A Review of Cloud Security Issues and Challenges

Anamika Agarwal; Satya Bhushan Verma; Bineet Kumar Gupta

doi:10.14201/adcaij.31459

A Review of Cloud Security Issues and Challenges

Anamika Agarwal

Department of Computer Science and Engineering, Shri Ramswaroop Memorial University, Barabanki, India, 225003 agrawal.anamika18[at]gmail.com
Satya Bhushan Verma

Department of Computer Science and Engineering, Shri Ramswaroop Memorial University, Barabanki, India, 225003
Bineet Kumar Gupta

Department of Computer Science and Engineering, Shri Ramswaroop Memorial University, Barabanki, India, 225003

Abstract

The advancement of information technology today depends on cloud computing. Every cloud consumer continues to search for the best services available, particularly in terms of security. The absence of uniform standards in the security architecture of the cloud, especially within the cloud computing community, has become an ongoing problem. Most cloud service providers automatically follow the best security practises and actively protect the operation of their systems. Enterprises are required to independently judge the security of their data, apps, and the cloud’s workload. The complexity of security concerns is increasing as the digital environment develops. Virtualization, multi-tenancy, security controls, rules, and risk profiling are all concepts in cloud security. DoS, service injection, user-to-root attacks, man-in-the-middle attacks, data loss leakage andloss, identity theft, and backdoor channel attacks are a few of the dangers associated with cloud computing. Cloud platforms, data outsourcing, data storage standardisation and security, data backup, and data recovery are all examples of cloud security services. Data storage, computation, untrusted computing, and virtualization security challenges are all a part of the cloud.

Referencias
Cómo citar
Del mismo autor
Métricas

Abbas, H., Maennel, O., & Assar, S. (2017). Security and privacy issues in cloud computing. Annals Of Telecommunications, 72(5–6), 233–235. https://doi.org/10.1007/s12243-017-0578-3

Ahmed, M., Litchfield, A. T. (2018). Taxonomy for identification of security issues in cloud computing environments. J Comput Inf Syst, 58(1), 79–88.

Bashir, S. F., & Haider, S. (2011, December) Security threats in cloud computing. Proceedings of the International Conference for Internet Technology and Secured Transactions, 214–219.

Fan, K., Mao, D., Lu, Z., Wu, J. (2013). OPS: Offline Patching Scheme for the Images Management in a Secure Cloud Environment. InServices Computing (SCC). 2013 IEEE International Conference on Services Computing. https://doi.org/10.1109/SCC.2013.57

Fernandes, D. A. B., Soares, L. F. B., Gomes, J. V., Freire, M. M., & Inácio, P. R. (2014). Security issues in cloud environments: a survey. Int J Inf Secur. 13(2):113–170. https://doi.org/10.1007/s10207-013-0208-7

Fotiou, N., Machas, A., Polyzos, G. C., & Xylomenos, G. (2015). Access control as a service for the Cloud. Journal Of Internet Services And Applications, 6(1). https://doi.org/10.1186/s13174-015-0026-4

Hubbard, D., & Sutton, M. (2010). Top threats to cloud computing v1.0. Cloud Security Alliance. IEEE International Conference on. Jun 28. IEEE. pp. 587–594.

Kalaichelvi, R., & Arockiam, L. (2015). EnBloAES: A Unified Framework to Preserve Confidentiality of Data in Public Cloud Storage. Indian Journal Of Science And Technology, 8(19). https://doi.org/10.17485/ijst/2015/v8i19/72272

Kaur, M., & Singh, H. (2015). A review of cloud computing security issues. Int J Adv Eng Technol, 8(3), 397–403.

Kavin Prabhu, B., Ganapathy, S., Kanimozhi, U., & Kannan, A. (2020). An Enhanced Security Framework for Secured Data Storage and Communications in Cloud Using ECC, Access Control and LDSA. Wireless Personal Communications, 115(2), 1107-1135.

Khalil, I., Khreishah, A., & Azeem, M. (2014). Cloud Computing Security: A survey. Computers, 3(1), 1–35. https://doi.org/10.3390/computers3010001

Kumar, P. R., Raj, P. H., & Jelciana, P. (2018). Exploring data security issues and solutions in cloud computing. Procedia Computer Science, 125, 691–697. https://doi.org/10.1016/j.procs.2017.12.089

Kumar, R., & Goyal, R. (2019). On cloud security requirements, threats, vulnerabilities and countermeasures: A survey. Computer Science Review, 33, 1–48. https://doi.org/10.1016/j.cosrev.2019.05.002

Lee, J. K., Moon, S. Y., & Park, J. H. (2016). CloudRPS: a cloud analysis based enhanced ransomware prevention system. The Journal Of Supercomputing, 73(7), 3065–3084. https://doi.org/10.1007/s11227-016-1825-5

Mell, P., & Grance, T. (2018). SP 800-145, The NIST Definition of cloud computing | CSRC (online) Csrc.nist.gov. Accessed 11 Dec 2018. http://csrc.nist.gov/publications/detail/sp/800-145/final

Naik, N., Jenkins, P., Savage, N., & Yang, L. (2019). Cyberthreat Hunting - Part 2: Tracking Ransomware Threat Actors using Fuzzy Hashing and Fuzzy C-Means Clustering. 2019 IEEE International Conference on Fuzzy Systems (FUZZ-IEEE), New Orleans, LA, USA, pp. 1–6. https://doi.org/10.1109/FUZZ-IEEE.2019.8858825

NIST (2011). The NIST Definition of Cloud Computing. Accessed September. http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf.

NortonLifeLock Norton Labs. https://www.nortonlifelock.com/blogs/norton-labs/july-2022-consumer-cyber-safety-pulse-report

Oracle.com (2018). The Oracle and KPMG Cloud Threat Report 2018 | Oracle (online). Accessed 11 Dec 2018. http://www.oracle.com/cloud/cloud-threat-report.html

Patil, R., Dudeja, H., & Modi, C. (2019). Designing in-VM-assisted lightweight agent-based malware detection framework for securing virtual machines in cloud computing. International Journal Of Information Security, 19(2), 147–162. https://doi.org/10.1007/s10207-019-00447-w

Pippal, S. K., & Kushwaha, D. S. (2013). A simple, adaptable and efficient heterogeneous multi-tenant database architecture for ad hoc cloud. Journal Of Cloud Computing, 2(1), 5. https://doi.org/10.1186/2192-113x-2-5

Román, R., López, J., & Mambo, M. (2018). Mobile edge computing, Fog et al.: A survey and analysis of security threats and challenges. Future Generation Computer Systems, 78, 680–698. https://doi.org/10.1016/j.future.2016.11.009

Ryan, M. (2013). Cloud computing security: The scientific challenge, and a survey of solutions. Journal Of Systems And Software, 86(9), 2263–2268. https://doi.org/10.1016/j.jss.2012.12.025

Sgandurra, D., & Lupu, E. (2016). Evolution of Attacks, Threat Models, and Solutions for Virtualized Systems. ACM Computing Surveys, 48(3), 1–38. https://doi.org/10.1145/2856126

Singh, A., & Chatterjee, K. (2017). Cloud security issues and challenges: A survey. Journal Of Network And Computer Applications, 79, 88–115. https://doi.org/10.1016/j.jnca.2016.11.027

Singh, S., Jeong. Y.-S., & Park, J. H. (2016) A survey on cloud computing security: Issues, threats, and solutions. Journal Of Network And Computer Applications, 75, 200–222. https://doi.org/10.1016/j.jnca.2016.09.002

Singh, J., Refaey, A., & Koilpillai, J. (2020). Adoption of the Software-Defined Perimeter (SDP) Architecture for Infrastructure as a Service. Canadian Journal Of Electrical And Computer Engineering, 43(4), 357–363. https://doi.org/10.1109/cjece.2020.3005316

Soofi, A. A., Khan, M., & Amin, F. (2014). Encryption Techniques for Cloud Data Confidentiality. International Journal Of Grid And Distributed Computing, 7(4), 11–20. https://doi.org/10.14257/ijgdc.2014.7.4.02

Subashini, S., & Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing. Journal Of Network And Computer Applications, 34(1), 1–11. https://doi.org/10.1016/j.jnca.2010.07.006

Subramanian, N., & Jeyaraj, A. (2018). Recent security challenges in cloud computing. Computers & Electrical Engineering, 71, 28–42. https://doi.org/10.1016/j.compeleceng.2018.06.006

Sumitra, B., Pethuru, C., & Misbahuddin, M. (2014). A survey of cloud authentication attacks and solution approaches. Int J Innov Res ComputCommun Eng, 2(10), 6245–6253.

Sun, P. (2020). Security and privacy protection in cloud computing: Discussions and challenges. Journal Of Network And Computer Applications, 160, 102642. https://doi.org/10.1016/j.jnca.2020.102642

Suthar, K., & Patel, J. D. (2017). EncryScation: An Secure Approach for Data Security Using Encryption and Obfuscation Techniques for IaaS and DaaS Services in Cloud Environment. En Advances in intelligent systems and computing (pp. 323–331). Springer, Singapore. https://doi.org/10.1007/978-981-10-2750-5_34

Tabrizchi, H., & Kuchaki, Rafsanjani, M. (2020). A survey on security challenges in cloud computing: issues, threats, and solutions. The Journal of Supercomputing, 76(12), pp.9493–9532. https://doi.org/10.1007/s11227-020-03213-1

Wang, C., Wang, Q., Ren, K., & Lou, W. (2010, Mar). Privacy-preserving public auditing for data storage security in cloud computing. 2010 Proceedings IEEE INFOCOM. https://doi.org/10.1109/INFCOM.2010.5462173

Wilson, R., & Iftimie, I. (2021). Emerging ransomeware threats: An anticipatory ethical anaylsis. 2021 IEEE International Symposium on Technology and Society (ISTAS), Waterloo, ON, Canada, pp. 1–1. https://doi.org/10.1109/ISTAS52410.2021.9629211

Xu, X. (2012). From cloud computing to cloud manufacturing. Robotics And Computer-Integrated Manufacturing, 28(1), 75–86. https://doi.org/10.1016/j.rcim.2011.07.002

Yu, S., Wang, C., Ren, K., & Lou, W. (2010, Mar). Achieving secure, scalable, and fine-grained data access control in cloud computing. 2010 Proceedings IEEE INFOCOM. https://doi.org/10.1109/INFCOM.2010.5462174

Zhang, Y., Chen, X., Li, J., Wong, D. S., Li, H., & You, I. (2017). Ensuring attribute privacy protection and fast decryption for outsourced data security in mobile cloud computing. Information Sciences, 379, 42–61. https://doi.org/10.1016/j.ins.2016.04.015

Agarwal, A., Verma, S. B., & Gupta, B. K. (2023). A Review of Cloud Security Issues and Challenges. ADCAIJ: Advances in Distributed Computing and Artificial Intelligence Journal, 12(1), e31459. https://doi.org/10.14201/adcaij.31459