Cloud Security with Virtualized Defense and Reputation-based Trust Management

Internet clouds work as service factories built around web-scale datacenters. The elastic cloud resources and huge datasets processed are subject to security breaches, privacy abuses, and copyright violations. Provisioned cloud resources on-demand are especially vulnerable to cyber attacks. The cloud platforms built by Google, IBM, and Amazon all reveal this weaknesses. We propose a new approach to integrating virtual clusters, security-reinforced datacenters, and trusted data accesses guided by reputation systems. A hierarchy of P2P reputation systems is suggested to protect clouds and datacenters at the site level and to safeguard the data objects at the file-access level. Different security countermeasures are suggested to protect cloud service models: IaaS, PaaS, and SaaS, currently implemented by Amazon, IBM, and Google, respectively.