Trustworthy accounting of resource consumption in the Cloud Santosh Shrivastava, School of Computing Science, Newcastle University, UK Abstract of current work The services offered by Internet Data Centers involve the provision of storage, bandwidth and computational resources. A common business model is to charge consumers on a pay-per-use basis where they periodically pay for the resources they have consumed (as opposed to a fixed charge for service provision). Central to the pay-per-use model is the issue of accountability for the consumed resources: who performs the measurement and decides how much resource has been consumed –– the provider, the consumer, a trusted third party (TTP), or some combination of them? Traditional utility providers such as water, gas and electricity services use provider-side accounting based on metering devices that have a certain degree of tamper-resistance and are deployed in the consumer’s premises. Provider-side accounting is also widely used by phone services and Internet-based utility providers like Amazon. However, in contrast to traditional utilities, the infrastructure responsible for measuring resource consumption is deployed at the provider. The distinguishing feature of provider-side accounting is that it is unilateral. Provider-side accounting is acceptable when the consumer has good reason to trust the provider not to accidentally or maliciously overcharge. However, we contend that there will be a class of applications, or of relationships between consumer and provider, where this assumption does not hold and where other models are needed. Unilateral consumer-side accounting can be implemented but we do not discuss it here because it is not representative of practical applications –– it is very unlikely that a provider would simply accept accounts unilaterally computed by a consumer. Unilateral accounting by a TTP on behalf of both consumer and provider would be more practical than consumer-side accounting, but here we consider a hitherto unexplored alternative of bilateral accounting of resource consumption. We develop a new model in which the consumer and provider independently measure resource consumption, compare their outcomes and agree on a mutually trusted outcome. The problem of achieving mutual trust in accounting for resource consumption is currently neglected but is becoming important as users increasingly rely on utility (or cloud) computing for their needs. We explore the technical issues in bilateral accounting and develop a model that is abstract and general enough to apply to the different types of resources that are being offered on a utility basis [1]. Our work so far has indicated that the success of bilateral accounting to a large extent will depend on two factors: the quality of accounting data consumers can collect and the availability of a relatively simple comparison and conflict resolution protocol (CCRP) to enable production of mutually agreed outcomes. Service providers can help consumers by providing (i) suitable service interfaces to enable consumer side metering, and (ii) a reference model (e.g., an accounting model) to enable consumers to estimate resource consumption and associated charges. Further, sometimes there is also a need for a consumer (provider) to collect metering data directly at the provider’s (consumer’s) premises, so suitable metering techniques will need to be developed. CCRP procedures will also need to be developed and agreed as a part of the service level agreement. To ground our approach in current practice, we will use storage consumption as an example and, in particular, use Amazon’s S3 as a case study for bilateral accounting. [1] Carlos Molina-Jimenez, Nick Cook and Santosh Shrivastava, “On the Feasibility of Bilaterally Agreed Accounting of Resource Consumption”, International Workshop on Enabling Service Business Ecosystems (ESBE’08), December 2008, Sydeny, Springer, LNCS 5472, pp. 270–283, 2009.