Organizer: Prof. Johannes Buchmann, Moritz Horsch
Cloud computing enables on-demand scalable storage andcomputation, but threatens data protection. Long-term storage and securemulti-party computation can mitigate privacy risks. For these services to meetconfidentiality and availability requirements, evaluating the performance ofthe multiple cloud service providers involved in each service becomes crucialand can be achieved through trust scoring. Yet, in a peer-to-peer model,collusions among cloud service providers trying to increase their score can compromisethe requirements above.
In this talk we discuss the design of acollusion-resistant trust mechanism for the computation of accurate trustscores. The key insight is the formalization of this scenario through gametheory to characterize the behavior of cloud service providers during trustscoring. Thanks to the game-theoretical interpretation, we determine that, in arealistic multi-cloud application, the most cost-efficient solution formulti-party computation is hierarchical secret sharing rather than the commonlyused secret sharing scheme by Shamir. Based on our trust mechanism and themodel above, a brokerage service is provided that guides users to instantiate acost-efficient distributed storage system that meets confidentiality andavailability requirements. This mechanism ultimately enhances the security ofmulti-party computation and long-term storage in multi-cloud scenarios.