Third Party Auditing for Service Assurance in Cloud Computing

Nowadays, cloud computing has been identified as new opportunities for migrating to the expected agility, reuse, and adaptive capabilities that can support the ever changing IT trends, requirements and environments. However, for benefits of their own, there are various motivations for cloud service providers (CSPs) to behave unfaithfully toward cloud customers, such as invading data privacy and providing inaccurate data processing results to customers. On the other hand, constrained by computation resources and capabilities, customers mostly cannot independently process big data and perform verification on correctness and completeness. Under this information asymmetry, how to ensure the correctness and completeness of data processing, computation, and mining becomes a practically crucial issue that greatly impacts the widely deployment of cloud computing, as well as the future Internet. Though verifiable computing provides us with approaches to verify the computation results. There is hardly an approach that can ensure a 100% detection accuracy. In this paper, the concept of using penalty to decrease CSP's incentive to cheat is proposed from a contract theoretical aspect, where cloud service customers can resort to an external auditor to verify the computation results when needed. Then, an auditing contract which consists of penalty and service fee is proposed so that the CSP will be fined when being found out cheating. Subsequently, the problem is formulated to solve the efficient contract under incomplete information market. Furthermore, we give the simulation results to show the audit contract improve the efficiency of the system.