FIGURE 6 - available via license: Creative Commons Attribution 4.0 International
Content may be subject to copyright.
Source publication
![Fig. 2 shows us the security architecture proposed in [26]. As shown in...](publication/350883353/figure/fig2/AS:1012838319521792@1618490881327/shows-us-the-security-architecture-proposed-in-26-As-shown-in-Fig-3-tenants-may-keep_Q320.jpg)
Cloud computing has become a widely exploited research area in academia and industry. Cloud computing benefits both cloud services providers (CSPs) and consumers. The security challenges associated with cloud computing have been widely studied in the literature. This systematic literature review (SLR) is aimed to review the existing research studie...
Contexts in source publication
Context 1
... opinion. Current research fuses some critical viewpoints of what constitutes the prominent as well as cloud security challenges. This paper provides a substantial growing literature on cloud computing security challenges, commercial cloud services providers, cloud consumers' concerns, and blockchain technology. The proposed taxonomy, as shown in Fig. 6, is based on three levels. Existing literature other than the survey papers is the top one level followed by four categories on the second level. Categories at the second level are based on our proposed research questions (RQ1. . . RQ4). On the third level of the proposed taxonomy, we observe the different research perspectives and ...
Context 2
... for category 1 (RQ1) and category (RQ3) that remain open. This taxonomy not only validates our paper's contribution; instead, it provides the opportunity for further discussion. We can extend this taxonomy by adding more categories at the second level. The fourth level of this taxonomy accounts for the focused papers on the respective categories. Fig. 6 shows a taxonomic analysis and categorizes domains in a pictorial representation. A taxonomy was developed using the cloud computing security approaches. This survey paper further extends to several research directions of the proposed taxonomy (see Fig. 6). It is crucial to introspect the cur-rent approaches on cloud security, cloud ...
Context 3
... fourth level of this taxonomy accounts for the focused papers on the respective categories. Fig. 6 shows a taxonomic analysis and categorizes domains in a pictorial representation. A taxonomy was developed using the cloud computing security approaches. This survey paper further extends to several research directions of the proposed taxonomy (see Fig. 6). It is crucial to introspect the cur-rent approaches on cloud security, cloud security addressed by commercial cloud computing services providers, and blockchain technology. Security threats have been studied in the literature than consumers' concern (42% vs. 17%), while security techniques with blockchain technology are studies in ...
Citations
... The threats and methods for cloud security are also discussed in this study. Cloud computing, according to Bader Alouffi and Muhammad Hasnain [5] is a heavily researched field that seeks to assess research on cloud computing security, threats, and problems. CC according to authors Khalid EI Makkaoui and Abdellah Ezzati [6] is a well-established technology for delivering services over the Internet, but security and privacy are significant barriers to cloud service acceptance. ...
Cloud computing (CC) offers on-requirement access of the resources to perform cloud related activities and generates bill as per the use by customer. It minimizes both the cost and the complexity for service suppliers. CC is known to be the foundation of the IT world and becoming an essential part of the organizations. The growing adoption of cloud computing has several drawbacks for businesses. It includes data breaches, data leakage, attacks, unauthorized access. Cloud computing security risks are growing at an alarming rate. The service providers have very strict security policies and their implementation. This study aims to discuss different types of security threats at each service models of the cloud and their mitigation methods that provides a way to ameliorate the threats. To address the security issue separately for each cloud service, a derivative approach based on the spiral model is proposed in this research. The Spiral Model is a powerful tool for mitigating risks associated with each cloud service models. By following its four phases, the spiral model facilitates the constant identification and mitigation of security issues during the development of a cloud-based application. The proposed methodology can be used to guarantee cloud security by reducing vulnerabilities and security threats.
... Based on its capability of elastically delivering services, CC has given rise to various applications, such as data storage, big data analysis, E-commerce, and more, from centralized data centers strategically located across diverse regions globally. There are three main traditional types of CC models one new type of CC model [26]: The traditional ones are Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). Container as a Service emerges as a new cloud model aimed at dissociating applications from PaaS environment specifications. ...
Centralized clouds processing the large amount of data generated by Internet-of-Things (IoT) can lead to unacceptable latencies for the end user. Against this backdrop, Edge Computing (EC) is an emerging paradigm that can address the shortcomings of traditional centralized Cloud Computing (CC). Its use is associated with improved performance, productivity, and security. Some of its use cases include smart grids, healthcare Augmented Reality (AR)/Virtual Reality (VR). EC uses servers strategically placed near end users, reducing latency and proving to be particularly well-suited for time-sensitive IoT applications. It is expected to play a pivotal role in 6G and Industry 5.0. Within the IoT-edge environment, artificial intelligence (AI) plays an important role in automating decision and control, including but not limited to resource allocation activities, drawing inferences from large volumes of data, and enabling powerful security mechanisms. The use cases in the IoT-Edge-cloud environment tend to be complex resulting in large AI models, big datasets, and complex computations. This has led to researchers proposing techniques that partition data, tasks, models, or hybrid to achieve speed, efficiency, and accuracy of processing. This survey comprehensively explores the IoT-Edge-AI environment, application cases, and the partitioning techniques used. We categorize partitioning techniques and compare their performance. The survey concludes by identifying open research challenges in this domain.
... The performance of cloud services has also developed and reported to increase business over the years. However, the security of cloud computing has many challenges that yet have to be overcome [4], [5]. There are various types of services that are offered by cloud, these services include platform as a service (PaaS), infrastructure as a service (IaaS) and software as a service (SaaS). ...
span lang="EN-US"> Cloud computing is the most exploited research technology in both industry and academia due to wide application and increases in adoption from global organizations. In cloud, computing data storage is one of the primary resources offered through cloud computing, however, an increase in participants raises major security concerns, as the user has no hold over the data. Furthermore, recent research has shown great potential for efficient data sharing with multiple participants. Existing researches suggest complicated and inefficient cloud security architecture. Hence, this research work proposes identifiable data sharing for multiple users (IDSMU) mechanism, which aims to provide security for multiple users in a particular cloud group. A novel signature scheme is used for identifying the participants, further verification of the Novel Signature Scheme is proposed along with a retraction process where the secret keys of the participant and the sender is cross-verified; at last, a module is designed for the elimination of any malicious participants within the group. IDSMU is evaluated on computation count and efficiency is proved by comparing with an existing model considering computation count. IDSMU performs marginal improvisation over the existing model in comparison with the existing model using the novel signature scheme.
</span
... Insider threats are inevitable and pose threats, making it very dangerous for users to store their sensitive data in cloud storage directly. Public cloud computing environments pose access control regulation risks, which can compromise data [13]. Encryption methods, encryption key speci cations, and data protection measures can help address data con dentiality, authentication, and access control issues [66]. ...
... Data integrity ensures the correctness and consistency of data throughout its lifecycle, protecting it from unauthorized changes, deletions, and falsi cations [13][66]. Human errors, such as data entry mistakes and data duplication or loss, are common challenges [39][68]. ...
In the rapidly evolving realm of cloud computing, the surging adoption and its profound role in modern IT infrastructures necessitate a vigilant exploration of emerging security challenges and threats. While prior studies have categorized threats, the need for integrated solutions is evident, and an integrated study is evident, with only a limited few addressing this requirement and providing critical correlations among the factors influencing cloud computing security.
This paper conducts a state-of-the-art, in-depth exploration of multifaceted cloud security challenges, organized into a five-perspective taxonomy spanning cloud service models, architecture, networking, stakeholders, and data. It begins by contextualizing the rapid ascent of cloud computing within contemporary IT landscapes. This taxonomy offers a structured framework that dissects challenges and provides a roadmap for problem-solving. Extracting four critical variables from the five perspectives and 8 key metrics for security issues related to cloud service models, this review article bridges the gap between theory and practice, emphasizing the need for precision in navigating these complexities.
... There are several techniques, namely Cryptography, Attribute-Based Encryption (ABE), and Trust-oriented Secure Transmission Protocol (TSTP) to enhance the security in CC (Yang et al., 2020a) (Joshi et al., 2020). Amongst the above-mentioned techniques, cryptography ensures data confidentiality more securely by encryption and decryption (Alouffi et al., 2021). ...
For the distribution of computing services via servers, databases, data storage, and networking over the Internet, Cloud Computing (CC) is significant. Therefore, for protecting the data from security threats, data security is required for the cloud network. Yet, enhancing the data security of CC among shadow users has not been concentrated on by any work. Hence, in this article, data security is improved by preserving data from the shadow users utilizing Exponential Square Root Curve Cryptography (ESRCC) and Odd Mean Even Standard Deviation-Lifting Wavelet Transform (OMESD-LWT) techniques. Primarily, the Data Owner (DO) registers and logs into the system. Thereafter, by utilizing ESRCC, Linear Permutation-Skein Hashing Algorithm (LP-SHA), and Mid Square-based Merkle Tree (MS-MT), the data is securely shared on the InterPlanetary File System (IPFS). Afterward, the user logs in and selects the required file for retrieving it. Then, to forward requests to IPFS, the key and digital signatures are generated. Meanwhile, the DO enhances security by ciphering the MAC address utilizing Fishers Yates Transposition Cipher (FYTC) and sending it to IPFS. Then, from the IPFS, the data is decrypted utilizing ESRCC and watermarked the Media Access Control (MAC) address by employing the OMESD-LWT method. Subsequently, the user verifies the key and MAC address to download the data. The data will be accessible to the user if it is verified; otherwise, the IPFS denies the user's request. When compared with the conventional approaches, the proposed technique has enhanced performance. The proposed mechanism enhanced the Security Level (SL) to 98.92%. Also, the proposed system encrypts and decrypts the data within 1032ms and 1273ms, respectively.
... Big Data analytics has been of great importance as they have the capacity to offer both high speed and improved efficiency. Through the gathering of the information, running the analytics, and deciphering the data, Big Data analytics plays a vital role in the generation of effective data examination of large volumes [12][13][14][15]. For the integration of Big Data analytics into the business environment, the identification of new opportunities can be observed. ...
Big data is the collection of evidence which consists of extended types of information, and hence, is extremely complex in nature. Due to the fact that Big Data is complicated, the usage of traditional data analysis techniques cannot be taken into consideration. With the application of Big Data into the system, the capturing and the storage of data occur from the data sources. The quantity of the data which is generated and stored in the data servers for Big Data is humongous in nature and also differs from the traditional ones based on velocity and veracity. The investigation of the data along with the gaining of unprecedented insights can be enabled with the aid of Cloud computing. The article commences with a comprehensive overview of the Big Data landscape, delineating the characteristics and challenges associated with massive datasets. Subsequently, the role of cloud computing in mitigating these challenges is explored, encompassing Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) models. An in-depth analysis of various cloud computing platforms, including public, private, and hybrid clouds, is undertaken to elucidate their suitability for different Big Data scenarios. Furthermore, the article delves into the integration of Big Data processing frameworks, such as Apache Hadoop and Spark, with cloud computing environments. The advantages of elastic resource provisioning and parallel processing offered by cloud platforms are examined, along with the challenges associated with data transfer, security, and privacy in the cloud-based Big Data ecosystem. The research also entails a comparative evaluation of cloud-based Big Data analytics approaches, showcasing real-world case studies and applications across diverse domains. Big data is a technique that describes a data-driven organization; it's important to stay on top of the latest trends and patterns in order to make informed decisions. One of the best ways to do this is through the process of uncovering trends, patterns, and correlations in large amounts of raw data. By analyzing this data and understanding the correlations between different variables, we can make better decisions and improve our overall performance.
... One falls under the IaaS cloud type, whereas the other two stand for PaaS and SaaS clouds, respectively. Three groups of fundamental cloud components: Client computers used by users to access the cloud, Data centers are collections of servers, whereas scattered servers are dispersed over several sites but nevertheless function together [51]. ...
As a result of its many benefits, including cost-efficiency, speed, effectiveness, greater performance, and increased security, cloud computing has seen a boom in popularity in recent years. This trend has attracted both consumers and businesses. Being able to process and provide data or services in a quick and effective manner while adhering to low latency and time limits is the hallmark of an efficient distributed system that is designed particularly for real-time computing in cloud environments. It is essential to place a high priority on low latency and time sensitivity while developing and putting into action a distributed system for real-time computing in a cloud environment. In order to fulfil the particular requirements of the application or service, consideration must be given to a number of different aspects. In particular, the topic of load balancing will be discussed in this paper. It is possible to ensure a more effective distribution of workload and reduce latency by using load balancers, which distribute incoming traffic over many servers or instances. The throttled algorithm is believed to be the most efficient load balancing strategy for reducing service delivery delay in cloud computing. This research investigates a hybrid method known as Equally Spread Current Execution (ESCE), which is known for its combination with the throttled algorithm.
... Also, the management of service security for microservices, third-party tool and BIO Web of Conferences 97, 00019 (2024) https://doi.org/10.1051/bioconf/20249700019 ISCKU 2024 software oversight, application-level security, and the integration of security practices throughout the software development process These elements collectively establish a robust security posture in the cloud, ensuring the protection of data, applications, and resources [10]. ...
Cloud computing stands out as one of the fastest-growing technologies in the 21st century, offering enterprises opportunities to reduce costs, enhance scalability, and increase flexibility through rapid access to a shared pool of elastic computing resources. However, its security remains a significant challenge. As cloud networks grow in complexity and scale, the need for effective anomaly detection becomes crucial. Identifying anomalous behavior within cloud networks poses a challenge due to factors such as the voluminous data exchanged and the dynamic nature of underlying cloud infrastructures. Detecting anomalies helps prevent threats and maintain cloud operations. This literature review examines previous works in anomaly detection in the cloud that employ various strategies for anomaly detection, describes anomaly detection datasets, discusses the challenges of anomaly detection in cloud networks, and presents directions for future studies.
... Cloud computing enables businesses, individuals, and private and public organizations to reliably, affordably, and conveniently access various services and applications hosted and available on a pay-as-you-use design. Cloud computing models such as software as a service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS) offer a complete software cycle and advanced data storage and eradicate the need for in-house infrastructure and applications [1]. The evolution of cloud computing models to meet the fast-changing needs of diverse users has triggered a considerable increase in cloud security attacks and threats [2]. ...
... The attacks occur unseen exploitation of computing services and associated interfaces such as APIs. Figure 1 shows an instance of a denial-of-service (DDoS) attack on cloud-hosted virtual machines. The attacker, within or outside the organization, executes DDoS attacks by flooding the Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) traffic of the virtual machines [1]. Successful attacks compromise the security and privacy of cloud services and applications, including users. ...
Innovative companies rapidly deploy hybrid cloud computing to leverage highly scalable, flexible, and secure infrastructure, services, and applications. Hybrid cloud computing accelerates modern businesses by supporting innovation and faster development and deployment of cloud-hosted services and applications. Companies leverage innovative models such as Platform as a service, infrastructure as a service, and software to achieve strategic goals and objectives. However, despite the immense benefits, cloud computing is vulnerable to multiple cybersecurity threats and attacks. Distributing services and applications in a hybrid cloud computing environment requires secured and encrypted security solutions—the complex connection between various cloud infrastructures and varied configurations sophisticate data security in a cloud computing environment. The proposed security solution leverages a hybrid of cryptography and steganography to provide robust security and privacy of data in cloud computing. The algorithms and techniques combined include Rivest Sharmir Adelman, Advanced Encryption Standard, and Least Significant Bit. The security model designed and developed using design science research methodology adds an extra layer of security by integrating data backup and recovery mechanisms and best practices.
... Cloud service providers must ensure the confidentiality and integrity of customer data, and they employ various security measures to achieve this, including encryption, access controls, and security policies. However, the shared responsibility model in cloud security means that customers are responsible for securing their data and applications in the cloud (Alouffi et al., 2021). Additionally, access control is a fundamental aspect of data protection in the cloud. ...
The current surge in interconnected devices, which includes the Internet of Things (IoT) devices and the continually expanding cloud infrastructure, marks a new era of digital transformation and convenience. This transformative wave is reshaping industries, ushering in the age of smart cities, autonomous vehicles, and effortless remote collaboration. Yet, the growing complexity and reach of these technologies bring an accompanying increase in potential vulnerabilities and security risks. Thus, this study delves into the convergence of artificial intelligence (AI), cloud computing, and IoT security. It investigates how these state-of-the-art technologies can be leveraged to protect networks, data, and devices, presenting inventive solutions to address the ever-evolving threat landscape. Additionally, it sheds light on the challenges posed by AI-powered techniques and offers insights into future trends, making it a valuable resource for researchers, students, and cybersecurity professionals.
