Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
Springer Nature Link
Log in

A survey on security challenges in cloud computing: issues, threats, and solutions

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Cloud computing has gained huge attention over the past decades because of continuously increasing demands. There are several advantages to organizations moving toward cloud-based data storage solutions. These include simplified IT infrastructure and management, remote access from effectively anywhere in the world with a stable Internet connection and the cost efficiencies that cloud computing can bring. The associated security and privacy challenges in cloud require further exploration. Researchers from academia, industry, and standards organizations have provided potential solutions to these challenges in the previously published studies. The narrative review presented in this survey provides cloud security issues and requirements, identified threats, and known vulnerabilities. In fact, this work aims to analyze the different components of cloud computing as well as present security and privacy problems that these systems face. Moreover, this work presents new classification of recent security solutions that exist in this area. Additionally, this survey introduced various types of security threats which are threatening cloud computing services and also discussed open issues and propose future directions. This paper will focus and explore a detailed knowledge about the security challenges that are faced by cloud entities such as cloud service provider, the data owner, and cloud user.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

References

  1. Subramanian N, Jeyaraj A (2018) Recent security challenges in cloud computing. Comput Electr Eng 71:28–42

    Google Scholar 

  2. Mell P, Grance T (2018) SP 800-145, The NIST Definition of cloud computing | CSRC (online) Csrc.nist.gov. https://csrc.nist.gov/publications/detail/sp/800-145/final. Accessed 11 Dec 2018

  3. Xu X (2012) From cloud computing to cloud manufacturing. Robot Comput Integr Manuf 28(1):75–86

    Google Scholar 

  4. Pippal SK, Kushwaha DS (2013) A simple, adaptable and efficient heterogeneous multi-tenant database architecture for ad hoc cloud. J Cloud Comput Adv Syst Appl 2(1):5

    Google Scholar 

  5. Shi B, Cui L, Li B, Liu X, Hao Z, Shen H (2018) Shadow monitor: an effective in-VM monitoring framework with hardware-enforced isolation. In: International Symposium on Research in Attacks, Intrusions, and Defenses. Springer, Berlin, pp 670–690

  6. Bhamare D, Samaka M, Erbad A, Jain R, Gupta L, Chan HA (2017) Optimal virtual network function placement in multi-cloud service function chaining architecture. Comput Commun 102:1–16

    Google Scholar 

  7. Alzahrani A, Alalwan N, Sarrab M (2014) Mobile cloud computing. In: Proceedings of the 7th Euro American Conference on Telematics and Information Systems (EATIS’14)

  8. Deka GC, Das PK (2018) Application of virtualization technology in IaaS cloud deployment model. In: Design and Use of Virtualization Technology in Cloud Computing: IGI Global, pp 29–99

  9. Oracle.com (2018) The Oracle and KPMG Cloud Threat Report 2018 | Oracle (online). https://www.oracle.com/cloud/cloud-threat-report.html. Accessed 11 Dec 2018

  10. Hashem IAT, Yaqoob I, Anuar NB, Mokhtar S, Gani A, Khan SU (2015) The rise of “big data” on cloud computing: review and open research issues. Inf Syst 47:98–115

    Google Scholar 

  11. Roman R, Lopez J, Mambo M (2018) Mobile edge computing, fog et al.: a survey and analysis of security threats and challenges. Future Gener Comput Syst 78:680–698

    Google Scholar 

  12. Ramachandra G, Iftikhar M, Khan FA (2017) A comprehensive survey on security in cloud computing. Proc Comput Sci 110:465–472

    Google Scholar 

  13. Csrc.nist.gov (2018) SP 500-299 (DRAFT), NIST Cloud Computing Security Reference Architecture | CSRC (online). https://csrc.nist.gov/publications/detail/sp/500-299/draft. Accessed 11 Sept 2018

  14. Yu S, Wang C, Ren K, Lou W (Mar 2010) Achieving secure, scalable, and fine-grained data access control in cloud computing. In: Proceedings of the IEEE INFOCOM

  15. Sgandurra D, Lupu E (2016) Evolution of attacks, threat models, and solutions for virtualized systems. ACM Comput Surv 48(3):1–38

    Google Scholar 

  16. Kaur M, Singh H (2015) A review of cloud computing security issues. Int J Adv Eng Technol 8(3):397–403

    Google Scholar 

  17. Kumar PR, Raj PH, Jelciana P (2018) Exploring data security issues and solutions in cloud computing. Proc Comput Sci 125:691–697

    Google Scholar 

  18. Khalil I, Khreishah A, Azeem M (2014) Cloud computing security: a survey. Computers 3(1):1–35

    Google Scholar 

  19. Bashir SF, Haider S (Dec 2011) Security threats in cloud computing. In: Proceedings of the International Conference for Internet Technology and Secured Transactions, pp 214–219

  20. Ryan MD (2013) Cloud computing security: the scientific challenge, and a survey of solutions. J Syst Softw 86(9):2263–2268

    Google Scholar 

  21. Wang C, Wang Q, Ren K, Lou W (Mar 2010) Privacy-preserving public auditing for data storage security in cloud computing. In: Proceedings of the IEEE INFOCOM

  22. Singh S, Jeong Y-S, Park JH (2016) A survey on cloud computing security: issues, threats, and solutions. J Netw Comput Appl 75:200–222

    Google Scholar 

  23. Khalil IM, Khreishah A, Azeem M (2014) Cloud computing security: a survey. Computers 3(1):1–35

    Google Scholar 

  24. Ahmed M, Litchfield AT (2018) Taxonomy for identification of security issues in cloud computing environments. J Comput Inf Syst 58(1):79–88

    Google Scholar 

  25. Fotiou N, Machas A, Polyzos GC, Xylomenos G (2015) Access control as a service for the Cloud. J Internet Serv Appl 6(1):11

    Google Scholar 

  26. Sumitra B, Pethuru C, Misbahuddin M (2014) A survey of cloud authentication attacks and solution approaches. Int J Innov Res Comput Commun Eng 2(10):6245–6253

    Google Scholar 

  27. Fernandes DA, Soares LF, Gomes JV, Freire MM, Inácio PR (2014) Security issues in cloud environments: a survey. Int J Inf Secur 13(2):113–170

    Google Scholar 

  28. Subashini S, Kavitha V (2011) A survey on security issues in service delivery models of cloud computing. J Netw Comput Appl 34(1):1–11

    Google Scholar 

  29. Zhang Y, Chen X, Li J, Wong DS, Li H, You I (2017) Ensuring attribute privacy protection and fast decryption for outsourced data security in mobile cloud computing. Inf Sci 379:42–61

    MATH  Google Scholar 

  30. Abbas H, Maennel O, Assar S (2017) Security and privacy issues in cloud computing. Springer, Berlin

  31. TechRepublic (2018) Building Trust in a Cloudy Sky (online). https://www.techrepublic.com/resource-library/whitepapers/building-trust-in-a-cloudy-sky/. Accessed 11 Sept 2018

  32. Basu S et al (2018) Cloud computing security challenges and solutions—a survey. In: Proceedings of the IEEE 8th Annual on Computing and Communication Workshop and Conference (CCWC), pp 347–356

  33. Dzombeta S, Stantchev V, Colomo-Palacios R, Brandis K, Haufe K (2014) Governance of cloud computing services for the life sciences. IT Prof 16(4):30–37

    Google Scholar 

  34. Butun I, Erol-Kantarci M, Kantarci B, Song H (2016) Cloud-centric multi-level authentication as a service for secure public safety device networks. IEEE Commun Mag 54(4):47–53

    Google Scholar 

  35. Saevanee H, Clarke N, Furnell S, Biscione V (2015) Continuous user authentication using multi-modal biometrics. Comput Secur 53:234–246

    Google Scholar 

  36. Khalil I, Khreishah A, Azeem M (2014) Consolidated identity management system for secure mobile cloud computing. Comput Netw 65:99–110

    Google Scholar 

  37. Faber T, Schwab S, Wroclawski J (2016) Authorization and access control: ABAC. In: McGeer R, Berman M, Elliott C, Ricci R (eds) The GENI book. Springer, Berlin, pp 203–234

    Google Scholar 

  38. Khan MA (2016) A survey of security issues for cloud computing. J Netw Comput Appl 71:11–29

    Google Scholar 

  39. Cai F, Zhu N, He J, Mu P, Li W, Yu Y (2018) Survey of access control models and technologies for cloud computing. Clust Comput 22(S3):6111–6122

    Google Scholar 

  40. Joshi MP, Joshi KP, Finin T (2018) Attribute based encryption for secure access to cloud based EHR systems. In: Proceedings of the International Conference on Cloud Computing

  41. Indu I, Anand PR, Bhaskar V (2018) Identity and access management in cloud environment: mechanisms and challenges. Eng Sci Technol Int J 21(4):574–588

    Google Scholar 

  42. Mohit P, Biswas G (2017) Confidentiality and storage of data in cloud environment. In: Proceedings of the 5th International Conference on Frontiers in Intelligent Computing: Theory and Applications. Springer, Berlin, pp 289–295

  43. Khan SI, Hoque ASL (2016) Privacy and security problems of national health data warehouse: a convenient solution for developing countries. In: Proceedings of the IEEE International Conference on Networking Systems and Security (NSysS), pp 1–6

  44. Tang J, Cui Y, Li Q, Ren K, Liu J, Buyya R (2016) Ensuring security and privacy preservation for cloud data services. ACM Comput Surv (CSUR) 49(1):13

    Google Scholar 

  45. Islam MA, Vrbsky SV (2017) Transaction management with tree-based consistency in cloud databases. Int J Cloud Comput 6(1):58–78

    Google Scholar 

  46. Ku C-Y, Chiu Y-S (2013) A novel infrastructure for data sanitization in cloud computing. In: Diversity, Technology, and Innovation for Operational Competitiveness: Proceedings of the 2013 International Conference on Technology Innovation and Industrial Management, pp 3–25

  47. Singh HJ, Bawa S (2018) Scalable metadata management techniques for ultra-large distributed storage systems—a systematic review. ACM Comput Surv (CSUR) 51(4):82

    Google Scholar 

  48. Sehgal NK, Bhatt PCP (2018) Cloud computing concepts and practics. Springer

  49. Prokhorenko V, Choo K-KR, Ashman H (2016) Web application protection techniques: a taxonomy. J Netw Comput Appl 60:95–112

    MATH  Google Scholar 

  50. Shin S et al (2014) Rosemary: a robust, secure, and high-performance network operating system. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. ACM, New York, pp 78–89

  51. Somani G, Gaur MS, Sanghi D, Conti M, Buyya R (2017) DDoS attacks in cloud computing: issues, taxonomy, and future directions. Comput Commun 107:30–48

    Google Scholar 

  52. Sattar K, Salah K, Sqalli M, Rafiq R, Rizwan M (2017) A delay-based countermeasure against the discovery of default rules in firewalls. Arab J Sci Eng 42(2):833–844

    Google Scholar 

  53. Iqbal S, Kiah ML, Dhaghighi B, Hussain M, Khan S, Khan MK, Choo KKR (2016) On cloud security attacks: a taxonomy and intrusion detection and prevention as a service. J Netw Comput Appl 74:98–120

    Google Scholar 

  54. Mishra P, Pilli ES, Varadharajan V, Tupakula U (2017) Intrusion detection techniques in cloud environment: a survey. J Netw Comput Appl 77:18–47

    Google Scholar 

  55. Kohnfelder L, Garg P (1999) The threats to our products. Microsoft Interface, Microsoft Corporation, New York, p 33

  56. Tounsi W, Rais HJC (2018) A survey on technical threat intelligence in the age of sophisticated cyber attacks. Comput Secur 72:212–233

    Google Scholar 

  57. Meinig M, Sukmana MI, Torkura KA, Meinel CJPCS (2019) Holistic strategy-based threat model for organizations. Proc Comput Sci 151:100–107

    Google Scholar 

  58. Mokhtar B, Azab MJAEJ (2015) Survey on security issues in vehicular ad hoc networks. Alex Eng J 54(4):1115–1126

    Google Scholar 

  59. Tan Y, Wu F, Wu Q, Liao XJTJOS (2019) Resource stealing: a resource multiplexing method for mix workloads in cloud system. J Supercomput 75(1):33–49

    Google Scholar 

  60. Hong JB, Nhlabatsi A, Kim DS, Hussein A, Fetais N, Khan KMJCN (2019) Systematic identification of threats in the cloud: a survey. Comput Netw 150:46–69

    Google Scholar 

  61. Haber MJ, Hibbert B (2018) Asset attack vectors. Apress, Berkeley, CA

    Google Scholar 

  62. Rai S, Sharma K, Dhakal D (2019) A survey on detection and mitigation of distributed denial-of-service attack in named data networking. In: Sarma H, Borah S, Dutta N (eds) Advances in communication, cloud, and big data. Lecture notes in networks and systems, vol 31. Springer, Singapore

    Google Scholar 

  63. Bojović P, Bašičević I, Ocovaj S, Popović M (2019) A practical approach to detection of distributed denial-of-service attacks using a hybrid detection method. Comput Electr Eng 73:84–96

    Google Scholar 

  64. Eldewahi AE, Hassan A, Elbadawi K, Barry BI (2018) The analysis of MATE attack in SDN based on STRIDE model. In: Proceedings of the International Conference on Emerging Internetworking, Data and Web Technologies, pp 901–910

  65. Tuma K, Scandariato R (2018) Two architectural threat analysis techniques compared. In: Proceedings of the European Conference on Software Architecture. Springer, Berlin, pp 347–363

  66. Symantec.com (2019) Cloud Security Threat Report (CSTR) 2019 | Symantec (online). https://www.symantec.com/security-center/cloud-security-threat-report. Accessed 19 July 2019

  67. Akshaya MS, Padmavathi G (2019) Taxonomy of security attacks and risk assessment of cloud computing. In: Peter J, Alavi A, Javadi B (eds) Advances in big data and cloud computing. Advances in intelligent systems and computing, vol 750. Springer, Singapore

    Google Scholar 

  68. Subramanian N, Jeyaraj AJC, Engineering E (2018) Recent security challenges in cloud computing. Comput Electr Eng 71:28–42

    Google Scholar 

  69. Tan CB, Hijazi MHA, Lim Y, Gani A (2018) A survey on proof of retrievability for cloud data integrity and availability: cloud storage state-of-the-art, issues, solutions and future trends. J Netw Comput Appl 110:75–86

    Google Scholar 

  70. Ghafir I, Jibran S, Mohammad H, Hanan F, Vaclav P, Sardar J, Sohail J, Thar B (2018) Security threats to critical infrastructure: the human factor. J Supercomput 74(10):4986–5002

    Google Scholar 

  71. Yamin MM, Katt B, Sattar K, Ahmad MB (2019) Implementation of insider threat detection system using honeypot based sensors and threat analytics. In: Future of Information and Communication Conference. Springer, Berlin, pp 801–829

  72. Osanaiye O, Choo K-KR, Dlodlo MJJON (2016) Distributed denial of service (DDoS) resilience in cloud: review and conceptual cloud DDoS mitigation framework. J Netw Comput Appl 67:147–165

    Google Scholar 

  73. Alsmadi I (2019) Incident response. In: The NICE Cyber Security Framework, pp 331–346

  74. Fernandes G, Rodrigues JJPC, Carvalho LF, Al-Muhtadi JF, Proença ML (2018) A comprehensive survey on network anomaly detection. Telecommun Syst 70(3):447–489

    Google Scholar 

  75. Nashimoto S, Homma N, Hayashi Y, Takahashi J, Fuji H, Aoki T (2016) Buffer overflow attack with multiple fault injection and a proven countermeasure. J Cryptogr Eng 7(1):35–46

    Google Scholar 

  76. Chen Z, Han H (2017) Attack mitigation by data structure randomization. In: Cuppens F, Wang L, Cuppens-Boulahia N, Tawbi N, Garcia-Alfaro J (eds) Foundations and practice of security. FPS 2016. Lecture notes in computer science, vol 10128. Springer, Cham

    Google Scholar 

  77. Cohen A, Nissim N, Rokach L, Elovici Y (2016) SFEM: structural feature extraction methodology for the detection of malicious office documents using machine learning methods. Expert Syst Appl 63:324–343

    Google Scholar 

  78. Sangeetha R (Feb 2013) Detection of malicious code in user mode. In: Proceedings of the International Conference on Information Communication and Embedded Systems (ICICES)

  79. Lichtman M, Poston JD, Amuru S, Shahriar C, Clancy TC, Buehrer RM, Reed JH (2016) A communications jamming taxonomy. IEEE Secur Priv 14(1):47–54

    Google Scholar 

  80. Wu M, Moon YB (2017) Taxonomy of cross-domain attacks on cyber manufacturing system. Proc Comput Sci 114:367–374

    Google Scholar 

  81. Bhagwani H, Negi R, Dutta AK, Handa A, Kumar N, Shukla SK (2019) Automated classification of web-application attacks for intrusion detection. In: Lecture notes in computer science, pp 123–141

  82. Chen M-S, Park JS, Yu PS (1996) Data mining for path traversal patterns in a web environment. In: Proceedings of 16th International Conference on Distributed Computing Systems, pp 385–392

  83. Murugan K, Suresh P (2018) Efficient anomaly intrusion detection using hybrid probabilistic techniques in wireless ad hoc network. Int J Netw Secur 20(4):730–737

    Google Scholar 

  84. Ghose N, Lazos L, Li M (2018) Secure device bootstrapping without secrets resistant to signal manipulation attacks. In: Proceedings of the IEEE Symposium on Security and Privacy (SP), pp 819–835

  85. Osanaiye O, Choo K-KR, Dlodlo M (2016) Distributed denial of service (DDoS) resilience in cloud: review and conceptual cloud DDoS mitigation framework. J Netw Comput Appl 67:147–165

    Google Scholar 

  86. Zhang X, Zhang Y, Mo Q, Xia H, Yang Z, Yang M, Wang X, Lunand L, Duan H (2018) An empirical study of web resource manipulation in real-world mobile applications. In: Proceedings of the 27th Security Symposium (Security 18), pp 1183–1198

  87. Coppolino L, D’Antonio S, Mazzeo G, Romano L (2017) Cloud security: emerging threats and current solutions. Comput Electr Eng 59:126–140

    Google Scholar 

  88. Gumaei A, Sammouda R, Al-Salman AMS, Alsanad A (2019) Anti-spoofing cloud-based multi-spectral biometric identification system for enterprise security and privacy-preservation. J Parallel Distrib Comput 124:27–40

    Google Scholar 

  89. Vlajic N, Chowdhury M, Litoiu M (2019) IP Spoofing in and out of the public cloud: from policy to practice. Computers 8(4):81

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Faculty of Mathematics and Computer, Shahid Bahonar University of Kerman, Kerman, Iran

    Hamed Tabrizchi & Marjan Kuchaki Rafsanjani

Authors
  1. Hamed Tabrizchi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Marjan Kuchaki Rafsanjani
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Marjan Kuchaki Rafsanjani.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Tabrizchi, H., Kuchaki Rafsanjani, M. A survey on security challenges in cloud computing: issues, threats, and solutions. J Supercomput 76, 9493–9532 (2020). https://doi.org/10.1007/s11227-020-03213-1

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-020-03213-1

Keywords

Search

Navigation