GUO Rui-peng

DOI: https://doi.org/10.3969/j.issn.1006-2475.2012.06.047

2012-01-01

Abstract:The emergence of cloud computing enables the enterprises and individuals through the network to use computing resources and storage resources conveniently,cloud computing in data security issues are also increasingly attracted widespread attention.This paper discusses the objectives and requirements of cloud computing security,and analyzes the cloud computing user access,encryption technology,access control,virtualization security and other critical security technologies.

Usman Aijaz,Mohammed Abubakar,Aditya Reddy,Abuzar .,Alok C Pujari

DOI: https://doi.org/10.46610/joscnds.2024.v01i01.005

2024-04-26

Abstract:Cloud computing has completely transformed how businesses handle, store, and process data and applications. However, using cloud services brings several security issues that need to be resolved to guarantee the availability, confidentiality, and integrity of critical data. This abstract overviews vital aspects of cloud computing security and highlights emerging trends and research directions. Essential challenges of cloud computing security include ensuring data privacy and confidentiality, maintaining data integrity and trustworthiness, and addressing compliance with regulatory requirements. Identity and access management (IAM) remains a critical area, focusing on enhancing authentication mechanisms and access controls to mitigate the risks of unauthorized access and insider threats. Additionally, active research areas include securing cloud orchestration and management platforms, resilience and availability of cloud services, and addressing the unique security considerations of cloud native technologies. Interdisciplinary collaboration between researchers, industry practitioners, and policymakers is essential to develop innovative security solutions and best practices for cloud computing environments. By addressing these challenges and advancing the state of the art in cloud security, organizations can leverage the benefits of cloud computing while mitigating associated risks and ensuring the protection of sensitive data and resources. In summary, this review paper provides a holistic understanding of cloud computing security, offering insights into current practices, challenges, and future directions for ensuring the confidentiality, integrity, and availability of cloud based systems and data.

Lynda kacha,Abdelhafid Zitouni

DOI: https://doi.org/10.1007/978-3-319-67618-0_23

2018-12-21

Abstract:Cloud Computing refers to the use of computer resources as a service on-demand via internet. It is mainly based on data and applications outsourcing, traditionally stored on users' computers, to remote servers (datacenters) owned, administered and managed by third parts. This paper is an overview of data security issues in the cloud computing. Its objective is to highlight the principal issues related to data security that raised by cloud environment. To do this, these issues was classified into three categories: 1-data security issues raised by single cloud characteristics compared to traditional infrastructure, 2-data security issues raised by data life cycle in cloud computing (stored, used and transferred data), 3-data security issues associated to data security attributes (confidentiality, integrity and availability). For each category, the common solutions used to secure data in the cloud were emphasized.

Cryptography and Security

Muhammad Dawood,Shanshan Tu,Chuangbai Xiao,Hisham Alasmary,Muhammad Waqas,Sadaqat Ur Rehman

DOI: https://doi.org/10.3390/sym15111981

2023-10-27

Symmetry

Abstract:Cloud computing is an innovative technique that offers shared resources for stock cache and server management. Cloud computing saves time and monitoring costs for any organization and turns technological solutions for large-scale systems into server-to-service frameworks. However, just like any other technology, cloud computing opens up many forms of security threats and problems. In this work, we focus on discussing different cloud models and cloud services, respectively. Next, we discuss the security trends in the cloud models. Taking these security trends into account, we move to security problems, including data breaches, data confidentiality, data access controllability, authentication, inadequate diligence, phishing, key exposure, auditing, privacy preservability, and cloud-assisted IoT applications. We then propose security attacks and countermeasures specifically for the different cloud models based on the security trends and problems. In the end, we pinpoint some of the futuristic directions and implications relevant to the security of cloud models. The future directions will help researchers in academia and industry work toward cloud computing security.

multidisciplinary sciences

Elham Mohammed Thabit A. Alsaadi,Sabah Mohammed Fayadh,Ashwak Alabaichi

DOI: https://doi.org/10.1063/5.0027460

2020-01-01

Abstract:Cloud Computing is a model based on computing system which provides convenient and customizable services to the users for accessing to different cloud applications. It provides a way for storing and accessing cloud data from anywhere via connecting the cloud application utilizing internet. The cloud computing and its related safety problems is one of widely discussed concerns in today generation's research field. While numerous cloud security investigations are previously widespread, there residues a definite distance in properly identifying these issues and find the appropriate solutions. Some studies discuss the problems of virtualization and approach the target, while others talk about access control mechanisms, but what's missing is a standard framework which simultaneously extends the concept of cloud security and describes its specific requirements. In addition, countermeasures given in a survey must clearly illustrate the problem it deals with. This analysis paper took all of these elements into consideration so that the necessary areas were properly connected and a number of open issues were discussed in this area. This paper also reviews the most significant security techniques to data protection and cloud security in the cloud computing. Moreover, security techniques for data protection will be recommended in order to have enhanced security in cloud computing. It will concentrate primarily on issues related to data security and provides solutions.

Adeel Javaid

DOI: https://doi.org/10.2139/SSRN.2388377

2014-01-08

Abstract:The cloud computing paradigm is still evolving, but has recently gained tremendous momentum. However, security and privacy issues pose as the key roadblock to its fast adoption. In this paper we present security and privacy challenges that are exacerbated by the unique aspects of clouds and show how they're related to various delivery and deployment models. We discuss various approaches to address these challenges, existing solutions, and work needed to provide a trustworthy cloud computing environment.

Engineering,Computer Science

Karim Djemame,Afnan Ullah Khan,Manuel Oriol,Ming Jiang,Mariam Kiran

DOI: https://doi.org/10.1109/CloudCom.2012.6427574

2012-01-01

Abstract:Cloud computing provides outsourcing of resources bringing economic benefits. The outsourcing however does not allow data owners to outsource the responsibility of confidentiality, integrity and access control, as it still is the responsibility of the data owner. As cloud computing is transparent to both the programmers and the users, it induces challenges that were not present in previous forms of distributed computing. Furthermore, cloud computing enables its users to abstract away from low-level configuration such as configuring IP addresses and routers. It creates an illusion that this entire configuration is automated. This illusion is also true for security services, for instance automating security policies and access control in cloud, so that individuals or end-users using the cloud only perform very high-level (business oriented) configuration. This paper investigates the security challenges posed by the transparency of distribution, abstraction of configuration and automation of services by performing a detailed threat analysis of cloud computing across its different deployment scenarios (private, bursting, federation or multi-clouds). This paper also presents a risk inventory which documents the security threats identified in terms of availability, integrity and confidentiality for cloud infrastructures in detail for future security risks. We also propose a methodology for performing security risk assessment for cloud computing architectures presenting some of the initial results.

J. Uma Maheswari,S. Vijayalakshmi,Rajiv Gandhi N,Laith H. Alzubaidi,Khonimkulov Anvar,R. Elangovan

DOI: https://doi.org/10.1051/e3sconf/202339904040

2023-01-01

E3S Web of Conferences

Abstract:The globe has adopted the cloud computing environment, which organizes data and manages space for data storage, processing, and access. This technical development has brought up questions regarding data security and privacy in cloud computing environments, though. The purpose of this abstract is to offer a thorough review of the issues, solutions, and future developments related to data privacy and security in cloud computing. Keeping data private and secure while it is being processed and stored in outside data centres is the main difficulty in cloud computing systems. The abstract discusses the dangers of insider threats, data breaches, and illegal access to sensitive information. It digs further into the legal and compliance criteria that businesses must follow in order to protect user data in the cloud. In result, data privacy and security in cloud computing environments remain critical concerns for organizations and individuals alike. In the survey the overview of how to use cloud storage globally and its challenges, solution and future innovation is well explained. It underscores the importance of robust encryption, access controls, user awareness, and emerging technologies in safeguarding data in the cloud. By addressing these concerns, organizations can leverage the power of cloud computing while maintaining the confidentiality, integrity, and availability of their data.

Farrukh Shahzad

DOI: https://doi.org/10.1016/j.procs.2014.08.053

2014-01-01

Procedia Computer Science

Abstract:The evolution of cloud computing has revolutionized how the computing is abstracted and utilized on remote third party infras- tructure. It is now feasible to try out novel ideas over the cloud with no or very low initial cost. Cloud computing is attractive to companies and organizations as it eliminates the requirement for them to plan ahead for provisioning, and allows them to start with small resources and increase gradually as the service demand rises. There are challenges in adopting cloud computing; but with obstacles, we have opportunities for research in several aspects of cloud computing. One of the main issue is the data security and privacy of information stored and processed at the cloud service provider's systems. In this work, We surveyed several research work on cloud computing related to security challenges and privacy issues. The primary goal of this paper is to provide a better understanding of the security challenges of cloud computing and identify approaches and solutions which have been proposed and adopted by the cloud service industry.

Sandeep K. Sood

DOI: https://doi.org/10.1016/j.jnca.2012.07.007

IF: 7.574

2012-11-01

Journal of Network and Computer Applications

Abstract:Cloud computing is a forthcoming revolution in information technology (IT) industry because of its performance, accessibility, low cost and many other luxuries. It is an approach to maximize the capacity or step up capabilities vigorously without investing in new infrastructure, nurturing new personnel or licensing new software. It provides gigantic storage for data and faster computing to customers over the internet. It essentially shifts the database and application software to the large data centers, i.e., cloud, where management of data and services may not be completely trustworthy. That is why companies are reluctant to deploy their business in the cloud even cloud computing offers a wide range of luxuries. Security of data in cloud is one of the major issues which acts as an obstacle in the implementation of cloud computing. In this paper, a frame work comprising of different techniques and specialized procedures is proposed that can efficiently protect the data from the beginning to the end, i.e., from the owner to the cloud and then to the user. We commence with the classification of data on the basis of three cryptographic parameters presented by the user, i.e., Confidentiality (C), Availability (A) and Integrity (I).The strategy followed to protect the data utilizes various measures such as the SSL (Secure Socket Layer) 128-bit encryption and can also be raised to 256-bit encryption if needed, MAC (Message Authentication Code) is used for integrity check of data, searchable encryption and division of data into three sections in cloud for storage. The division of data into three sections renders supplementary protection and simple access to the data. The user who wishes to access the data is required to provide the owner login identity and password, before admittance is given to the encrypted data in Section 1, Section 2, and Section 3.

computer science, interdisciplinary applications, software engineering, hardware & architecture

Sugata Sanyal,Parthasarathy P. Iyer

DOI: https://doi.org/10.48550/arXiv.1303.1417

2013-03-07

Abstract:Cloud computing is a complex infrastructure of software, hardware, processing, and storage that is available as a service. Cloud computing offers immediate access to large numbers of the world's most sophisticated supercomputers and their corresponding processing power, interconnected at various locations around the world, proffering speed in the tens of trillions of computations per second. Information in databases and software scattered around the Internet. There are many service providers in the internet, we can call each service as a cloud, each cloud service will exchange data with other cloud, so when the data is exchanged between the clouds, there exist the problem of security. Security is an important issue for cloud computing, both in terms of legal compliance and user trust, and needs to be considered at every phase of design. In contrast to traditional solutions, where the IT services are under proper physical, logical and personnel controls, Cloud Computing moves the application software and databases to the large data centers, where the management of the data and services may not be trustworthy. This unique attribute, however, poses many new security challenges. Cloud computing seems to offer some incredible benefits for communicators.

Cryptography and Security

.Dr. Aakriti Sharma,,

DOI: https://doi.org/10.55041/ijsrem31596

2024-04-25

INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT

Abstract:Cloud computing has revolutionized the way businesses operate, offering unprecedented scalability, flexibility, and cost-efficiency. However, alongside its numerous benefits, cloud computing also presents significant security challenges. This research paper aims to provide a comprehensive comparison of cloud security issues, examining the common threats, vulnerabilities, and mitigation strategies across various cloud deployment models and service types. Through a systematic review of existing literature and case studies, this paper highlights the evolving landscape of cloud security, identifies key challenges, evaluates current solutions, and outlines future directions for research and practice in the field.

Dimitrios Zissis,Dimitrios Lekkas

DOI: https://doi.org/10.1016/j.future.2010.12.006

IF: 7.307

2012-03-01

Future Generation Computer Systems

Abstract:The recent emergence of cloud computing has drastically altered everyone’s perception of infrastructure architectures, software delivery and development models. Projecting as an evolutionary step, following the transition from mainframe computers to client/server deployment models, cloud computing encompasses elements from grid computing, utility computing and autonomic computing, into an innovative deployment architecture. This rapid transition towards the clouds, has fuelled concerns on a critical issue for the success of information systems, communication and information security. From a security perspective, a number of unchartered risks and challenges have been introduced from this relocation to the clouds, deteriorating much of the effectiveness of traditional protection mechanisms. As a result the aim of this paper is twofold; firstly to evaluate cloud security by identifying unique security requirements and secondly to attempt to present a viable solution that eliminates these potential threats. This paper proposes introducing a Trusted Third Party, tasked with assuring specific security characteristics within a cloud environment. The proposed solution calls upon cryptography, specifically Public Key Infrastructure operating in concert with SSO and LDAP, to ensure the authentication, integrity and confidentiality of involved data and communications. The solution, presents a horizontal level of service, available to all implicated entities, that realizes a security mesh, within which essential trust is maintained.

Shubhanjali Sharma,Garima Gupta,P. R. Laxmi,P.R.Laxmi

DOI: https://doi.org/10.48550/arXiv.1403.5627

2014-03-22

Distributed, Parallel, and Cluster Computing

Abstract:Today, cloud computing is an emerging way of computing in computer science. Cloud computing is a set of resources and services that are offered by the network or internet. Cloud computing extends various computing techniques like grid computing, distributed computing. Today cloud computing is used in both industrial field and academic field. Cloud facilitates its users by providing virtual resources via internet. As the field of cloud computing is spreading the new techniques are developing. This increase in cloud computing environment also increases security challenges for cloud developers. Users of cloud save their data in the cloud hence the lack of security in cloud can lose the users trust. In this paper we will discuss some of the cloud security issues in various aspects like multi-tenancy, elasticity, availability etc. The paper also discuss existing security techniques and approaches for a secure cloud. This paper will enable researchers and professionals to know about different security threats and models and tools proposed.

Wajid Hassan,Te-Shun Chou,Xiaoming Li,Patrick Appiah-Kubi,Omar Tamer,Tamer Omar

DOI: https://doi.org/10.11591/ijict.v8i3.pp162-183

2019-12-01

Abstract:The emergence of cloud computing has changed perception of all regarding software delivery, development models and infrastructure. Cloud computing has a potential of providing elastic, easily manageable, powerful and cost effective solutions. The rapid transition to cloud computing has fueled concerns on the security issues. The migration of the user’s data and applications in a shared environment of a cloud, where there is a collocation of several users increases security related concerns. Several research efforts have been made in evaluating challenges related to security faced by the cloud computing environments, a number of solutions of such problems have also been proposed. Integrated security solutions should be devised to deal with the increasing security risks. In this paper, a detailed cloud computing survey, key services and concepts are being presented. This paper attempts to evaluate various security threats to cloud computing and a number of security solutions have also been discussed. Furthermore, a brief view of the cloud security regulatory bodies and compliance have also been presented. Despite the research efforts in cloud security field, there are still some open research problems and challenges which are discussed in this paper.

Rohit Bhadauria,Rituparna Chaki,Nabendu Chaki,Sugata Sanyal

DOI: https://doi.org/10.48550/arXiv.1109.5388

2013-05-21

Abstract:Cloud Computing holds the potential to eliminate the requirements for setting up of high-cost computing infrastructure for the IT-based solutions and services that the industry uses. It promises to provide a flexible IT architecture, accessible through internet for lightweight portable devices. This would allow many-fold increase in the capacity or capabilities of the existing and new software. In a cloud computing environment, the entire data reside over a set of networked resources, enabling the data to be accessed through virtual machines. Since these data centers may lie in any corner of the world beyond the reach and control of users, there are multifarious security and privacy challenges that need to be understood and taken care of. Also, one can never deny the possibility of a server breakdown that has been witnessed, rather quite often in the recent times. There are various issues that need to be dealt with respect to security and privacy in a cloud computing scenario. This extensive survey paper aims to elaborate and analyze the numerous unresolved issues threatening the Cloud computing adoption and diffusion affecting the various stake-holders linked to it.

Cryptography and Security

S. Subashini,V. Kavitha

DOI: https://doi.org/10.1016/j.jnca.2010.07.006

IF: 7.574

2011-01-01

Journal of Network and Computer Applications

Abstract:Cloud computing is a way to increase the capacity or add capabilities dynamically without investing in new infrastructure, training new personnel, or licensing new software. It extends Information Technology’s (IT) existing capabilities. In the last few years, cloud computing has grown from being a promising business concept to one of the fast growing segments of the IT industry. But as more and more information on individuals and companies are placed in the cloud, concerns are beginning to grow about just how safe an environment it is. Despite of all the hype surrounding the cloud, enterprise customers are still reluctant to deploy their business in the cloud. Security is one of the major issues which reduces the growth of cloud computing and complications with data privacy and data protection continue to plague the market. The advent of an advanced model should not negotiate with the required functionalities and capabilities present in the current model. A new model targeting at improving features of an existing model must not risk or threaten other important features of the current model. The architecture of cloud poses such a threat to the security of the existing technologies when deployed in a cloud environment. Cloud service users need to be vigilant in understanding the risks of data breaches in this new environment. In this paper, a survey of the different security risks that pose a threat to the cloud is presented. This paper is a survey more specific to the different security issues that has emanated due to the nature of the service delivery models of a cloud computing system.

computer science, interdisciplinary applications, software engineering, hardware & architecture

Tarek Ali,Mohammed Al-Khalidi,Rabab Al-Zaidi

DOI: https://doi.org/10.1080/08874417.2024.2329985

2024-03-31

Journal of Computer Information Systems

Abstract:Cloud computing faces more security threats, requiring better security measures. This paper examines the various classification and categorization schemes for cloud computing security issues, including the widely known CIA trinity (confidentiality, integrity, and availability), by considering critical aspects of the cloud, such as service models, deployment models, and involved parties. A comprehensive comparison of cloud security classifications constructs an exhaustive taxonomy. ISO27005, NIST SP 800–30, CRAMM, CORAS, OCTAVE Allegro, and COBIT 5 are rigorously compared based on their applicability, adaptability, and suitability within a cloud-based hosting methodology. The findings of this research recommend OCTAVE Allegro as the preferred cloud hosting paradigm. With many security models available in management studies, it is imperative to identify those suitable for the rapidly expanding and dynamically evolving cloud environment. This study underscores the significant methods for securing data on cloud-hosting platforms, thereby contributing to establishing a robust cloud security taxonomy and hosting methodology.

computer science, information systems

Hamed Tabrizchi,Marjan Kuchaki Rafsanjani

DOI: https://doi.org/10.1007/s11227-020-03213-1

IF: 3.3

2020-02-28

The Journal of Supercomputing

Abstract:Cloud computing has gained huge attention over the past decades because of continuously increasing demands. There are several advantages to organizations moving toward cloud-based data storage solutions. These include simplified IT infrastructure and management, remote access from effectively anywhere in the world with a stable Internet connection and the cost efficiencies that cloud computing can bring. The associated security and privacy challenges in cloud require further exploration. Researchers from academia, industry, and standards organizations have provided potential solutions to these challenges in the previously published studies. The narrative review presented in this survey provides cloud security issues and requirements, identified threats, and known vulnerabilities. In fact, this work aims to analyze the different components of cloud computing as well as present security and privacy problems that these systems face. Moreover, this work presents new classification of recent security solutions that exist in this area. Additionally, this survey introduced various types of security threats which are threatening cloud computing services and also discussed open issues and propose future directions. This paper will focus and explore a detailed knowledge about the security challenges that are faced by cloud entities such as cloud service provider, the data owner, and cloud user.

Jianhua Che,Yamin Duan,Tao Zhang,Jie Fan

DOI: https://doi.org/10.1016/j.proeng.2011.11.2551

2011-01-01

Procedia Engineering

Abstract:Cloud computing is introducing many huge changes to people's lifestyle and working pattern recently for its multitudinous benefits. However, the security of cloud computing is always the focus of numerous potential cloud customers, and a big barrier for its widespread applications. In this paper, to facilitate customers to understand the security status quo of cloud computing and contribute some efforts to improving the security level of cloud computing, we surveyed the existing popular security models of cloud computing, e.g. multiple-tenancy model, risk accumulation model, cube model of cloud computing, and summarized the main security risks of cloud computing deriving from different organizations. Finally, we gave some security strategies from the perspective of construction, operation and security incident response to relieve the common security issues of cloud computing.

English Else