Security Threats and Existing Solutions on Cloud Computing

  • Authors

    • Faisal Shahzad
    • Roshidi Din
    • Osman Ghazali
    2018-11-27
    https://doi.org/10.14419/ijet.v7i4.19.22034
  • Cloud computing, Data breach, Data privacy, Data confidentiality, Cloud security,

  • Cloud computing as the greatest evolution of distributed computing, gets benefitted from the technology advancement due to its data versatility and economies of scale. Cloud computing aims to offer flexible services that can minimize the customer's need for investing in new hardware and software. However, the rapid extension of cloud computing raises some concerns regarding security and privacy of data that appears to be an inhibitor in the adoption of cloud services. It is, therefore, necessary to address these issues and their existing solutions. For this purpose, the present study is engrossed in the security threats to data that have been listed as the top threats in the previous years. Mainly, this study provides a review of top threats to cloud security and the solutions based on different models, frameworks, and algorithms to ensure data security in a cloud environment. The significance of this paper is twofold as it provides an overview of security threats as well as it explores the existing solutions to the problem in data security in cloud computing. The outcomes of this study presented that there is still a need for accurate mechanism or technique that can minimize the security threats faced in cloud computing.

     

     

     

  • References

    1. [1] P. M. Mell and T. Grance, “The NIST definition of cloud computing,†Gaithersburg, MD, 2011.

      [2] M. Armbrust et al., “A view of cloud computing,†Commun. ACM, vol. 53, no. 4, p. 50, Apr. 2010.

      [3] S. Subashini and V. Kavitha, “A survey on security issues in service delivery models of cloud computing,†J. Netw. Comput. Appl., vol. 34, no. 1, pp. 1–11, Jan. 2011.

      [4] Z. Xiao and Y. Xiao, “Security and Privacy in Cloud Computing,†IEEE Commun. Surv. Tutorials, vol. 15, no. 2, pp. 843–859, 2013.

      [5] D. A. B. Fernandes, L. F. B. Soares, J. V. Gomes, M. M. Freire, and P. R. M. Inácio, “Security issues in cloud environments: a survey,†Int. J. Inf. Secur., vol. 13, no. 2, pp. 113–170, Apr. 2014.

      [6] A. Sarwar and M. N. Khan, “A Review of Trust Aspects in Cloud Computing Security,†Int. J. Cloud Comput. Serv. Sci. , vol. 2, no. 2, pp. 116–122, 2013.

      [7] A. Kumar, “World of Cloud Computing & Security,†Int. J. Cloud Comput. Serv. Sci. , vol. 1, no. 2, pp. 53–58, 2012.

      [8] D. Gaurav Pal, R. Krishna, P. Srivastava, S. Kumar, M. Bag, and V. Singh, “A Novel Open Security Framework for Cloud Computing,†Int. J. Cloud Comput. Serv. Sci., vol. 1, no. 2, pp. 42–52, 2012.

      [9] A. Behl, “Emerging security challenges in cloud computing: An insight to cloud security challenges and their mitigation,†in 2011 World Congress on Information and Communication Technologies, 2011, pp. 217–222.

      [10] C. M. Revoredo da Silva, J. L. Costa da Silva, R. B. Rodrigues, G. M. Medeiros Campos, L. Marques do Nascimento, and V. Cardoso Garcia, “Security Threats in Cloud Computing Models: Domains and Proposals,†in 2013 IEEE Sixth International Conference on Cloud Computing, 2013, pp. 383–389.

      [11] M. Irfan, M. Usman, Y. Zhuang, and S. Fong, “A Critical Review of Security Threats in Cloud Computing,†in 2015 3rd International Symposium on Computational and Business Intelligence (ISCBI), 2015, pp. 105–111.

      [12] H. Eken, “Security threats and solutions in cloud computing,†in World Congress on Internet Security (WorldCIS-2013), 2013, pp. 139–143.

      [13] G. Kulkarni, J. Gambhir, T. Patil, and A. Dongare, “A security aspects in cloud computing,†in 2012 IEEE International Conference on Computer Science and Automation Engineering, 2012, pp. 547–550.

      [14] M. Sugumaran, B. B. Murugan, and D. Kamalraj, “An Architecture for Data Security in Cloud Computing,†in 2014 World Congress on Computing and Communication Technologies, 2014, pp. 252–255.

      [15] A. Ghorbel, M. Ghorbel, and M. Jmaiel, “Privacy in cloud computing environments: a survey and research challenges,†J. Supercomput., vol. 73, no. 6, pp. 2763–2800, Jun. 2017.

      [16] R. Bhadauria and S. Sanyal, “Survey on Security Issues in Cloud Computing and Associated Mitigation Techniques,†Cryptogr. Secur., Apr. 2012.

      [17] Cloud Security Alliance, “Top Threats to Cloud Computing V1.0,†Cloud Security Alliance., 2010. [Online]. Available: http://www.cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf.

      [18] Cloud Security Alliance, “Security guidance for critical areas of focus in cloud computing v3.0,†2011.

      [19] Cloud Security Alliance, “The Notorious Nine. Cloud Computing Top Threats in 2013,†Security, 2013. [Online]. Available: http://www.cloudsecurityalliance.org/topthreats.%5Cnhttp://www.cloudsecurityalliance.org.

      [20] Cloud Security Alliance, “The Treacherous 12 Cloud Computing Top Threats in 2016,†Security, no. February, pp. 1–34, 2016.

      [21] R. Barona and E. A. M. Anita, “A survey on data breach challenges in cloud computing security: Issues and threats,†in 2017 International Conference on Circuit ,Power and Computing Technologies (ICCPCT), 2017, pp. 1–8.

      [22] “The STRIDE Threat Model,†2011. [Online]. Available: https://msdn.microsoft.com/en-us/library/ee823878(v=cs.20).aspx. [Accessed: 18-May-2018].

      [23] W. A. Jansen and W. A., “Cloud Hooks: Security and Privacy Issues in Cloud Computing,†in 2011 44th Hawaii International Conference on System Sciences, 2011, pp. 1–10.

      [24] D. Jeong-Min, S. You-Jin, and P. Namje, “Attribute Based Proxy Re-encryption for Data Confidentiality in Cloud Computing Environments,†in 2011 First ACIS/JNU International Conference on Computers, Networks, Systems and Industrial Engineering, 2011, pp. 248–251.

      [25] M. G. Jaatun, A. A. Nyre, S. Alapnes, and G. Zhao, “A farewell to trust: An approach to confidentiality control in the Cloud,†in 2011 2nd International Conference on Wireless Communication, Vehicular Technology, Information Theory and Aerospace & Electronic Systems Technology (Wireless VITAE), 2011, pp. 1–5.

      [26] P. Prasad, B. Ojha, R. R. Shahi, R. Lal, A. Vaish, and U. Goel, “3 dimensional security in cloud computing,†in 2011 3rd International Conference on Computer Research and Development, 2011, pp. 198–201.

      [27] Feng-qing Zhang and Dian-Yuan Han, “Applying agents to the data security in cloud computing,†in 2012 International Conference on Computer Science and Information Processing (CSIP), 2012, pp. 1126–1128.

      [28] A. Kumar, B. G. Lee, H. Lee, and A. Kumari, “Secure storage and access of data in cloud computing,†in 2012 International Conference on ICT Convergence (ICTC), 2012, pp. 336–339.

      [29] D. N. El-khameesy, D. N. El-khameesy, and H. A. Rahman, “A Proposed Model for Enhancing Data Storage Security in Cloud Computing Systems,†J. Emerg. TRENDS Comput. Inf. Sci. Vol. 3, ISSUE 6, pp. 970--974, 2012.

      [30] D. Chandramohan, T. Vengattaraman, D. Rajaguru, R. Baskaran, and P. Dhavachelvan, “A privacy breach preventing and mitigation methodology for cloud service data storage,†in 2013 3rd IEEE International Advance Computing Conference (IACC), 2013, pp. 83–88.

      [31] I. Uegebe and U. Omenka, Building trust and confidentiality in cloud computing distributed data storage, vol. 6, no. 1. Olliverson Industrial Publishing House, 2013.

      [32] D. Chandramohan, T. Vengattaraman, D. Rajaguru, R. Baskaran, and P. Dhavachelvan, “A novel framework to prevent privacy breach in cloud data storage area service,†in 2013 International Conference on Green High Performance Computing (ICGHPC), 2013, pp. 1–4.

      [33] L. Arockiam, S. Monikandan, and P. D. Sheba K Malarchelvi, “Obfuscrypt: A Novel Confidentiality Technique for Cloud Storage,†Int. J. Comput. Appl., vol. 88, no. 1, pp. 17–21, Feb. 2014.

      [34] N. P. Doe and Suganya V., “Secure service to prevent data breaches in cloud,†in 2014 International Conference on Computer Communication and Informatics, 2014, pp. 1–6.

      [35] M. R. Gawande and A. S. Kapse, “Analysis of Data Confidentiality Techniques in Cloud Computing,†Int. J. Comput. Sci. Mob. Comput., vol. 3, no. 3, pp. 169–175, 2014.

      [36] V. Chang and M. Ramachandran, “Towards Achieving Data Security with the Cloud Computing Adoption Framework,†IEEE Trans. Serv. Comput., vol. 9, no. 1, pp. 138–151, Jan. 2016.

      [37] A. M. Algarni and Y. K. Malaiya, “A consolidated approach for estimation of data security breach costs,†in 2016 2nd International Conference on Information Management (ICIM), 2016, pp. 26–39.

      [38] J. Mahalakshmi and K. Kuppusamy, “‘Security-as-a-Service’ for files in cloud computing — A novel application model,†in 2016 10th International Conference on Intelligent Systems and Control (ISCO), 2016, pp. 1–5.

      [39] A. Tchernykh, U. Schwiegelsohn, E. Talbi, and M. Babenko, “Towards understanding uncertainty in cloud computing with risks of confidentiality, integrity, and availability,†J. Comput. Sci., Nov. 2016.

      [40] M. L. Huson and B. Hewitt, “Would Increased Regulation Reduce the Number of Information Breaches?,†in 2016 49th Hawaii International Conference on System Sciences (HICSS), 2016, pp. 2633–2641.

      [41] Y. Verginadis, A. Michalas, P. Gouvas, G. Schiefer, G. Hübsch, and I. Paraskakis, “PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud Services,†J. Grid Comput., vol. 15, no. 2, pp. 219–234, Jun. 2017.

      [42] N. Mishra, T. K. Sharma, V. Sharma, and V. Vimal, “Secure Framework for Data Security in Cloud Computing,†Springer, Singapore, 2018, pp. 61–71.

  • Downloads

  • How to Cite

    Shahzad, F., Din, R., & Ghazali, O. (2018). Security Threats and Existing Solutions on Cloud Computing. International Journal of Engineering & Technology, 7(4.19), 127-133. https://doi.org/10.14419/ijet.v7i4.19.22034