MMB Cloud-Tree: Verifiable Cloud Service Selection

In the existing cloud brokerage system, the client does not have the ability to verify the result of the cloud service selection. There are possibilities that the cloud broker can be biased in selecting the best Cloud Service Provider (CSP) for a client. A compromised or dishonest cloud broker can unfairly select a CSP for its own advantage by cooperating with the selected CSP. To address this problem, we propose a mechanism to verify the CSP selection result of the cloud broker. In this verification mechanism, properties of every CSP will also be verified. It uses a trusted third party to gather clustering result from the cloud broker. This trusted third party is also used as a base station to collect CSP properties in a multi-agent's system. Software Agents are installed and running on every CSP. The CSP is monitored by agents as the representative of the customer inside the cloud. These multi-agents give reports to a third party that must be trusted by CSPs, customers and the Cloud Broker. The third party provides transparency by publishing reports to the authorized parties (CSPs and Customers).


INTRODUCTION
Cloud services offer a scalable variety of storage space and computing capabilities, which are widely employed by an increasing number of business owners. This has resulted in a large number of cloud service providers (CSPs), offering a wide range of resources. The availability of various, possibly complex options, however, makes it difficult for potential cloud clients to weigh and decide which options suit their requirements the best. The Challenges are:  It is hard for cloud clients to gather information about all the CSPs available for their selections;  It is also computationally expensive to choose a suitable CSP from a potentially large CSP pool. In light of these difficulties, both industry and academia suggested introducing an additional computing layer on top of the base service provisioning to enable tasks such as discovery, mediation and monitoring. In a cloud brokerage system, one of the most fundamental tasks is to provide high-quality selection services for clients. That is, a broker provides clients with a list of recommended CSPs that meet the clients' needs. With the aid of cloud brokers, clients no longer need to collect, search or compare CSPs' services and capabilities. Without the ability to verify the correctness of the service recommendation, cloud clients could be easily cheated by malicious brokers. For instance, malicious brokers could recommend their favourable CSPs as much as possible and ignore other suitable CSPs, without being caught by the clients. More seriously, due to the lack of supervision and verification of brokers' actions, malicious brokers could even recommend malicious CSPs which collect and sell clients' private resources, monitor clients' hosts during cloud service provisioning, causing major financial and confidentiality losses to the clients. Therefore, it is important to equip the clients with verification capabilities of the obtained recommendations. The clients may not need to verify each recommendation result, but they certainly need to have the ability to do so when they feel necessary. Our novel index structure is the core component of our Cloud Service Selection Verification (CSSV) scheme, which employs the idea of "separation of duties" to ensure strong security guarantees. Precisely, we introduce a trusted collector in the cloud brokerage system that separates the task of CSP information collection from the service selection. The collector does not directly interact with the cloud clients and is only in charge of gathering information from the CSPs, and hence it can be more devoted into adopting sophisticated defences to filter out problematic data and building an authenticated database of CSPs' profiles. The collector is allowed to make profit by selling the authenticated database to one or more cloud brokers. With the available authenticated databases, the Cloud Service Selection describes the recommendation system in cloud computing suitable for design-time decisions as it statically provided a ranking of available cloud providers. Aiming at evaluating the performance and capabilities of services offered by CSPs for facilitating customers' selections. cloud service selection is focused only on how to select the services that satisfy customers' requirements. None of them considers security issues involved in the service selection, and none of them provides verifiable schemes to prove the correctness and completeness of their service selection results as addressed in our work and to trusted collector sharing location-based information, whereas we use the collector to achieve service verification in the cloud. Our proposed authenticated index structures are related to those developed for query authentication in outsourced databases. At query execution, the service provider picks the signatures of the data objects falling in the query range to form the proof messages. Since each data object is linked with its predecessor and successor in an unforgeable way, the client is able to verify the completeness and correctness of query results by verifying the validity of signatures.

A. Existing System
In an existing cloud brokerage schemes is that brokers are completely trusted and thus will always provide unbiased best available options to clients. Under this assumption, none of the existing works provides guarantees over the correctness or completeness of the service selection recommendations to the cloud clients. Without the ability to verify the correctness of the service recommendation, cloud clients could be easily cheated by malicious brokers. For instance, malicious brokers could recommend their favourable CSPs as much as possible and ignore other suitable CSPs, without being caught by the clients. More seriously, due to the lack of supervision and verification of brokers' actions, malicious brokers could even recommend malicious CSPs which collect and sell clients' private resources, monitor clients' hosts during cloud service provisioning, causing major financial and confidentiality losses to the clients.

B. Proposed System
In our proposed system a novel index structure is the core component of our Cloud Service Selection Verification (CSSV) scheme, which employs the idea of separation of duties to ensure strong security guarantees. Precisely, we introduce a trusted collector in the cloud brokerage system that separates the task of CSP information collection from the service selection. The collector does not directly interact with the cloud clients and is only in charge of gathering information from the CSPs, and hence it can be more devoted into adopting sophisticated defences to filter out problematic data and building an authenticated database of CSPs' profiles. The collector is allowed to make profit by selling the authenticated database to one or more cloud brokers. With the available authenticated databases, the cloud brokers focus on handling probably a large number of real-time service requests from clients.

C. Advanced Scheme using MMB Cloud-Tree:
The basic approach using MMB cloud-tree indexes only the Price property, and therefore has limited ability to deal with queries that do not include Price as one of the selection criteria, or with queries that have many other selection criteria besides Price. In either case, the basic approach may return many CSPs which satisfy only the Price criterion but not the whole query in the proof message for verification.

II. MODULES A. CSP Profile Creation
The service provider is in need to expose the service that provided by them, in terms of the whole package of the service. The package that consist of the details such as a product that provide by the service provider and the respective cost for each product in service. And a total cost of the service. The service provider can be able to produce any number (N numbers) of service and each are declared as separate package.

B. Database Construction
The collector surf with the cloud service provider services and select the needed package of services. And the collector submits the resource request to the respective CSP of service. If the CSP acknowledge the collector request of resource, now the collector is ready to access the resource details and to provide the respective resource to requesting broker. Collector serves as an intermediate between the broker and the CSP. The Cloud Service Provider provides the service to the broker. They collecting the service and given to the broker whoever requesting the trusted collector.

C. Service Selection by the broker
It is worth noting that, the novelty of our approaches not only lies in a new set of verification algorithms specific to the cloud service selection, but also gives efficient solutions (compared with the state-of-the-art) to the problem of authenticating multidimensional queries. The reason to choose Price as the indexing field is two-fold. First, given that most cloud providers employ a pay-peruse business model, Price is one of the most commonly occurred criteria in cloud service selection queries. First, cloud service selection typically allows cloud users to specify multiple service requirement is always desirable to have efficient cloud service selection and verification so that the cloud end users would not feel delay of services. Our novel index structure is the core component of our Cloud Service Selection Verification (CSSV) scheme, which employs the idea of "separation of duties" to ensure strong security guarantees. we propose the Cloud Service Selection Verification (CSSV) scheme which is a comprehensive solution that is capable of guaranteeing all the three security requirements (i.e., authenticity, satisfiability and completeness).

D. Results Verification
More seriously, due to the lack of supervision and verification of brokers' actions, malicious brokers could even recommend malicious CSPs which collect and sell clients' private resources, monitor clients' hosts during cloud service provisioning, causing major financial and confidentiality losses to the clients. we propose innovative authenticated index structures and verification protocols to allow clients to verify the completeness and authenticity of brokers' answers. This problem is related to that of authentication of query results for outsourced databases, selection and verification so that the cloud end users would not feel delay of services, but existing few works, although support authentication of multidimensional query results, are time consuming, resulting that they could not meet the demands of today's real-time cloud service recommendations.

III. SYSTEM ARCHITECTURE DIAGRAM FOR MMB CLOUD A. System Architecture
The cloud service providers providing the services to the brokers stored in the cloud. The collector logs onto the system are stored in the database and purchase authenticated database. The collector providing services to the cloud brokers. The user searching for the brokers for the needed service. Finally, The results verification by the clients. The System architecture are mainly occurs Cloud service providers, collectors, cloud brokers and users. This diagram shows the system architecture of mmb-cloud as shown below.

B. Work Flow Diagram
The first step is to create a profile for Cloud Service Providers(CSP's) and services are stored in the cloud. The second step is the collector build authenticated database and after collecting services from the CSP data stored in the database. The third step is service selected by the brokers. And finally, the clients searching for the service that they need for the various brokers. And if the user finds the needed service they request the service to the broker and get use with the resource. And verify or cross check the resource that bought from the broker that whether the broker serves the correct resource in affordable cost. is used to storing all the information in the database.
V. MERKLE HASH TREE ALGORITHM As our proposed data structure is developed based on the Merkle hash tree, we provide more details of this structure as follows. The Merkle hash tree has a binary tree as the base structure. The leaf nodes in the Merkle hash tree contain the hash values of the original data items. Each internal node contains the hash value of the concatenation of the hash values of its two children nodes.

A. Why Merkle trees?
 Consistency Verification  Data Verification  Data Synchronization Merkle trees are used in distributed systems for efficient data verification. A Merkle tree is a hash-based structure that is a generalization of the hash list.It is a tree structure in which each leaf node is a hash of a block of data, and each non-leaf node is a hash of its children.

B. Algorithm
Steps  Merkle hash tree was typically implemented as binary trees.  Binary Tree is a node-based binary tree data structure.  The left sub tree of a node contains only nodes with keys lesser than the node's key.  The right sub tree of a node contains only nodes with keys greater than the node's key.  The left and right sub tree each must also be a binary search tree. There must be no duplicate nodes.

VI. CONCLUSION
In this paper, we presented an innovative Cloud Service Selection Verification (CSSV) system to achieve cheating-free cloud service selection under a cloud brokerage architecture. The core of our system is an efficient authenticated index structure to ensure the authenticity, the satisfiability and the completeness of the service selection results. Our theoretical and experimental results demonstrate the effectiveness and efficiency of our schemes compared with the state-of-the-art. As part of our future work, we plan to consider a verifiable scheme for best service selection query whereby the broker returns only the best CSP instead of all candidate CSPs with respect to a client's request.