Project Details
Abstract
This project aims to study information security issues related to cloud computing, and
intends to propose new methods and accordingly make adjustments to the Service Level
Agreements (SLAs) between the two sides of cloud computing--service provider and user.
Kandukuri et al. (2009) point out the difficulties in ensuring information security for
cloud computing. It is essential that the service provider must clearly and comprehensively
state its security policies in the SLA. The SLA, however, remains hard to be accepted by
users if their critical information is stored in the cloud side. Therefore, this project intends to
propose new approaches for privacy protection that will enhance user acceptance toward the
SLA. Furthermore, digital signature is an important method for inspecting information
integrity and achieving signatories’non-repudiation. It is therefore necessary to study
methods that use two- and mutiple-stage digital signature, which are suitable for user-end
devices with low computing capability. This project further suggests that a business model
that eliminates the use of public key certificates for Public Key Infrastructures (PKI) is more
suitable for cloud computing.
The expected study period is three years. In the first year, this project plans to
investigate the information privacy issues and present new methods. Two basic ideas are: (1)
users control their information privacy by themselves through controlling critical information
for privacy protection such as cryptographic keys, and (2) when the user-side devices have
insufficient computing capabilities, another cloud service provider should offer critical
information security services. This provider must coordinate with the application service
provider with regard to information security functions.
In the second year, this project plans to study the methods of two- or multiple-stage
digital signature so that only part of the signature computation is executed at the user end,
with the rest executed by the cloud side. Alternatively, a specialized information security
cloud service can be set up for computing the remaining partial digital signatures.
In the third year, this project plans to study a business model that eliminates the use of
public key certificates for Public Key Infrastructures (PKI) and that, as a result, does not
require the user end to execute complicate computations.
Last, this project plans to make adjustments to SLAs according to our research results.
Exemplary SLAs including the adjustments, which are expected to bring about better user
acceptance, will also be presented.
Project IDs
Project ID:PF9907-7885
External Project ID:NSC99-2410-H182-025-MY2
External Project ID:NSC99-2410-H182-025-MY2
Status | Finished |
---|---|
Effective start/end date | 01/08/10 → 31/07/11 |
Keywords
- Multiple criteria decision analysis
- interval-valued fuzzy set
- optimism
- pessimism
- bipolarity
- point operator.
Fingerprint
Explore the research topics touched on by this project. These labels are generated based on the underlying awards/grants. Together they form a unique fingerprint.