree of trust is set as follows

(α, β, γ) = (0.2, 0.1, 0.7)

The comprehensive trust of the user A is calculated from formula (8) as follows

\begin{array}{l} T_{c} = ⌈ α \times T_{d} + β \times T_{r} + γ \times T_{h} ⌉ \\ = ⌈ 0.2 \times 34 + 0.1 \times 42 + 0.7 \times 90 ⌉ = 74 \end{array}

Update historical trust

According to the statistical results, the value of each threshold is 70 and 50 ( $Th d_{susp} = 70$ , $Th d_{abn} = 50$ ). Combined with formula (9), it can get $T_{h} = T_{c} = 74$ . Because of $T_{h} > Th d_{abn}$ , the trust list is not updated.

Experimental results

Comparison of comprehensive trust between normal and abnormal users

The initial comprehensive trust value is the maximum value of 100. The suspected threshold equals 70. The abnormal threshold equals 50. As can be seen from Figure 3, the comprehensive trust of the normal users will have a certain volatility with the passage of time, but greater than the suspected threshold. Even occasionally appear in the suspected threshold below will slowly return to normal state. However, the comprehensive trust of the abnormal users decreased very quickly. Due to the abnormal behavior of the user, the overall trust level is lower than the suspected threshold and then below the abnormal threshold. Moreover, the abnormal user’s comprehensive trust recovery is very slow. Even return to the normal state because of the abnormal behavior making the comprehensive confidence once again reduced.

Figure 3.

Comparison of comprehensive trust between normal and abnormal users.

The change trend of four kinds of trust degree

The change trend of four kinds of trust degree is shown in Figure 4. As can be seen from Figure 4, when the user has abnormal behavior the degree of trust has declined rapidly, and the speed of the promotion is relatively slow, so that the user can achieve a strict evaluation, improve the safety of user information and resources. At the same time, in order to maintain the continuity of trust and increase the weight of the historical trust, it reflects the comprehensive trust and historical trust has a consistent trend. When the number of experiments increased, the two tended to be the same.

Figure 4.

The changing trend of trust degree.

Direct trust and recommendation trust have temporary features, so the value of the trust and recommendation is small. As can be seen from the results, these two values change significantly, but the results have little effect on the comprehensive trust, it can avoid false positives.

Different historical trust weights

It can be seen from Figure 5 that the comprehensive trust has different trends with different historical trust weights. When the weight value of the historical trust takes 0.9, the change of comprehensive trust is relatively flat, and it cannot fully reflect the effect of direct trust and recommendation trust. When the value of the history of the trust value of 0.5 and 0.6, the comprehensive degree of trust changes, cannot reflect the continuity of the trust value, it will lead to the wrong update of the list of trust. So this article takes the weight of historical trust for 0.7.

Figure 5.

The comprehensive trust with different historical trust weights.

Different response time of cloud platform

Through the statistical analysis of the last 30 days, abnormal users’ unlimited access to the cloud platform not only affects the security of the cloud platform but also occupies the cloud platform resources and thus reduces the response time of cloud platform. In the experiment, a faster response is obtained using the trust evaluation model to restrict the behavior of abnormal users. It can be seen from Figure 6.

Figure 6.

Different response time of cloud platform.

Comparison of abnormal detection rate

In order to evaluate the effect of the detection of abnormal users, we compared our model with model from the literature²⁴ and the pervasive trust management (PTM) model based on D-S theory. The simulation result is shown in Figure 7. Figure 7 indicates that the detection rate of our model is higher than that of the model from the literature²⁴ and PTM. The reason is that our model includes three factors: behavior (between the user and the cloud platform), interaction (between users and users), and historical inertia. The others model only deals with behavioral factors.

Figure 7.

Comparison of abnormal detection rate.

Conclusion

In this article, we proposed a novel trust evaluation model. Not only can this model make full use of the behavior data between the user and the cloud platform, it also includes interaction data between users and users and historical data. It can detect the state of a user according to the behavior trust. Compared with the evaluation model (which only focuses on the behavior data between the user and the cloud platform), our model has a higher abnormal detection rate. In addition, the trust value is calculated by a simple weighted average method. Therefore, it is light enough to fit well without great overheads. At the same time, a trust list can be constructed and updated dynamically by a trust evaluation model. Simulation results based on a simulation cloud of digital library show that the trust model could better monitor the status of users. Furthermore, the trust model has a better anomaly detection rate than the model from the literature²⁴ and PTM. We expect that our trust evaluation model can help to make cloud platform more secure.

The model in practical application and some problems to be solved, such as determination of clouds of user behavior and behavior trust contour optimization algorithm, are to be further studied. In addition, cloud platform of trust evaluation is our next step to do research. We will combine cloud platform trust and cloud user trust to provide a better trust strategy.

Footnotes

Acknowledgements

We express our thanks to person who checked our manuscript.

Handling Editor: Vinod Kumar Verma

Declaration of conflicting interests

The author(s) declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.

Funding

The author(s) disclosed receipt of the following financial support for the research, authorship, and/or publication of this article: This work was supported by the National Natural Science Foundation of China (61472137), the Science and Technology Project of Hebei Province (15210703), and the Fundamental Research Funds for the Central Universities (3142015022).

References

Modi

Patel

Borisaniya

et al . A survey on security issues and solutions at different layers of Cloud computing. J Supercomput 2013; 63(2): 561–592.

Lin

Meng

et al . loud computing security: architecture, mechanism and modeling. Chin J Comput 2013; 36(9): 1765–1784.

Chen

Tian

Yang

. Model and analysis of user behavior based on dynamic game theory in cloud computing. Acta Electron Sin 2011; 39(8): 1818–1823.

Lin

Huang

et al . Access control security model based on behavior in cloud computing environment. J Commun 2012; 33(3): 59–66.

Yan

Feng

Ai-Min

. Virtual machine anonymous attestation in cloud computing. J Software 2013; 24(12): 2897–2908.

Tian

Cao

. A cloud user behavior authentication model based on multi-partite graphs. In: Proceedings of the international conference on innovative computing technology, London, 29–31 August 2013, pp.106–112. New York: IEEE.

Patel

Taghavi

Bakhtiyari

et al . An intrusion detection and prevention system in cloud computing: a systematic review. J Netw Comput Appl 2013; 36(1): 25–41.

Lin

et al . A reliable recommendation and privacy-preserving based cross-layer reputation mechanism for mobile cloud computing. Future Gener Comp Sy 2015; 52(C): 125–136.

Anisetti

Ardagna

Damiani

. A certification-based trust model for autonomic cloud computing systems. In: Proceedings of the international conference on cloud and autonomic computing, London, 8–12 September 2014, pp.212–219. New York: IEEE.

10.

Xiong

Liu

Yao

et al . A secure data self-destructing scheme in cloud computing. IEEE Trans Cloud Comput 2015; 2(4): 448–458.

11.

Liu

Ning

Xiong

et al . Shared authority based privacy-preserving authentication protocol in cloud computing. IEEE T Parall Distr 2014; 26(1): 241–251.

12.

Zhou

Varadharajan

Hitchens

. Secure administration of cryptographic role-based access control for large-scale cloud storage systems. J Comput Syst Sci 2014; 80(8): 1518–1533.

13.

Chen

Wang

Jia

. A trust model using implicit call behavioral graph for mobile cloud computing. In: Wang

Ray

Feng

et al . (eds) Cyberspace safety and security. Berlin: Springer, 2013, pp.387–402.

14.

Zhao

et al . A method for trust quantification in cloud computing environments. Int J Distrib Sens N 2016; 2016(12): 15052614.

15.

Wang

Wen

Wang

et al . Cloud service evaluation model based on trust and privacy-aware. Optik: Int J Light Electron Opt 2017; 134: 269–279.

16.

Hajizadeh

Navimipour

. A method for trust evaluation in the cloud environments using a behavior graph and services grouping. Kybernetes 2017; 46(2): 1245–1261.

17.

Chiregi

Navimipour

. A new method for trust and reputation evaluation in the cloud environments using the recommendations of opinion leaders’ entities and removing the effect of troll entities. Comput Hum Behav 2016; 60: 280–292.

18.

Chiregi

Navimipour

. A comprehensive study of the trust evaluation mechanisms in the cloud computing. J Serv Sci Res 2017; 9(1): 1–30.

19.

Liu

Zhang

Yang

et al . Authorized public auditing of dynamic big data storage on cloud with efficient verifiable fine-grained updates. IEEE T Parall Distr 2014; 25(9): 2234–2244.

20.

Choi

Kim

. Ontology-based access control model for security policy reasoning in cloud computing. J Supercomput 2014; 67(3): 711–722.

21.

Kim

Sang

. Trust management on user behavioral patterns for a mobile cloud computing. Cluster Comput 2013; 16(4): 725–731.

22.

Zhou

Varadharajan

Hitchens

. Achieving secure role-based access control on encrypted data in cloud storage. IEEE T Inf Foren Sec 2013; 8(12): 1947–1960.

23.

Yan

Wang

et al . Flexible data access control based on trust and reputation in cloud computing. IEEE Trans Cloud Comput 2017; 5(3): 485–498.

24.

Zhang

Liu

. User behavior trust evaluation model based on the AHP algorithm. J Bioinform Intell Control 2015; 4(2): 106–110.

Trust evaluation model of cloud user based on behavior data

Abstract

Keywords

Introduction

Related work

Cloud user behavior analysis

New features of cloud users

Analysis behavior characteristics of cloud users

Trust evaluation model based on behavior data

Design of trust evaluation model

Analysis of cloud user behavior data

Calculation of direct trust

Calculation of recommendation trust

Calculation of comprehensive trust

Calculation of historical trust

Exception decision

Simulation results and analysis

Experimental environment

Experiment process

Determine the trusted behavior set

Calculation of direct trust

Calculation of recommendation trust

Calculation of comprehensive trust

Update historical trust

Experimental results

Comparison of comprehensive trust between normal and abnormal users

The change trend of four kinds of trust degree

Different historical trust weights

Different response time of cloud platform

Comparison of abnormal detection rate

Conclusion

Footnotes

Acknowledgements

Declaration of conflicting interests

Funding

References