Computers & Security 91 (2020) 101722 Contents lists available at ScienceDirect Computers & Security journal homepage: www.elsevier.com/locate/cose Multi-dimensional dynamic trust evaluation scheme for cloud environment Praveen S. Challagidad a,∗ , Mahantesh N. Birje b a Department of Computer Science and Engineering, Basaveshwar Engineering College, Vidyagiri, Bagalkot 587102, Karnataka, India b Department of Computer Science and Engineering, Visvesvaraya Technological University, Belagavi 590018, Karnataka, India a r t i c l e i n f o Article history: Received 4 February 2019 Revised 30 November 2019 Accepted 18 January 2020 Available online 23 January 2020 Keywords: Cloud computing Trustworthiness Trust Dynamic trust evaluation scheme Compliance Information a b s t r a c t In cloud computing environment, Cloud Customers (CCs) and Cloud Service Providers (CSPs) require to evaluate the trust levels of potential partner prior to appealing in communications. The accurateness of trust evaluation significantly influences the success velocity of the communication. Determining trust- worthiness dynamically is a demanding problem in an open and dynamic environment (such as cloud computing) because of huge number of CSPs offering similar types of services. Also it is a challenging job for both CCs and CSPs to mutually recognize and distinguish between the trustworthy and untrust- worthy CSPs and CCs. Presently, there are very less number of dynamic trust evaluation scheme that permits CCs to evaluate the trustworthiness of CSPs from multi-dimensional perspectives (i.e., perspec- tives from Cloud Auditors (CAs), Cloud Brokers (CBs), Service Level Agreement Agents (SLAAs) and Peers). Similarly, there is no scheme that permits CSPs to evaluate trustworthiness of CCs. This paper proposes a Multi-dimensional Dynamic Trust Evaluation Scheme (MDTES) that facilitates CCs to evaluate the trust- worthiness of CSPs from various viewpoints. Similar approach can be employed by CSPs to evaluate the trustworthiness of CCs. The proposed MDTES helps CCs to choose trustworthy CSP which provides de- sired QoS and CSPs to choose desired and legal CCs. The experimental results illustrate that the MDTES is dynamic, efficient and steady in distinguishing trustworthy and untrustworthy CSPs and CCs compared to other trust models. © 2020 Elsevier Ltd. All rights reserved. 1. Introduction Cloud computing is an open, service-oriented, utility oriented and dynamic computing paradigm (Challagidad and Birje, 2017; Birje et al., 2017, 2015). Besides many advantages of cloud com- puting, security is one of the critical issues that has to be aug- mented to address trust associated problems (Buyya et al., 2009; Armbrust et al., 2010; Mell and Grance, 2009; Takabi et al., 2010; Everett, 2009). Trust is a subjective notion, with different meanings in differ- ent domains. Basically, it is defined as an indicator of whether a cloud entity is willing to rely on the actions of another cloud entity or not. With the expansion of cloud applications, more and more researchers have realized that trust has become a crucial aspect in cloud computing environment, because of distributed, dynamic and open nature of cloud technology. In this technology, there ex- ∗ Corresponding author. E-mail addresses: praveensc07@gmail.com (P.S. Challagidad), mnbirje@vtu.ac.in (M.N. Birje). ist a number of cloud entities like CSPs, CCs, Cloud Auditors (CAs), Cloud Brokers (CBs), Service Level Agreement Agents (SLAAs) and Peers. To have a safe trustworthy cloud technology, every cloud en- tities need to have good cooperation and coordination among each other. However, there are two possibilities of threat to this tech- nology: (i). Some entities in the cloud may misbehave maliciously and mislead the other cloud entities that results into loss of trust and reputation among each other. For example, CC may submit fake feedbacks to CSP/CA and CSP may misinterpret the feedback (knowingly or unknowingly) which is provided by CC. (ii). Some entities attempts to attack on the feedback information illegally provided by other cloud entities which leads to wrong evaluation of trustworthiness and loss of reputation. The dynamic nature of cloud computing makes trust evalua- tion a challenging task, because of two reasons: (i) there is no centralized objective mechanism for controlling and coordinating the interactions amongst cloud entities. The decision making for the select of suitable providers is based on the information pro- vided by partners (entities), the local view of the entities and/or the experience from previous interactions. (ii) In some complex environments, a cloud paradigm contains cloud entities with dif- https://doi.org/10.1016/j.cose.2020.101722 0167-4048/© 2020 Elsevier Ltd. All rights reserved.