A survey on security challenges in cloud computing: issues, threats, and solutions

Cloud computing has gained huge attention over the past decades because of continuously increasing demands. There are several advantages to organizations moving toward cloud-based data storage solutions. These include simplified IT infrastructure and management, remote access from effectively anywhere in the world with a stable Internet connection and the cost efficiencies that cloud computing can bring. The associated security and privacy challenges in cloud require further exploration. Researchers from academia, industry, and standards organizations have provided potential solutions to these challenges in the previously published studies. The narrative review presented in this survey provides cloud security issues and requirements, identified threats, and known vulnerabilities. In fact, this work aims to analyze the different components of cloud computing as well as present security and privacy problems that these systems face. Moreover, this work presents new classification of recent security solutions that exist in this area. Additionally, this survey introduced various types of security threats which are threatening cloud computing services and also discussed open issues and propose future directions. This paper will focus and explore a detailed knowledge about the security challenges that are faced by cloud entities such as cloud service provider, the data owner, and cloud user.

[1]  Sandesh Rai,et al.  A Survey on Detection and Mitigation of Distributed Denial-of-Service Attack in Named Data Networking , 2019 .

[2]  Seema Bawa,et al.  Scalable Metadata Management Techniques for Ultra-Large Distributed Storage Systems -- A Systematic Review , 2018, ACM Comput. Surv..

[3]  ChooKim-Kwang Raymond,et al.  Web application protection techniques , 2016 .

[4]  Mohamed Sarrab,et al.  Mobile cloud computing: advantage, disadvantage and open challenge , 2014, EATIS '14.

[5]  Brent Byunghoon Kang,et al.  Rosemary: A Robust, Secure, and High-performance Network Operating System , 2014, CCS.

[6]  Alan T. Litchfield,et al.  Taxonomy for Identification of Security Issues in Cloud Computing Environments , 2018, J. Comput. Inf. Syst..

[7]  Yuan Zhang,et al.  An Empirical Study of Web Resource Manipulation in Real-world Mobile Applications , 2018, USENIX Security Symposium.

[8]  Vidhyacharan Bhaskar,et al.  Identity and access management in cloud environment: Mechanisms and challenges , 2018 .

[9]  Mohammed Samaka,et al.  Optimal virtual network function placement in multi-cloud service function chaining architecture , 2017, Comput. Commun..

[10]  Shahidul Islam Khan,et al.  Privacy and security problems of national health data warehouse: a convenient solution for developing countries , 2016, 2016 International Conference on Networking Systems and Security (NSysS).

[11]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[12]  Srijita Basu,et al.  Cloud computing security challenges & solutions-A survey , 2018, 2018 IEEE 8th Annual Computing and Communication Workshop and Conference (CCWC).

[13]  Rodrigo Roman,et al.  Mobile Edge Computing, Fog et al.: A Survey and Analysis of Security Threats and Challenges , 2016, Future Gener. Comput. Syst..

[14]  Cheng-Yuan Ku,et al.  A Novel Infrastructure for Data Sanitization in Cloud Computing (Research Paper) , 2013 .

[15]  V. Kavitha,et al.  A survey on security issues in service delivery models of cloud computing , 2011, J. Netw. Comput. Appl..

[16]  Ganesh Chandra Deka,et al.  Application of Virtualization Technology in IaaS Cloud Deployment Model , 2018 .

[17]  Riccardo Scandariato,et al.  Two Architectural Threat Analysis Techniques Compared , 2018, ECSA.

[18]  Marin Litoiu,et al.  IP Spoofing In and Out of the Public Cloud: From Policy to Practice , 2019, Comput..

[19]  Dharmender Singh Kushwaha,et al.  A simple, adaptable and efficient heterogeneous multi-tenant database architecture for ad hoc cloud , 2012, Journal of Cloud Computing: Advances, Systems and Applications.

[20]  Sukhwinder Singh,et al.  Mobile Cloud Computing , 2014 .

[21]  Mohsin Iftikhar,et al.  A Comprehensive Survey on Security in Cloud Computing , 2017, FNC/MobiSPC.

[22]  Sugata Sanyal,et al.  A Survey on Security Issues in Cloud Computing , 2011, 1109.5388.

[23]  Issa M. Khalil,et al.  Consolidated Identity Management System for secure mobile cloud computing , 2014, Comput. Networks.

[24]  Nikos Fotiou,et al.  Access control as a service for the Cloud , 2015, Journal of Internet Services and Applications.

[25]  Herbert Bos,et al.  Research in Attacks, Intrusions, and Defenses , 2015, Lecture Notes in Computer Science.

[26]  Maaz Bin Ahmad,et al.  Implementation of Insider Threat Detection System Using Honeypot Based Sensors and Threat Analytics , 2019 .

[27]  Morey J. Haber,et al.  Asset Attack Vectors , 2018, Apress.

[28]  VaradharajanVijay,et al.  Intrusion detection techniques in cloud environment , 2017 .

[29]  Minhaj Ahmad Khan,et al.  A survey of security issues for cloud computing , 2016, J. Netw. Comput. Appl..

[30]  ChooKim-Kwang Raymond,et al.  Distributed denial of service (DDoS) resilience in cloud , 2016 .

[31]  Joel J. P. C. Rodrigues,et al.  A comprehensive survey on network anomaly detection , 2018, Telecommunication Systems.

[32]  Kim-Kwang Raymond Choo,et al.  On cloud security attacks: A taxonomy and intrusion detection and prevention as a service , 2016, J. Netw. Comput. Appl..

[33]  Kim-Kwang Raymond Choo,et al.  Distributed denial of service (DDoS) resilience in cloud: Review and conceptual cloud DDoS mitigation framework , 2016, J. Netw. Comput. Appl..

[34]  R. Sangeetha Detection of malicious code in user mode , 2013, 2013 International Conference on Information Communication and Embedded Systems (ICICES).

[35]  Young B. Moon,et al.  Taxonomy of Cross-Domain Attacks on CyberManufacturing System , 2017 .

[36]  Steven Furnell,et al.  Continuous user authentication using multi-modal biometrics , 2015, Comput. Secur..

[37]  Young-Sik Jeong,et al.  A survey on cloud computing security: Issues, threats, and solutions , 2016, J. Netw. Comput. Appl..

[38]  Yang Liu,et al.  Collaborative Security , 2015, ACM Comput. Surv..

[39]  G. P. Biswas,et al.  Confidentiality and Storage of Data in Cloud Environment , 2016, FICTA.

[40]  Andrews Jeyaraj,et al.  Recent security challenges in cloud computing , 2018, Comput. Electr. Eng..

[41]  Rajkumar Buyya,et al.  Ensuring Security and Privacy Preservation for Cloud Data Services , 2016, ACM Comput. Surv..

[42]  ContiMauro,et al.  DDoS attacks in cloud computing , 2016 .

[43]  John Wroclawski,et al.  Authorization and Access Control: ABAC , 2016, The GENI Book.

[44]  ParkJong Hyuk,et al.  A survey on cloud computing security , 2016 .

[45]  Rachid Sammouda,et al.  Anti-spoofing cloud-based multi-spectral biometric identification system for enterprise security and privacy-preservation , 2019, J. Parallel Distributed Comput..

[46]  Mark Ryan,et al.  Cloud computing security: The scientific challenge, and a survey of solutions , 2013, J. Syst. Softw..

[47]  Jin B. Hong,et al.  Systematic identification of threats in the cloud: A survey , 2019, Comput. Networks.

[48]  Yuto Lim,et al.  A survey on Proof of Retrievability for cloud data integrity and availability: Cloud storage state-of-the-art, issues, solutions and future trends , 2018, J. Netw. Comput. Appl..

[49]  Jingsha He,et al.  Survey of access control models and technologies for cloud computing , 2018, Cluster Computing.

[50]  M. Rizwan,et al.  A Delay-Based Countermeasure Against the Discovery of Default Rules in Firewalls , 2016, Arabian Journal for Science and Engineering.

[51]  Manoj Singh Gaur,et al.  DDoS attacks in cloud computing: Issues, taxonomy, and future directions , 2015, Comput. Commun..

[52]  Daniele Sgandurra,et al.  Evolution of Attacks, Threat Models, and Solutions for Virtualized Systems , 2016, ACM Comput. Surv..

[53]  Hao Han,et al.  Attack Mitigation by Data Structure Randomization , 2016, FPS.

[54]  Nitesh Kumar,et al.  Automated Classification of Web-Application Attacks for Intrusion Detection , 2019, SPACE.

[55]  Sajjad Haider,et al.  Security threats in cloud computing , 2011, 2011 International Conference for Internet Technology and Secured Transactions.

[56]  Xiangke Liao,et al.  Resource stealing: a resource multiplexing method for mix workloads in cloud system , 2015, The Journal of Supercomputing.

[57]  Manoj Singh Gaur,et al.  DDoS attacks in cloud computing: Issues, taxonomy, and future directions , 2017, Comput. Commun..

[58]  Luigi Coppolino,et al.  Cloud security: Emerging threats and current solutions , 2017, Comput. Electr. Eng..

[59]  Bazara I. A. Barry,et al.  The Analysis of MATE Attack in SDN Based on STRIDE Model , 2018, EIDWT.

[60]  Lior Rokach,et al.  SFEM: Structural feature extraction methodology for the detection of malicious office documents using machine learning methods , 2016, Expert Syst. Appl..

[61]  Cong Wang,et al.  Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[62]  Mário M. Freire,et al.  Security issues in cloud environments: a survey , 2014, International Journal of Information Security.

[63]  P. Herbert Raj,et al.  Exploring Data Security Issues and Solutions in Cloud Computing , 2018 .

[64]  R. Michael Buehrer,et al.  A communications jamming taxonomy , 2016, IEEE Security & Privacy.

[65]  D RyanMark Cloud computing security , 2013 .

[66]  Philip S. Yu,et al.  Data mining for path traversal patterns in a web environment , 1996, Proceedings of 16th International Conference on Distributed Computing Systems.

[67]  Issa M. Khalil,et al.  Cloud Computing Security: A Survey , 2014, Comput..

[68]  Jin Li,et al.  Ensuring attribute privacy protection and fast decryption for outsourced data security in mobile cloud computing , 2017, Inf. Sci..

[69]  Jaydip Sen,et al.  Security and Privacy Issues in Cloud Computing , 2013, ArXiv.

[70]  Kim-Kwang Raymond Choo,et al.  Web application protection techniques: A taxonomy , 2016, J. Netw. Comput. Appl..

[71]  Manpreet Kaur,et al.  A Review of Cloud Computing Security Issues , 2015 .

[72]  B.Sumitra,et al.  A Survey of Cloud Authentication Attacks andSolution Approaches , 2014 .

[73]  Christoph Meinel,et al.  Holistic Strategy-Based Threat Model for Organizations , 2019, ANT/EDI40.

[74]  Vijay Varadharajan,et al.  Intrusion detection techniques in cloud environment: A survey , 2017, J. Netw. Comput. Appl..

[75]  Timothy W. Finin,et al.  Attribute Based Encryption for Secure Access to Cloud Based EHR Systems , 2018, 2018 IEEE 11th International Conference on Cloud Computing (CLOUD).

[76]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[77]  Miroslav Popovic,et al.  A practical approach to detection of distributed denial-of-service attacks using a hybrid detection method , 2018, Comput. Electr. Eng..

[78]  M. Swathy Akshaya,et al.  Taxonomy of Security Attacks and Risk Assessment of Cloud Computing , 2018, Advances in Intelligent Systems and Computing.

[79]  Wiem Tounsi,et al.  A survey on technical threat intelligence in the age of sophisticated cyber attacks , 2018, Comput. Secur..

[80]  Izzat Alsmadi,et al.  The NICE Cyber Security Framework , 2019 .

[81]  Bo Li,et al.  ShadowMonitor: An Effective In-VM Monitoring Framework with Hardware-Enforced Isolation , 2018, RAID.

[82]  Mohamed Azab,et al.  Survey on Security Issues in Vehicular Ad Hoc Networks , 2015 .

[83]  K. Murugan,et al.  Efficient Anomaly Intrusion Detection Using Hybrid Probabilistic Techniques in Wireless Ad Hoc Network , 2018, Int. J. Netw. Secur..

[84]  Ming Li,et al.  Secure Device Bootstrapping Without Secrets Resistant to Signal Manipulation Attacks , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[85]  GaniAbdullah,et al.  The rise of "big data" on cloud computing , 2015 .

[86]  Thar Baker,et al.  Security threats to critical infrastructure: the human factor , 2018, The Journal of Supercomputing.

[87]  Xun Xu,et al.  From cloud computing to cloud manufacturing , 2012 .

[88]  Susan V. Vrbsky,et al.  Transaction management with tree-based consistency in cloud databases , 2017, Int. J. Cloud Comput..

[89]  Yu-ichi Hayashi,et al.  Buffer overflow attack with multiple fault injection and a proven countermeasure , 2017, Journal of Cryptographic Engineering.

[90]  S Prathima,et al.  MOBILE CLOUD COMPUTING , 2018 .

[91]  Burak Kantarci,et al.  Cloud-centric multi-level authentication as a service for secure public safety device networks , 2016, IEEE Communications Magazine.

[92]  N. B. Anuar,et al.  The rise of "big data" on cloud computing: Review and open research issues , 2015, Inf. Syst..

[93]  P. Mell,et al.  SP 800-145. The NIST Definition of Cloud Computing , 2011 .

[94]  Vladimir Stantchev,et al.  Governance of Cloud Computing Services for the Life Sciences , 2014, IT Professional.