Security and Privacy Challenges in Cloud Computing

Cloud computing plays a crucial role in supporting the virtualization synergy as there is a large-scale demand among users in adopting cloud solutions. However, preserving the security of storage while maintaining users’ privacy brings new challenges in protecting cloud computing from illegal access and shared network environment. Thus, Risk-Adaptable Access Control (RAdAC) is known within privacy-preserving perspective as a flexible prospect in managing exceptional access request and reacting to suspicious user. However, most of the previous work on the cloud security focused on storage security rather than anonymity of user nor identity. This paper explores the fundamental concept of cloud computing architecture and identifies the security requirements in cloud. In this work, the prerequisite elements in RAdAC framework has been discussed precisely and ambiguity factor is found in protecting privacy of user. Thus, we proposed the viable two-factor authentication scheme in RAdAC for future road ahead in cloud industry.

[1]  Milagros Castillo-Montoya Preparing for Interview Research: The Interview Protocol Refinement Framework , 2016 .

[2]  Xiaolei Dong,et al.  Security and privacy for storage and computation in cloud computing , 2014, Inf. Sci..

[3]  Abdullah Gani,et al.  Cloud Adoption in Malaysia: Trends, Opportunities, and Challenges , 2015, IEEE Cloud Computing.

[4]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[5]  C NischithaK,et al.  Security Issues in Cloud Computing , 2018 .

[6]  Farrukh Shahzad,et al.  State-of-the-art Survey on Cloud Computing Security Challenges, Approaches and Solutions , 2014, EUSPN/ICTH.

[7]  V. Kavitha,et al.  A survey on security issues in service delivery models of cloud computing , 2011, J. Netw. Comput. Appl..

[8]  Galoh Rashidah Haron,et al.  Context-aware analysis for adaptive unified authentication platform , 2015 .

[9]  Dimitrios Zissis,et al.  Addressing cloud computing security issues , 2012, Future Gener. Comput. Syst..

[10]  Adil Al-Yasiri,et al.  Identifying Cloud Security Threats to Strengthen Cloud Computing Adoption Framework , 2016, FNC/MobiSPC.

[11]  Elisa Bertino,et al.  Towards privacy preserving access control in the cloud , 2011, 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom).

[12]  Madjid Merabti,et al.  An access control model for cloud computing , 2014, J. Inf. Secur. Appl..

[13]  Carla Merkle Westphall,et al.  A framework and risk assessment approaches for risk-based access control in the cloud , 2016, J. Netw. Comput. Appl..

[14]  Baldur Kubo,et al.  Secure Data Sharing and Processing in Heterogeneous Clouds , 2015, Cloud Forward.

[15]  Imran Memon,et al.  Enhanced Privacy and Authentication: An Efficient and Secure Anonymous Communication for Location Based Service Using Asymmetric Cryptography Scheme , 2015, Wirel. Pers. Commun..

[16]  G. Murali,et al.  Security Issues in Service Model of Cloud Computing Environment , 2016 .

[17]  Gail-Joon Ahn,et al.  Security and Privacy Challenges in Cloud Computing Environments , 2010, IEEE Security & Privacy.

[18]  Mark Ryan,et al.  Cloud computing security: The scientific challenge, and a survey of solutions , 2013, J. Syst. Softw..

[19]  Athanasios V. Vasilakos,et al.  A Survey of Security and Privacy Challenges in Cloud Computing: Solutions and Future Directions , 2015, J. Comput. Sci. Eng..