A Survey of Security and Privacy Challenges in Cloud Computing: Solutions and Future Directions

While cloud computing is gaining popularity, diverse security and privacy issues are emerging that hinder the rapid adoption of this new computing paradigm. And the development of defensive solutions is lagging behind. To ensure a secure and trustworthy cloud environment it is essential to identify the limitations of existing solutions and envision directions for future research. In this paper, we have surveyed critical security and privacy challenges in cloud computing, categorized diverse existing solutions, compared their strengths and limitations, and envisioned future research directions.

[1]  Charalampos Papamanthou,et al.  Dynamic provable data possession , 2009, IACR Cryptology ePrint Archive.

[2]  George Danezis,et al.  Towards ensuring client-side computational integrity , 2011, CCSW '11.

[3]  Walid G. Aref,et al.  A Distributed Access Control Architecture for Cloud Computing , 2012, IEEE Software.

[4]  Athanasios V. Vasilakos,et al.  SecCloud: Bridging Secure Storage and Computation in Cloud , 2010, 2010 IEEE 30th International Conference on Distributed Computing Systems Workshops.

[5]  Cong Wang,et al.  Toward publicly auditable secure cloud data storage services , 2010, IEEE Network.

[6]  A. Behl,et al.  An analysis of cloud computing security issues , 2012, 2012 World Congress on Information and Communication Technologies.

[7]  Peter J. Varman,et al.  mClock: Handling Throughput Variability for Hypervisor IO Scheduling , 2010, OSDI.

[8]  François-Xavier Standaert,et al.  Introduction to Side-Channel Attacks , 2010, Secure Integrated Circuits and Systems.

[9]  Tran Dan Thu,et al.  Hierarchical multi-tenant pattern , 2014, 2014 International Conference on Computing, Management and Telecommunications (ComManTel).

[10]  Baldev Singh An Analysis of Cloud Computing Security Issues , 2016 .

[11]  Qiaoyan Wen,et al.  An authorization model for multi-tenancy services in cloud , 2012, 2012 IEEE 2nd International Conference on Cloud Computing and Intelligence Systems.

[12]  Sushil Jajodia,et al.  Over-encryption: Management of Access Control Evolution on Outsourced Data , 2007, VLDB.

[13]  Michael T. Goodrich,et al.  Implementation of an authenticated dictionary with skip lists and commutative hashing , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[14]  Sawan Kumar,et al.  Ensuring data storage security in Cloud Computing , 2009, 2009 17th International Workshop on Quality of Service.

[15]  Jungwoo Ryoo,et al.  Ensuring data confidentiality in cloud computing: an encryption and trust-based solution , 2014, 2014 23rd Wireless and Optical Communication Conference (WOCC).

[16]  J SivaSankar,et al.  Enabling Secure and Efficient Ranked Keyword Search over Outsourced Cloud Data , 2015 .

[17]  Min Zheng Virtualization Security in Data Centers and Clouds , 2011 .

[18]  Guiran Chang,et al.  Modeling and evaluation of trust in cloud computing environments , 2011, 2011 3rd International Conference on Advanced Computer Control.

[19]  Jie Xu,et al.  Enhancing Multi-tenancy Security in the Cloud IaaS Model over Public Deployment , 2013, 2013 IEEE Seventh International Symposium on Service-Oriented System Engineering.

[20]  Guiran Chang,et al.  A Trust Management Model to Enhance Security of Cloud Computing Environments , 2011, 2011 Second International Conference on Networking and Distributed Computing.

[21]  T. A. Parker,et al.  A secure European system for applications in a multi-vendor environment (the SESAME project) , 1993 .

[22]  Narn-Yih Lee,et al.  Hybrid Provable Data Possession at Untrusted Stores in Cloud Computing , 2011, 2011 IEEE 17th International Conference on Parallel and Distributed Systems.

[23]  B. Raja Sekhar,et al.  CP-ABE Based Encryption for Secured Cloud Storage Access , 2012 .

[24]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[25]  Aziz Mohaisen,et al.  A Private Walk in the Clouds: Using End-to-End Encryption between Cloud Applications in a Personal Domain , 2014, TrustBus.

[26]  Mojtaba Alizadeh,et al.  Trusted Computing Strengthens Cloud Authentication , 2014, TheScientificWorldJournal.

[27]  H. Howie Huang,et al.  Swiper: Exploiting Virtual Machine Vulnerability in Third-Party Clouds with Competition for I/O Resources , 2015, IEEE Transactions on Parallel and Distributed Systems.

[28]  R. Jithin,et al.  Virtual Machine Isolation - A Survey on the Security of Virtual Machines , 2014, SNDS.

[29]  Yang Gao,et al.  Secure cloud storage based on cryptographic techniques , 2012 .

[30]  Amit Sahai,et al.  Bounded Ciphertext Policy Attribute Based Encryption , 2008, ICALP.

[31]  Günther Pernul,et al.  Trust, Privacy and Security in Digital Business , 2012, Lecture Notes in Computer Science.

[32]  Jianmin Wang,et al.  A Watermark-Aware Trusted Running Environment for Software Clouds , 2010, 2010 Fifth Annual ChinaGrid Conference.

[33]  Jaspher W. Kathrine,et al.  Cloud Security Mechanisms for Data Protection: A Survey , 2014, MUE 2014.

[34]  Mark Anderson,et al.  Understanding the Complexity Surrounding Multitenancy in Cloud Computing , 2011, 2011 IEEE 8th International Conference on e-Business Engineering.

[35]  Hiroyuki Sato,et al.  A Cloud Trust Model in a Security Aware Cloud , 2010, 2010 10th IEEE/IPSJ International Symposium on Applications and the Internet.

[36]  HarrisTim,et al.  Xen and the art of virtualization , 2003 .

[37]  Markus Jakobsson,et al.  Controlling data in the cloud: outsourcing computation without outsourcing control , 2009, CCSW '09.

[38]  Benjamin Farley,et al.  Resource-freeing attacks: improve your cloud performance (at your neighbor's expense) , 2012, CCS.

[39]  Qing Tan,et al.  Multitenancy - Security Risks and Countermeasures , 2012, 2012 15th International Conference on Network-Based Information Systems.

[40]  Adi Shamir,et al.  Cache Attacks and Countermeasures: The Case of AES , 2006, CT-RSA.

[41]  Ian Lumb,et al.  A Taxonomy and Survey of Cloud Computing Systems , 2009, 2009 Fifth International Joint Conference on INC, IMS and IDC.

[42]  Dave Cliff,et al.  A financial brokerage model for cloud computing , 2011, Journal of Cloud Computing: Advances, Systems and Applications.

[43]  Ali Chehab,et al.  Hardware-Based Security for Ensuring Data Privacy in the Cloud , 2012 .

[44]  Ravi Pendse,et al.  Security in multi-tenancy cloud , 2010, 44th Annual 2010 IEEE International Carnahan Conference on Security Technology.

[45]  Ron Weber,et al.  EDP Auditing: Conceptual Foundations and Practice , 1988 .

[46]  Siani Pearson,et al.  Privacy, Security and Trust Issues Arising from Cloud Computing , 2010, 2010 IEEE Second International Conference on Cloud Computing Technology and Science.

[47]  Cong Wang,et al.  Dynamic Data Operations with Deduplication in Privacy-Preserving Public Auditing for Secure Cloud Storage , 2017, 22017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC).

[48]  Prakash Raj,et al.  Data Storage Security in Cloud , 2011 .

[49]  Miguel Rio,et al.  Tenant-ID: Tagging Tenant Assets in Cloud Environments , 2013, 2013 13th IEEE/ACM International Symposium on Cluster, Cloud, and Grid Computing.

[50]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[51]  Yang Yingjie,et al.  A New Dynamic Trust Approach for Cloud Computing , 2013, CloudCom 2013.

[52]  Aderemi A. Atayero,et al.  Security Issues in Cloud Computing: The Potentials of Homomorphic Encryption , 2011 .

[53]  Colin Percival CACHE MISSING FOR FUN AND PROFIT , 2005 .

[54]  Alessandro Sorniotti,et al.  Secure Logical Isolation for Multi-tenancy in cloud storage , 2013, 2013 IEEE 29th Symposium on Mass Storage Systems and Technologies (MSST).

[55]  Dan Page,et al.  Defending against cache-based side-channel attacks , 2003, Inf. Secur. Tech. Rep..

[56]  Paul England,et al.  Resource management for isolation enhanced cloud services , 2009, CCSW '09.

[57]  Cong Wang,et al.  Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing , 2009, ESORICS.

[58]  Yu Guo,et al.  A trusted computing environment model in cloud architecture , 2010, 2010 International Conference on Machine Learning and Cybernetics.

[59]  Said Gharout,et al.  Trusted Platform Module as an Enabler for Security in Cloud Computing , 2011, 2011 Conference on Network and Information Systems Security.

[60]  Rich Maggiani Cloud computing is changing how we communicate , 2009, 2009 IEEE International Professional Communication Conference.

[61]  Anoop Gupta,et al.  Performance isolation: sharing and isolation in shared-memory multiprocessors , 1998, ASPLOS VIII.

[62]  Anirban Sarkar,et al.  Trust Management Model for Cloud Computing Environment , 2013, SOCO 2013.

[63]  Albert G. Greenberg,et al.  Seawall: Performance Isolation for Cloud Datacenter Networks , 2010, HotCloud.

[64]  Cong Wang,et al.  Enabling Secure and Efficient Ranked Keyword Search over Outsourced Cloud Data , 2012, IEEE Transactions on Parallel and Distributed Systems.

[65]  Lin Yang,et al.  Virtualization Security Risks and Solutions of Cloud Computing via Divide-Conquer Strategy , 2011, 2011 Third International Conference on Multimedia Information Networking and Security.

[66]  Shin-Jer Yang,et al.  Design Role-Based Multi-tenancy Access Control Scheme for Cloud Services , 2013, 2013 International Symposium on Biometrics and Security Technologies.

[67]  Christof Momm,et al.  A Combined Workload Planning Approach for Multi-tenant Business Applications , 2011, 2011 IEEE 35th Annual Computer Software and Applications Conference Workshops.

[68]  Zhuolin Yang,et al.  Virtualization security for cloud computing service , 2011, 2011 International Conference on Cloud and Service Computing.

[69]  Max Mühlhäuser,et al.  Trust as a facilitator in cloud computing: a survey , 2012, Journal of Cloud Computing: Advances, Systems and Applications.

[70]  Dan Page,et al.  Partitioned Cache Architecture as a Side-Channel Defence Mechanism , 2005, IACR Cryptology ePrint Archive.

[71]  Hovav Shacham,et al.  Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds , 2009, CCS.

[72]  Dan Page,et al.  Theoretical Use of Cache Memory as a Cryptanalytic Side-Channel , 2002, IACR Cryptol. ePrint Arch..

[73]  Keramatollah Akbari,et al.  Numerical Simulation of Radon Transport and Indoor Air Conditions Effects , 2012 .

[74]  Sihan Qing,et al.  Multilateral Security Architecture for Virtualization platform in multi-tenancy cloud environment , 2013, IEEE Conference Anthology.

[75]  Chang Liu,et al.  A collaborative trust model of firewall-through based on Cloud Computing , 2010, The 2010 14th International Conference on Computer Supported Cooperative Work in Design.

[76]  Chuang Lin,et al.  Evaluation of user behavior trust in cloud computing , 2010, 2010 International Conference on Computer Application and System Modeling (ICCASM 2010).

[77]  Wayne Pauley,et al.  Cloud Provider Transparency: An Empirical Evaluation , 2010, IEEE Security & Privacy.

[78]  James E. Smith,et al.  Virtual private caches , 2007, ISCA '07.

[79]  Xiaolei Dong,et al.  Security and privacy for storage and computation in cloud computing , 2014, Inf. Sci..

[80]  Won-Taek Lim,et al.  Effective Management of DRAM Bandwidth in Multicore Processors , 2007, 16th International Conference on Parallel Architecture and Compilation Techniques (PACT 2007).

[81]  Miguel Correia,et al.  DepSky: Dependable and Secure Storage in a Cloud-of-Clouds , 2013, TOS.