<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE article  PUBLIC "-//NLM//DTD Journal Publishing DTD v3.0 20080202//EN" "http://dtd.nlm.nih.gov/publishing/3.0/journalpublishing3.dtd"><article xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink" dtd-version="3.0" xml:lang="en" article-type="research article"><front><journal-meta><journal-id journal-id-type="publisher-id">OJAppS</journal-id><journal-title-group><journal-title>Open Journal of Applied Sciences</journal-title></journal-title-group><issn pub-type="epub">2165-3917</issn><publisher><publisher-name>Scientific Research Publishing</publisher-name></publisher></journal-meta><article-meta><article-id pub-id-type="doi">10.4236/ojapps.2022.1211131</article-id><article-id pub-id-type="publisher-id">OJAppS-121390</article-id><article-categories><subj-group subj-group-type="heading"><subject>Articles</subject></subj-group><subj-group subj-group-type="Discipline-v2"><subject>Biomedical&amp;Life Sciences</subject><subject> Chemistry&amp;Materials Science</subject><subject> Computer Science&amp;Communications</subject><subject> Engineering</subject><subject> Physics&amp;Mathematics</subject></subj-group></article-categories><title-group><article-title>
 
 
  Shared Resource Quality Monitoring and Dynamic Trust Management in a Community Cloud
 
</article-title></title-group><contrib-group><contrib contrib-type="author" xlink:type="simple"><name name-style="western"><surname>Rodrigue</surname><given-names>N’goran</given-names></name><xref ref-type="aff" rid="aff1"><sup>1</sup></xref><xref ref-type="corresp" rid="cor1"><sup>*</sup></xref></contrib><contrib contrib-type="author" xlink:type="simple"><name name-style="western"><surname>Linda</surname><given-names>N. Vallee</given-names></name><xref ref-type="aff" rid="aff1"><sup>1</sup></xref></contrib><contrib contrib-type="author" xlink:type="simple"><name name-style="western"><surname>Grâce</surname><given-names>Y. E. Johnson</given-names></name><xref ref-type="aff" rid="aff1"><sup>1</sup></xref></contrib><contrib contrib-type="author" xlink:type="simple"><name name-style="western"><surname>Jean-Louis</surname><given-names>Tetchueng</given-names></name><xref ref-type="aff" rid="aff2"><sup>2</sup></xref></contrib><contrib contrib-type="author" xlink:type="simple"><name name-style="western"><surname>Yvon</surname><given-names>Kermarrec</given-names></name><xref ref-type="aff" rid="aff3"><sup>3</sup></xref></contrib><contrib contrib-type="author" xlink:type="simple"><name name-style="western"><surname>Olivier</surname><given-names>Asseu</given-names></name><xref ref-type="aff" rid="aff1"><sup>1</sup></xref></contrib></contrib-group><aff id="aff3"><addr-line>Lab-STICC, IMT-Atlantique, Brest, France</addr-line></aff><aff id="aff1"><addr-line>Lastic, ESATIC, Abidjan, Ivory Coast</addr-line></aff><aff id="aff2"><addr-line>University of Rennes 1, Rennes, France</addr-line></aff><pub-date pub-type="epub"><day>28</day><month>10</month><year>2022</year></pub-date><volume>12</volume><issue>11</issue><fpage>1898</fpage><lpage>1914</lpage><history><date date-type="received"><day>21,</day>	<month>October</month>	<year>2022</year></date><date date-type="rev-recd"><day>20,</day>	<month>November</month>	<year>2022</year>	</date><date date-type="accepted"><day>23,</day>	<month>November</month>	<year>2022</year></date></history><permissions><copyright-statement>&#169; Copyright  2014 by authors and Scientific Research Publishing Inc. </copyright-statement><copyright-year>2014</copyright-year><license><license-p>This work is licensed under the Creative Commons Attribution International License (CC BY). http://creativecommons.org/licenses/by/4.0/</license-p></license></permissions><abstract><p>
 
 
  The collaboration tools offered by Cloud Computing have increased the need to share data and services within companies or between autonomous organizations. This has led to the deployment of community cloud infrastructures. However, several challenges will arise from this grouping of heterogeneous organizations. One of the main challenges is the management of trust between the actors of the community. Trust issues arise from the uncertainty about the quality of the resources and entities involved. The quality of a resource can be examined from a security or functional perspective. Therefore, ensuring security and monitoring the quality of resources is to ensure a high level of trust. Therefore, we propose in this paper a technique for dynamic trust management and quality monitoring of resources shared between organizations. Our approach consists, on the one hand, in evaluating the quality of resources based on quality of service measurement attributes and, on the other hand, in updating the trust values according to the information deduced from these measurements. The proposed framework is evaluated in terms of resource sharing success rate and execution time. Experimental results and comparison with TNA-SL and InterTrust models show that the framework can identify and track the behavior of malicious organizations with relatively low execution time.
 
</p></abstract><kwd-group><kwd>SMI (Service Measure Index)</kwd><kwd> Trust Management</kwd><kwd> SLA</kwd><kwd> QoS</kwd><kwd> Community Cloud</kwd></kwd-group></article-meta></front><body><sec id="s1"><title>1. Introduction</title><p>According to the American consulting and research firm Gartner, 85% of companies will use Cloud Computing services by 2025 with 95% of their workload stored in the cloud compared to 30% in 2021 [<xref ref-type="bibr" rid="scirp.121390-ref1">1</xref>]. Cloud Computing promotes collaboration and sharing within and between companies.</p><p>Several organizations with common needs and interests come together around community cloud infrastructure to minimize investment costs and promote resource sharing [<xref ref-type="bibr" rid="scirp.121390-ref2">2</xref>]. Organizations offer services or make their excess or unused resources available to the community. However, several challenges will emerge from this gathering of different organizations. Among these challenges, trust between entities is one of the major obstacles to sharing and collaboration.</p><p>These trust issues in this type of environment can be seen from several aspects including the quality of shared resources. The Cloud Services Measurement Initiatives Consortium (CSMIC) has defined a set of qualitative and quantitative attributes for measuring the quality of Cloud Services (SMI) [<xref ref-type="bibr" rid="scirp.121390-ref3">3</xref>]. The SMI framework is used to characterize a resource based on several criteria including ease of use, affordability, security and privacy.</p><p>In environments such as the Community Cloud, the ability of organizations to guarantee and deliver quality resources over the long term conditions the sustainability of the infrastructure and its productivity. It is therefore essential to have mechanisms to track quality throughout the resource usage cycle. In this paper, we propose a framework for resource quality monitoring and dynamic trust management in a community cloud. We address the quality assessment of shared resources based on four (4) SMI attributes: response time, availability, threat and vulnerability management, and billing compliance. The main contributions of this paper are:</p><p>-A framework for identifying, defining and monitoring resource quality;</p><p>-A dynamic trust management mechanism derived from the results of resource sharing and usage in accordance with the established SLA.</p><p>The remainder of this article is organized as follows. Section 2 reviews related work. Section 3 describes the proposed framework. Section 4 presents the experiments and associated results. Finally, Section 5 concludes the paper and proposes perspectives for future work.</p></sec><sec id="s2"><title>2. Related Work</title><p>Managing resource quality and trust within distributed architectures remains a major concern for enterprises. Several works presenting techniques for the evaluation and comparison of services and their owners have been carried out.</p><p>K. Papadakis et al., proposed in [<xref ref-type="bibr" rid="scirp.121390-ref4">4</xref>], Reputation-based Trust Management (RTM), a collaborative SLA and trust management platform for service providers in a cloud federation. The system allows to evaluate services based on service level agreements (SLAs) and key performance indicators. It is combined with a reputation-based trust management system to help select future providers.</p><p>In [<xref ref-type="bibr" rid="scirp.121390-ref5">5</xref>], the authors proposed a Cloud service recommendation system using a clustering-based trust degree computation algorithm. This algorithm relies on quality of service (QoS) parameters, and offers a time saving in the calculation of the degree of trust.</p><p>A secure resource allocation system (MSMC) among multiple organizations within a community cloud is proposed in [<xref ref-type="bibr" rid="scirp.121390-ref6">6</xref>]. This system consists of algorithms for resource allocation and workflow execution. The model offers time and cost saving benefits.</p><p>S. Garg et al. presented SMICloud in [<xref ref-type="bibr" rid="scirp.121390-ref7">7</xref>], a service quality assessment model based on the CSMIC consortium’s Service Measurement Indices (SMI). SMIcloud is based on attributes such as response time, availability, reliability, accuracy, transparency and security. This mechanism based on the Analytical Hierarchy Process (AHP) allows services to be ranked based on QoS requirements.</p><p>In [<xref ref-type="bibr" rid="scirp.121390-ref8">8</xref>], the authors proposed a resource allocation algorithm considering SLA requirements in a community cloud. They introduce the concept of social pricing to optimize profits and better manage failures.</p><p>The literature studied shows that most of the work highlights the impact of service level agreements in the choice of resources or service providers. Furthermore, these works were carried out in federated or public cloud deployment environments that do not take into account certain requirements and governance modes of a community cloud. In addition, these proposals do not highlight the monitoring of trust and quality during the entire usage cycle of a resource. Therefore, it is necessary to propose a framework for trust monitoring and quality assessment of resources based on measurement attributes that are consistent with the social and sustainability characteristics of a community cloud environment.</p></sec><sec id="s3"><title>3. Method, Model, and Material</title><sec id="s3_1"><title>3.1. General Idea of the Work</title><p>The Community Cloud aims to enable organizations to share resources in order to reduce capital costs, create business opportunities without disregarding the quality of shared resources. We propose a framework for resource quality monitoring and dynamic trust management between organizations in the community. Resource quality monitoring is done through performance indicators offered by the CSMIC SMI attributes. A community cloud is characterized by organizations with specific needs or common interests. Thus, the active participation of members in the life of the community and the existence of lasting relationships are assets for the infrastructure. Furthermore, the social character of the collaborations between organizations is one of the fundamental reasons for a community cloud. Based on these facts, our framework is based on four (4) SMI attributes: availability, vulnerability level, response time and billing mode. The attributes of availability, vulnerability, and response time measure and ensure active participation of members and security of resources. In addition, the attribute of the billing mode of the resources brings into play the social aspect in this case the gratuity in the exchanges.</p><p><xref ref-type="fig" rid="fig1">Figure 1</xref> below shows the architecture of our framework. This architecture is subdivided into three layers:</p><p>&#183; Expression of needs and definition of SLAs: This layer houses the directory of resources and associated suppliers. In addition, it manages the service level agreements between the resource requester and the provider. The agreements are established on the basis of the four (4) SMI attributes mentioned above. In addition, it hosts the trust value manager and the inventory management module responsible for updating the availability status of resources.</p><p>&#183; SLA monitoring: This consists of monitoring the state of the resources throughout the period of use in order to verify the conformity of the SLAs with the initial agreements established. This operation makes it possible to collect and consolidate the qualitative and quantitative contractual parameters related to the shared resource. This ensures that the commitments of each entity are respected.</p><p>&#183; Update Manager: The role of the update manager is to update the trust information based on the information provided after the SLA monitoring. Each time the contractual parameters are violated during the period of use of the resource, the trust value update mechanism is triggered. In addition, SLA monitoring provides updated data for resource inventory management.</p></sec><sec id="s3_2"><title>3.2. Description of Resource Quality Measurement Attributes</title><p>The CSMIC recommends a clear and simple definition for each attribute. Thus it proposes definitions centered around the following fields: measure name, related attribute, context, purpose, measure audience, measure definition, and data collection [<xref ref-type="bibr" rid="scirp.121390-ref3">3</xref>]. Tables 1-4 describe in detail the billing mode, response time, availability, and vulnerability management attributes of the proposed model, respectively.</p><table-wrap id="table1" ><label><xref ref-type="table" rid="table1">Table 1</xref></label><caption><title> Billing method attribute</title></caption><table><tbody><thead><tr><th align="center" valign="middle" >Name of the measure</th><th align="center" valign="middle" >Billing method</th></tr></thead><tr><td align="center" valign="middle" >Related attribute</td><td align="center" valign="middle" >Billing process</td></tr><tr><td align="center" valign="middle" >Context</td><td align="center" valign="middle" >When negotiating for resource sharing, it is important to It is necessary to specify the billing method (free of charge, sharing in exchange for a resource, exchange by means traditional fiduciary, exchange by virtual currency). The billing mode will have an impact on the willingness to share or not, on the quantity shared, on the time given to the use of the resource and on the extension capacities of the resource.</td></tr><tr><td align="center" valign="middle" >Measure audience</td><td align="center" valign="middle" >Organizations (supplier and applicant)</td></tr><tr><td align="center" valign="middle" >objective</td><td align="center" valign="middle" >It is a mutual consent measure of both parties. involved and which will allow or not the feasibility of a transaction. The commercial objective is the selection of a furnace provider that meets the financial needs of an applicant and vice versa.</td></tr><tr><td align="center" valign="middle" >Definition of the measure</td><td align="center" valign="middle" >Assign a value to each billing method. The values range from 1 to 4: 1) for the fiduciary mode-. 2) for a virtual currency, 3) for an electronic currency exchange for a resource and 4) free. Resources may be acquired free of charge depending on the reputation of the of the applicant or in exchange for a resource in order to encourage sharing within the community.</td></tr><tr><td align="center" valign="middle" >Data collection</td><td align="center" valign="middle" >The billing method is collected from each actor.</td></tr></tbody></table></table-wrap><table-wrap id="table2" ><label><xref ref-type="table" rid="table2">Table 2</xref></label><caption><title> Response time attribute</title></caption><table><tbody><thead><tr><th align="center" valign="middle" >Name of the measure</th><th align="center" valign="middle" >Response time</th></tr></thead><tr><td align="center" valign="middle" >Related attribute</td><td align="center" valign="middle" >Service Response Time</td></tr><tr><td align="center" valign="middle" >Context</td><td align="center" valign="middle" >A date on which the requester would like to have the response is associated with each request for a resource. The response time represents the time taken by the provider to respond to this request.</td></tr><tr><td align="center" valign="middle" >Measure audience</td><td align="center" valign="middle" >Organizations (supplier and applicant)</td></tr><tr><td align="center" valign="middle" >objective</td><td align="center" valign="middle" >Ensure the efficiency and timeliness of the implementation of the provision of a resource by a supplier.</td></tr><tr><td align="center" valign="middle" >Definition of the measure</td><td align="center" valign="middle" >The evaluation criteria are as follows: the date desired by the applicant t<sub>ui</sub>, the response date promised by the t<sub>pj</sub> and the actual delivery date t<sub>d.</sub> The time of response will be evaluated by three different scores: &#183; The score (1) for an exchange made on the scheduled date; &#183; The score (0.5) for an exchange that is scheduled before the desired date but is provided at a date greater than the scheduled period and less than the desired date; &#183; The score (−1) for a delivery beyond the promised date and with a desired date less than the promised date.</td></tr><tr><td align="center" valign="middle" >Data collection</td><td align="center" valign="middle" >The dates (desired and promised) are defined respectively by the applicant and the supplier. The delivery date is deducted at the time of delivery of the resource.</td></tr></tbody></table></table-wrap><table-wrap id="table3" ><label><xref ref-type="table" rid="table3">Table 3</xref></label><caption><title> Availability attribute</title></caption><table><tbody><thead><tr><th align="center" valign="middle" >Name of the measure</th><th align="center" valign="middle" >Availability</th></tr></thead><tr><td align="center" valign="middle" >Related attribute</td><td align="center" valign="middle" >Availability</td></tr><tr><td align="center" valign="middle" >Context</td><td align="center" valign="middle" >A resource is provided for a defined period. It must have the capacity to maintain an agreed level of availability among the actors during the period of use of the resource</td></tr><tr><td align="center" valign="middle" >Measure audience</td><td align="center" valign="middle" >Organizations (supplier and applicant)</td></tr><tr><td align="center" valign="middle" >objective</td><td align="center" valign="middle" >Maintain an efficient level of resource availability provided within the community.</td></tr><tr><td align="center" valign="middle" >Definition of the measure</td><td align="center" valign="middle" >It is expressed as a proportion of time during which resources are available in relation to time during which they should be. Availablity ( r ) = T w T f (1) with T<sub>w</sub> the service availability time and T<sub>f</sub> the time total use of the service. This value will be compared to the promised availability rates by the supplier to assess the quality of availability of the resource</td></tr><tr><td align="center" valign="middle" >Data collection</td><td align="center" valign="middle" >The availability rate is obtained thanks to the returns of information from both actors</td></tr></tbody></table></table-wrap><table-wrap id="table4" ><label><xref ref-type="table" rid="table4">Table 4</xref></label><caption><title> Vulnerability attribute</title></caption><table><tbody><thead><tr><th align="center" valign="middle" >Name of the measure</th><th align="center" valign="middle" >Threat and vulnerability management</th></tr></thead><tr><td align="center" valign="middle" >Related attribute</td><td align="center" valign="middle" >Proactive threat and vulnerability management</td></tr><tr><td align="center" valign="middle" >Context</td><td align="center" valign="middle" >The level of vulnerability of shared resources has an impact on the security of the infrastructure. To protect against threats and attacks, it is important to reduce the level of vulnerability of shared resources</td></tr><tr><td align="center" valign="middle" >Measure audience</td><td align="center" valign="middle" >Organizations (supplier and applicant)</td></tr><tr><td align="center" valign="middle" >objective</td><td align="center" valign="middle" >The goal is to ensure that shared resources meet the vulnerability levels of the CVSS [<xref ref-type="bibr" rid="scirp.121390-ref9">9</xref>] .</td></tr><tr><td align="center" valign="middle" >Definition of the measure</td><td align="center" valign="middle" >Assign sensitivity levels to each shared resource. These levels are defined according to the CVSS v2.0 vulnerability level standard</td></tr><tr><td align="center" valign="middle" >Data collection</td><td align="center" valign="middle" >The level of sensitivity is defined by each supplier of resources and validated by the applicant.</td></tr></tbody></table></table-wrap></sec><sec id="s3_3"><title>3.3. Updating the Confidence Values and the Stock of Resources</title><sec id="s3_3_1"><title>3.3.1. Inventory Management</title><p>The inventory management module updates the availability status of resources. The resource directory is updated when a new member joins, a new service is added, an organization leaves or a resource is no longer in use. An available resource is in an I and B status where applicable.</p><p>As in [<xref ref-type="bibr" rid="scirp.121390-ref8">8</xref>], we define the function γ<sub>r</sub>(t) as the indicator function of the availability state of a resource at time t. Thus:</p><p>γ r ( t ) = { 1           if the resource is availlable then in a state I 0       else then in a state B (2)</p><p>The total quantity of a resource of vulnerability level j available at time t is expressed as follows:</p><p>q a j ( t ) = ∑ n = 1 Q r p j r s j ( t )     with       r s j ( t ) = 1       if       γ r n ( t ) = 1       else       r s j ( t ) = 0 (3)</p><p>With Q<sub>rpj</sub> the total quantity of a resource of a vulnerability level j, and r<sub>sj</sub>(t) the availability state of the resource at time t. At the beginning of each new exchange, an update operation of the resource availability state is performed.</p></sec><sec id="s3_3_2"><title>3.3.2. Updating of Trust and Reputation Values</title><p>The selection of a resource provider for an exchange is based on the degree of trust the requester places in the provider. This trust value is calculated based on previous interactions between the organizations and the reputation of the provider. This value is expressed as follows:</p><p>g t = μ r d t + ( 1 − μ ) r e p (4)</p><p>With rep the reputation of the supplier (the initial reputation of an organization rep<sub>ini</sub> = 0), r d t the trust value resulting from previous interactions between the involved entities. This trust value is computed using the subjective logic (SL) presented in [<xref ref-type="bibr" rid="scirp.121390-ref10">10</xref>] [<xref ref-type="bibr" rid="scirp.121390-ref11">11</xref>]. The SL allows to express the trust between a resource requesting organization O<sub>r</sub> <sub>et</sub> and a supplier O<sub>p</sub> from the following parameters: belief (b), distrust (d), disbelief (u) and base rate α. These parameters are formulated as follows [<xref ref-type="bibr" rid="scirp.121390-ref10">10</xref>] [<xref ref-type="bibr" rid="scirp.121390-ref11">11</xref>]:</p><p>{ b = s s s s + s f + 2 d = s f s s + s f + 2 u = 2 s s + s s + 2 ⇔ { s s = 2 b u s f = 2 d u (5)</p><p>s<sub>s</sub> the number of successful prior shares between O<sub>r</sub> and O<sub>p</sub>, and s<sub>f</sub> the number of negative exchanges. The base rate α is defined by:</p><p>α = 0.5 (6)</p><p>The confidence value between O<sub>r</sub> and O<sub>p</sub> is expressed as:</p><p>r d t = b + ( α ∗ u ) (7)</p><p>For managing exchanges with an intermediate organization O<sub>i</sub> between O<sub>r</sub> and O<sub>p</sub>, The SL proposes an update operator (⊗) to determine the transitive trust between organizations O<sub>i</sub> and O<sub>p</sub> [<xref ref-type="bibr" rid="scirp.121390-ref10">10</xref>] [<xref ref-type="bibr" rid="scirp.121390-ref11">11</xref>]. This trust is expressed as below:</p><p>ω O p O r : O i = ω O i O r ⊗ ω O p O i { b O p O r : O i = b O i O r b O p O i d O p O r : O i = b O i O r d O p O i u O p O r : O i = d O i O r + u O i O r + b O i O r u O p O i α O p O r : O i = α O p O i (8)</p><p>Moreover, in the case of an exchange involving several two intermediaries O<sub>i</sub><sub>1</sub> and O<sub>i</sub><sub>2</sub> the trust between O<sub>r</sub> and O<sub>p</sub>, is deduced thanks to the consensus operator ( ⊕ ) and formulated as follows [<xref ref-type="bibr" rid="scirp.121390-ref10">10</xref>] [<xref ref-type="bibr" rid="scirp.121390-ref11">11</xref>]:</p><p>ω O p O i 1 : O i 2 = ω O p O i 1 ⊕ ω O p O i 2 { b O p O i 1 : O i 2 = b O p j O t z 1 u O p j O t z 2 + b O p j O t z 2 u O p j O t z 1 / d e n o d O p O i 1 : O i 2 = d O p O i 1 u O p O i 2 + d O p O i 2 u O p O i 1 / d e n o u O p O i 1 : O i 2 = u O p O i 1 u O p O i 2 / d e n o α O p O i 1 : O i 2 = α O p O i 1 (9)</p><p>d e n o = u O p O i 1 + u O p O i 2 − u O p O i 1 u O p O i 2</p><p>After the delivery of the requested resource, an initial evaluation of the exchange is performed. This evaluation allows an initial update of the trust values and reputation. In addition, during the use of the resource and until the end of the period of use, this process of updating the values is triggered by each violation of the quality of service attributes specified in the SLA.</p><p>As in proposal [<xref ref-type="bibr" rid="scirp.121390-ref12">12</xref>], a discount factor θ is defined to determine the reputation of the supplier O<sub>p</sub> according to the equation below:</p><p>r e p O p = { r e p O p c t + θ n     if   positive result r e p O p c t + θ n / 2     if positive result with minor violation r e p O p c t − θ n     if negative result with   θ n ( k ) = ( V lmin ( k ) + V lmax ( k ) ) / 2 V lmax (10)</p><p>r e p O p c t the current reputation of the provider, V<sub>lmin</sub>(k) the minimum value of vulnerability degree of the resource for a level k, V<sub>lmax</sub>(k) the maximum value of vulnerability degree, V<sub>lmax</sub> the maximum value of vulnerability degree. The resource vulnerability levels are defined according to the CVSS 2 standard [<xref ref-type="bibr" rid="scirp.121390-ref9">9</xref>]. Thus:</p><p>k = 1     if   V l ∈ [ 7 , 10 ] k = 2     if   V l ∈ [ 4 , 7 [ k = 3     if   I l ∈ [ 0 , 4 [ (11)</p></sec></sec><sec id="s3_4"><title>3.4. Algorithm of the System</title><p><xref ref-type="fig" rid="fig2">Figure 2</xref> below illustrates the operating mechanism of the proposed framework. The process is characterized on the one hand by the validation, initialization and sharing phase. On the other hand, the second phase consists of monitoring the quality of the resources and updating the trust values in case of SLA violation. Algorithm 1 and Algorithm 2 in the Appendix describe these different phases.</p></sec></sec><sec id="s4"><title>4. Experiments and Results</title><sec id="s4_1"><title>4.1. Experimentation Environment</title><p>The performance of our proposal was evaluated through simulations of resource sharing between organizations in a community cloud. Data was generated to model the organizations and resources in the community. A MacBook Pro computer (Retina, 15-inch, mid-2015), 2.2 GHz Intel Core i7 quad-core processor,</p><p>16 GB 1600 MHz DDR3 memory was used to perform our experiments. The python language was used for programming with a Pycharm editor. Organizations providing SLA compliant resources are qualified as good providers. Those providing non-compliant or violating resources are called malicious. To examine the scalability of our framework the simulations are conducted on organization groups of 80,120, 180,220 and 250 members. Furthermore to measure the attack resistance of our model, the number of malicious providers is varied from 20%, 40%, 60%, 80%. The performance of our model is compared with two other models namely TNA-SL [<xref ref-type="bibr" rid="scirp.121390-ref11">11</xref>] [<xref ref-type="bibr" rid="scirp.121390-ref13">13</xref>] and InterTrust [<xref ref-type="bibr" rid="scirp.121390-ref14">14</xref>]. The framework has been evaluated based on two metrics namely the success rate of exchanging quality resources by good providers (SSR) and the execution time. In order to verify the execution time, the different algorithms were run on the same computer with identical loads.</p><p>SSR = number of resources provides by good organizations total number of resources provided by good organizations (12)</p></sec><sec id="s4_2"><title>4.2. Results and Discussion</title><sec id="s4_2_1"><title>4.2.1. Resistance to Attacks</title><p><xref ref-type="fig" rid="fig4">Figure 4</xref>. success rates for different numbers of resource providers of which 20% are malicious providers</p><p>In addition, the dynamic management of trust through the updating of trust values based on the respect of SLAs, allows to increase the reputation values of the organizations contrary to the two other models which do not integrate this aspect. The SSR of the InterTrust and TNA-SL models also experience a relatively lower evolution for rates of 20%, 40% and 60% of malicious illustrated by</p><p><xref ref-type="fig" rid="fig3">Figure 3</xref>(a), <xref ref-type="fig" rid="fig4">Figure 4</xref>(a) and <xref ref-type="fig" rid="fig5">Figure 5</xref>(a). However, with a rate of 80% of malicious on <xref ref-type="fig" rid="fig6">Figure 6</xref>(a), a decrease of the SSR is observed for these two algorithms until reaching the zero value for the TNA-SL. Moreover, <xref ref-type="fig" rid="fig3">Figure 3</xref>(b), <xref ref-type="fig" rid="fig4">Figure 4</xref>(b), <xref ref-type="fig" rid="fig5">Figure 5</xref>(b) and <xref ref-type="fig" rid="fig6">Figure 6</xref>(b) show the variation of the number of malicious organizations according to the rate of injected malicious organizations. It can be seen that our model is able to reduce or even eliminate malicious organizations within the community. The resource quality monitoring through SMI attributes in case of SLA violation proposed by our model allows to identify quality resources and classify good providers. In contrast to the TNA-SL and InterTrust contributions, our technique increases the trust value and reputation of good providers faster with each transaction round and significantly reduces that of bad providers due to the discount factor θ introduced in Equation 10. The probability of selecting malicious organizations for long-term trading is thus limited.</p></sec><sec id="s4_2_2"><title>4.2.2. Execution Time</title><p><xref ref-type="fig" rid="fig7">Figure 7</xref> below shows the execution times of our model, the InterTrust algorithm and the TNA-SL model. These experiments were performed for each round of 500 transactions with different groups consisting of 80, 120, 180, 220, 250 members. The results show that the execution time of our model is significantly lower than those of the other two models. The selection of the resource provider in our model is done first based on the previous transaction list of the requester and then based on the reputation list. This mechanism speeds up the selection process. Our model guarantees a high SSR while maintaining a low execution time.</p></sec></sec></sec><sec id="s5"><title>5. Conclusion</title><p>The community cloud deployment model promotes collaboration and resource sharing (data and services) between organizations with specific requirements and common needs. However, ensuring trust between members of this community</p><p>remains a major challenge. Monitoring the quality of shared resources in this environment is an answer to this problem. Therefore, we propose in this paper a framework for resource quality evaluation and trust monitoring based on quality of service measurement attributes. The model is based on the definition of a service level agreement based on four SMI (Service Measurement Index) attributes: billing mode, availability, threat and vulnerability management and response time. Moreover, the monitoring of SLA attributes allows to propose a dynamic management mechanism and to update the trust and reputation values. Through experiments, our proposal has been compared to the TNA-SL and InterTrust models. The results of the experiments show that our proposal allows the deployment of a community cloud that is resistant to attacks. On the other hand, it allows distinguishing good providers from malicious ones and to eliminate or reduce the participation of malicious ones in the community exchanges. Finally, our model offers better execution times compared to TNA-SL and Intertrust models. In future work, we will propose an agent-based collaboration framework. The aim is to present a model characterized by explicit communication and mutual commitment of the actors for successful exchanges.</p></sec><sec id="s6"><title>Conflicts of Interest</title><p>The authors declare no conflicts of interest regarding the publication of this paper.</p></sec><sec id="s7"><title>Cite this paper</title><p>N’goran, R., Vallee, L.N., Johnson, G.Y. E., Tetchueng, J.-L., Kermarrec, Y. and Asseu, O. (2022) Shared Resource Quality Monitoring and Dynamic Trust Management in a Community Cloud. Open Journal of Applied Sciences, 12, 1898- 1914. https://doi.org/10.4236/ojapps.2022.1211131</p></sec><sec id="s8"><title>Appendix</title><disp-formula id="scirp.121390-formula1"><graphic  xlink:href="//html.scirp.org/file/15-2311835x25.png?20140215084504723"  xlink:type="simple"/></disp-formula><disp-formula id="scirp.121390-formula2"><graphic  xlink:href="//html.scirp.org/file/15-2311835x26.png?20140215084504723"  xlink:type="simple"/></disp-formula></sec></body><back><ref-list><title>References</title><ref id="scirp.121390-ref1"><label>1</label><mixed-citation publication-type="other" xlink:type="simple">Coret, S. (2021) Gartner.https://cloud-computing.developpez.com/actu/328766/Gartner-Les-revenus-mondiaux-du-cloud-s-eleveront-a-474-milliards-de-dollars-en-2022-contre-408-milliards-de-dollars-en-2021-le-cloud-sera-la-piece-maitresse-des-nouvelles-experiences-numeriques/</mixed-citation></ref><ref id="scirp.121390-ref2"><label>2</label><mixed-citation publication-type="other" xlink:type="simple">Nauges, L. (2011). https://nauges.typepad.com/my_weblog/2011/04/index.html</mixed-citation></ref><ref id="scirp.121390-ref3"><label>3</label><mixed-citation publication-type="other" xlink:type="simple">Siegel, J. and Perdue, J. (2012) Cloud Services Measures for Global Use: The Service Measurement Index (SMI). 2012 Annual SRII Global Conference, San Jose, 24 September 2012, 411-415. https://doi.org/10.1109/SRII.2012.51</mixed-citation></ref><ref id="scirp.121390-ref4"><label>4</label><mixed-citation publication-type="other" xlink:type="simple">Papadakis-Vlachopapadopoulos, K., González, R.S., Dimolitsas, I., Dechouniotis, D., Ferrer, A.J. and Papavassiliou, S. (2019) Collaborative SLA and Reputation-Based Trust Management in Cloud Federations. Future Generation Computer Systems, 100, 498-512. https://doi.org/10.1016/j.future.2019.05.030</mixed-citation></ref><ref id="scirp.121390-ref5"><label>5</label><mixed-citation publication-type="other" xlink:type="simple">Priya, A.S.B. and Bhuvaneswaran, R.S. (2020) Cloud Service Recommendation System Based on Clustering Trust Measures in Multi-Cloud Environment. Journal of Ambient Intelligence and Humanized Computing, 12, 7029-7038. https://doi.org/10.1007/s12652-020-02368-2</mixed-citation></ref><ref id="scirp.121390-ref6"><label>6</label><mixed-citation publication-type="other" xlink:type="simple">Dubey, K., Shams, M.Y., Sharma, S.C., Alarifi, A., Amoon, M. and Nasr, A.A. (2019) Management System for Servicing Multi-Organizations on Community Cloud Model in Secure Cloud Environment. IEEE Access, 7, 159535-159546. https://doi.org/10.1109/ACCESS.2019.2950110</mixed-citation></ref><ref id="scirp.121390-ref7"><label>7</label><mixed-citation publication-type="other" xlink:type="simple">Garg, S.K., Versteeg, S. and Buyya, R. (2013) A Framework for Ranking of Cloud Computing Services. Future Generation Computer Systems, 4, 1012-1023. https://doi.org/10.1016/j.future.2012.06.006</mixed-citation></ref><ref id="scirp.121390-ref8"><label>8</label><mixed-citation publication-type="other" xlink:type="simple">Saovapakhiran, B. and Devetsikiotis, M. (2011) Enhancing Computing Power by Exploiting Underutilized Resources in the Community Cloud. IEEE International Conference on Communications, Kyoto, 28 July 2011. https://doi.org/10.1109/icc.2011.5962544</mixed-citation></ref><ref id="scirp.121390-ref9"><label>9</label><mixed-citation publication-type="other" xlink:type="simple">Common Vulnerability Scoring System SIG (2020). https://www.first.org/cvss/</mixed-citation></ref><ref id="scirp.121390-ref10"><label>10</label><mixed-citation publication-type="journal" xlink:type="simple"><name name-style="western"><surname>J&amp;oslash;sang</surname><given-names> A. </given-names></name>,<etal>et al</etal>. (<year>2009</year>)<article-title>Subjective Logic</article-title><source> Representations</source><volume> 171</volume>,<fpage> 1</fpage>-<lpage>8</lpage>.<pub-id pub-id-type="doi"></pub-id></mixed-citation></ref><ref id="scirp.121390-ref11"><label>11</label><mixed-citation publication-type="other" xlink:type="simple">J&amp;oslash;sang, A. and Bhuiyan, T. (2008) Optimal Trust Network Analysis with Subjective Logic. Proceedings of the 2nd International Conference on Emerging Security Information, Systems and Technologies, Cap Esterel, 25-31 August 2008, 179-184. https://doi.org/10.1109/SECURWARE.2008.64</mixed-citation></ref><ref id="scirp.121390-ref12"><label>12</label><mixed-citation publication-type="other" xlink:type="simple">Guo, L., Yang, H., Luan, K., Luo, Y., Sun, L. and Zheng, X. (2021) Trust Management Model Based on Mutual Trust and a Reward-with-Punishment Mechanism for Cloud Environments. Concurrency and Computation: Practice and Experience, 33, e6283. https://doi.org/10.1002/cpe.6283</mixed-citation></ref><ref id="scirp.121390-ref13"><label>13</label><mixed-citation publication-type="other" xlink:type="simple">J&amp;oslash;sang, A. and Simon, R. (2006) Trust Network Analysis with Subjective Logic. Angewandte Chemie International Edition, 6, 951-952.</mixed-citation></ref><ref id="scirp.121390-ref14"><label>14</label><mixed-citation publication-type="other" xlink:type="simple">Kurdi, H., Alfaries, A., Al-Anazi, A., Alkharji, S., Addegaither, M., Altoaimy, L. and Ahmed, S.H. (2019) A Lightweight Trust Management Algorithm Based on Subjective Logic for Interconnected Cloud Computing. Journal of Supercomputing, 75, 3534-3554. https://doi.org/10.1007/s11227-018-2669-y</mixed-citation></ref></ref-list></back></article>