A Dynamic and Fine-Grained User Trust Evaluation Model for Micro-Segmentation Cloud Computing Environment

Abstract

With the diversity and complexity of user access behaviors in the “micro-segmentation” cloud computing environment, it is no longer possible to control unauthorized access of authorized users by only relying on user identity login authentication to control user access to cloud resources. The existing trust evaluation methods can not cope with the characteristics of “micro-isolated” cloud environment, which is characterized by high granularity of resources, increasing number of users’ access requests and rapid changes. Based on the zero-trust principle of “Never trust, al-ways verify”, we propose a dynamic, fine-grained user trust evaluation model for micro-segmentation cloud computing environment, which combines multiple user trust attributes and leverages the subjective-objective approach to assign weights to trust attribute indicators to achieve dynamic scoring of users’ real-time behaviors. To capture the characteristics of users’ intrinsic behaviors, we use correlation analysis to identify the correlation between users’ current and historical behaviors, and combine sliding windows and penalty functions to optimize the model. The massive simulation experiments demonstrate the effectiveness of the proposed dynamic and fine-grained method, which can effectively combine the intrinsic correlation of users’ own access behavior and the difference of access behavior among different users.