CHAPTER-1 INTRODUCTION 1

CHAPTER-1
INTRODUCTION
1.1. INTRODUCTION
In the IaaS paradigm of cloud computing, computational resources are shared to reduce the cost of renting them, i.e., there exists multi-tenancy. As the communication channels and other resources are shared, this creates security and privacy issues. Examples of such problems are side-channel attacks, probe attacks, etc. 1, 2, 3. These security issues prevent some users from adopting cloud computing. To increase user’s trust on Cloud Providers (CP), the reputation of the CPs can be used 4, 5 as it helps users to choose an appropriate CP. A reputation management mechanism(RMM) aims to take account of the malicious and selfish behaviours of CPs and reflect this on their reputation 6. In this paper, we propose a robust RMM in the federated cloud with focus on multi-tenancy. In a multi-tenant cloud, a user depends on the CP for trustworthy co-tenants. In this paper we propose a novel reputation management mechanism that encourages the CPs to assign good co-tenants to a good user Reputation in the Federated Cloud: A federated cloud is constructed by contributions from several cloud providers and a virtual network request may be fulfilled by more than one cloud provider. In a federated cloud, a CP risks its own reputation as it shares its resources with other CPs (a virtual network request may span over the resources owned by several CPs). The problem in a virtual network may originate from the physical resources owned by other CPs. To evaluate the reputation of CPs, we can use the following form of feedback:
1) Feedback from CPs about other CPs: This form offeedback is hard to implement as CPs needs to share information about their own resources.

2) Feedback from the customers about CPs: It can be more easily obtained. But such information may be malicious and faulty. Also, as a virtual network may span over the resources owned by several CPs, it will be difficult for a customer to accurately identify the CP that is responsible for a fault.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

3) Feedback from the CPs about the users: This form of feedback is easy to obtain. A CP can monitor the activities of its customers and decide on whether or not a customer has bad intentions.

In this paper we use the third kind of feedback to evaluate the reputation of the CPs. It is possible to misreport such feedback. In this paper we propose a mechanism that encourages CPs to report correct feedback about the customers. CP’s reputation and multi-tenancy: Existing RMMs for cloud computing gather feedback from users and aggregate them to obtain reputations for the CPs. Also,
1) It attempts to differentiate between fair feedbacks from unfair feedback provided by the users 7 about the performance of the CPs.

2) It also differentiates between faults in the physical networks and the intentional activities of CPs that lead to disruption in the physical network. Therefore, faults (which are assumed to be beyond the control of the CP) do not impact reputations of CPs8.

In a contrast with existing RMMs, in this paper we propose a RMM with a focus on multi-tenancy. Sharing computational resources with others is the main concern of users as other co-tenants may be malicious. Note that,
1) The co-tenants of a user are anonymous. Hence, a user can not choose with whom it will share computational resources.

2) The user depends on the CP to assign good cotenants. Thus, from a user’s perspective, with the focus on cotenancy, it will have more trust in a CP if it differentiates between good and malicious users and if it does not allow them to share resources. Thus the capability and willingness of such differentiation between good and malicious users is the main parameter that decides the reputation of a CP. If a CP does not make such differentiation, then it should receive a low reputation when compared with another CP who makes such a differentiation. In this paper, we propose a RMM that considers the CP’s capability and willingness to make such differentiation among its users.It is in the CP’s interest that it gets maximum utilization of its resources. Hence, it allows maximum co-tenancy irrespective of the behaviours of the users. In this paper, we work on the federated cloud, where the physical network is contributed by multiple stakeholders and it is a connected graph. In the federated cloud, virtual network requests are mapped to the parts of the physical network owned by multiple CPs. Thus the CPs may collaborate to satisfy a virtual network requirement. Note that,
1) as the CPs collaborate to satisfy virtual network requests, it may happen that a CP, say CP1, does not differentiate between good and malicious users but another CP, say CP2, does the opposite. If CP1 and CP2 collaborate then, although CP2 does not intend, it may have to allow a good user to become a co-tenant with a malicious user as part of this collaboration with CP1.

2) Thus, the behaviour of a CP affects its collaborators. Hence, we make the following assumptions:
1) CPs share the information about multi-tenancy. Also this information can not be manipulated.

2) However, they may misreport the actual behavior of users.

Briefly, our RMM works as follows:
1) First, each CP distinguishes malicious users from good users and it should assign resources to them such that the following holds:
a) It must not allow any malicious user to become a co-tenant of a good user.

b) It may allow malicious users to share resources among themselves.

2) Next, the CPs share information about multi-tenancies.

3) Each CP reports the behaviour of users to the RMM.

4) A CP’s reputation is increased if the reputations of the users in each group of multi-tenant users are consistent, i.e., either their reputations increase or decrease. This means that if changes in the reputation of the users are similar, then the CPs must have correctly partitioned the good users from the malicious users and did not allow them to share resources. In the above model of our RMM, the motivation for misreporting the behaviour of users is as follows:
A CP gets better reputation if changes in the reputations of the users in each group of multi-tenant users are consistent.

Hence, it is in its interest to misreport the reputations of users in such a way that the changes in the reputations of the users in each group of multi-tenant users become consistent.

We use the following behavioural models of the CPs:
1) Rational CP: A rational CP always reports the true behaviour of the users.

2) Irrational CP: An irrational CP reports that a group of multi-tenant users are all good users or all malicious users irrespective of the actual behaviour of its users.

3) Opportunistic CP: An Opportunistic CP reports that a group of multi-tenant users are good users if the majority of them are actually good, otherwise it reports the opposite. In the presence of these three types of CPs, we show that,
1) Robustness: We analyse the robustness of the RMM. We use the notion of robustness in a normative system, as developed in 9. In this notion of robustness, it is assumed that a subset of agents in a normative multi-agent system always violate the norms. Given the fraction of such non-compliant agents, the multi-agent system is robust if it works properly as other agents remain compliant. In this paper, we use a similar notion of robustness. We show the demography of rational and irrational agents (with a majority of irrational agents) for which the proposed RMM remains functional.

2) Reputation of the CPs: We show that the reputations of the CPs who differentiate between good and malicious users, and do not allow them to share resources, increase compared with the CPs who do not make such differentiation.

3) Reputation of the users: We show that, a good user gets better reputation than a malicious user.

A federated cloud (also called cloud federation) is the deployment and management of multiple external and internal cloud computing services to match business needs.  A federation is the union of several smaller parts that perform a common action. Cloud Federation refers to the unionization of software, infrastructure and platform services from disparate networks that can be accessed by a client via the internet. The federation of cloud resources is facilitated through network gateways that connect public or external clouds, private or internal clouds (owned by a single entity) and/or community clouds (owned by several cooperating entities); creating a hybrid cloud computing environment. It is important to note that federated cloud computing services still rely on the existence of physical data centers.In this study, we propose an enhancement on trust management framework in federated cloud environment where it is solely upon to the trust results value. In this case, we focus on the resolution where there is the case that the attackers forging multiple identities and refute the final value of trust by falsifying its feedback reputation. It is formally known as Sybil attack 2. Thus, the final trust value based on the accumulative results cannot be considered as only a determination factor in order to decide either the cloud service provider is trusted or not. This study focuses on how to nullifying those false reputations into the CSP. Hence, the Sybil attack will not significantly affect the final trust value.

Figure 1: Federated Cloud
1.2. Objective Of The Project
A Strong reputation management mechanism that encourages the cps in a federated cloud to differentiate between good and malicious users and assign resources in such a way that they do not share resources.

1.3. Scope Of The Project
We show the correctness and the efficiency of the proposed reputation management system using analytical and experimental analysis. The scope of the project is very vast as anyone with having to the internet can access the file and can perform the operations.it gains maximum users over the world.

1.4. Contributions
The main contributions of these thesis is are summarized below.

Contribution 1: In first contribution, will begin with a general proposed trust model,then we don’t use the trust directly to identify malicious users,but to feed the reputation system model.

Contribution 2: In 2nd contribution, to prove the efficiency of our proposed reputation system model.In the 1st part of contribution we will add refinement to the last efficiency model of the 1st contribution. Globally, the refinement consists in the idea of pre-trusted users and the privilege users. To make our idea more clear, we apply it to the file allocation in cloud computing and file sharing in user to another user. We will simulate our new proposed models and we will show the efficiency of new ideas in terms of reducing the file loss, security (safety) of the file execution and the file sharing..Contribution 3: In the third contribution, we will focus on the optimization of the reputation and trust system: the optimization of controlling uesrs behaviors. Reputation attestation: RRMT records and determines user reputations as user activities accumulate with access to successive cloud computing sessions and provides proof of the reputation. The proof assures the credibility of the reputation, ensuring that the reputation indeed belongs to its owner. The proof also guarantees nonrepudiation; that is, a user cannot deny the reputation assigned to them. As such, the proof ensures unforgeability. Users cannot promote their reputation without the authorization of the idp. The introduction of a reputation does not affect the anonymity of users.

Contribution 4: Unlike the first contribution which will be based on the trust entity, this fourth contribution will be focusing on secure reputation management. We will study and validate the convergence of our proposal in two types of users. To study more and more this distributed reputation management, we will test different strategies that can be used by forceful peers in our system. We show the performance of strategies under different types of graphs, scale free, random etc .We will affirm that forceful peers can manipulate the opinions and affect the final result.
1.5.Organization Of The Thesis
This thesis is organized into the following eight chapters
Chapter 1 will provides introduction to the research namely a strong reputation management mechanism in the federated cloud . The research objective adopted to achieve the goals of research are also described.

Chapter 2 will covers background work related to thesis.

Chapter 3 will discuss the requirements of the system work efficiently to accomplish their purpose and what the system should do. And implementation of entire project description and it represents the workflow of transitions.
Chapter 4 will discuss the simulation results of different scenarios are presented. The data were collected and then analysed to accomplish the objective of the thesis.

Chapter 5 will discuss how the system should be built and used.

Chapter 6 will propose testing is to discover errors. Testing is the process of trying to discover every conceivable fault or weakness in a work product.

Chapter 7 will propose a complete analysis of the proposed strategies used by two forceful users. We will show the performance and the impact in graph.

Chapter 8 will conclude the manuscript about the contributions of the thesis and will propose some future directions.

CHAPTER-2
LITERATURE SURVEY
E. Ayday And F. Fekri, Has Targeted To Facilitate The Research Of “Robust Reputation Management Using Probabilistic Message Passing”
In a typical reputation management system, after each transaction, the buyer (who receives a service or purchases a product) provides its report/rating about the quality of the seller for that transaction. In such a system, the problem of reputation management is to compute two sets of variables: 1. the (global) reputation parameters of entities who act as sellers, and 2. the trustworthiness parameters of the entities who act as the raters (i.e., buyers). In this paper, for the first time, we introduce an iterative probabilistic method for reputation management. The proposed scheme, referred to as RPM, relies on a probabilistic message passing algorithm in the graph-based representation of the reputation management problem on an appropriately chosen factor graph. In the graph representation of the problem, the sellers and buyers are arranged as two sets of variable and factor nodes, respectively, that are connected via some edges. Then, the reputation and trustworthiness parameters are computed by a fully iterative and probabilistic message passing algorithm between these nodes in the graph. We provide a detailed evaluation of RPM via computer simulations. We observe that RPM iteratively reduces the error in the reputation estimates of the sellers due to the malicious raters. Finally, comparison of RPM with some well- known and commonly used reputation management techniques (e.g., Averaging Scheme, Bayesian Approach and Cluster Filtering) indicates the superiority of the proposed scheme both in terms of robustness against attacks (e.g., ballot-stuffing, bad-mouthing) and computational efficiency.

M. Feldman, K. Lai, I. Stoica, And J. Chuang, At All Studied “Robust Incentive Techniques For Peer-To-Peer Networks”
Lack of cooperation (free riding) is one of the key problems that confronts today’s P2P systems. What makes this problem particularly difficult is the unique set of challenges that P2P systems pose: large populations, high turnover, asymmetry of interest, collusion, zero-cost identities, and traitors. To tackle these challenges we model the P2P system using the Generalized Prisoner’s Dilemma (GPD), and propose the Reciprocative decision function as the basis of a family of incentives techniques. These techniques are fully distributed and include: discriminating server selection, maxflowbased subjective reputation, and adaptive stranger policies. Through simulation, we show that these techniques can drive a system of strategic users to nearly optimal levels of cooperation.

R. Ko, P. Jagadpramana, M. Mowbray, S. Pearson, M. Kirchberg, Q. Liang, And B. S. Lee,At All Studied “Trustcloud: A Framework For Accountability And Trust In Cloud Computing
The key barrier to widespread uptake of cloud computing is the lack of trust in clouds by potential user
While preventive controls for security and privacy are actively researched, there is still little focus on detective controls related to cloud accountability and audit ability. The complexity resulting from large-scale virtualization and data distribution carried out in current clouds has revealed an urgent research agenda for cloud accountability, as has the shift in focus of customer concerns from servers to data. This paper discusses key issues and challenges in achieving a trusted cloud through the use of detective controls, and presents the Trust Cloud framework, which addresses accountability in cloud computing via technical and policy-based approaches.

Talal H. Noor And Quan Z. Sheng, Has Studied “Credibility-Based Trust Management For Services In Cloud Environments”
Trust management is one of the most challenging issues in the emerging cloud computing. Although many approaches have been proposed recently for trust management in cloud environments, not much attention has been given to determining the credibility of trust feedbacks. Moreover, the dynamic nature of cloud environments makes guaranteeing the availability of trust management services a difficult problem due to the unpredictable number of cloud consumers. In this paper, we propose a framework to improve ways on trust management in cloud environments. In particular, we introduce a credibility model that not only distinguishes between credible trust feedbacks, but also has the ability to detect the malicious trust feedbacks from attackers. We also present a replication determination model that dynamically decides the optimal replica number of the trust management service so that the trust management service can be always maintained at a desired availability level. The approaches have been validated by the prototype system and experimental results.

X. Sun, G. Chang, And F. Li, Has Targeted To Facilitate The Research Of “A Trust Management Model To Enhance Security Of Cloud Computing Environments”
With the proliferation of cloud computing, the way of reasonable establishment of trust relationship among entities, as a vital part for forming security mechanism in cloud computing environments, is attracting increasing attention. This article introduces a trust management model based on fuzzy set theory and named TMFC including direct trust measurement and computing, connecting, and trust chain incorporating where the issue of recommended trust similarity has been addressed to prevent the behavior of associated cheat of middle nodes. And this model is geared toward the cloud users who are making their decision on whether to use services of some cloud computing providers by giving them trust evaluation sets about providers and then building reasonable trust relationship between them. Our motivation is trying to propose a new idea and method on trust management in cloud computing and further studies are still required to justify the rationality and practicability of this model.

CHAPTER 3
SYSTEM ANALYSIS
3.1. Existing System
Cloud computing is internet based computing which enables sharing of services. Many users place their data in the cloud. However, the fact that users no longer have physical possession of the possibly large size of outsourced data makes the data integrity protection in cloud computing a very challenging and potentially formidable task, especially for users with constrained computing resources and capabilities. So correctness of data and security is a prime concern. This article studies the problem of ensuring the integrity and security of data storage in Cloud Computing. Security in cloud is achieved by signing the data block before sending to the cloud. Using Cloud Storage, users can remotely store their data and enjoy the on-demand high quality applications and services from a shared pool of configurable computing resources, without the burden of local data storage and maintenance. However, the fact that users no longer have physical possession of the outsourced data makes the data integrity protection in Cloud Computing a formidable task, especially for users with constrained computing resources.
Moreover, users should be able to just use the cloud storage as if it is local, without worrying about the need to verify its integrity. Thus, enabling public auditability for cloud storage is of critical importance so that users can resort to a third party auditor (TPA) to check the integrity of outsourced data and be worry-free. To securely introduce an effective TPA, the auditing process should bring in no new vulnerabilities towards user data privacy, and introduce no additional online burden to user. In this paper, we propose a secure cloud storage system supporting privacy-preserving public auditing. We further extend our result to enable the TPA to perform audits for multiple users simultaneously and efficiently. Extensive security and performance analysis show the proposed schemes are provably secure and highly efficient.

3.2. Problem Statement
In federated cloud computing, users and computational agents and services often interact with each other without having sufficient assurances about the behavior of the resource they entrust their data and applications with. There are ample benefits for federated computing clouds in a uniform way while respecting their autonomy. For example, the federated clouds will enable users to solve large-scale computational and data intensive problems in science, engineering, and commerce. These benefits have inspired research in creating mechanisms and protocols for interlinking exiting Grids across multi-site in a coordinated manner.A federated system composed of autonomous distributed systems can pose several risks to the user communities. In federated cloud environment, information such as resource provider’s competence, honesty, availability, quality of service and reputation will influence the selection of the cloud provider to transact with. However, there is often insufficient information for deciding which resources to use. As the scope of federated cloud computing enlarges to ubiquitous and pervasive computing, there will be a need to assess and maintain the reputation of the entities. It is necessary to create a reputation manager that could capture and efficiently store the behaviour of entities, while being able to update it with new information if possible.

A reputation system should have efficient representation of reputation as well as efficient mechanism for updating reputation and integrating efficiently the ratings of others. The quality of a reputation system depends on the integrity of the feedback ratings it receives as input. Due to the possible existence of subverted services, a trust entity for clouds faces the problem of integrating dishonest ratings. Thus, the challenge is how to systematically incorporate feedbacks collected from other clouds into computing trustworthiness of a given service.

A fundamental problem is that a subverted cloud provider can rate an entity more positively or more negatively than the real experience with the agent would dictate. Thus, a false recommendation can result in committing a transaction with untrustworthy peers or avoiding a transaction with trustworthy peers. Therefore, effective protection against unfair ratings is a basic requirement and is an integral part of a robust reputation system.

3.3. Proposed System
Informally the RMM is as follows:
1) There is a finite number of CPs and a finite number of users. It is assumed that each CP hosts virtual network request from all users. There are three types of CPs,
(a) Rational CP,
(b) Irrational CP and
(c)Opportunistic CP. There are two types of users,
(a) good user: one who does not cause any security or privacy issues and
(b) malicious user: one who causes security and privacy issues. A malicous cotenant may create various security problems such as side channel attack (attack based on the physical implementation of the network), DOS attack , Network probe attack (attack to find the topology of the network). We assume that if a CP hosts a user then it can monitor the user’s activities and recognize whether it is malicious or not.

2) a) each CP labels each user as either a good user or a malicious user.

b) It assigns virtual resources to the users.

c) The users are partitioned in groups such that in each group all users share resources with each other, i.e., they are multi-tenant.

d) Each CP announces partitions over the users, i.e., they announce the multi-tenancy information to the RMM.

3) Next,CPs monitor activities of the users and report it to the RMM. A CP can either provide a positive or a negative vote for a user. It will be assumed that the federated cloud infrastructure will provide the RMM with the means of communication with the individual CPs and using such communication channels CPs regularly provide feedback (i.e., positive or negative vote about the users) to the RMM.

3.4. System Configuration
Hardware Requirements
RAM : 4GB
Hard Disk : 1TB
Software Requirements
Operating System : Windows
Technology : Java and J2EE
Web Technologies : Html, JavaScript, CSS
IDE : My Eclipse
Web Server : Tomcat
Database: My SQL
Java Version : J2SDK 1.8
3.4. Modules
After careful analysis the system has been identified to have the following
1. End User
2. Owner
3. Cloud Provider
4. Feedback Formulation
5. Chart Representation
6. File upload and Download
End User
The data consumer (User) is assigned a global user identity Uid .The user possesses a set of attributes and is equipped ,end user give request for file accessing request,after geting a permisson from user,they can download the any file.end user give review and recommendation based on cloud providing features.

Owner
Owner module, owner can bought a cloud space from particular cloud provider,they can upload any files and images to cloud, owner can view the good and bad user based on user reviews and rating, user can view the other owner reviews and recommendation,owner can give the cloud performance reviews and ratings always.

Cloud Provider
Cloud provider is a super user the can view the all the user and owner details including user and admin review and rating, cloud server show the user details, cloud provider increase the performance based on user rating and recommendation, cloud provider give a authentication for user .
Feedback Formulation
Generally collection and feedback formulation is the first in reputation system.a reputation feedback will be used to determine the trust level of cloud service provider.this is done by cloud consumer that will give a reputation based on their expirence of cloud service.if the services requested are successful it will give the csp a trust value of +1,otherwise the reputation of csp will be deducted by 1.

Chart Representation
Chart module based on user and owner rating and reviews ,if any cloud providers got a ratings means it will show through chart,using for different chats based on rating, for example bar chart.

File upload and Download
User can upload any file, after uploading file user can provide correct authentication details they can view or download protect user data with different security levels, and provide multilevel access control and valid identity authentication.

CHAPTER -4
SYSTEM DESIGN
4.1. System Architecture
(1) Each cp groups the users into sets of multi-tenants.

(2) Performance and activities of all users are monitored.

(3) Based on these observations the cps vote (positive or negative) on each user.

(4) Finally, based on the change in the reputation of each user in a group the reputation of the CP’s are changed.

Figure 2: Reputation Management System
4.2.DATA FLOW DIAGRAMS
A Data Flow Diagram is a graphical representation of the “flow” of data through an information system, modeling its process aspects. Often they are a preliminary step used to create an overview of the system which can later be elaborated. DFD’s can also be used for the visualization of data processing.

4.2.1.Data Flow Diagram At Level O
The step by step taken in the phase of input to output processing of data is shown in this diagram. initially the data owner has to get register to the cloud server (CS1,CS2,CS3,CS4).

Fig 3: Level 0 Data Flow Diagram
4.2.2.Data Flow Diagram At Level 1
The step by step taken the phase of Data owner will login to the corresponding cloud server he got registered. Trust manager provides login authorization for both data owner and the end user. Trust manager can view all the cloud status.

Fig 4: Level 1 Data Flow Diagram
4.2.3.Data Flow Diagram At Leve 2
The step by step taken in this phase is to Download the file the cloud consumer has to request the file to particular cloud server .Cloud server can perform the verification of the file name and secret key which is provided by data owner.After that Cloud server can provide the authorization to the cloud consumer.

Fig 5: Level 2 Data Flow Diagram
4.3.UNIFIED MODELING LANGUAGE
The Unified Modeling Language allows the software engineer to express an analysis model using the modeling notation that is governed by a set of syntactic semantic and pragmatic rules. A UML system is represented using five different views that describe the system from distinctly different perspective.

4.3.1.Usecase Diagram

Fig 6: Usecase Diagram
A use case diagram is a dynamic or behavior diagram in UML. Use case diagrams model the functionality of a system using actors and use cases.for example data owner is the actor.actor interacts with another based on functionalities like register,login etc.

4.3.2. Class Diagram

Fig 7: Class Diagram
A Class is a blueprint that is used to create Object. The Class defines what object can do. Class Diagram gives the static view of an application.Essential elemements of class diagram are class,attributes,operations. Classes are interrelated to each other in specific ways by using Dependencies,Generalizations,Association. A class diagram can show the relationships between each object in reputation management system including classes cloud server,data owner,trust manager,user which describe the aspect of the system.for example here cloud server is the class.view cloud files , view registred users are the attributes of the class which describes the qualities of the class.based on these attributes the class can perform operations like file name,public key,secret key etc4.3.3. Object Diagram

Fig 8:Object Diagram
Object diagram represent an instance of a class diagram.the purpose of object diagram is static view of a system but this static view is a snapshot of the system at a particular moment.for example data owner is the one of the class and register,login,browse etc are constraints of the class.

4.3.4. Sequence Diagram

Fig 9:Sequence Diagram
A sequence diagram simply depicts interaction between objects in a sequential order i.e. the order in which these interactions take place. The vertical axis represents time proceedings (or progressing) down the page. Time in a sequence diagram is all a about ordering, not duration. For example Data owner is the one of the object.before going to upload file he should register first.data owner request to cloud server.Then cloud server confirm the registred request and send response message to data owner.data owner can check the allncloud details itself.

4.3.5. Collaboration Diagram

Fig 10:Collabartion Diagram
Collaboration diagrams convey the same information as sequence diagrams, but focus on object roles instead of the times that messages are sent. In the collaboration diagram, the method call sequence is indicated by some numbering technique. The number indicates how the methods are called one after another.here data owner is the object.the object message passing to cloud server.view cloud file constraint that the relationship between among them.

4.3.6. State chart Diagram

Fig 11:State Chart Diagram
A Statechart diagram describes a state machine. State machine can be defined as a machine which defines different states of an object and these states are controlled by external or internal events. Statechart diagram describes the flow of control from one state to another state. The most important purpose of Statechart diagram is to model lifetime of an object from creation to termination.data owner is the state.register is the event based on this the data owner can perform some reactive events like login,browse,upload etc.

4.3.7. Activity Diagram

Fig 12:Activity Diagram
Activity diagram is basically a flowchart to represent the flow from one activity to another activity. The activity can be described as an operation of the system. This flow can be sequential, branched, or concurrent.the activity process start with browse operation and end with trust manager.

4.3.8. Component Diagram

Fig 13:.Component Diagram
Component diagrams are used to visualize the organization and relationships among components in a system. These diagrams are also used to make executable systems.for example cloud server is the component is implemented depends on view cloud file,view registred users etc4.3.9. Deployment DiagramDeployment diagrams are used to visualize the topology of the physical components of a system, where the software components are deployed.for example trust manager is node.provide login authorization,view cloud trust,view all feedbacks are connects to the application using trust manager.

Fig 14:Deployment Diagram
CHAPTER -5
IMPLEMENTATION
5.1. METHOD OF IMPLEMENTATION(SE)
MySql:
MySQL is a fast, easy to use relational database. It is currently the most popular open-source database. It is very commonly used in conjunction with PHP scripts to create powerful and dynamic server-side applications.MySQL is used for many small and big businesses. It is developed, marketed and supported by MySQL AB, a Swedish company. It is written in C and C++.

MySQL Features:
Relational Database Management System (RDBMS): MySQL is a relational database management system.

Easy to use: MySQL is easy to use. You have to get only the basic knowledge of SQL. You can build and interact with MySQL with only a few simple SQL statements.

It is secure: MySQL consist of a solid data security layer that protects sensitive data from intruders. Passwords are encrypted in MySQL.

Client/ Server Architecture: MySQL follows a client /server architecture. There is a database server (MySQL) and arbitrarily many clients (application programs), which communicate with the server; that is, they query data, save changes, etc.

Free to download: MySQL is free to use and you can download it from MySQL official website.

It is scalable: MySQL can handle almost any amount of data, up to as much as 50 million rows or more. The default file size limit is about 4 GB. However, you can increase this number to a theoretical limit of 8 TB of data.

Compatibale on many operating systems: MySQL is compatible to run on many operating systems, like Novell NetWare, Windows* Linux*, many varieties of UNIX* (such as Sun* Solaris*, AIX, and DEC* UNIX), OS/2, FreeBSD*, and others. MySQL also provides a facility that the clients can run on the same computer as the server or on another computer (communication via a local network or the Internet).

Allows roll-back: MySQL allows transactions to be rolled back, commit and crash recovery.

High Performance: MySQL is faster, more reliable and cheaper because of its unique storage engine architecture.
High Productivity: MySQL uses Triggers, Stored procedures and views which allows the developer to give a higher productivity.

Need for MYSQL:
Open Source values and methodology with a successful business model.The MYSQL software delivers a very fast, multi threaded, multi user and robust SQL(Structured Query Language) data base server.Users can choose to use the MYSQL software as an open source product. MYSQL the most popular open source data base management system, is developed, distributed and supported by MYSQL AB.MYSQL AB is a commercial company ,founded by the MYSQL developers.It is a second generation pen source company that unites.

Example To Create Data Base:
<html>
<head>
<title>Creating MySQL Database</title>
</head>
<body>
<?php
$dbhost = ‘localhost:3036’;
$dbuser = ‘root’;
$dbpass = ‘rootpassword’;
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn ) {
die(‘Could not connect: ‘ . mysql_error());
}
echo ‘Connected successfully<br />’;
$sql = ‘CREATE DATABASE TUTORIALS’;
$retval = mysql_query( $sql, $conn );
if(! $retval ) {
die(‘Could not create database: ‘ . mysql_error());
}
echo “Database TUTORIALS created successfully
“;
mysql_close($conn);
?>
</body>
</html>

Fig 15: MySql Command Prompt
Tomcat 7.07.0 web server
Tomcat is an open source web server developed by Apache Group. Apache Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and Java Server Pages technologies. The Java Servlet and Java Server Pages specifications are developed by Sun under the Java Community Process. Web Servers like Apache Tomcat support only web components while an application server supports web components as well as business components (BEAs Weblogic, is one of the popular application server).To develop a web application with jsp/servlet install any web server like JRun, Tomcat etc to run your application.

Fig 16: Tomcat Webserver
HTML
Hypertext Markup Language (HTML), the languages of the World Wide Web (WWW), allows users to produces Web pages that include text, graphics and pointer to other Web pages (Hyperlinks).HTML is not a programming language but it is an application of ISO Standard 8879, SGML (Standard Generalized Markup Language), but specialized to hypertext and adapted to the Web. The idea behind Hypertext is that instead of reading text in rigid linear structure, we can easily jump from one point to another point. We can navigate through the information based on our interest and preference. A markup language is simply a series of elements, each delimited with special characters that define how text or other items enclosed within the elements should be displayed. Hyperlinks are underlined or emphasized works that load to other documents or some portions of the same document.

HTML can be used to display any type of document on the host computer, which can be geographically at a different location. It is a versatile language and can be used on any platform or desktop.HTML provides tags (special codes) to make the document look attractive. HTML tags are not case-sensitive. Using graphics, fonts, different sizes, color, etc., can enhance the presentation of the document. Anything that is not a tag is part of the document itself.

Basic HTML Tags
<!– –>Specifies comments
<A>……….</A>Creates hypertext links
<B>……….</B>Formats text as bold
<BIG>……….</BIG> Formats text in large font.

<BODY>…</BODY> Contains all tags and text in the HTML document
<CENTER>…</CENTER> Creates text
<DD>…</DD>Definition of a term
<DL>…</DL>Creates definition list
<FONT>…</FONT> Formats text with a particular font
<FORM>…</FORM>Encloses a fill-out form
<FRAME>…</FRAME> Defines a particular frame in a set of frames
<H#>…</H#>Creates headings of different levels
<HEAD>…</HEAD> Contains tags that specify information about a document
<HR>…</HR>Creates a horizontal rule
<HTML>…</HTML> Contains all other HTML tags
<META>…</META>Provides meta-information about a document
<SCRIPT>…</SCRIPT> Contains client-side or server-side script
<TABLE>…</TABLE> Creates a table
<TD>…</TD>Indicates table data in a table
<TR>…</TR>Designates a table row
<TH>…</TH>Creates a heading in a table
ECLIPSE
In the context of computing, Eclipse is an integrated development environment (IDE) for developing applications using the Java programming language and other programming languages such as C/C++, Python, PERL, Ruby etc.The Eclipse platform which provides the foundation for the Eclipse IDE is composed of plug-ins and is designed to be extensible using additional plug-ins. Developed using Java, the Eclipse platform can be used to develop rich client applications, integrated development environments and other tools. Eclipse can be used as an IDE for any programming language for which a plug-in is available.

The Java Development Tools (JDT) project provides a plug-in that allows Eclipse to be used as a Java IDE, PyDev is a plugin that allows Eclipse to be used as a Python IDE, C/C++ Development Tools (CDT) is a plug-in that allows Eclipse to be used for developing application using C/C++, the Eclipse Scala plug-in allows Eclipse to be used an IDE to develop Scala applications and PHPeclipse is a plug-in to eclipse that provides complete development tool for PHP.

About Eclipse Workspace
The eclipse workspace contains resources such as
Projects
Files
Folders
The workspace has a hierarchical structure. Projects are at the top level of the hierarchy and inside them you can have files and folders. Plug-ins use an API provided by the resources plug-in to manage the resources in the workspace.

Parts of Eclipse Window
An eclipse perspective is the name given to an initial collection and arrangement of views and an editor area. The default perspective is called java. An eclipse window can have multiple perspectives open in it but only one perspective can be active at any point of time. A user can switch between open perspectives or open a new perspective. A perspective controls what appears in some menus and tool bars. A perspective has only one editor area in which multiple editors can be open. The editor area is usually surrounded by multiple views. In general, editors are used to edit the project data and views are used to view the project metadata. For example, the package explorer shows the java files in the project and the java editor is used to edit a java file. The eclipse window can contain multiple editors and views but only one of them is active at any given point of time. The title bar of the active editor or view looks different from all the others. The UI elements on the menu bar and tool bar represent commands that can be triggered by an end user.

Fig 17: Parts of an Eclipse Window
XamppXAMPP is a free and open source cross-platform web server solution stack package developed by Apache Friends, consisting mainly of the Apache HTTP Server, Maria DB database, and interpreters for scripts written in the PHP and Perl programming languages. XAMPP stands for Cross-Platform (X), Apache (A), MariaDB (M), PHP (P) and Perl (P). It is a simple, lightweight Apache distribution that makes it extremely easy for developers to create a local web server for testing and deployment purposes. Everything needed to set up a web server – server application (Apache), database (MariaDB), and scripting language (PHP) – is included in an extractable file. XAMPP is also cross-platform, which means it works equally well on Linux, Mac and Windows. Since most actual web server deployments use the same components as XAMPP, it makes transitioning from a local test server to a live server extremely easy as well.

What’s Included in Xampp?
XAMPP has four primary components. These are:
1. Apache: Apache is the actual web server application that processes and delivers web content to a computer. Apache is the most popular web server online, powering nearly 54% of all websites.

2. MySQL: Every web application, howsoever simple or complicated, requires a database for storing collected data. MySQL, which is open source, is the world’s most popular database management system. It powers everything from hobbyist websites to professional platforms like WordPress. You can learn how to master PHP with this free MySQL database for beginners course.

3. PHP: PHP stands for Hypertext Preprocessor. It is a server-side scripting language that powers some of the most popular websites in the world, including WordPress and Facebook. It is open source, relatively easy to learn, and works perfectly with MySQL, making it a popular choice for web developers.

4. Perl: Perl is a high-level, dynamic programming language used extensively in network programming, system admin, etc. Although less popular for web development purposes, Perl has a lot of niche applications.

Importance of XamppA special tool is provided to password-protect themost important parts of the package. XAMPP also provides support for creating and manipulating databases in MariaDB and SQLite among others. Once XAMPP is installed, it is possible to treat a localhost like a remote host by connecting using an FTP client.

What is the Benefit of Xampp Server with Localhost.?Both servers have their equal importance, as a live server is used to keep our website data and make it live or visible to all the users across the world.But we can’t perform more testing work on the live server as it can create a massive traffic and load to the live server thus may result in a hang or stuck our website. So for testing work or update work for our website we need a server similar to our live server(live server also have Xampp or Wamp installed). So Xampp is the best option for achieving this.So for testing work or update work for our website we need a server similar to our live server(live server also have Xampp or Wamp installed). So Xampp is the best option for achieving this.It is an open source software and you can easily download and install it on your local machine.Once you install this on your local machine then you can perform any number of test or updations to your website.

5.2.CODINGView User Services
<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Transitional//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd”>
<html xmlns=”http://www.w3.org/1999/xhtml”>
<head>
<title></title>
<meta http-equiv=”Content-Type” content=”text/html; charset=utf-8″ />
<link href=”css/style.css” rel=”stylesheet” type=”text/css” />
<link rel=”stylesheet” type=”text/css” href=”css/coin-slider.css” />
<script type=”text/javascript” src=”js/cufon-yui.js”></script>
<script type=”text/javascript” src=”js/cufon-quicksand.js”></script>
<script type=”text/javascript” src=”js/jquery-1.4.2.min.js”></script>
<script type=”text/javascript” src=”js/script.js”></script>
<script type=”text/javascript” src=”js/coin-slider.min.js”></script>
<style type=”text/css”>
<!–
style1 {color: #0000FF}
–>
</style>
</head>
<body>
<div class=”main”>
<div class=”header”>
<div class=”header_resize”>
<div class=”logo”>
</div>
<div class=”searchform”>
<form id=”formsearch” name=”formsearch” method=”post” action=”#”>
<span>
<input name=”editbox_search” class=”editbox_search” id=”editbox_search” maxlength=”80″ value=”Search our ste:” type=”text” />
<div class=”article”>
<p>&nbsp;</p>
<br />
<form name=”form1″ method=”post” action=”viewuserservice1.jsp”>
<table width=”371″ border=”0″ align=”center”>
<tr>
<td><strong>Select the Service</strong></td>
<td><label>
<select name=”t1″>
<option >–Select–</option>
<option>SaaS</option>
<option>Paas</option>
<option>Iaas</option>
</select>
</label></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
</tr>
<tr>
<td>&nbsp;</td>
<td><label>
<input type=”submit” name=”Submit” value=”Submit”>
</label></td>
</tr>
</table>
<h2 class=”style1″>View Users on Services</h2>
</form>
</div>
</div>
</div>
<div class=”article”>
<h2>&nbsp;</h2>
<div class=”clr”></div>
</div>
</div>
<div class=”sidebar”>
<div class=”gadget”>
<h2 class=”star”>Menu Operations </h2>
<div class=”clr”></div>
<ul class=”sb_menu”>
<li><a href=”viewpos.jsp”>List +ve Feedbacks</a></li>
<li><a href=”viewneg.jsp”>List -ve Feedbacks</a></li>
<li><a href=”listallusers1.jsp”>List All Users</a></li>
<li><a href=”listallcontent.jsp”>List All Content Attackers</a></li>
<li><a href=”listalluserdownloads.jsp”>List All User Downloads</a></li>
</ul>
</div>
</div>
<div class=”clr”></div>
</div>
<div class=”fbg”>
<div class=”fbg_resize”>
<div class=”col c1″>
<h2>&nbsp;</h2>
</div>
<div class=”col c2″>
<h2>&nbsp;</h2>
</div>
<div class=”col c3″>
<h2>&nbsp;</h2>
</div>
<div class=”clr”></div>
</div>
</div>
<div class=”footer”>
<div class=”footer_resize”>
<p class=”lf”>.</p>
<div style=”clear:both;”></div>
</div>
</div>
</div>
<div align=center></div>
</body>
</html>
</div>
CHAPTER -6
TESTING & VALIDATION
6.1.TESTINGThe purpose of testing is to discover errors. Testing is the process of trying to discover every conceivable fault or weakness in a work product. It provides a way to check the functionality of components, sub assemblies, assemblies and/or a finished product It is the process of exercising software with the intent of ensuring that the Software system meets its requirements and user expectations and does not fail in an unacceptable manner. There are various types of test. Each test type addresses a specific testing requirement.

6.2.TESTING METHODOLOGIES
The following are the Testing Methodologies
Unit Testing.

Integration Testing.

User Acceptance Testing.

Output Testing.

Validation Testing.

Unit Testing
Unit testing focuses verification effort on the smallest unit of Software design that is the module. Unit testing exercises specific paths in a module’s control structure to ensure complete coverage and maximum error detection. This test focuses on each module individually, ensuring that it functions properly as a unit. Hence, the naming is Unit Testing.During this testing, each module is tested individually and the module interfaces are verified for the consistency with design specification. All important processing path are tested for the expected results. All error handling paths are also tested.

Integration Testing
Integration tests are designed to test integrated software components to determine if they actually run as one program. Testing is event driven and is more concerned with the basic outcome of screens or fields. Integration tests demonstrate that although the components were individually satisfaction, as shown by successfully unit testing, the combination of components is correct and consistent. Integration testing is specifically aimed at exposing the problems that arise from the combination of components.

User Acceptance Testing
User Acceptance of a system is the key factor for the success of any system. The system under the consideration is tested for user acceptance by constantly keeping in touch with the prospective system users at the time of developing and making changes wherever required. The system developed provides a friendly
User Output Testing
After performing the validation testing, the next step is output testing of the proposed system, since no system could be useful if it does not produce the required output in the specified format. Asking the users about the format required by them tests the outputs generated or displayed by the system under consideration. Hence the output format is considered in 2 ways – one is on screen and another in printed format.

Validation Checking
Validation checks are performed on the following fields.

Text Field
The text field can contain only the number of characters lesser than or equal to its size. The text fields are alphanumeric in some tables and alphabetic in other tables. Incorrect entry always flashes and error message.

Numeric Field
The numeric field can contain only numbers from 0 to 9. An entry of any character flashes an error messages. The individual modules are checked for accuracy and what it has to perform. Each module is subjected to test run along with sample data. The individually tested modules are integrated into a single system. Testing involves executing the real data information is used in the program the existence of any program defect is inferred from the output. The testing should be planned so that all the requirements are individually tested.A successful test is one that gives out the defects for the inappropriate data and produces and output revealing the errors in the system.
Preparation of Test Data
Taking various kinds of test data does the above testing. Preparation of test data plays a vital role in the system testing. After preparing the test data the system under study is tested using that test data. While testing the system by using test data errors are again uncovered and corrected by using above testing steps and corrections are also noted for future use.

Using Live Test Data
Live test data are those that are actually extracted from organization files. After a system is partially constructed, programmers or analysts often ask users to key in a set of data from their normal activities. Then, the systems person uses this data as a way to partially test the system. In other instances, programmers or analysts extract a set of live data from the files and have them entered themselves. It is difficult to obtain live data in sufficient amounts to conduct extensive testing. And, although it is realistic data that will show how the system will perform for the typical processing requirement, assuming that the live data entered are in fact typical, such data generally will not test all combinations or formats that can enter the system. This bias toward typical values then does not provide a true systems test and in fact ignores the cases most likely to cause system failure
Using Artificial Test Data
Artificial test data are created solely for test purposes, since they can be generated to test all combinations of formats and values. In other words, the artificial data, which can quickly be prepared by a data generating utility program in the information systems department, make possible the testing of all login and control paths through the program.The most effective test programs use artificial test data generated by persons other than those who wrote the programs. Often, an independent team of testers formulates a testing plan, using the systems specification are shown in figure table 6.

Tab: TESTCASE & VALIDATION
Module Functionality Test case Expected result Actual result Result Priority
User Login use case 1.Navigate to www.sample.com2.Click on submit button without entering user name & password. A validation should be as below please enter valid username & password. A validation has been populated as expected. Pass High
1.navigate to www.sample.com2.click on submit button without filling password and valid user name. A validation should be as below please enter valid password or password filed cannot be empty. A validation is shown as expected. Pass High
1.navigate to www.sample.com2.click on submit after filling user name field with invalid username A validation should be as below the user name enter is wrong. A validation is not shown as expected Fail High
1.navigate to www.sample.com2.click on submit with valid username and invalid password. A validation should be as below password is incorrect. A validation is shown as expected Pass High
1.navigate to www.sample.com2.enter both username and password wrong.hit enter. A validation is shown as below the username entered is invalid. A validation is shown as expected Pass High
1.navigate to www.sample.com2.enter validate username and password and click on submit button. Validate username and password in database and once if they correct then show the home page Main /home page has been displayed Pass High
CHAPTER -7
RESULTS
7.1. OUTPUT SCREENS

Fig 18:Welcome Screen
Navigation: Welcome Screen.

Fig 19:Registration Screen
Navigation: In this module if a user wants to access the data which is stored in the cloud,he/she should register their details first these details are maintained in database.The details like name, email id,password,contact no,select cloud service which particular service he has to use,which are some of the essential which must be provided.

Fig 20: Login Screen
Navigation: Data owner can register with valid details and he can login after registration.

Fig 21: Data Owner Screen
Navigation:It is one of option shows in home page.

Fig 22:Purchase VmNavigation: Before uploading the file to cloud server the data owner must purchase the memory allocation which particular cloud he has to use.

Fig23: Uploading Screen
Navigation: Data owner has to upload the file to particular cloud server, after uploading the file it will be stored as encrypted format.

Fi 24:Verify File Screen
Navigation:Data owner verifies the file he uploaded either it is safe or not in particular cloud server by giving file name.

Fig 25:User Login Screen
Navigation: User has to register to cloud server which particular cloud he has to use.He has to login to the cloud he got registered with valid detiails.

Fig 26: Request Key Screen
Navigation: User want to access the file request send to cloud server.Then only he can able to do it.

Fig 27:Request File Screen
Navigation: To download the file request send to cloud server and cloud server approve the request then only download the file by entering seret key which is assigned by data owner to data user.

Fig 28: Feedback About Cloud
Navigation: User can gives the positive or negative feedback about the cloud server.

Fig 29: Find Cloud Reputation Screen
Navigation: Data owner can check the cloud reputationThe reputation is depends upon the no of reputated user for particular cloud server.

Fig 30: View Cloud Trustworthy Screen
Navigation: Data owner can check the trustworthiness of cloud.It is calculated by depends upon attacked server.

Fig 31: Find Cloud Cost Screen
Navigation: Data owner can check the all cloud cost based on memory allocation and cloud server.

Fig 32: Send Feedback To Cloud Screen
Navigation: Data owner can gives feedback about the cloud server.

Fig 33: Delete Screen
Navigation:Data owner can delete the file by giving particular file name in selected cloud sever.

Fig 34: View Cloud Files
Navigation:Data owner can see the files according to cloud server.

Fig 35: Attack Feedback Screen
Navigation: User has to mislead the feedback about the cloud server by giving user id and particular cloud.

Fig 36: Cloud Server Screen
Navigation: Cloud server manages cloud to provide data storage services to users.Before that first he must register with valid details.Then only he can be able to do it.He can login after registration.

Fig 37:List Out Cloud Files Screen
Navigation: Cloud server can check all the files which are stored by data owner.

Fig 38:Cloud Vm Screen
Navigation: Cloud server can check all the data owner memory allocation to particular cloud server.

Fig 39:Trust Manager Screen
Navigation: Trust manager can register with valid details and he can login after registration

Fig40:View Collision Attack Screen
Navigation:User can mislead the feedback about the cloud..The trust manager can check the attacks depends on cloud server.

Fig 41:Sybil Attack Screen
Navigation: Trust manager can check the details of user transactions.When user can use more transaction per day(exceeds the limit which is assigned by the trust manager) upload(5),download(3),feedback(3).

Fig 42:View Users On Service Screen
Navigation: Trust manager always find the user behavior depends upon particular cloud server.

Fig 43:View All Positive Feedback Screen
Navigation: Trust manager can check the feedbacks given by user and list all the positive feedbacks

Fig 44:List Out All Negative Feedback Screen
Navigation: Trust manager can check the feedback given by user and list all the negative feedbacks.Here for feedback splitting we are using content based filtering.

Fig 45:Attack Cloud File Screen
Navigation: User can attack the file which is stored in particular cloud server by giving file name and data owner name.

Fig 46:List Out All Content Attack
Navigation: Trust manager can check the content attack files which are attacked by user.

Fig 47: Performance Of Cloud Server Screen
Navigation: Trust manager can check the performance of user based on trustworthiness of feedbacks given by user and cloud server.

7.2. RESULT ANALYSIS
RMM simulate the federated cloud as follows:
There are 30 CPs. A CP can be (a) a rational CP, (b) an irrational CP or (c) an opportunistic CP
There are 200 users. A user can be either a good user or a malicious user.
We assume that each CP hosts all users.

Each CP partitions the users into 10 groups (each group represents a set of co-tenants). The rational CPs do not place a good user in the same group with a malicious user. But irrational and opportunistic CPs groups the users randomly.

Fig 48: CP Reputation
There are 10 rational, 10 irrational and 10 opportunistic CPs. There are equal number of good and bad users. Plot X- shows the reputation of the CPs. Y-axis shows the user reputation particular period of time.

Fig 49: CP Reputation
There are 12 rational, 8 irrational and 10 opportunistic CPs. There are equal number of good and bad users. . Plot X- shows the reputation of the CPs. Y-axis shows the user reputation particular period of time.

Fig 50: CP Reputation
There are 10 rational, 10 irrational and 10 opportunistic CPs. There are equal number of good and bad users. Plot X- shows the reputation of the CPs. Y-axis shows the user reputation particular period of time.

Fug 51: CP Reputation
There are 12 rational, 8 irrational and 10 opportunistic CPs. There are equal number of good and bad users. . Plot X- shows the reputation of the CPs. Y-axis shows the user reputation particular period of time.

Fig 52: CP Reputation
There are 15 rational, 5 irrational and 10 opportunistic CPs. There are equal number of good and bad users. . Plot X- shows the reputation of the CPs. Y-axis shows the user reputation particular period of time.

Fig 53: CP Reputation
There are 15 rational, 5 irrational and 10 opportunistic CPs. There are equal number of good and bad users. . Plot X- shows the reputation of the CPs. Y-axis shows the user reputation particular period of time.

CHAPTER-8
CONCLUSION
CONCLUSION
Here we have develop a strong reputation management mechanism in the federated cloud aims to take account of the malicious and selfish behaviors’ of CPs and reflect this on their reputation that encourages CPs to make correct segmentation among authorized users and malicious users, i.e., a good user gets only other good users as cotenants. The existing RMMs for cloud computing do not consider this criteria to evaluate reputation of the CPs. A federated cloud is constructed by contributions from several cloud providers and a virtual network request may be fulfilled by more than one cloud provider. In a federated cloud, a CP risks its own reputation as it shares its resources with other CPs (a virtual network request may span over the resources owned by several CPs). The problem in a virtual network may originate from the physical resources owned by other CPs.
FUTURE ENHANCEMENT
Regarding strong reputation management mechanism in the federated cloud there are many issues remaining to be solved.We distinguish three major areas for improvement reputation feedback mechanism established in most of the study cannot be used as an absolute solution in reflecting trustworthiness of cloud service provider.It prompts to security attacks such as sybil attacks.Instead of final trust value we proposed rate of change value that considered robust and can give a significant and meaningful evalution.To assess the credibility of cloud service provider and improve the reputation evalution mechanism so as to provide better protection of user privacy.However it must come together a cross reference to another cloud service provider.as a result one of the main challenge in reputation system is to identify the false feedbacks.The quality of reputation system depends upon integrity of feedback rating as it receives as input.Therefore effective protection against unfair rating is a basic requirement and an integral part of an strong reputation system is also valuable research topic that can be explored in future.

CHAPTER -9
REFERENCES
A. Bates, B. Mood, J. Pletcher, H. Pruse, M. Valafar, and K. Butler, “On detecting co-resident cloud instances using network flow watermarking techniques,” Int. J. Inf. Secur., vol. 13, no. 2, pp. 171– 189, Apr. 2014.

Y. Azar, S. Kamara, I. Menache, M. Raykova, and B. Shepard, “Colocation-resistant clouds,” in Proceedings of the 6th Edition of the ACM Workshop on Cloud Computing Security, ser. CCSW ’14. New York, USA: ACMpp. 9–20,2014.

F. Koeune and F.-X. Standaert, “Foundations of security analysis and design iii,” A. Aldini, R. Gorrieri, and F. Martinelli, Eds. Berlin, Heidelberg: Springer-Verlag,, ch. A Tutorial on Physical Security and Side-channel Attacks, pp. 78–108,2005.

J. Huang and D. Nicol, “Trust mechanisms for cloud computing,” Journal of Cloud Computing, vol. 2, no. 1, 2013.

R. Ko, P. Jagadpramana, M. Mowbray, S. Pearson, M. Kirchberg, Q. Liang, and B. S. Lee, “Trustcloud: A framework for accountability and trust in cloud computing,” in Services (SERVICES), 2011 IEEE World Congress on, pp. 584–588,July 2011.

T. Noor and Q. Sheng, “Credibility-based trust management for services in cloud environments,” in Service-Oriented Computing, ser. Lecture Notes in Computer Science, G. Kappel, Z. Maamar, and H. Motahari-Nezhad, Eds. Springer Berlin Heidelberg,, vol. 7084, pp. 328–343,2011.

M. Macas and J. Guitart, “Trust-aware operation of providers in cloud markets,” in Distributed Applications and Interoperable Systems, ser. Lecture Notes in Computer Science, K. Magoutis and P. Pietzuch, Eds. Springer Berlin Heidelberg, vol. 8460, pp. 31–37,2014.

T. ?Agotnes, W. van der Hoek, and M. Wooldridge, “Robust normative systems,” in Normative Multi-Agent Systems, 15.03. – 20.03.2009, 2009.

S. Habib, S. Hauke, S. Ries, and M. Mhlhuser, “Trust as a facilitator in cloud computing: a survey,” Journal of Cloud Computing, vol. 1, no. 1, 2012.

J. Huang and D. Nicol, “Trust mechanisms for cloud computing,” Journal of Cloud Computing, vol. 2, no. 1, 2013.

R. Ko, P. Jagadpramana, M. Mowbray, S. Pearson, M. Kirchberg, Q. Liang, and B. S. Lee, “Trustcloud: A framework for accountability and trust in cloud computing,” in Services (SERVICES), 2011 IEEE World Congress on, pp. 584–588, , July 2011.

T. Noor and Q. Sheng, “Credibility-based trust management for services in cloud environments,” in Service-Oriented Computing, ser. Lecture Notes in Computer Science, G. Kappel, Z. Maamar, and H. Motahari-Nezhad, Eds. Springer Berlin Heidelberg, vol. 7084, pp. 328–343,2011.

A. Whitby, A. Jsang, and J. Indulska, “Filtering out unfair ratings in bayesian reputation systems,” in AAMAS04, 2004
A. Das and M. Islam, “Securedtrust: A dynamic trust computation model for secured communication in multiagent systems,” Dependable and Secure Computing, IEEE Transactions on, vol. 9, no. 2, pp. 261–274, March 2012.

H. Zhao, X. Yang, and X. Li, “An incentive mechanism to reinforce truthful reports in reputation systems,” J. Netw. Comput. Appl., vol. 35, no. 3, pp. 951–961, May 2012.

M. Feldman, K. Lai, I. Stoica, and J. Chuang, “Robust incentive techniques for peer-to-peer networks,” in Proceedings of the 5th ACM Conference on Electronic Commerce, ser. EC ’04. New York, NY, USA: ACM, pp. 102–111,2004.

T. G. Papaioannou and G. D. Stamoulis, “An incentives’ mechanism promoting truthful feedback in peer-to-peer systems,” in Proceedings of the Fifth IEEE International Symposium on Cluster Computing and the Grid – Volume 01, ser. CCGRID ’05. Washington, DC, USA: IEEE Computer Society, pp. 275–2832,2005.

E. Ayday and F. Fekri, “Robust reputation management using probabilistic message passing,” in Proceedings of the Global Communications Conference, GLOBECOM 2011, 5-9 December , Houston, Texas, USA,pp. 1–5,2011.

H. Yu, V. Anand, C. Qiao, and G. Sun, “Cost efficient design of survivable virtual infrastructure to recover from facility node failures,” in Communications (ICC), IEEE International Conference on, pp. 1–6,june 2011.

computing environments,” in Networking and Distributed Computing (ICNDC), Second International Conference on, pp. 244–248, Sept 2011.

M. Mac´?as and J. Guitart, “Cheat-proof trust model for cloud computing markets,” in Proceedings of the 9th International Conference on Economics of Grids, Clouds, Systems, and Services, ser. GECON’12. Berlin, Heidelberg: Springer-Verlag, pp. 154–168,2012.

T. H. Noor, Q. Z. Sheng, S. Zeadally, and J. Yu, “Trust management of services in cloud environments: Obstacles and solutions,” ACM Comput. Surv., vol. 46, no. 1, pp. 12:1–12:30, Jul. 2013.

H. AlJahdali, A. Albatli, P. Garraghan, P. Townend, L. Lau, and J. Xu, “Multi-tenancy in cloud computing,” in IEEE 8th International Symposium on Service Oriented System Engineering, pp. 344–351, April 2014.

LIST OF PUBLICATION
1. N.ASHWINI KUMARI currently pursuing M.Tech in Computer Science & Engineering at Jyothishmathi Institute of Technology & Science, Telangana, India. Research interesting includes Mobile Computing, Networks, and Data Mining etc.

2.M.SUJATHA working as a Associate Professor at Jyothishmathi Institute of Technology & Science, Telangana,India and has 10years of experience in Academic.Her research area includes Mobile Computing, Cloud Computing, Data Mining, Machine Learning.