International Journal of Scientific Research in Science, Engineering and Technology
Print ISSN: 2395-1990 | Online ISSN : 2394-4099 (www.ijsrset.com)
doi : https://doi.org/10.32628/IJSRSET21852
A Comprehensive Overview of Privacy and Data Security for Cloud Storage
Dr. Nikhat Akhtar*1, Dr. Bedine Kerim2, Dr. Yusuf Perwej3, Dr. Anurag Tiwari4, Dr. Sheeba Praveen5
1*
Assistant Professor, Department of Computer Science & Engineering, Babu Banarasi Das Northern India Institute of
Technology (BBDNIIT), Lucknow, Uttar Pradesh, India
2
Assistant Professor, Department of Computer Science, Faculty of Computer Science & IT, Al Baha Universit, Baha, KSA
3
Associate Professor, Department of Computer Science & Engineering, India
4
Associate Professor, Department of Information Technology, Babu Banarasi Das National Institute of Technology and
Management (BBDNITM), Lucknow, Uttar Pradesh, India
5
Assistant Professor, Department of Computer Science & Engineering, Integral University, Lucknow, Uttar Pradesh, India
ABSTRACT
Article Info
People used to carry their documents about on CDs only a few years ago. Many
Volume 8, Issue 5
people have recently turned to memory sticks. Cloud computing, in this case,
Page Number: 113-152
refers to the capacity to access and edit data stored on remote servers from any
Internet-connected platform. Cloud computing is a self-service Internet
Publication Issue:
infrastructure that allows people to access computing resources at any location
September-October-2021
worldwide. The world has altered as a result of cloud computing. Cloud
computing can be thought of as a new computing typology that can provide on-
Article History
demand services at a low cost. By increasing the capacity and flexibility of data
Accepted: 08 Sep 2021
storage and providing scalable compute and processing power that fits the
Published: 18 Sep 2021
dynamic data requirements, cloud computing has aided the advancement of IT
to higher heights. In the field of information technology, privacy and data
security have long been a serious concern. It becomes more severe in the cloud
computing environment because data is stored in multiple locations, often across
the globe. Users' primary challenges regarding the cloud technology revolve
around data security and privacy. We conduct a thorough assessment of the
literature on data security and privacy issues, data encryption technologies, and
related countermeasures in cloud storage systems in this study. Ubiquitous
network connectivity, location-independent resource pooling, quick resource
flexibility, usage-based pricing, and risk transference are all features of cloud
computing.
Keywords: Cloud Computing, Data Security, Artificial Intelligence as a
Service (AIaaS), Cloud Storage, Data Access Control, Data Privacy.
Copyright: © the author(s), publisher and licensee Technoscience Academy. This is an open-access article distributed under the
terms of the Creative Commons Attribution Non-Commercial License, which permits unrestricted non-commercial use,
distribution, and reproduction in any medium, provided the original work is properly cited
113
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
I.
INTRODUCTION
we can use cloud storage. As a result, the cloud will
Today scenario, big data [1] is now rapidly developing
require sufficient storage space as well as sufficient
speed to load data simultaneously. The cloud era is
in all research and engineering areas, including
arrived! It's a game-changing invention that combines
physical, Medical Internet of Things (MIoT) [2],
public, private, and business process outsourcing
biological, and biomedical sciences, due to the rapid
capabilities. Scalability, elasticity, and flexibility are
expansion of networking, data storage, and data
all advantages of cloud-based services. User groups
collection capacity. The rate of data production has
and cloud service providers alike are concerned about
grown
Many
data security and privacy [11] in cloud computing. In
organizations are looking for cost-effective ways to
the context of cloud computing, sensitive information
store and analyses large amounts of data generated by
covers data from a wide range of various fields and
a variety of sources, including high-throughput
specialties [12]. As a result of the recent growth of
equipment, sensors, and connected devices. Big data
new cloud technologies, privacy and data protection
[3] technologies can take advantage of cloud
computing [4] to deliver major benefits, such as the
requirements have evolved to safeguard individuals
against monitoring and database exposure. The study
capability
on data security and privacy in cloud computing
significantly
to
in
build,
recent
connect,
years.
configure,
and
reconfigure virtualized resources on demand with
systems is summarized in this publication.
automated tools. Cloud computing is a new paradigm
that
is
altering
how
institutions,
businesses,
organizations, and individuals see and use various
software systems [5]. Organizations that use cloudbased solutions don't have to host their software or
manage their own servers [6]. The cloud computing is
made up of hardware and software resources that are
made available as managed external services over the
internet.
Advanced software applications and high-end server
computer networks are used to provide these services.
With the rapid expansion of computer, storage, and
communication technology, the cloud computing [7]
is a new computing model that may give users with
programmable
and
shared
resources.
Cloud
computing [8] providers link a huge number of nodes
and network devices [9] to create one or more big
data centers. Then they offer infrastructure, platform,
storage, and software services, all of which are
centered on data centers. The most well-known
technology in the world is cloud computing. It offers
a variety of services to its customers, and cloud
storage is one of the most important aspects of cloud
Figure 1 The Organization of Research Paper
Framework
computing [10]. To store data in the cloud network,
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
114
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
The remaining sections of this work are organized as
the major challenge in cloud computing is data
follows. The related works is presented in section II.
We describe the cloud computing in section III cloud
sharing.
data storage in section IV. In section V, we present
This paradigm shift that comes with cloud computing
the security and privacy threats in cloud data storage.
usage is increasingly causing security and privacy
We are widely discussing the possible solutions for
concerns about aspects of cloud computing such
security and privacy threat in cloud data storage in
multi-tenancy,
section VI. We present benefits of cloud computing in
accountability [18]. Before consumers and businesses
sections VII. We conclude this paper in section VIII.
use cloud computing, users' security concerns must be
In section IX, we present future work of cloud
addressed in order for the cloud environment to be
computing. This paper gives an organizational
trusted. The trustworthy environment is the basic
framework in figure 1 to clearly depict the general
prerequisite to win confidence of users to adopt such
structure.
a technology. The assessment of cloud computing
trust,
loss
of
control,
and
hazards was examined by Latif et al. [19]. In other
research, cloud infrastructures are combined with
II. RELATED WORKS
unique services aimed at specific businesses. To put it
Any hosted service offered over the internet is
another way, the cloud is designed to provide specific
referred to as cloud computing. Servers, databases,
services to clients, such as cloud computing for
software, analytics, and other computing tasks that
manufacturing or cloud computing for health care
may be operated over the cloud are frequently
[20].
included in these services [13]. The act of operating
workloads
within
clouds
is
known
as
cloud
Shynu et al. [21] explored several ways of secret
computing. IT settings in which scalable resources are
communication, such as the secret channel, side
abstracted, pooled, and shared across networks.
channel attack, and fuzzy technology, addressed
secret communication technology in relation to
In recent years, cloud computing privacy and security
application situations, and demonstrated its benefits
issues have been a popular topic [14]. Data privacy,
and drawbacks. Lo’ai et al. [22] presented a mobile
data protection, data availability, data location, and
cloud computing concept that may be applied to a
secure transmission are the most pressing concerns in
wide range of applications. The proposed architecture
cloud data security. Threats, data loss, service
can be used to store and analyse data collected by
disruption, outside malicious assaults, and multitenancy difficulties are among the security challenges
various sensors and IoT devices. In restricted
circumstances, the obtained data will be transferred
in the cloud [15]. Users of this technology outsource
to the mobile [23] cloud model for analysis and
their data to a cloud provider's server located outside
making the best decision possible. Johanna et al. [24]
of their premises [16]. Memory, processor, bandwidth,
looked into a variety of covert communication
and storage are also visible and accessible via the
Internet by a client. By focusing on privacy
technologies, including hidden channels, bypass, and
fuzzy technology. These approaches, on the other
protection, data segregation, and cloud security, Chen
hand, are a type of non-mainstream technology and
et al. [17] investigated privacy and data security
application, with a very limited application scope.
challenges in cloud computing. Data security issues
Cloud storage is similar to cloud computing in terms
are primarily at SPI (SaaS, PaaS, and IaaS) level and
of accessible interfaces, scalability, and measurement
resources because it is based on virtualization
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
115
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
infrastructure. It consists of four layers [25], cloud
et. al [36] investigated several security service
storage supplies data access services including data
storage, data computation, authentication, and access
methods based on Blockchain, such as authentication,
confidentiality, access control list, resource sources
control. Due to the characteristics of cloud storage,
and integrity assurance, and discussed the challenges
data security and privacy issues are inevitably
of security services.
generated in this process.
A Blockchain [37] controller, cloud server, and
authentication server (AS) are used to establish a
Furthermore, the cloud provides the required
cloud-based software defined network (SDN). To
administration and control capabilities to support
obtain the secret key, researchers recommend that all
(regulatory) governance [26] rules while also meeting
users register with the AS [38]. Nikhat Akhtar at. al.
the needs of multinational corporations [27]. Zhang et
[39] presents a comprehensive literature review of
al. [28] provided a technical review of four SE systems,
recent contributions focused on the Medical Internet
including searchable symmetric encryption (SSE),
of Things (MIoT). Medical Internet of Things-based
public key encryption with keyword search (PEK),
attribute-based encryption with keyword search
healthcare services are expected to improve the user's
quality of life, lower prices using clouds. In this
(ABK), and proxy re-encryption (PRES). Several SE
publication, Jeffrey and colleagues [40] investigate the
technologies,
effectiveness of deep learning algorithms based on
including
searchable
symmetric
encryption (SSE), public key encryption keyword
Recurrent
search (PEKS), attribute-based encryption keyword
identifying malware in cloud Virtual Machines (VMs).
search (ABKS), and proxy re-encryption keyword
We concentrate on two key RNN architectures:
search, were summarised by Zhang et al [29]. (PRES).
LSTMs (Long Short-Term Memory RNNs) [42] and
Neural
Networks
(RNNs)
[41]
for
Bidirectional RNNs (Bidirectional RNNs) (BIDIs).
They just provided a technical description of the
Based on run-time fine-grained processes system
searchable encryption paradigm, with no relevant
metrics like as CPU, memory, and disk use, these
algorithms or performance comparison studies. Yusuf
models learn the behavior of malware over time.
Perwej et al. [30] in this paper highlight the main
Bader et al. [43] conduct a thorough literature review
Hadoop
and
to assess existing research on cloud computing
analysis that may affect big data. Moreover, big data
security, dangers, and problems. This systematic
[31] can be advantageous as a base for the
literature review examined the research studies
development of the future technologies that will
published between 2010 and 2020 within the popular
transform the world as we see it, like the cloud
computing, Internet of Things (IoT) [32], or on-
digital libraries.
security,
technological
viewpoint
III. Cloud Computing
demand services, and Blockchain [33]. Edemacu et al.
[34] examined and analysed the security, revocation
This section delves deeper into cloud computing. The
ability, and efficiency of various attribute-based
Internet of Things (IoT) [44], or the interconnection
cooperative electronic health encryption methods.
The privacy protection technology mentioned in this
of people, devices, and "things," is growing as the
study, on the other hand, is relatively simple. Yusuf
to the Internet grows. The cloud service provider
Perwej and colleagues take a quick look at the
platform [45] generates and hosts an unprecedented
technical components of IoT security. Because when
volume of data. Many applications and services will
only two instruments were combined in the field of
be hosted in the cloud due to the cloud's high
medical care, security was a major concern [35]. Tara
performance, scalability, and reliability. The word
number of information detecting devices connected
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
116
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
"cloud," often known as "cloud computing," refers to
any type of remote data storage solution [46] shown
in figure 2. To be clear, your data is saved on remote
servers and may be accessed via the Internet, rather
than on your hard discs or local memories. You can
rent rather than buy your IT using cloud computing.
Companies prefer to access their compute capacity
over the internet [47], or the cloud, and pay for it as
they use it, rather than investing extensively in
databases, software, and hardware. Servers, storage,
databases,
networking,
software,
analytics,
and
business intelligence are now among the cloud
services
available.
Cloud
computing
enables
businesses to develop, innovate, and support business
IT solutions with the speed, scalability, and flexibility
that they require. There has been a substantial growth
Figure 2 The Cloud Computing
in cloud computing usage over the last several years
as firms increasingly [48] appreciate the cost savings,
3.1 Categorized of Cloud Computing
easy scalability, and work flexibility afforded by
cloud. The global market for cloud-based services is
Several kinds of cloud computing models have
expected to grow to $436 billion by 2024, up from
emerged as the cloud has evolved. Public cloud, edge
$326 billion in 2020, with over 64 percent of
cloud, private cloud, multi cloud, hybrid cloud,
businesses [49] adopting the cloud in some way.
distributed cloud, and community cloud are the
Cloud computing saves businesses money on both
hardware and software upkeep. By ensuring that our
different types of cloud computing deployments. Each
form necessitates a different level of client control
data is always available, an internet cloud architecture
and offers varying levels of protection and privacy
improves organization productivity and efficiency.
[50].
3.1.1 Public Cloud
In a public cloud, the cloud provider's whole
computing infrastructure is housed on its premises,
while the customer receives services via the internet.
Customers don't have to worry about maintaining
their own IT, and they can easily add more users or
computer power as needed. Multiple tenants share
the cloud provider's IT infrastructure in this scenario.
Typically, the public cloud is highly [51] segregated to
prevent cloud service overlap among different
enterprises and to ensure each business's privacy and
security. The public cloud's scalability is one of its
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
117
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
most appealing features. Furthermore, most public
3.1.4 Multi Cloud
clouds operate on a pay-as-you-go basis, meaning that
users only pay for the cloud services that they use.
Enterprises are attempting to de-risk themselves by
putting various workloads in different clouds, hence a
3.1.2 Edge Cloud
multi cloud strategy is the preferred model nowadays.
The usage of multiple cloud computing and storage
To lower processing costs and provide more low-
[54] devices in a single architecture distinguishes
latency experiences for consumers, edge clouds
hybrid cloud from multi cloud. Some organizations
decentralize computing power to clients and devices
also prefer multiple clouds, as each cloud may offer a
at the network edge. Edge cloud [52] will be a one-of-
different
a-kind ecosystem of open and interconnected data
personalize
centers, with data center operators and carrier
network with multi cloud.
technology
and
capability. Businesses
compartmentalize
their
may
cloud
alliances allowing it to reach critical mass Depending
on the QoE objectives and resource requirements for
a given application, the edge cloud can be located in
3.1.5 Hybrid Cloud
any number of network locations. The location of the
Hybrid clouds, as the name implies, are a mix of
Edge cloud will vary depending on the perspective of
public and private clouds meant to work together
an end-user, network operator, or application
seamlessly, transferring services and applications from
provider.
one to the other. Hybrid cloud customers typically
host business-critical apps on their own servers for
3.1.3 Private Cloud
increased protection and control, while storing
secondary applications at the cloud [55] provider's
A private cloud is a cloud that is only used by one
location. With hybrid clouds, business owners can
company. It could be hosted on the organization's
simply scale up their network infrastructure by
premises or in the data center of the cloud provider
leveraging the public cloud while keeping their data
[53]. The maximum level of protection and control is
privacy, security, and access control in the private
provided by a private cloud. This private cloud is
cloud. The hybrid cloud model is also preferable for
exclusively available to customers of a single firm or
hosting workloads that must meet compliance or data
group of companies, and the [51] organization has the
security standards.
freedom to build the private cloud to meet its specific
needs. Administrative control, privacy, and security
are all advantages of private clouds for business
3.1.6 Distributed Cloud
owners. Private clouds are often surrounded by high-
Distributed cloud is a public cloud computing service
security firewalls, with only approved users permitted
that allows you to run public cloud infrastructure in
access.
For businesses that deal with sensitive
multiple locations, including on premises, in the data
information or that have strict regulatory
requirements, using a private cloud enables them to
centers of other cloud providers, and in third-party
data centers or co-location centers, all while
easily make any configuration modifications that are
managing everything from a single control plane.
relevant to their line of business.
According to a current trend, Gartner defines
distributed cloud as the distribution of public cloud
services to different physical locations, but the
original public cloud provider is responsible for the
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
118
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
services'
operation,
governance,
updates,
and
3.2 Services of Cloud Computing
evolution [56]. Distributed cloud speeds up
worldwide service communication while also
Cloud services are now available to satisfy almost any
allowing for more responsive communications for any
IT requirement. It's more about finding the proper
given region. Distributed cloud computing provides
solution to suit your business and personal needs than
repeatability and dependability, as well as geo-
there is a one-size-fits-all strategy to cloud. Each
replication, which helps to save costs while also
service model represents a different component of the
providing instantaneous fail-overs via remote replicas
cloud stack with its own set of responsibilities for you
that may be reset in the event of a failure. Distributed
and the service provider [58].
cloud allows breaking complex problems and data
into smaller pieces and has multiple computers which
can be worked upon in parallel.
3.1.7 Community Cloud
A community cloud allows a group of multiple
organizations to access systems and services in order
to
communicate
information
between
the
organization and a specific community. The goal of
this concept is to allow numerous customers to
collaborate on community-owned projects and apps
when a centralized cloud infrastructure is required. In
other words, Community Cloud is a distributed
infrastructure that integrates the services given by
many types of cloud solutions to answer the specific
concerns of business sectors. With hybrid clouds,
business owners can simply scale up their network
Figure 3 Types of Cloud Computing Service Models
infrastructure by leveraging the public cloud while
keeping their data privacy, security, and access
control in the private cloud. The hybrid cloud model
is also preferable for hosting workloads that must
meet compliance or data security standards. Because
of the exclusive user group, organizations do not have
to be concerned about the security problems
associated with public cloud. It is owned, managed,
and operated by one or more organizations in the
community, a third party, or a combination of them.
The community cloud is scalable and versatile since it
Infrastructure, platforms, and software that are hosted
by third-party providers and made available to
consumers via the internet are known as cloud
services. Although there's great variety among cloud
services, all such services have certain basic features
and benefits in common, and all can be categorized
into a few basic cloud service types shown in figure 3.
3.2.1 Infrastructure as a Service (IaaS)
is generally compatible with all users and may be
modified to suit their needs.
Infrastructure as a Service (IaaS) is the service
paradigm that your cloud technology deployment is
built on. You can get on-demand access to essential IT
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
119
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
resources like computers, networking, and storage
uses cloud-based services to streamline enterprise
through an IaaS provider [59]. IaaS gives you access
to a scalable, state-of-the-art hardware resource that
communications. Through a partnership with a
united communications organization, UCaaS provides
can be scaled to match your company's processing and
collaboration features such as instant messaging,
storage requirements. We're using this infrastructure
video conferencing, file sharing, and more. Businesses
to provide your company's applications, software, and
can save a significant amount of money by using
platforms while relieving you of the burden of
UCaaS.
administering and supporting them.
3.2.4 Software as a Service (SaaS)
3.2.2 Everything as a Service (XaaS)
SaaS (Software as a Service) is a cloud service
The X in Xaas serves as a variable in the same way as
paradigm that gives you access to a fully functional
it does in mathematics. As a result, this word might
software product that is run and managed by the
mean "Anything as a Service" or "Everything as a
Service." The name XaaS stands for "everything as a
service provider. The majority of SaaS solutions are
end-user applications. The customer uses the internet
Service," and it refers to a wide range of products,
to access those applications. Rather than purchasing
tools, and technology that are becoming increasingly
and maintaining their own computing infrastructure,
popular as a service offering [60]. XaaS is frequently
[62] SaaS customers opt for a pay-as-you-go
chosen by businesses because the as-a-service
subscription to the service. SaaS is the best choice for
approach
many businesses since it allows them to get up and
can
implementations.
reduce
With
costs
every
and
simplify
additional
IT
cloud
running
quickly
with
available.
the
A
most
cutting-edge
service, an organization can shed pieces of its in-
technology
web-based
customer
house IT infrastructure, leading to fewer servers, hard
relationship management (CRM) solution is a
drives, network switches, software deployments and
frequent SaaS example. We are store and manage all
more. The primary financial advantage of employing
your contacts via CRM [63] without having to
the XaaS model is that it saves money. The Internet of
upgrade the software to the latest version or
Things (IoT) [61] is another cornerstone of many
maintaining the server and operation system the
businesses that need to function online, and XaaS is a
software is running on.
major contributing factor to how well this works for
you, too.
3.2.5 Storage as a service (STaaS)
3.2.3 Unified Communications as a Service (UCaaS)
Storage as a Service (STaaS) allows businesses to
consume storage as needed. Instead of purchasing and
In
light
of
recent
developments,
unified
maintaining storage infrastructure, this service allows
communications as a service (UCaaS) has gotten a lot
businesses
to
add,
delete,
or
adjust
of attention. Unified communications as a service
(UCaaS) is a cloud-based solution paradigm for all of a
requirements as needed, and only pay for the storage
that is used. Enterprises, small and medium
company's communication needs. This will typically
organisations, home offices, and individuals can use
combine tools like email, video conferencing, instant
the cloud for multimedia storage, data repositories,
messaging and more into a fully-mobile suite that can
data backup and recovery, and disaster recovery with
be accessed from any device. UCaaS (Unified
STaaS. There are other higher-tier managed services
Communications as a Service) is a technology that
that build on STaaS, such as database as a service,
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
storage
120
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
which allows you to write data into tables hosted by
prevention, antivirus management, spam filtering,
CSP resources.
network security, identity management, and other
services may be included.
3.2.6 Platform as a Service (PaaS)
3.2.8 Functions as a Service (FaaS)
Platform as a Service (PaaS) is a cloud service model
in which you use a service provider to access a
Before we can comprehend Functions as a Service, we
combination of hardware and software tools. The
must first comprehend the most commonly used
most prevalent usage of PaaS is for application
technical word for FaaS server less computing. Server
development. Customers can use the PaaS to get the
less computing [69] is a cloud computing approach in
developer tools they need to build and manage mobile
which
and web applications without having to invest in [64]
infrastructure decisions and server maintenance. The
or maintain the underlying infrastructure. The
allocation of resources is handled by the cloud service
infrastructure and middleware components are hosted
by the provider, and the consumer uses a web
provider, so the application architect does not have to
worry about it. FaaS is a new cloud computing service
browser to access them. PaaS solutions must have
that is transforming many industries. It's a server-less
ready-to-use programming components that enable
computing idea that allows software developers to
developers to include new features into their apps,
create apps and distribute particular "functions,"
such as artificial intelligence (AI) [65], chatbots,
pieces of business logic, or actions without the need
Blockchain [66], and the Internet of Things (IoT) [67].
for a server. It increases the efficiency as developers
The right PaaS offering also should include solutions
need not to consider server operations because they
for
are
analysts,
end
users,
and
professional
IT
developers
hosted
are
relieved
externally. Examples
of
low-level
of FaaS include
administrators, including big data analytics [68],
Google Cloud Function, Microsoft Azure Functions,
content management, database management, systems
Webtask.io, Iron.io, Open Whisk, and AWS Lambda.
management, and security.
3.2.9 Test environment as a Service (TEaaS)
3.2.7 Security as a Service (SECaaS)
The test environment as a service paradigm, which is
The Security as a Service (SECaaS) is a service given
an on-demand test environment, allows businesses to
by a managed security services provider that allows
test their software or apps using only a web browser.
businesses to free up security resources by having the
service provider take full responsibility for security.
Clients save money on the deployment of test
infrastructure for testing, as well as the tools needed
Because it enables secure access to apps and services
for testing and maintenance. Clients benefit from
regardless of where they are hosted or when users
TEaaS since it reduces the costs of physical
connect, security as a service has become a key
infrastructure,
business enabler in the increasingly cloud and mobile
world. SECaaS solutions can be scaled up or down as
maintenance, testing resources, and so on. Concerns
concerning cyber security in a cloud-based test
required and are provided on demand where and
environment, on the other hand, are a major
when you need them. That means you won't have to
impediment to the worldwide test environment as a
worry
service market's growth.
about
deployment
or
updates
because
testing
tools,
IT
support
staff
everything is handled by your SECaaS provider and
accessible via a web-based dashboard. Data loss
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
121
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
3.2.10 Communication as a Service (CaaS)
not on individual machines or laptops. The service
The “Communications” is represented by the C in
provider is responsible for all data management,
backup, and storage [73]. DaaS runs across a range of
CaaS. This means we'll use a single vendor to handle
operating systems and device kinds, which promotes
all of your communication needs. This cover, among
the trend of employees bringing their own devices to
other things, phone over IP, instant messaging,
work and relieves the cloud service provider of the
collaboration, and video conferencing. The supplier is
responsibility of supporting the desktop on all of
in charge of all hardware and software administration
those devices. Desktop as a Service (DaaS) has a
in this situation. They usually charge on an on-
number of distinct advantages over the traditional
demand basis so you’ll always only pay for what you
desktop paradigm. Deploying or decommissioning
need. This means that this model is flexible and will
active end users with DaaS is much faster and less
grow as your need for communication grows.
expensive.
3.2.11 Artificial Intelligence as a Service (AIaaS)
3.2.13 Network-as-a-Service (NaaS)
Artificial intelligence as a service (AIaaS) is a third-
Network-as-a-Service enables us to gain direct and
party AI outsourcing service. AIaaS refers to AI
secure access to network infrastructure. Custom
platforms that allow businesses to implement and
routing protocols can be deployed using NaaS. To
grow AI approaches for a fraction of the expense of a
provide network services to customers, NaaS employs
full-fledged AI department [70]. The term "service"
virtualized network infrastructure. The network
in AIaaS refers not only to the cloud-based software
resources must be maintained and managed by the
delivery model, but also to the extent to which the
NaaS provider. Having a provider work for a customer
vendor is involved in the process. The nine yards of
reduces the customer's workload. Furthermore, NaaS
AI [71] are delivered as a unified platform by IT
provides network as a service. NaaS is also based
companies
on pay-per-use model.
delivering
AIaaS,
from
problem
conceptualization to keeping the model on track and
expanding to new use cases, through constructing the
3.2.14 Disaster Recovery as a Service (DRaaS)
model, deploying the solution in production, and
sustaining it in real-world settings. AI cloud offerings
Disaster recovery as a service, or DRaaS, is the
including Amazon Machine Learning, Microsoft
replication of physical or virtual servers hosted by a
Cognitive Services and Google Cloud Machine
Learning [72] can help organizations what might be
third party to offer failover in the case of a man-made
or natural disaster. DRaaS can be especially useful to
possible with their data. AIaaS solutions also provide
organizations that lack the necessary expertise to
more scalability, flexibility, and also use.
provision, configure, and test an effective disaster
recovery plan. The goal of DRaaS is to achieve a quick
3.2.12 Desktop as a Service (DaaS)
recovery point [74]. This means that the data will be
restored as closely as feasible to its current "now"
Desktop as a Service (DaaS) is a sort of offering that
state. Typical recuperation time goals are 4 hours or
provides virtual desktops to end customers. It is
less, and equipment that are geographically located in
extremely
working
a different place will be brought up. Third parties
robust
bear complete responsibility for disaster recovery
security, as all information is stored on the server, and
under the managed DRaaS paradigm. Choosing this
popular
environment.
Virtual
in
the
desktops
remote
promise
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
122
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
option requires organizations to work closely with
communication
DRaaS providers to keep all infrastructure,
application, and service changes up to date. If you
exchanged as structured text, such as XML or JSON
(JavaScript Object Notation) in a specified syntax.
don’t have the expertise and time to manage your
However, data may also be passed to the service in
own disaster recovery, this is the best option.
the model’s native format.
interface
in
MDaaS.
Data
is
IV. Cloud Data Storage
3.2.15 Monitoring as a Service (MaaS)
Cloud storage is a cloud computing approach in
Monitoring as a Service (MaaS) is a security service
which data is stored on the Internet and managed and
that protects a company's IT assets 24 hours a day,
operated by a cloud computing provider. It's on-
seven days a week. It is critical in protecting an
demand, with just-in-time capacity and costs, and it
organization's or government's clientele from cyber
saves you money by not having to buy and manage
threats. It is a framework that facilitates the
your
deployment of monitoring functionalities for various
other services and applications within the cloud.
computing integrates the concepts of [76] grid
computing, distribution, and utility computing,
MaaS is an outsourced monitoring service with a
among others, to create a vast pool of shared virtual
flexible and consumption-based [75] subscription
resources by connecting a large number of computers,
model. However, in order to monitor effectively and
storage, and software resources. Cloud data storage is
efficiently, the business needs have up-to-date
a type of data storage that involves sending data over
equipment, professionals with extensive technical
the Internet and storing it on remote systems that
capabilities, and scalable security processes, all of
may span several servers and locations. Cloud storage
which come at a significant cost. Online state
can be offered by a service provider, installed on-
monitoring is the most typical MaaS application,
premises in a company's own data center, or a hybrid
networks, systems, which continuously monitors
of the two. Large data centers are maintained by
particular states of apps, instances, or any other
cloud service providers in numerous locations across
element that can be deployed in the cloud.
the world. Depending on the extent of the cloud
own
data
storage
infrastructure.
Cloud
provider's operation, the server with which you
3.2.16 Model as a Service (MDaaS)
connect sends your data [78] to a pool of computers
situated in one or more data centers. Using a cloud
A Model as a Service (MDaaS) is a service that allows
service provider's infrastructure to securely store your
you to run simulation models. The MDaaS is
primarily concerned with the application of a model
data, apps, and workloads is known as cloud storage.
Users that want to adopt cloud computing are
to data. The model can be pre-deployed, has a well-
concerned about data security and privacy. This
known service endpoint, and extra data services may
technology needs proper security principles and
be available. This is a regular occurrence in
mechanisms to eliminate users concerns.
operational models used in a production setting.
Before execution, this model can be dynamically
4.1 Cloud Storage Classes
deployed from the client. Such behavior is required
for the development of model services for research
The concept of cloud storage is similar to that of data
purposes. Both approaches cater to a distinct
storage. Information is saved in logical pools in cloud
workflow, as well as the requirements for availability
storage, whereas physical storage necessitates a large
and security. Web services are used as the client's
number of computers and, in certain cases, many
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
123
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
locations. Unmanaged cloud storage and managed
metadata, which limits organizational flexibility, and
cloud storage are the two primary categories in which
cloud storage may be found. The storage [79] is
its higher price and complexity.
preconfigured for the customer in unmanaged cloud
4.2.2 Object Storage
storage. The consumer is unable to format, install his
own file system, or change the properties of his hard
Object storage is distinct from file and block storage
drive. Managed cloud storage provides on-demand
in that data is managed as objects. The data in a file,
internet storage capacity. The managed cloud storage
its accompanying metadata, and an identifier are all
system appears to the user to be a raw disk that the
included in each object. Objects save data in the
user can partition and format.
format in which it is received and allow metadata to
be customised in ways that make the data easier to
4.2 Type of Cloud Storage Formats
access and analyse. An object storage protocol uses
the RESTful API to store a file and its associated
Cloud storage employs a logical memory paradigm,
which enables providers to store your data on several
metadata as a single object and assign it an ID
number. The user gives the ID to the system to
servers in various regions while being completely
retrieve content, and the content is assembled with
transparent to you. People may now upload all
full information, authentication, and security. Objects
personal data stored on their mobile phones to their
are stored in repositories that provide almost infinite
cloud storage accounts with a single click using
scalability, rather than being structured in [81] files or
specialized software available for various OS versions.
folder hierarchies. Object storage helps you to
Dropbox and Google Drive are two examples of
optimise storage resources in a cost-effective manner
popular cloud storage options. The three most
because there is no filing hierarchy and the metadata
common forms of cloud storage formats are block
is customisable. The object storage protocol is used by
storage, object storage, and file storage.
all backup apps, which is one of the reasons why
online backup to a cloud service was the first
4.2.1 Block Storage
successful cloud storage application. The main
disadvantage of object storage is that data cannot be
Block storage, which is commonly used in SANs, is
modified segment by segment. Only the whole object
also widely used in cloud storage settings. Data is
can
grouped into big volumes called "blocks" in this
performance. We need to restore the object, add a
storage model. Each block corresponds to a different
hard drive. Cloud storage providers use blocks to split
new row, and write the entire object back into the
object storage system. As a result, this type of storage
large amounts of data among multiple storage nodes.
is unsuitable for applications with frequent data
Block storage is quick, efficient, and delivers the low
changes.
latency
that
database
and
be
changed,
which
has
an
impact
on
high-performance
workloads require [80]. Block storage, when used in
the cloud, grows effortlessly to meet the development
4.2.3 File Storage
of your company's databases and applications. If your
The file storage method preserves data in a
website collects a lot of visitor data that has to be
hierarchical file and folder structure that is familiar to
saved, block storage can be a good option. The
most of us. It is often used with network attached
primary disadvantages of block storage are its lack of
storage and personal computer storage discs (NAS).
Regardless of whether the data is stored in the storage
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
124
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
system or on the client, the hierarchy makes it easier
means that there are significant security and privacy
and more natural to search and retrieve files when
needed [82]. Development platforms, home folders,
problems that must be considered by all parties
involved in the cloud computing arena while
and repositories for video, audio, and other data all
employing cloud computing. Cloud computing has a
need file storage. The primary disadvantages of file
number of problems. The following are the issues
storage, if we plan for your data to grow, there is a
that need to be addressed.
certain point at which the hierarchy and permissions
will become complex enough to slow the system
5.1 Handle Access for Remote Work
significantly.
One of the most appealing features of cloud
V. Security and Privacy Threats in Cloud Data Storage
applications is that they can be accessed from any
device with an internet connection. However, more
Today,
the
cloud
makes
software,
platforms,
apps mean more URLs and passwords to maintain and
infrastructure, and storage more flexible and
economical for businesses of all sizes. In this part,
support, and the rise of mobile devices adds yet
another access point to handle. IT departments must
we'll discuss the security and privacy risks associated
facilitate access across multiple devices and platforms
with cloud data storage. Security and privacy are
without compromising security.
broad topics in cloud computing. In comparison to
traditional systems, the cloud has novel security
5.2 Privacy of Cloud Data
requirements [83]. Because the consumer no longer
security
The data on the cloud is distributed all over the
architecture is broken. When data is kept on a remote
world. The user has no knowledge of the location of
server, users lose physical control over it [84], and
data and has no control over the physical access
they delegate that control to an untrustworthy cloud
mechanisms to that data. Many countries, cultures,
provider or party. Because cloud computing is made
and jurisdictions have vastly different ideas about
up of numerous technologies, such as databases,
privacy. When an investigation happens, there is also
operating systems, different networks, transaction
the issue of whose jurisdiction the data belongs under.
management, [85] virtualization, it poses a number of
There are several databases and applications in a
security risks. As a result, security concerns about
distributed system. Governments [26] should have at
these systems and applications apply to the cloud
least a rudimentary policy in place to deal with such
computing as well. Privacy is a complex topic that has
different interpretations depending on contexts,
circumstances.
cultures and communities, and it has been recognized
5.3 Administrative Entrance
owns
the
infrastructure,
traditional
as a fundamental human right by the United Nations
[86]. Other difficult challenges in cloud computing
Administrative access in cloud computing is done
security include the formulation of a legal definition
for cybercrime, the issue of jurisdiction (who is liable
over the internet, which raises the danger. It is very
important to control administrative access to data and
for what information and where are they held
monitor the access to maintain protocols.
responsible for it), and the regulation of data transfers
to third nations. Access control, user authentication,
and data encryption [87] are all standard security
features offered by most cloud storage providers. This
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
125
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
5.4 Access Control
techniques to analyse user data. As a result, customers
Data security must be given extra attention when data
can store and analyze data on the cloud with the help
of a cloud service provider. The lack of transparency
is outsourced to the cloud, which is untrustworthy
might also result in the loss of a significant amount of
since it is in a domain where security is not regulated
data.
by the data owner. When more than one entity wants
to exchange data, a method must be in place to limit
5.7 Service Hijacking
who has access to that data. The literature [88] has
discussed a variety of strategies. Those techniques
Phishing, fraud, and software exploitation flaws are
were proposed to keep data content confidential and
the most common ways to steal an account's
keep
and
credentials and passwords, and they still work.
disclosing the data by using access control while
Credentials and passwords can be reused, which
permitting many authorized entities to share those
increases the impact of such assaults. All the
data.
transactions achieve network traffic between user and
cloud service provider. When an attacker acquires
5.5 Data Breaches
access to a user's credentials, he can listen in on the
unauthorized
entity
from
accessing
user's transactions and personal information [92].
A data breach happens when an unauthorized person
or group of persons accesses protected, secure,
sensitive,
or
confidential
data.
Users
5.8 Denial of Service
and
organizations in a cloud environment all have access
Because of the crucial services they provide, certain
to the same data. Any breach of this [89] cloud
businesses require their systems to be available at all
environment would open the door to all users' and
times. The cloud services provider makes resources
businesses' data. The attacker's primary aim is usually
available to a large number of clients. If an attacker
not the user, although the user is ultimately affected.
uses all available resources, others cannot use those
Because of multi-tenancy, customers using different
resources, which leads to denial of service and could
applications on virtual machines could share the same
slow accessing those resources. Customers that use
database and any corruption event that happens to it
cloud services and are victimized by the botnet could
is going to affect others sharing the same database
also seek to disrupt the availability of other providers.
[90].
5.9 Transmission of Data
5.6 Cloud Data Control and Loss of Transparency
Data is transmitted from one location to another in a
Consumers are ignorant of the data loss that is out of
cloud system. Although encryption is used to protect
their control due to the cloud service provider's
data during transmission, most data is not encrypted
storage of data. The user's access to confidential data
stored in the cloud could be compromised [91]. The
during processing, and it must be unencrypted in
order to be processed for any purpose. An attacker
user has no idea where, how, or when the data is
can find a place between communication paths. The
handled due to a lack of transparency. To fix this
attacker can change the communication.
issue, the user must understand what happens to the
data. Cloud service providers are technically able to
do data mining as well as data abstraction need
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
126
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
5.10 Lack of Trust and Dependence on Cloud Provider
5.14 Keeping Application Integrations Up to Date
The availability of cloud services is a key issue. Due to
a shortage of funds, the cloud service provider has
Enterprise cloud apps of today are built on cutting-
ceased to provide services, and users may experience
edge, internet-optimized architectures. Vendors can
difficulties accessing their data. Some widely used
design their services and accompanying interfaces
cloud service provider, for instance Google Drive does
using the contemporary web technologies that
not provide any contract between the user and cloud
underpin these apps.
service provider.
professionals, that also means that every new vendor
Unfortunately for the IT
may require a new approach when it comes to
5.11 APIs and Storage Gateways
integration,
particularly
concerning
user
authentication and management.
To help them migrate their data to the cloud, several
businesses employ cloud storage APIs or storage
gateways. Between the [93] user and the storage
5.15 Data Location
provider, these products serve as a go-between. They
Cloud providers have a slew of data centres strewn
may make it easier for your employees to access and
over the globe. Users of cloud computing need to
manage data in your cloud, but an insecure API or
know where their data is stored, hence data location
gateway could endanger your data. If you want or
is a problem. Depending on the jurisdiction, some
need to utilize a storage API or gateway, ensure sure
countries compel corporations to retain their data in
it has a good reputation for security.
their country. Also, there are regulations in some
countries where the company can store their data.
5.12 Sharing of Data
Also, the data location matters when the user data is
stored in a location that is prone to wars and disasters.
The utilisation of data is rising as a result of data
sharing. The data owners can grant one party access
5.16 Latency
to the data, and that party can then share the data
with others. This sharing can lead to major issues,
Traffic
congestion
can
cause
delays
in
data
such as data leaks to an unauthorized people.
transmission to and from the cloud, especially when
Therefore, during the data sharing especially when
using shared public internet connections. Companies,
shared with a third party, the data owners need to
consider whether the third party continues to
on the other hand, can reduce latency by increasing
connection bandwidth.
maintain the original protection measures and usage
restriction.
5.17 Distributed Denial of Service (DDoS) Attacks
5.13 Destruction of Data
DDoS attacks aren't new, but they can be particularly
debilitating when directed against our company's
When data is no longer needed, it is expected to be
public cloud. DDoS attacks have a significant impact
totally deleted. The data destroyed may still persist
on the availability and security of key infrastructure
and be restored due to the physical features of the
in the cloud [94]. This form of assault can be
storage medium. This could lead to the disclosure of
crippling, causing systems to slow down or shut
sensitive information.
down. DDoS attacks also consume significant amounts
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
127
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
of processing power a bill that the cloud customer
according to the report [96]. When a denial of service
(you) will have to pay.
assault is launched against a client's cloud service, the
service may be harmed rather than shut down, in
5.18 Multi Tenancy
which case the customer will be billed by his cloud
service for any resources utilized during the attack.
The term “multi-tenancy” refers to the sharing of
Cloud computing, on the other hand, has increased
physical equipment and virtualized resources among
their popularity [97]. These assaults consume a lot of
numerous users. An attacker could be on the same
computing power and slow down cloud availability.
physical machine as the target if this arrangement is
The worst part is that there's nothing you can do but
used. Multi-tenancy characteristics are used by cloud
sit and wait once it happens.
providers to create infrastructures that can easily scale
to meet customers' needs; nevertheless, because
5.21 Regulatory Compliance
resources are shared, it may be easier for an attacker
to obtain access to the target's data.
Certain industries, such as healthcare and finance,
have to comply with strict data privacy and archival
5.19 Virtual Machine Rollback
regulations, which may prevent companies from
using cloud storage for certain types of files, such as
Rolling back a virtual computer to its earlier state is a
medical and investment records. Choose a cloud
process. This procedure has additional security risks
storage provider that enables compliance with any
because it gives the user more flexibility. For
industry rules that affect your business if at all
example, a virtual machine could be rolled back to a
possible.
previous vulnerable state that has not been repaired
[95] or to an out-dated security policy or old
5.22 Loss of Control
configuration. In another example, a user could be
deactivated in a previous state but still have access
Another potential security breach that can occur
when the virtual machine's owner rolls back.
when customers' data, apps, and resources are housed
on the cloud provider's premises is loss of control. As
5.20 Denial of Service (DoS) Attacks
the users do not have explicit control over their data,
this makes it possible for cloud providers to perform
Denials of service assaults are an old approach in the
data mining over the users’ data, which can lead to
internet world, but they still pose a concern. Before
operations are clogged by hundreds of thousands or
security issues. Furthermore, because cloud providers
store data in multiple data centers, customers cannot
millions of automated requests for service, they must
be certain that their data is truly deleted when they
be discovered and screened out. However, attackers
remove it. This could lead to data being misused that
have devised increasingly sophisticated and dispersed
hasn't been removed. In these types of situations
methods of carrying out the attack, making it more
difficult to distinguish between malicious actors and
where the consumers lose control over their data,
they see the cloud provider as a black-box where they
legitimate users in a modern-day botnet attack. For
cannot directly monitor the resources transparently.
cloud customers, "experiencing a denial-of-service
attack is like being caught in rush-hour traffic
gridlock: there's no way to get to your destination,
and nothing you can do about it except sit and wait,"
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
128
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
5.23 Cryptojacking
clients by ensuring them that their operations are
Cryptojacking is a sort of cyber-attack in which a
certified to meet organizational safeguards and
standards.
hacker uses a target's processing capacity to mine
crypto money on his or her own behalf. Individual
5.26 Cross Virtual Machine (VM) Side-Channel
customers, large institutions, and even industrial
Attacks
control systems can all be targets of cryptojacking.
Cryptojacking virus slows down infected machines
The attacker must be in a different virtual computer
since the mining process takes precedence over other
on the same physical hardware as the victim to carry
legitimate tasks [98]. Cryptojacking has become a
out this attack. The attacker and the victim are both
serious global problem, with cybercriminals gaining
using the same CPU and cache in this attack. When
unauthorized entry to computer systems to make
the attacker switches the virtual machine execution
money with minimal risk and effort. Hackers are
of the victim, the attacker can learn about the victim's
inventing new techniques to steal computer resources
and mine for crypto currency, which is known as
behaviour. An example of a virtual machine sidechannel attack and how an attacker can deduce
cryptojacking.
information about a victim can be found here. The
timing side channel attack is one kind of virtual
5.24 Accidental Exposure of Credentials
machine side channel attacks. This attack is based on
calculating how long certain computations take. This
In their phishing attempts, phishers frequently
attack has the potential to leak sensitive information,
leverage cloud apps and environments as a pretext.
such as the identity of the person performing the
Employees have become accustomed to receiving
calculation or information from the cloud provider
emails with links that may ask them to confirm their
itself. Due to privacy concerns, the owner of the
account credentials before gaining access to a
virtual machine can check other [99] virtual
particular document or website, thanks to the
machines, making this attack difficult to detect.
growing use of cloud-based email (G-Suite, Microsoft
365, etc.) and document sharing services (Google
5.27 Misconfigured Cloud Storage
Drive, Dropbox, OneDrive). This makes it easy for
cybercriminals to learn an employee’s credentials for
For cybercriminals, cloud storage is a valuable supply
cloud services. As a result, 46 percent of firms are
of stolen data. Despite the high stakes, businesses
concerned about unintentional exposure of cloud
credentials, which could endanger the privacy and
continue to make the error of misconfiguring cloud
storage, which has resulted in significant losses for
security of their cloud-based data and other resources.
many businesses. According to a report by Symantec,
nearly 70 million records were stolen or leaked in
5.25 Trust Chain in Clouds
2018 due to misconfigured cloud storage buckets. The
By ensuring on cloud providers, trust plays a key
survey also noted the advent of a number of
technologies that allow attackers to discover and
function in recruiting more customers. Cloud users
target misconfigured cloud storage. Cloud storage
rely on cloud providers to employ trust mechanisms
misconfiguration can quickly escalate into a major
as an alternative to offering them visible control over
cloud security breach for an organization and its
their data and cloud resources due to a loss of control.
customers.
As a result, cloud providers genuine trust in their
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
129
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
their malicious actions such as the unauthorized
5.28 Snooping
collection of a user’s data.
Without security precautions in place, files in the
cloud are among the most vulnerable to being hacked.
5.32 Data Breaches
The fact that they are saved and transmitted across
the internet adds to the danger. Snooping in network
A data breach occurs when sensitive, protected, or
security compromises the privacy of a variety of data
confidential information is copied, communicated,
that should be kept private on a computer network.
viewed, stolen, or exploited by someone who is not
allowed to do so. As a result of the huge data held in
5.29 Lack of Backup Services
the clouds, cloud providers are an attractive target for
hackers. The severity of the attack is determined by
One of the most common concerns about storage
the confidentiality of the information that will be
systems
backup
disclosed. If the disclosed material is personal, such as
capabilities. They expect you to back up the data you
put in the cloud instead. This problem does not affect
health information, trade secrets, or intellectual
property of a person or an organisation, the damage
all storage providers; in fact, some will automatically
will be serious [101]. This will result in significant
backup your data for you. Those that do not provide
harm.
is
that
they
lack
automatic
backups, on the other hand, do not provide a safety
net in the event of a sudden data loss.
5.33 Synchronization Mechanisms Issues
5.30 Weak Authentication and Identity Management
In cloud storage SaaS deployments, synchronisation
methods are widespread. When files are modified on
Data breaches in businesses are caused by a lack of
a local device [102], such technologies allow updates
adequate authentication and identity management.
to be propagated to all other devices that are
Businesses
identity
interested in those files. Tokens are commonly used
management because they try to assign access to each
to implement these procedures, which have been
user based on their job function [100]. Enterprise
found to introduce new vulnerabilities that can lead
cyber-security might be endangered by poor identity
to data exfiltration. An example of attack exploiting
management. For example, cyber-criminals gained
such [103] vulnerability is the Man in the Cloud
access to 80 million records containing personal and
(MitC) attack. Because of its propagation properties,
medical information as a result of the Anthem Inc.
data breach. Anthem had neglected to implement
this type of attack can be carried out on both an IoT
device and a Cloud platform, allowing it to be used
multi-factor authentications hence this vulnerability
against other IoT [104] devices that use the same
was the result of stolen user credentials.
implementation.
5.31 Trojan Horse
5.34 Abuse of Cloud Services
A Trojan horse is a programme that appears to be
One of the most significant advantages of cloud
useful but is actually destructive to the host PC. A
computing is that it gives even tiny businesses access
dangerous payload is concealed in some areas of this
to massive amounts of processing power. Purchasing
sort of malware that can exploit or damage the host
and maintaining tens of thousands of servers would
system. Trojan horses can also be spyware because of
be prohibitively expensive for most businesses, but
sometimes
struggle
with
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
130
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
renting time on tens of thousands of servers from a
The security and privacy of cloud storage is a critical
cloud computing provider is far cheaper. Not
everyone, however, wants to put this power to good
problem, especially if your company handles sensitive
data such as corporate data, credit card information,
use. An attacker could take a year to crack an
and medical records, among other things. However, if
encryption key using his own constrained gear, but
you wish to store information virtually, we must
he could crack it in minutes utilising a network of
consider the added risk that your information may be
cloud computers.
accessible to other potentially people who you do not
wish to have access. Subscribers to the cloud want
5.35 Shared Technology Vulnerabilities
reassurance that their data is protected from cyber
threats using the most up-to-date ways [109]. Layered
Cloud
computing
enables
the
sharing
of
security and privacy solutions for the cloud subscriber
infrastructure, platform, and software to provide
will be required, including endpoint protection,
services. Different components such as CPUs and
content and email filtering, and threat analysis, as
GPUs, on the other hand, may not be able to meet
cloud security criteria such as absolute isolation.
well as best practices such as regular updates and
patches. We require clear access and authentication
Furthermore, certain apps may be created without the
policies, as well as privacy policies. In this section, a
use of trusted computing standards [106], resulting in
number of techniques have been proposed by in this
shared technology dangers that can be exploited in a
paper for data protection and to attain highest level of
variety of ways.
data security and privacy in the cloud storage [110].
Attackers have utilised shared
technological weaknesses to launch cloud attacks in
recent years. One such attack is gaining access to the
hypervisor to run malicious code, get unauthorized
access to the cloud resources, virtual machines, and
custom subscriber data.
VI. Possible Solutions for Security and Privacy Threat
in Cloud Data Storage
6.1 Consistent Security Updates
How frequently do you ignore the prompts to
upgrade your operating system, browser, or email
client? In the area of computer security, that's a nono. Such upgrades frequently include capabilities to
defend your devices from the most recent viruses and
malware. When you save your data on the cloud,
Many new technologies are rapidly emerging, each
however, the companies in charge of the servers
with technological improvements and the promise to
should keep their security procedures up to date. We
make people's lives easier. Although cloud computing
won’t have to worry about forgetting to run an
provides numerous benefits, there are still many [106]
update. Your cloud service provider's security
security and privacy issues. As a result, it is critical to
measures will be updated on a regular basis.
understand the security and privacy risks associated
with using these technologies. Data security [107] and
privacy concerns are the biggest roadblocks to cloud
computing are rapid growth. It's reasonable to be
concerned about the security of your data when it's
stored in the cloud infrastructure. After all, your
documents, images, and videos are saved on servers
that you do not control. You might be wondering if
these servers are vulnerable to cyber criminals [108].
6.2 Encryption Mechanisms
These mechanisms are responsible for implementing
the encryption technique that is used to conceal or
obfuscate data. The majority use on key-based
algorithms, which employ either a shared key or a
public & private key combination. Tokenization, on
the other hand, is a method of replacing anonymous
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
131
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
data tokens with specified token fields. This approach
replaces identity with a set of attributes, and only
is widely used in business applications such as CRM
and other business apps. Data can now be encrypted
users whose attribute set fits the access policy can
access the encrypted material. The ABE algorithm is
in the database and only decrypted when utilised
divided into four sections. The setup phase, also
with an approved application and allowed user
known as the system initialization phase, is where
credentials, according to most database software.
relevant
Another option is to utilise encryption appliances,
associated public parameters (PK) and master keys
which encrypt data as it leaves a private network and
(MK) are generated. The data owner provides their
decode it when accessed by a trusted user. The
own attributes to the system in the second phase of
encryption we use must be compatible with the
the KeyGen step, namely the key generation stage, to
capabilities of the application we're using and the
acquire the private key associated with the attributes.
cloud service provider we're utilising. Different
The data owner encrypts the data using his or her
mechanisms may have a considerable impact on the
public key, obtains the cypher text (CT), and delivers
user experience, so the impact
performance must also be addressed.
it to the receiver or to the public cloud in the third
part encryption phase. In the last part decryption
on
end-user
security
parameters
are
entered
and
phase, decryption users get cipher text, decryption
6.3 Formal Change Control Process
with their own private key SK. In data sharing
The cloud is fast and secure for time-sensitive data if
enterprises
have
a
formal
control
process
modification. If the organisation does not have a
proper change process control in place during routine
upgrades, the servers will fall down and no one will
applications, attribute-based encryption promises to
give fine-grained access control over encrypted files,
allowing the data owner to select who can access the
protected data.
6.5 Access Control in Cloud Computing
be able to access the data. And if the data is time
sensitive than this cloud which do not have formal
In cloud computing, access control is a critical
change process control, they are not safe for tie
security method for ensuring data security. It ensures
sensitive data. Organizations that execute changes and
that only authorised users have access to the cloud-
setup in a specially appointed way will probably
based data they've requested. In cloud computing,
encounter huge downtime in their condition. Lack of
foresight and a lack of progress management are the
there are a variety of security techniques that allow
for adequate access management. On separate
primary causes of system outages. If the data you're
network and cloud tiers, intrusion detection systems,
sending to the cloud is time-sensitive, we'll need to
firewalls, and responsibility separation could be
work with a vendor who follows a structured change
deployed. Only restricted content is allowed to enter
management process, avoiding the inherent risk of
over the cloud network due to the firewall. Typically,
unplanned modifications.
a firewall is configured according to the user's
established security policies.
6.4 Attribute Based Encryption
6.6 Homomorphic Encryption
For the first time, Sahai et al. presented fuzzy
identity-based encryption [111], which is the origin
Encryption is commonly used to protect data secrecy.
of attribute-based encryption (ABE). In contrast to
Rivest et al. [112] devised a type of encryption system
identity-based encryption, attribute-based encryption
called homomorphic encryption. It assures that the
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
132
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
results of the cypher text algebraic operation are
6.7 Secure Data Destruction
compatible with the clear operation following
encryption results, and it also eliminates the necessity
When data must be destroyed, it must be done safely.
to decrypt the data throughout the procedure. The
The hazards of data leaking are present if data
application of this technology has the potential to
destruction is not safeguarded.
solve the problem of data and data operations secrecy
securely destroyed, anyone can retrieve it. If you
in the cloud. Gentry et. al. firstly proposed the fully
store classified and sensitive data on the cloud and the
homomorphic encryption method [113], which can
vendor fails to properly destroy data from defunct
do any operation that can be performed in clear text
equipment, the data is put at risk unnecessarily. A
without decrypting. It's a significant step forward in
data deletion service's purpose is to fully obliterate
homomorphic encryption technology. In figure 4
sensitive or critical data. Third-party or proprietary
shown, the easier for us to understand how
software is used to make it possible. After the process,
homomorphic encryption works in cloud. The data
it is expected that data can no longer be recovered
and used for any unauthorised or fraudulent purposes.
owner protects the data and sends it to the cloud
server using homomorphic encryption. With the
associated private keys, authorised users can decrypt
the cypher text. User 2 just needs to send the
functions corresponding to the operations to the
cloud server if he wants to do certain specific
operations on cypher text. The servers get operand
and perform the operation without decrypt the cipher
text and return the encrypted result to user second.
Homomorphic encryption effectively protects the
security of outsourced data.
When data is not
6.8 Multi-Authority Attribute Based Encryption (MAABE)
The figure 5 shows how many attributes are managed
by distinct authorities. Each attribute creates an
encrypted private key to prevent the authority centre
from stealing it [114]. To ensure proper decryption,
each policy authority has a master key. The total keys
of the attribute authority are equivalent to the
system's master key [115].
Figure 4 Homomorphic Encryption
Figure 5 Multi-Authority Attribute Based Encryption
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
133
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
Different colluding users can recover the master key,
6.11 Encryption of Backups
putting the system's security at risk. As a result, the
contradiction between the system's correctness and
Data backups in the cloud must be encrypted;
security is a tough problem in ABE research. Because
otherwise, data encryption is worthless if the backups
the central authority (CA) guarantees the operation of
are not encrypted. If these backups are not
decryption, the research of multi-authority is divided
safeguarded with adequate encryptions, any hacker
into two categories first ABE with CA and second
can gain access to them. Data is not secure if backups
ABE without CA. In the standard model, Liu et al.
are not encrypted. A reinforcement that hasn't been
[116] built a new multi-privilege cypher text strategy
tested is a useless reinforcement. In the generation
ABE scheme for cloud storage data access control
condition, a decoded reinforcement overcomes the
system, which was shown to be self-adaptive and
security
secure, and supported monotonous access strategy.
throughout its entire existence.
6.9 Encrypted Search and Database
6.12 Built-in firewalls
For the privacy and security of sensitive data in an
Firewalls are used by cloud providers to protect your
untrusted cloud environment, an in-memory database
encryption solution is proposed [117]. In order to gain
files as well. This technology works in the same way
as a wall, keeping your data safe. Firewalls, which can
access to the data, a synchronizer exists between the
be either hardware or software-based, apply rules to
owner and the client. To decode the encrypted shared
all network traffic. These rules are intended to filter
data, it receives from the owner, the client would
out potentially harmful traffic and keep your data safe
need a key from the synchronizer. The synchronizer
is used to keep track of the associated shared data as
behind the firewall. This makes it more difficult for
hackers to slip malware or viruses past the security
well as the keys. For cloud databases, Huang et al.
measures used by your cloud service provider.
[118] presented an asymmetric encryption technique.
Commutative encryption is employed on data several
times in the proposed process, and the order of
public/private keys used for encryption/decryption is
irrelevant.
6.10 AI Tools and Auto Patching
measures.
Data
should
be
protected
6.13 Hierarchical Attribute Set Based Encryption
(HASBE)
Each user or data owner is maintained by a domain
authority, which combines the properties of attribute
set
based
encryption (ASBE)
and
hierarchical
identity-based encryption (HIBE). The system can
Artificial intelligence, or AI, is also being used by
have five types of participants: the first is the data
cloud providers to help protect your data. This is
owner, the second is the user, the third is the domain
critical, yet finding skilled security personnel to
authority, the fourth is the parent and trusted
supervise data is difficult. Cloud providers, on the
authority, and the fifth is the cloud service provider.
other hand, can use artificial intelligence to handle at
To build the hierarchy of system users, the scheme
least the initial level of security assessments. Built-in
algorithms are used by these tools to look for and
employs the delegation algorithm. Rachel et. al. [119]
identify potential security flaws.
set, which extended the user hierarchy to ASBE. This
proposed a hierarchical encryption based on attribute
system inherited flexibility and fine-grained access
control in enabling composite attributes, as well as
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
134
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
scalability of hierarchical structure. Wan et al. [120]
cloud user's authenticity through one-factor or two-
proposed the HASBE system, which expanded
attribute set encryption based on a user hierarchical
factor authentications, the second layer encrypts the
user's data for security and privacy, and the third
structure's cypher text strategy while inheriting
layer ensures quick data recovery through a fast
ASBE's fine-grained access control. Data owners and
decryption procedure.
service providers are rarely in the same trusted
domain in cloud computing. Further, [121] proposed a
secure
and
efficient
cloud
computing
data
collaboration scheme based on hierarchical attribute
encryption.
This
approach
provided
partial
decryption structure and produced partial signatures
by outsourcing signature calculation when users
6.16 Written Security Policies Plan
The security of the data will be guaranteed if the
cloud service provider has a written security plan of
policies. If the cloud service provider does not have a
written security plan of policies, the cloud is not safe
decrypted cypher text. A hierarchical attribute-set-
and the security of the data cannot be guaranteed
based encryption was proposed by Gokuldev et al.
[122]. This system inherited not just the scalability of
policies. This indicates that they are working on a
a hierarchical structure, but also the flexibility and
fine-grained access control that ASBE composite
because they do not have a written plan of security
data security programme. Organizations that have
not formalized their security strategies cannot be
attributes require.
trusted
with
6.14 Redundancy (ultra-backed-up data)
establishment and without security is just an idea in
information.
your
Strategies
touchy
shape
corporate/
the
system
client
and
retrospect
What if there's a hardware breakdown or a power
outage? Will you be able to access your data in the
event of a natural disaster or a large-scale outage at
your cloud provider. Because the majority of the
world's largest cloud providers use redundancy. This
means that they copy your data several times and
6.17 Ranked Keyword Search
Ranked keyword search refers to the system's
feedback returns sorted by relevant parameters such
keyword frequency, which improves the system's
store them on many different data centers. You can
applicability and meets the real-world need for
access your files from a backup server if one machine
breaks down.
privacy protection in cloud computing. To safeguard
privacy, Sun et al. [125] suggested a multi-keyword
6.15 Hybrid Technique
on cosine similarity, this approach developed a search
For data secrecy and integrity, a hybrid solution [123]
index based on word frequency, and the vector space
model can gain improved search result precision. A
is presented, which combines key sharing and
cypher text keyword ranking search technique was
authentication techniques. Using strong key sharing
proposed by Cao et al. [126]. They use "coordinate
and authentication mechanisms, the user's connection
matching" and "inner product similarity" to quantify
to the cloud service provider can be made more
the similarity, according to safe inner product
secure. RSA public key algorithm can be used for
computation. Wang et al. [127] suggested a ranked
secure distribution of the keys between the user and
search symmetric encryption (RSSE) system with
cloud service providers. A three-layered data security
little information leakage. This technique also created
method is offered [124]. The first tier ensures the
a novel encryption primitive that employed one-to-
search technique based on similarity ranking. Based
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
135
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
many mappings to safeguard privacy and verify search
visual false data to distort the volume of the real data.
results in order to search the encrypted file set. A
multi keyword ranked search technique was
Authorized users, on the other hand, can quickly
distinguish between bogus and authentic data. Data
developed to capture the correlation between data
concealing techniques boost the overall volume of
documents and
a
genuine data while improving the security of personal
coordinate matching mechanism [128]. In addition,
information. The goal of data hiding is to protect
the scheme used the inner product similarity to
sensitive information from harmful users and
quantitatively evaluate the related similarity measure.
attackers. Watermarking [131] can be used as a key to
search queries by
creating
unlock the real data. Only the authorized users have
6.18 Proper Usage of Administrative Privileges
key of watermarking, so the authentication of users is
Administrative powers should be limited in cloud
computing organisations, and administrative accounts
should only be used when absolutely necessary. All
the key to ensure the true data to be accessible for
right users.
6.20 Key Management Strategy
administrator accounts should be inventoried using
with
This refers to the way you manage your encryption
administrative access on laptops, desktops, and servers
keys. There are already a number of cloud services
should be authorised by a senior executive. All
that provide key management solutions, many of
administrator passwords should be complicated,
which are part of a broader cloud service suite. The
containing a combination of digits, letters, and special
drawback with these options is that you're still giving
characters, and should not contain dictionary words
someone else power over your data. An approach that
[129]. Before introducing any new devices in the
keeps the keys under your organization’s control,
networked
for
either through a key management solution or an
operating systems, applications, firewalls, routers,
encryption appliance, may provide better risk
wireless access points, and other systems should be
mitigation, especially in jurisdictions that have strict
changed. Passwords for service accounts should be
data localization laws.
automated
techniques,
systems,
all
and
each
default
user
passwords
changed on a regular basis and should be long and
difficult to guess. Passwords should be encrypted or
6.21 Multi-Tenant
hashed before being stored. Hashed passwords should
follow the guidance supplied in NIST SP 800-132 or
The core of cloud computing is virtualization
similar guidance. Administrator must use unique and
different passwords for their administrative and nonadministrative accounts. This objective can be
accomplished by enforcing policies and increasing
technology, which paved the way for multi-tenant
cloud computing. Multi-tenant software is frequently
installed on the same physical host, which might
cause problems for other users, such as channel
user knowledge.
attacks.
Because
the virtual machine
can be
6.19 Data Concealment
requirements, and access permissions can be changed,
dynamically transferred based on performance and
ensuring privacy protection is critical. Landuyt et al.
Data hiding could potentially be utilised in the cloud
[132] suggested a multi-tenant and flexible access
to maintain data secrecy. Delettre et al. [130]
control strategy that ensured strong data isolation for
proposed a database security concealing concept. Data
businesses in cloud stores. It can turn an employee
concealing techniques combine genuine data with
into an unauthorised user with no access to others
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
136
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
and ensure that cloud data is properly isolated Ngo et
Rackspace, etc., enterprises can spin up instances to
al. [133] developed a new multi-tenant access control
approach based on the safety obligation separation
encrypt structured and unstructured data without
rearchitecting or recoding applications.
principle. CSP may manage the security issues of
cloud tenants such as addition, deletion, and
management under this approach. Gonzales et. al.
[134] proposed a service-oriented multi-tenant access
control model that can meet the requirements of the
users and automatic generate related roles in the
cloud environment.
6.23 Third-Party Security Testing
Outside security organizations should be hired by the
cloud provider to test their servers and software on a
regular basis to ensure that they are safe from
hackers, cybercriminals, and the newest malware and
viruses. This outside testing boosts the odds that your
cloud provider will have the defenses needed to keep
6.22 Strategies for Secure Transition to the Cloud
your files away from hackers.
Protecting what matters is the most important aspect
of data security. Solutions that allow businesses to
reliably migrate to the cloud while retaining most of
their existing infrastructure and investments provide
considerable benefits.
By securing data inside the
operating environment while setting security policies
and
keeping
management
control
interface,
through
a
centralized
vormetric
data
security
addresses the enterprise cloud security conundrum.
Vormetric collaborates with cloud providers and
businesses to protect data, regardless of whether it's
[135]
stored
in
physical,
virtual,
or
cloud
environments. Organizations can establish access
policies and achieve complete control of data in
6.24 Reliability of Hard-Drive
In the cloud environment, hard drives are now the
most used storage medium. The core of cloud storage
is the reliability of hard discs. Pinheiro et al.
investigated the error rate of hard drives using
historical hard-drive data [138]. They discovered that
hard-drive error rates are not significantly related to
temperature or frequency of usage, and that harddrive
error
rates
have
strong
clustering
characteristics.
6.25 Encrypt Your Data
private, public, or hybrid cloud environments. Only
To begin, ensure sure your files are sent to a cloud
vormetric provides a complete platform for protecting
both local data within the internal environment and
service provider that encrypts data. We aim to make
cloud-based data within infrastructure or hosted
possible. The storing your images and files with a
application sites when moving to the cloud [136]. The
provider that relies on encryption will give hackers
combination of structured and unstructured data
pause. They have an easier time stealing data that
protection, as well as fine-grained user and process
hasn't been scrambled.
it as difficult for hackers to access your information as
access controls that guard against unauthorized access
to protected data. Because it is installed atop the file
6.26 Service Abuse
system and logical storage volume levels, the
vormetric data security transparently secures data
Attackers can utilise the cloud service to obtain extra
without needing application or database redesign or
data or ruin the interests of other users by abusing it.
recoding,[137]and
users,
Other users may misuse user information. In cloud
applications, and cloud storage. In IaaS environments
storage, de-duplication technology is extensively
such as Amazon EC2, IBM Smart Cloud, Savvis,
employed, which means that the same data is
is
transparent
to
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
137
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
frequently kept once but shared by several users
bank to issue you a code by email or phone. To gain
[139]. This reduces storage space and lowers cloud
service provider costs, but attackers who know the
access to your accounts, we are entering this code into
the system. Hackers will have a harder time gaining
hash code of the stored files can access the data. The
access to your emails, personal information, or
sensitive data could then be leaked on the cloud. So,
financial information if you take this extra step.
proof of ownership approach has been proposed to
check the authentication of cloud users. Idziorek et.
al. proposed this question and researched on the
detection and
identification
of fraud
resource
6.30 Deploy Multi-Factor Authentication (MFA)
The
conventional
username
and
password
consumption [140].
combinations are frequently insufficient to secure
6.27 Perform Data Backups
one of the most common ways for hackers to get
user accounts from hackers, and stolen credentials are
access to your online business data and apps. They can
Ensure that you only engage with cloud service
log into all of the cloud-based programs and services
providers who back up your data. We don't want all
that you use every day to run your organization once
of your data to be stored on a single server. If that
they have your user credentials [141]. Multi factor
server goes offline, you won’t be able to access your
data. Even if you save your most sensitive data in the
authentication (MFA) protects all of your cloud users,
cloud, you should consider backing it up on your own
your cloud apps and access critical data in your on- or
external hard drives. This will provide you with an
off-premise environment. MFA is one of the simplest
extra layer of protection should something happen
yet most effective security measures for preventing
with your cloud provider.
hackers
ensuring that only authorized workers can log in to
from
gaining
access
to
your
cloud
applications. In fact, most security experts will warn
6.28 Access to Data
Enterprise data must only be accessed and viewed by
administrators, not by users. This access will improve
you that failing to deploy MFA as part of your
infrastructure as a service (IAAS) design is now
regarded careless.
the security of data stored in the cloud. Although
many cloud apps are designed to facilitate client
VII. Benefits of Cloud Computing
collaboration, free programming trials and join
opportunities make cloud administrations accessible
To put it another way, cloud computing is computing
to unscrupulous clients. DoS attacks, email spam,
that is fully based on the internet. People no longer
computerised click extortion, and pilfered content are
need to download software from a server or a physical
only a few of the actual assault types that can ride in
computer to run programs or apps; instead, cloud
computing services enable them to access those
on a download or sign in.
applications via the internet [142]. Cloud computing
6.29 Enable Two Factor Authentication
is a type of computing in which software and services
are supplied virtually across a private or public
When you log onto a website using two-factor
authentication, you must submit two pieces of
network. The cloud's fundamental goal is to provide
cost-effective, adaptable resources to improve user
information. Let's pretend we're logging into your
experience. The practice of installing remote servers
bank's website. We begin by providing your login
accessed via the internet to store, manage, and process
and password, as is customary. We next wait for your
healthcare-related data is known as cloud computing
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
138
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
in healthcare [143]. The advantages of cloud
7.4 Flexibility
computing are numerous and remarkable. Here are
just few of the many cloud computing advantages
Clients benefit from a great deal of flexibility
discussed.
provided by the cloud computing. The cloud makes
service testing and deployment a breeze. Customers
7.1 Time-Saving, On-Demand Services
can pick and choose which services they want and
how much they want to pay for them. By providing a
Self-service delivery is a characteristic of cloud
variety of services, cloud services can better meet
computing for various workloads and requirements.
changing business demands. If any application
Its allure stems from the fact that any service can be
provided by the cloud is not getting our job done, we
accessed on demand. This means you can gain new
have the flexibility to switch to another cloud.
capabilities right away without investing in new
hardware or software.
7.5 Easy Data Backup and Restore
7.2 Sustainability
Data backup and restore has become a critical
requirement for businesses as the number of cyber-
Given the current situation of the environment, it is
no longer sufficient for businesses to place a recycling
attacks and security breaches has increased. Cloud
computing solutions can help you store vital data
bin in the break room and claim that they are helping
offsite, duplicate it, and restore it when needed.
the environment. True sustainability necessitates
Traditional data backup and restore alternatives are
solutions that address waste at all levels of a company.
available, but they are inefficient and difficult to
Cloud hosting is more environmentally friendly and
leaves a smaller carbon footprint [144]. Cloud
scale. Cloud-based data backup allows you to save a
large amount of data in the cloud and expand your
infrastructures help the environment by powering
storage space without the need for additional
virtual services rather than actual items and
hardware. Most of the cloud backup service providers
hardware, minimizing paper waste, increasing energy
ensure that data is encrypted during upload and
efficiency, and lowering commuting emissions. Based
download. They also meet data security and
on the expansion of cloud computing and other
compliance requirements.
virtual data alternatives, a Pike research report
anticipated that data center energy consumption will
7.6 Improved Mobility
decline by 31% from 2010 to 2020.
Apps and data may be accessed from anywhere at any
7.3 Flexible Costs
time thanks to the cloud. All of this is attributable to
the rising number of mobile devices such as
The cloud flips the script on traditional capital
smartphones and tablets. The “anywhere, anytime”
expenditure investment, with the vast bulk of cloud
benefit also certainly applies to business. Employees
spending being operational. Since a third-party
vendor will take care of maintenance, a company
gain flexibility, becoming more efficient with
doesn’t have to fund a support team to fix problem
servers.
The
initial
expenses
of
infrastructure
workflows and customer service.
7.7 Disaster Recovery
requirements, such as the purchase of local servers,
are significantly reduced.
Unexpected events, natural disasters, and operational
hiccups are an unavoidable reality for which
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
139
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
everyone must prepare. When such unforeseeable
7.11 Loss Prevention
events hit, however, any organisation might suffer
significant losses. While physical infrastructure
All of your valuable data is inextricably linked to the
failure can be remedied, the loss of data has a long-
office computers if your company does not invest in a
term impact on an organization's structure and
cloud-computing solution. This may not appear to be
stability [145]. On the other side, storing data in the
a concern, but if your local hardware fails, you could
cloud protects all of your vital information from
lose your data forever. Computers can fail for a
damage, even in the face of the most terrifying
variety of causes, ranging from viral infections [146]
tragedies. With cloud services, you can count on
to age-related hardware degeneration to simple user
quick data recovery in an emergency, be it a natural
error. They can also be misplaced or stolen, despite
disaster like a flood or human-made trouble such as a
the best of intentions. If we don't use the cloud, you
fire or even something as simple as power outages.
risk losing all of the data you've saved locally. With a
7.8 Easily Manageable
cloud-based server, however, all of the data you've
uploaded to the cloud is safe and accessible from any
computer with an internet connection, even if your
Cloud computing enables IT maintenance and
primary computer isn't working.
management to be simplified and improved through
SLA-backed
agreements,
central
resource
7.12 Economies of Scale
administration, and managed infrastructure. We get
to enjoy a basic user interface without any
Cloud computing saves money by taking advantage of
requirement for installation and we are assured
economies of scale. According to a study by Booz
guaranteed and timely management, maintenance,
Allen Hamilton, cloud computing could cut costs by
50 to 72 percent for a deployment of 1000 servers.
and delivery of the IT services.
Customers who use the cloud can save money by
7.9 Increased Collaboration
taking advantage of vendor economies of scale and
reducing
Cloud computing is primarily designed to enhance
their
investments
in
on-premises
infrastructure.
work operations, which includes data exchange
between
co-workers
and
business
partners.
7.13 Multimedia Cloud Computing
Organizations demand more apps for file sharing and
streamlined workflows. Remote workers can instantly
Users can now quickly access multimedia information
connect and communicate with fellow employees and
through the internet at any time thanks to the
important clients.
invention of cloud computing. After subscribing, the
user can easily store multimedia [147] content of any
7.10 Carbon Footprint
sort and size in the cloud. Because the calculation
time for processing media data is longer in
Cloud computing is assisting businesses in reducing
their carbon impact. Organizations only use the
complicated hardware, the cloud can not only store
resources they require, avoiding any unnecessary
and image. After processing, processed data can be
over-provisioning.
simply retrieved from the cloud via a client without
but also process media material such as audio, video,
the need for complex hardware installation.
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
140
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
7.14 Operational
promotes staff communication and cooperation. They
Technology will never be perfect, but some of it is
can collaborate on papers and projects together,
resulting in greater cohesion and teamwork. This is
simpler than others. This includes cloud computing
made possible by data centralization and real-time
infrastructure, which is often hosted on separate
cloud server updates.
servers by a third-party vendor. So, when problems
do arise, it’s the vendor’s job to promptly fix the
7.19 Real-Time Insights
problem instead of having on-site IT staffs spend time
Millions of data points exist in your business data that
and resources file claims or updating servers.
can be used to improve it. It can be difficult [149] to
7.15 Quality Control
assess how your firm is doing and what route to take
next if your data is concealed in silos of data, on local
Few things are as damaging to a company's growth as
workstations, or in diverse forms. Moving your
poor
All
business systems to the cloud allows you to get better
documents are stored in one place and in the same
visibility over your business performance, in real-
format in a cloud-based system. We can preserve data
time, so that you can make informed decisions.
consistency, avoid human error, and have a clear
record of any edits or updates if everyone has access
7.20 Processing Speed
quality
and
inconsistent
reporting.
to the same information. Managing information in
silos, on the other hand, can result in employees
The
saving different versions of documents by accident,
accessible in the cloud allows you to reap the benefits
resulting in confusion and diluted data.
of faster processing. Complex workloads that would
7.16 Multi-Sharing
Cloud computing allows several users to share
architecture and other applications. Multiple users
and apps can operate more efficiently and save money
by using common infrastructure when using the
cloud in a distributed and shared way [148].
7.17 Automatic Updates
Users that use the cloud don't have to worry about
practically
infinite
computational
power
normally take hours to accomplish on-premises are
now completed in minutes. Websites will load faster,
and video will render more quickly [150]. The
possibilities are endless. When it comes to data
crunching, processing speed is equally important.
Using the cloud's near-limitless compute resources for
services like big data and machine learning allows you
to gain deep insights from your data much more
quickly than traditional analytics.
VIII. Conclusion
keeping their software up to date. Instead of involving
IT teams and forcing them to do a manual upgrade,
cloud-based applications automatically refresh and
Cloud computing is a novel means of delivering
update themselves.
Cloud computing consumers no longer own the
resources to users "as a service" over the internet.
infrastructure that is completely controlled by these
7.18 improved communication
service providers, unlike traditional approaches that
are based on hardware ownership where data is stored.
Having access to instant messaging, conference, and
You may sync your cloud storage service with your
video conferencing options through cloud computing
smartphone, tablet, or other mobile devices for
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
141
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
convenient access while on the road once you've
X.
signed up for it and uploaded your files. Cloud
computing is a computing model that enables ondemand network access to a pool of configurable
computing resources, such as networks, services,
[1].
Transaction of Electrical and Computer
and released with minimal administration effort or
Engineers System (ITECES), USA, Vol. 4, No.
service provider contact. Cloud computing is a new
1,
concept that allows users to access scalable and
and hardware, on demand. Although it has gained a
[2].
[3].
No.
[4].
insiders are all prospective concerns in cloud security
that can be addressed with guidelines.
26-38,
2017,
DOI:
Y.
Zhang,
"Research
of
cloud
on
the
security
computing
service
no. 2, pp. 98-106, Mar. 2016
[5].
P.
G.
Shynu
and
K.
J.
Singh,
"A
comprehensive survey and analysis on access
control schemes in cloud environment," Inf.
Technol., vol. 16, no. 1, pp. 19-38, 2016
[6].
R. K. Aluvalu and L. Muddana, "A survey on
access control models in cloud computing," in
Proc. 49th Annu. Conv. Comput. Soc. India
(CSI), vol. 1, pp. 653-664, 2015
[7].
J. Li, Y. Zhang, X. Chen, and Y. Xiang, "Secure
attribute-based data sharing for resource-
recommend that you discover the best and most
appropriate privacy and data security solutions for the
data ownership, detrimental competition, and hostile
Pages
model," Autom. Control Comput. Sci., vol. 50,
issues are constantly one of the key study topics for
cloud migration, transparency, password security,
1,
mechanism
online and access information via remote server
cloud services you use. Compliance, physical security,
Electrical and Computer
10.12691/iteces-4-1-4
will access and share their software applications
solutions. From the standpoint of this paper, we
International
Engineers System (ITECES), USA, Volume 4,
IX. Future Work of Cloud Computing
researchers and developers to find appropriate
Technology”,
Transaction of
data storage that have been identified in other
information hosted on their personal computers in
the future. Cloud computing privacy and data security
Nikhat Akhtar, Firoj Parwej, Yusuf Perwej,
“A Perusal of Big Data Classification and
Hadoop
solution for the security and privacy issues in cloud
networks rather than relying on primary tools and
L. Catarinucci, D. De Donno, L. Mainetti, L.
2, no. 6, pp. 515-526, 2015
cloud. This work contributes to the discovery of a
Because of the flexibility of cloud computing, users
2017,
systems", IEEE Internet of Things Journal, vol.
aware of when selecting whether or not to use the
solution or approach to secure the cloud.
March
iot-aware architecture for smart healthcare
as the solutions that all users and companies should be
techniques, as well as the development of a novel
14-25,
Palano, L. Patrono, M.L. Stefanizzi, et al., "An
and data security is one of the key roadblocks to cloud
computing environments from various angles, as well
page
DOI:10.12691/iteces-4-1-3.
lot of attention in recent years, the issue of privacy
computing's progress. In this article, we looked at
numerous significant security risks for cloud
Yusuf Perwej, “An Experiential Study of the
Big Data,” for published in the International
storage, and applications, that can be quickly supplied
virtualized resources, such as bandwidth, software,
REFERENCES
limited users in cloud computing," Comput.
Secur., vol. 72, pp. 1_2, Jan. 2018
[8].
Z. Xiao andY.Xiao, “Security and privacy in
cloud computing,” IEEE Communications
Surveys & Tutorials, vol. 15, no. 2, pp. 843–
859, 2013
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
142
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
[9].
Yusuf Perwej, M. K. Omer, O. E. Sheta, Hani
Service
Ali M. Harb, M. S. Adrees, “The Future of
Internet of Things (IoT) and Its Empowering
Federation for Information Processing, pp.
37–45, 2012
Technology”,
[10].
International
[12].
in Proceeding of the International Conference
D. Sun, G. Chang, L. Sun, and X. Wang,
on
“Surveying and analyzingsecurity, privacy and
Engineering (ICCSEE '12), vol. 1, pp. 647–
trust
651,Hangzhou, China, March 2012
issues
in
in
cloud
computing
Proceedings
of
the
Science
and
Electronics
S. Pearson, “Privacy, security and trust in
cloud computing,” in Privacy and Security for
Control Engineering and Information Science
Cloud
(CEIS'11), pp. 2852–2856, chn, August 2011
Communications and Networks, pp. 3–42,
M. Y. A. Younis and K. Kifayat, “Secure cloud
computing for critical infrastructure: a
Springer London, 2013
R. Latif, H. Abbas, S. Assar, and Q. Ali, “Cloud
[19].
Computing,
Computer
survey,” Tech. Rep., Liverpool John Moores
computing risk assessment: a systematic
University, Liverpool, UK, 2013
literature review,” in Future Information
J. Yang and Z. Chen, “Cloud computing
Technology, pp. 285–295, Springer, Berlin,
research
Germany, 2014
and
security
issues,”
(CiSE),
2010
in
Software
[20].
Jemal, H., Kechaou, Z., Ayed, M.B., Alimi,
A.M., “Mobile cloud computing in healthcare
International
Conference on. IEEE, pp. 1–3, 2010
system.”,
E. Aguiar, Y. Zhang, and M. Blanton, “An
Intelligence.
overview of issues and recent developments in
Publishing, Cham, pp. 408–417, 2015
High
Performance
Cloud
Auditing
[21].
and
P.
G.
Computational
Shynu
Collective
Springer
and
K.
International
J.
Singh,
"A
comprehensive survey and analysis on access
Applications. Springer, pp. 3–33, 2014
control schemes in cloud environment," Inf.
L. Wei, H. Zhu, Z. Cao, X. Dong, W. Jia, Y.
Technol., vol. 16, no. 1, pp. 19-38, 2016.
Chen, and A. V. Vasilakos, “Security and
[22].
Lo'ai, A.T., Bakhader, W., Mehmood, R.,
privacy for storage and computation in cloud
Song, H., 2016. Cloudlet-based mobile cloud
computing,” Information Sciences, vol. 258,
pp. 371–386, 2014
computing for healthcare applications. In:
2016
IEEE
Global
Communications
A. Behl, “Emerging security challenges in
Conference (GLOBECOM). IEEE, pp. 1–6.
cloud computing: an insight to cloud security
[16].
[18].
Computer
International Conference on Advanced in
cloud computing and storage security,” in
[15].
D. Chen and H. Zhao, “Data security and
Vol. 9, Iss., No.3, Pages 20192– 20203, 2019
Engineering
[14].
[17].
privacy protection issues in cloud computing,”
Computational Intelligence and
[13].
of
International
Engineering Science and Computing (IJESC),
environments,”
[11].
Journal
Management.
[23].
Yusuf Perwej, S. A. Hannan, Firoj Parwej,
challenges and their mitigation”, Proceedings
Nikhat Akhtar ,“A Posteriori Perusal of
of the World Congress on Information and
Communication Technologies (WICT '11), pp.
Mobile Computing”, International Journal of
Computer Applications Technology and
217–222, IEEE, 2011
Research, ATS (Association of Technology
Z. Zhou and D. Huang, “Efficient and secure
and Science), Vol. 3, Issue 9, pp. 569 - 578,
data storage operations for mobile cloud
2014, DOI: 10.7753/IJCATR0309.1008
computing,” in Proceedings of the 8th
International Conference on Network and
[24].
Johanna Ullrich, Tanja Zseby. Network-Based
Secret Communication in Clouds: A Survey.
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
143
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
IEEE communications surveys & tutorials, vol.
[25].
of Nano Things (IoNT) Existing State and
Future Prospects”, GSC Advanced Research
Z.Yuhan, "Study on data security policy based
and Reviews, Volume 5, Issue 2, Pages 131-
on cloud storage," in Proc. IEEE IEEE 3rd Int.
150, 2020, DOI: 10.30574/gscarr.2020.5.2.0110
(HPSC) IEEE Int. Conf. Intell. Data Secur.
Applications”,
(IDS), China, pp. 145-149, 2017
Electrical
Al-Mushayt O, Haq K and Yusuf P.,
(OSJEEE), New York, USA, Volume 5, No. 4,
“Electronic-Government in Saudi Arabia; a
Pages 30 - 43, 2018
Revolution
in
the
Peninsula”,
Electronic
Journal
of
Engineering
K. Edemacu, H. K. Park, B. Jang, and J. W.
Sciences, India, 1(1), 87-98, 2009
Oussous, Ahmed, Benjelloun, Fatima-Zahra,
Ehealth with attribute-based encryption:
Survey, challenges and future directions”,
Lahcen, Ayoub Ait, Belfkih, Samir, “Big data
IEEE Access, vol. 7, pp. 89614-89636, 2019
in
[35].
Yusuf
Perwej,
Firoj
Parwej,
Mumdouh
Comput. Inf. Sci. 30 (4), 431– 448, 2018
Mirghani Mohamed Hassan, Nikhat Akhtar,
R. Zhang, R. Xue, and L. Liu, "Searchable
“The Internet-of-Things (IoT) Security: A
encryption for healthcare clouds: A survey,"
Technological
IEEE Trans. Service Comput., vol. 11, no. 6,
International Journal of Scientific Research in
pp. 978_996, Nov./Dec. 2018.
Computer
Zhang Jie. Fu, Xinle. Wu. Toward Efficient
Information
Multi-keyword Fuzzy Search over Encrypted
Volume 5, Issue 1, Pages 462-482, February
Out
2019, DOI: 10.32628/CSEIT195193
sourced
Data
IEEE
with
Accuracy
Transactions
on
[36].
Perspective
Science
and
Review”,
Engineering
Technology
and
(IJSRCSEIT),
Tara Salman, Maede Zolanvari. Security
Information Forensics and Security, vol. 11,
Services Using Blockchains: A State-of-the-
no. 12, pp. 2706-2716, Dec. 2016
Art Survey. IEEE communications surveys &
Yusuf Perwej, “ The Hadoop Security in Big
tutorials, vol. 21, no. 1, 2019
Data:
A
Technological
Viewpoint
and
[37].
Yusuf Perwej, Nikhat Akhtar, Firoj Parwej, “A
Analysis ”, International Journal of Scientific
Research in Computer Science and
Technological Perspective of Blockchain
Security”, International Journal of Recent
Engineering, E-ISSN: 2320-7639, Volume 7,
Scientific Research (IJRSR), ISSN: 0976-3031,
Issue
Volume 9, Issue 11, (A), Pages 29472 – 29493,
3,
Pages
1-
14,
2019,
DOI:
10.26438/ijsrcse/v7i3.1014
[31].
and
Science
Kim, “Privacy provision in collaborative
Improvement.
[30].
[34].
Open
Applied
Transactions
technologies: a survey”, J. King Saud Univ.-
[29].
Yusuf Perwej, “A Pervasive Review of
Blockchain Technology and Its Potential
International
[28].
[33].
Int. Conf. High Perform. Smart Comput.,
Positive
[27].
Nikhat Akhtar, Yusuf Perwej, “The Internet
19, no. 2, second quarter 2017
D. Zhe,W. Qinghong, S. Naizheng, and
Conf. Big Data Secur. Cloud (BigDataSecurity)
[26].
[32].
2018, DOI: 10.24327/ijrsr.2018.0911.2869
Firoj Parwej, Nikhat Akhtar, Yusuf Perwej, “A
Close-Up View About Spark in Big Data
Jurisdiction”,
Journal
J. Cha, S. K. Singh, T. W. Kim, and J. H. Park,
"Blockchain-empowered cloud architecture
of
based on secret sharing for smart city," J. Inf.
Engineering Research and Application, Vol. 8,
Secur. Appl., vol. 57, Mar. 2021, Art. no.
Issue 1, PP. 26-41, 2018 DOI: 10.9790/9622-
102686
0801022641
International
[38].
[39].
Nikhat Akhtar, Saima Rahman, Halima Sadia,
Yusuf Perwej, “A Holistic Analysis of Medical
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
144
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
Internet of Things (MIoT)”, Journal of
[46].
Information and Computational Science
(JOICS), ISSN: 1548 - 7741, Volume 11, Issue
4,
[40].
Pages
209
-
222,
2021,
the decentralized cloud. ACM Comput. Surv.
51 (6), 1–36, 2019
[47].
“An Empirical Analysis of Web of Things
Jeffrey C. Kimmell at.al.,”Recurrent Neural
(WoT)”, International Journal of Advanced
Networks Based Online Behavioural Malware
Research in Computer Science, Vol. 10, No. 3,
Detection
PP.
Techniques
for
Cloud
9, 2021
[42].
DOI:
Kameswara Rao Poranki, Yusuf Perwej,
Nikhat Akhtar,”Integration of SCM and ERP
Method
Recognition
for Competitive Advantage”, TIJ's Research
System”, International Journal of Computer
Journal of Science & IT Management RJSITM,
Science and Telecommunications, Sysbase
Solution (Ltd), UK, London, Vol. 3, Issue 11,
International Journal Research Journal of
Science & IT Management of Singapore,
Pages 43-48, 2012
ISSN:2251-1563,
Yusuf Perwej, “The Bidirectional Long-Short-
Number 05, Pages 17-24, 2015
in
Arabic
Words
[49].
Singapore,
Volume
04,
Kameswara Rao Poranki, Asif Perwej,"The
Retrieval for Arabic Documents” Transactions
buying Attitudes of Consumers of Cosmetic
on
Artificial
Products in Saudi Arabia", TIJ's Research
Intelligence (TMLAI), Society for Science and
Journal of Social Science & Management
Education,
RJSSM,
Machine
Learning
Manchester,
and
United
Kingdom
International
Journal
Research
(UK), Vol. 03, No.01, Pages 16 – 27, 2015, DOI
Journal of Social Science & Management of
: 10.14738/tmlai.31.863
Singapore,
Bader Alouffi at. al.,” A Systematic Literature
December 2014 Page 138-145, 2014
Review
on
Threats
and
Cloud
Computing
Mitigation
Security:
[50].
Strategies”,IEEE,
Volume:
04,
Number:
08,
J. W. Rittinghouse and J. F. Ransome, Cloud
computing: implementation management and
security, CRC press, 2016
Yusuf Perwej, Kashiful Haq, Firoj Parwej, M.
[51].
Ning Cao, Cong Wang, Ming Li, Kui Ren and
M. Mohamed Hassan, “The Internet of Things
Wenjing Lou, "Privacy-Preserving Multi-
(IoT) and its Application
International
Journal
of
Keyword Ranked Search over Encrypted
Cloud Data", IEEE Transactions on Parallel
Domains”,
Computer
Applications (IJCA) , USA , Volume 182,
No.49,
[45].
2019,
Yusuf Perwej, “Recurrent Neural Network
VOLUME 9, 2021
[44].
32-40,
10.26483/ijarcs.v10i3.6434
[48].
Term Memory Neural Network based Word
[43].
Firoj Parwej, Nikhat Akhtar, Yusuf Perwej,
DOI:10.12733/JICS.2021/V11I3.535569.31023
Infrastructure”,IEEE, PP. 68066 – 68080, Vol.
[41].
Ferrer, A.J., Marques, J.M., Jorba, J.,. Towards
Pages
36-
49,
2019,
DOI:
and Distributed Systems, vol. 25, no. 1, 2014
[52].
N. Abbas, A. Zhang, Y. Taherkordi and T.
10.5120/ijca2019918763
Skeie, "Mobile edge computing: A survey",
Y.-Y. Teing, A. Dehghantanha, K.-K.-R.
Choo, and L. T. Yang, "Forensic investigation
IEEE Int. Things J., vol. 5, no. 1, pp. 450-465,
Feb. 2018
of P2P cloud storage services and backbone
[53].
Cristian Chilipirea at.al.,” A Comparison of
for IoT networks: BitTorrent sync as a case
Private Cloud Systems”, 30th International
study," Comput. Electr. Eng., vol. 58, pp.
Conference
350_363, Feb. 2017
Networking and Applications Workshops
on
Advanced
Information
(WAINA),IEEE, Switzerland, 2016
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
145
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
[54].
[55].
[56].
J. Chase and D. Niyato, "Joint optimization of
architecture andx pricing models", IEEE
international conf. on services computing, pp.
vol. 10, pp. 396-409, 2017
597-604, 2014
Kyriakos Kritikos at. al.,” Towards the
“Effective
Management
of
In
Computing (CLOUD), IEEE, Italy, 2019
Management Journal of KITE Group, Vol. No.
X. L. Xingong and X. Lv, "Distributed Cloud
2 & 3, No. 1, 2010
Network",
Third
[64].
International
Banking
Industry”.
YOJNA
The
T. F. M. Pasquier, J. Singh and J. Bacon,
"Information
flow
control
for
strong
Conference on Trustworthy Systems and
protection with flexible sharing in paas",
Their Applications pages 18-22 Wuhan China,
Cloud
Sept. 2016
M. K. Skadsem, R. Karlsen, G. Blair and K.
International Conference on, pp. 279-282,
2015
"Community
Cloud
–
Cloud
[65].
Engineering
(IC2E)
2015
IEEE
Yusuf Perwej, “An Evaluation of Deep
Computing for the Community", Proceedings
Learning
of the 1st International Conference on Cloud
Computing”, the International Journal of
Computing and Services Science, pp. 418-423,
Advanced
2011
Communication
Mohamed M. M., "Current Services in Cloud
Volume 4, Issue 2, Pages 10 - 16, 2015, DOI:
Computing: A Survey", International Journal
10.17148/IJARCCE.2015.4203
Computer
Science
Engineering
and
[66].
Miniature
Research
Concerning
in
in
Computer
Engineering
Soft
and
(IJARCCE),
Asif Perwej, Kashiful Haq, Yusuf Perwej, “
Information Technology, vol. 3, no. 5, 2013
Blockchain and its Influence on Market”,
M. Bist, M. Wariya and A. Agarwal,
International Journal of Computer Science
"Comparing delta open stack and xen cloud
Trends and Technology (IJCST), Volume 7,
platforms: A survey on open source iaas",
Issue 5, Pages 82- 91, Sep – Oct 2019, DOI:
Advance Computing Conference (IACC) 2013
10.33144/23478578/IJCST-V7I5P10
IEEE 3rd International, pp. 96-100, 2013
[61].
Perwej,
IEEE 12th International Conference on Cloud
of
[60].
Asif
Customer Relationship Management (CRM)
Mitchell,
[59].
[63].
Modelling of Hybrid Cloud Applications”,
Power
[58].
Gabriella Laatikainen and Arto Ojala, "saas
resource provisioning in cloud computing",
IEEE Transactions on Services Computing,
Storage and Parallel Topology Processing of
[57].
[62].
[67].
Nikhat Akhtar, Yusuf Perwej, “ The Internet
Yucong Duan at. al.,” Everything as a Service
of Nano Things (IoNT) Existing State and
(XaaS) on the Cloud: Origins, Current and
Future Trends ”, IEEE 8th International Con.
Future Prospects” , GSC Advanced Research
and Reviews, Volume 5, Issue 2, Pages 131-
on Cloud Computing, IEEE, USA, 2015
150, 2020, DOI: 10.30574/gscarr.2020.5.2.0110
Yusuf Perwej, M. A. AbouGhaly, Bedine
[68].
Yusuf Perwej, Md. Husamuddin, Fokrul Alom
Kerim, Hani Ali Mahmoud Harb. “An
Mazarbhuiya,“An Extensive Investigate the
Extended Review on Internet of Things (IoT)
and
its
Promising
Applications”,
MapReduce
Journal
of
Communications
Engineering (IJCSE), Volume-5, Issue-10,
on
Applied
Electronics
Technology”,
International
Computer
Sciences
and
(CAE), New York, USA, Volume 9, Number
Page
26,
10.26438/ijcse/v5i10.218225
Pages
8–
22,
10.5120/cae2019652812
2019,
DOI:
[69].
No.
218-225,
2017,
DOI:
T. Lynn et al., "A Preliminary Review of
Enterprise
Serverless
Cloud
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
Computing
146
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
(Function-as-a-Service)
[70].
[71].
Platforms",
Proc.
Lou, "Towards Secure and Dependable Storage
Services in Cloud Computing", IEEE
Intelligence as a Service”, Bus Inf Syst Eng 63,
Transactions on Cloud Computing Date of
PP. 441–456, 2021
Publication, vol. 5, no. 2, April-June 2012
Yusuf
Perwej
,
Firoj
Parwej,
“A
[77].
Ooi, et al., ES2: A Cloud Data Storage System
Network”,
for Supporting Both OLTP and OLAP, PP 34-
in
Artificial
Neural
Journal
of
Scientific
&
Engineering Research (IJSER), France , ISSN
46, 2018
[78].
"Privacy as a Service: Privacy-Aware Data
2012, DOI: 10.13140/2.1.1693.2808
Storage and Processing in Cloud Computing
Nikhat Akhtar, Dr. Yusuf Perwej, Firoj
Architectures", Eighth IEEE International
Parwej, Jai Pratap Dixit, “A Review of Solving
Real Domain Problems in Engineering for
Conference on Dependable, 2009
H. Abu-Libdeh, L. Princehouse, and H.
Computing”
INDIACom;
Intelligence
Proceedings
[79].
Using
Soft
Weatherspoon. RACS: A Case for Cloud
the
11th
Storage Diversity. In Proceedings of the 1st
IEEE
ACM symposium on Cloud computing (SoCC
of
INDIACom-2017;
Conference, 4th International Conference on
“Computing
for
Sustainable
Global
2010), Indianapolis, IN, June 10-11 2010
[80].
M. Wajahat, A. Yele, T. Estro, A. Gandhi and
Development”, ISSN 0973-7529; ISBN 978-93-
E.
80544-24-3,
performance modeling for storage traces",
Vidyapeeth's
Pages
706–711,
Institute
Bharati
of
Computer
Applications and Management (BVICAM),
Zadok,
"Distribution
fitting
and
Proc. of IEEE Mascots, pp. 138-151, 2019
[81].
Chang Guo, Ying Li and Zhonghai Wu, "SLA-
Delhi, 2017
DO: A SLA-based Data Distribution Strategy
S. Kibe, T. Koyama and M. Uehara, "The
on Multiple Cloud Storage Systems", IEEE
Evaluations of Desktop as a Service in an
22nd
Educational
Distributed Systems (ICPADS), pp. 602-609,
Cloud",
15th
International
Conference on Network-Based Information
Systems, 2015
Int.
Conference
on
Parallel
and
2016
[82].
N. Cao, C. Wang, M. Li, K. Ren and W. Lou,
T. Wood, E. Cecchet, K. K. Ramakrishnan, P.
Shenoy, J. Van der Merwe and A.
"Privacy preserving Multi keyword Ranked
Search over Encrypted Cloud Data", 30thIEEE
Venkataramani, "Disaster recovery as a cloud
Conference on Computer Communications,
service: Economic benefits & deployment
pp. 829-837, 2011
challenges", 2nd USENIX Work. on Hot
[75].
Wassim Itani Ayman Kayssi Ali Chehab,
2229 – 5518, Volume 3, Issue 6, Pages 1- 9,
Computational
[74].
Y. Cao, C. Chen, F. Guo, D. Jiang, Y. Lin, B.
Neuroplasticity (Brain Plasticity) Approach to
International
[73].
C. Wang, Q. Wang, K. Ren, N. Cao and W.
CloudCom, 2017
Lins, S., Pandl, K.D., T., H. et al. “Artificial
Use
[72].
[76].
[83].
Xiaotong Sun, "Critical Security Issues in
Topics in Cloud Computing, 2010
Shicong Meng at.al., “Enhanced Monitoring-
Cloud Computing: A Survey", 4th IEEE
International Conference on Big Data Security
as-a-Service
on Cloud, 2018
Management”,
for
IEEE
Effective
Transactions
Cloud
on
[84].
C. Wang, K. Ren, W. Lou, and J. Li, “Toward
Computers, Volume: 62, Issue 9, PP. 1705 –
publicly auditable secure cloud data storage
1720, 2013
services,” Network, IEEE, vol. 24, no. 4, pp.
19–24, 2010
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
147
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
[85].
[86].
L. Wei, H. Zhu, Z. Cao, X. Dong, W. Jia, Y.
and
Chen, and A. V. Vasilakos, “Security and
privacy for storage and computation in cloud
10.1109/icssa.2015.1113
Z. Zhang, C. Wu and D. W. L. Cheung, "A
pp. 371–386, 2014
standards
United Nations, “The Universal Declaration of
Perform. Eval. Rev., vol. 40, pp. 13-22, 2013
Rights.”
[94].
S. T. Zargar, J. Joshi and D. Tipper, "A Survey
Denial of Service (DDoS) Flooding Attacks",
D. Bigo, G. Boulet, C. Bowden, S. Carrera, J.
IEEE Communications Surveys & Tutorials,
Jeandesboz,
vol. 15, no. 4, pp. 2046-2069
and
A.
Scherrer,
“Fighting
European
Parliament,
Rights
[95].
K. Hashizume, D. G. Rosado, E. Fern´andez-
Policy
Medina, and E. B. Fernandez, “An analysis of
and
security issues for cloud computing,” Journal
of Internet Services and Applications, vol. 4,
Wei Nie, Xiangfei Xiao, Zhaohui Wu,
no. 1, pp. 1–13, 2013
[96].
Kiattikul Treseangrat, Samad Salehi Kolahi
"The Research of Information Security for The
and Bahman Sarrafpour, "Analysis of UDP
Education Cloud Platform Based on AppScan
DDoS cyber Flood Attack and Defence
Technology",
Mechanism on Windows Serevr 2012 and
5th
IEEE
International
Conference on Cyber Security and Cloud
Computing (CSCloud), 2018
Linux Ubuntu 13", IEEE, 2015
[97].
Istvan Kiss, Piroska Haller and Adela Beres,
Z. Zhou and D. Huang, “Efficient and secure
"Denial of Service attack Detection in case of
data storage operations for mobile cloud
Tennessee Eastman challenge process" in 8th
computing,” in Proceedings of the 8th
INTER-ENG 2014, Romania, vol. 19, pp. 835-
International Conference on Network and
841, 2015
Service
Management.
International
[98].
G. Rydstedt, E. Bursztein, D. Boneh and C.
Federation for Information Processing, pp.
Jackson, "Busting frame busting: a study of
37–45, 2012
clickjacking vulnerabilities at popular sites",
A. M. Farooqi at.al.,“The notorious nine: top
IEEE SSP, vol. 2, 2010
cloud computing security challenges in 2017”,
International Journal of Advanced Research
[99].
H. Hlavacs, T. Treutner, J.-P. Gelas, L.
Lefevre, and A.-C. Orgerie, “Energy
in Computer Science, Vol. 8, No. 5, PP. 2804 –
consumption side-channel attack at virtual
2808, 2017
machines
Hongwei Li, Yuanshun Dai1, Ling Tian,
Autonomic and Secure Computing (DASC),
“Identity based authentication for cloud
computing”,
Springer-Verlag
Berlin
2011 IEEE Ninth International Conference
on. IEEE, pp. 605–612, 2011
Heidelberg, pp 157- 166, 2009
[92].
SIGMETRICS
shtml, 1948. Retrieved August 2021
Yuanhui Wu, Fang Shen and Xionglan Luo,
[91].
practice",
of Defense Mechanisms Against Distributed
Department C: Citizens'
Constitutional Affairs, 2012
[90].
and
http://www.un.org/en/documents/udhr/index.
cloud.”
[89].
doi
survey on cloud interoperability: taxonomies
cybercrime and protecting privacy in the
[88].
2016,
computing,” Information Sciences, vol. 258,
Human
[87].
[93].
assurance,
in
a
cloud,”
in
Dependable,
[100]. B. C. Neuman and T. Ts'o, "Kerberos: An
Priya anand, jungwoo ryoo, hyoungshick kim
Authentication
"addressing security challenges in cloud
Networks", IEEE Communicaion, vol. 32, no.
computing a pattern-based approach”, first
9, pp. 33-38, 1994
Service
for
Computer
international conference on software security
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
148
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
[101]. Garbarino S, Holland J,”Quantitative and
[109]. H. Takabi, J.B.D. Joshi and G. Ahn, "Security
Qualitative Methods in Impact Evaluation and
Measuring Results”, GSDRC Emerging Issues
and privacy challenges in cloud computing
environments", IEEE security
privacy
Research Service, pp: 1-59, 2009
magazine, vol. 8, pp. 24-31, 2010
[102]. Nakouri, I.; Hamdi, M.; Kim, T.H. A new
[110]. lbugmi, A.A., Alassafi, M.O., Walters, R.,
biometric-based security framework for cloud
Wills, G.” Data security in cloud computing”,
storage.
In IEEE Fifth International Conference on
In
Proceedings
of
the
13th
International Wireless Communications and
Future
Mobile Computing Conference (IWCMC),
Technologies, pp. 55–59, IEEE, 2016
Valencia, Spain, 26–30, pp. 390–395, 2017
Generation
Communication
[111]. A. Sahai and B. Waters, "Fuzzy identity-based
[103]. Liang, X.,Shetty, S.; Zhang, L. Kamhoua, C.,
encryption," in Proc. 24th Annu. Int. Conf.
Kwiat, K. Man in the Cloud (MITC) Defender:
Theory Appl. Cryptograph. Techn. Berlin,
SGX-Based User Credential Protection for
Germany: Springer, pp. 457- 473, 2005
Synchronization Applications in Cloud
Computing Platform. In Proceedings of the
[112]. R. L. Rivest, L. Adleman, andM. L.Dertouzos,
“On data banks and privacy homomorphisms,”
IEEE 10th International Conference on Cloud
Foundations of Secure Computation, vol. 4,
Computing (CLOUD), Honolulu, CA, USA,
no. 11, pp. 169–180, 1978
25–30, pp. 302–309, 2017
[113]. C. Gentry, A fully homomorphic encryption
[104]. Yusuf Perwej, Md. Husamuddin,
Majzoob
K.Omer, Bedine Kerim, “A Comprehend the
Apache Flink in Big Data Environments” ,
scheme Ph.D. thesis], Stanford University,
2009
[114]. Y. Rouselakis and B. Waters, "Ef_cient
IOSR Journal of Computer Engineering
statically-secure
(IOSR-JCE), Volume 20, Issue 1, Ver. IV,
authority attribute-based encryption," in Proc.
Pages
Int. Conf. Financial Cryptogr. Data Secur., pp.
48-58,
2018,
DOI:
10.9790/0661-
2001044858
large-universe
multi-
315-332, 2015
[105]. L. A. Gordon, M. P. Loeb and W. Lucyshyn,
[115]. Q. Li, J. Ma, R. Li, X. Liu, J. Xiong, and D.
"Sharing information on computer systems
Chen, "Secure, efficient and revocable multi-
security: An economic analysis", Journal of
authority access control system in cloud
Accounting and Public Policy, vol. 22, no. 6,
storage," Comput. Secur., vol. 59, pp. 45_59,
pp. 461-485, 2003
2016
[106]. Balogh, Z., Turčáni, M.”Modeling of data
security in cloud computing”, In IEEE Annual
[116]. X. Liu, Y. Xia, S. Jiang, F. Xia, and Y. Wang,
"Hierarchical attributebased access control
Systems Conference, pp. 1–6. IEEE, 2016
with authentication for outsourced data in
[107]. Meng, D.” Data security in cloud computing”,
cloud computing," in Proc. 12th IEEE Int.
In
IEEE
International
Conference
on
Computer Science & Education, pp. 810–813.
IEEE, 2013
[108]. An, Y.Z., Zaaba, Z.F., Samsudin, N.F.”Reviews
Conf.
Trust
Secur.
Privacy
Comput.
Commun., pp. 477-484, 2013
[117]. F. Pagano and D. Pagano, “Using in-memory
encrypted
databases
on
the
cloud,”
in
on security issues and challenges in cloud
Proceedings of the 1st IEEE International
computing”,
Workshop on Securing Services on the Cloud
In
IOP
Conference
Series:
Materials Science and Engineering, vol. 160,
(IWSSC '11), pp. 30–37, 2011
p. 012106. IOP Publishing, 2016
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
149
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
[118]. K.Huang and
R. Tso, “A commutative
[126]. N. Cao, C. Wang, M. Li, K. Ren, and W. Lou,
encryption scheme based on ElGamal
encryption,” in Proceedings of the 3rd
"Privacy-preserving multi-keyword ranked
search over encrypted cloud data," in Proc.
International Conference on Information
IEEE INFOCOM, Apr., pp. 829_837, 2011
Security and Intelligent Control (ISIC'12), pp.
156–159, IEEE, 2012
[127]. C. Wang, N. Cao, K. Ren, and W. Lou,
"Enabling
secure
and
ef_cient
ranked
[119]. D. H. Rachel and S. Prathiba, "An enhanced
keyword search over outsourced cloud data,"
Hasbe for cloud computing environment," Int.
IEEE Trans. Parallel Distrib. Syst., vol. 23, no.
J. Comput. Sci. Mobile Comput., vol. 2, no. 4,
8, pp. 1467_1479, Aug. 2012
pp. 396_401, 2013
[128]. N. Cao, C.Wang, M. Li, K. Ren, andW. Lou,
[120]. Z.Wan, J. Liu, and R. H. Deng, "HASBE: A
hierarchical
attribute-based
solution
"Privacy-preserving
multikeyword
ranked
for
search over encrypted cloud data," IEEE
flexible and scalable access control in cloud
Trans. Parallel Distrib. Syst., vol. 25, no. 1, pp.
computing," IEEE Trans. Inf. Forensics
Security, vol. 7, no. 2, pp. 743_754, Apr. 2012
222_233, Nov. 2013
[129]. M. Fujimoto at.al.,” Detecting Abuse of
[121]. Q. Huang, Y. Yang, and M. Shen, "Secure and
Domain
Administrator
Privilege
Using
ef_cient data collaboration with hierarchical
Windows Event Log”, IEEE Conference on
attribute-based
Application,
encryption
in
cloud
computing," Future Gener. Comput. Syst., vol.
72, pp. 239_249, Jul. 2017
Information
and
Network
Security (AINS),IEEE, Malaysia, 2019
[130]. C. Delettre, K. Boudaoud, and M. Riveill,
[122]. S. Gokuldev and S. Leelavathi, "HASBE: A
“Cloud
computing,
security
and
data
for
concealment,” in Proceedings of the 16th
flexible and scalable access control by separate
IEEE Symposium on Computers and Comm.
encryption/ decryption in cloud computing,"
(ISCC '11), pp. 424–431, Kerkyra, Greece, July
Int. J. Eng. Sci. Innov. Technol.,vol. 2, no. 3,
2011
hierarchical
attribute-based
solution
pp. 1_7, 2013
[131]. Yusuf Perwej, Asif Perwej, Firoj Parwej, “An
[123]. A. Rao, “Centralized database security in
Adaptive Watermarking Technique for the
cloud,” International Journal of Advanced
copyright of digital images and Digital Image
Research in Computer and Communication
Protection”,
Engineering, vol. 1, pp. 544–549, 2012
Multimedia
[124]. E. M.Mohamed, H. S. Abdelkader, and S. ElEtriby, “Enhanced data security model for
International
&
Its
Journal
Applications
of
(IJMA),
Academy & Industry Research Collaboration
Center (AIRCC) , USA , Volume 4, No.2,
cloud computing,” in Proceedings of the 8th
Pages
International Conference on Informatics and
10.5121/ijma.2012.4202
21-
38,
2012,
DOI:
Systems (INFOS '12), pp. CC-12–CC-17, IEEE,
[132]. A. Ra_que, D. V. Landuyt, B. Lagaisse, and W.
2012
[125]. W. Sun, B.Wang, N. Cao, M. Li,W. Lou, Y. T.
Joosen, "Policy-driven data management
middleware for multi-cloud storage in multi-
Hou, and H. Li, "Privacy preserving multi-
tenant SaaS," in Proc. IEEE Int. Symp. Big
keyword text search in the cloud supporting
Data Comput. (BDC), pp. 78_84, Dec. 2015
similarity based ranking," in Proc. 8th ACM
[133]. C. Ngo, Y. Demchenko, and C. de Laat,
SIGSAC Symp. Inf. Comput. Comm. Secur.,
"Multi-tenant attribute-based access control
pp. 71_82, 2013
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
150
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
for cloud infrastructure services," J. Inf. Secur.
Cloud Storage Security: Concepts Designs and
Appl., vol. 27, pp. 65_84, Apr. 2016
[134]. D. Gonzales, J. M. Kaplan, E. Saltzman, Z.
Optimized Practices, Berlin:Springer, 2016
[143]. S. M. Riazul, Islam, Daehan Kwak, M.D.
Winkelman, and D. Woods, "Cloud-trust_A
Humaun Kabir and Mahmud Hossain, "The
security assessment model for infrastructure
Internet of Things for Health Care: A
as a service (IaaS) clouds," IEEE Trans. Cloud
Comprehensive Survey", IEEE, vol. 3, pp. 678-
Comput., vol. 5, no. 3, pp. 523_536, Jul./Sep.
708, 2015
2017
[144]. T. S. Az-Zahra, "The Advantages from Cloud
[135]. J. Zhou et al., "Security and privacy for cloud-
Computing
Application
Towards
SMME
based IoT: Challenges", IEEE Communications
(UMKM)", Journal Online Informatika, vol. 4,
Magazine, vol. 55, no. 1, pp. 26-33, 2017
pp. 28-32, 2019
[136]. C. Stergiou et al., "Secure integration of IoT
[145]. C. T. S. Xue and F. T. W. Xin, "Benefits and
and cloud computing", Future Generation
challenges of the adoption of cloud computing
Computer Systems, vol. 78, pp. 964-975, 2018
[137]. S. Kianoush et al., "A cloud-IoT platform for
in business", International Journal on Cloud
Computing: Services and Architecture, vol. 6,
passive
radio
sensing:
Challenges
and
pp. 01-15, 2016
application case studies", IEEE Internet of
[146]. Y. Al-Dhuraibi, F. Paraiso, N. Djarallah and P.
Things Journal, vol. 5, no. 5, pp. 3624-3636,
Merle, "Elasticity in cloud computing: state of
2018
the art and research challenges", IEEE
[138]. E. Pinheiro, W.-D.Weber, and L. A. Barroso,
“Failure
trends
in
a
large
disk
drive
Transactions on Services Computing, vol. 11,
pp. 430-447, 2017
population,” in Proceedings of the 5th
[147]. Yusuf Perwej, Faiyaz Ahamad, Mohammad
USENIX conference on File and Storage
Zunnun Khan, Nikhat Akhtar, “An Empirical
Technologies (FAST '07), vol. 7, pp. 17–23,
Study on the Current State of Internet of
2007
Multimedia Things (IoMT)”, International
[139]. C. Cachin and M. Schunter, “A cloud you can
Journal of Engineering Research in Computer
trust,” IEEE Spectrum, vol. 48, no. 12, pp. 28–
Science and Engineering (IJERCSE), Volume
51, 2011
8, Issue 3, Pages 25 - 42, March 2021, DOI:
[140]. J. Idziorek, M. Tannian, and D. Jacobson,
“Attribution
of
Fraudulent
Resource
10.1617/vol8/iss3/pid85026
[148]. Sultan
Aldossary,
William
Allen,
“Data
Consumption in the cloud,” in Proceedings of
the IEEE 5th International Conference on
Security, Privacy, Availability and Integrity in
Cloud Computing: Issues and Current
Cloud Computing (CLOUD '12), pp. 99–106,
Solutions”, International Journal of Advanced
June 2012
Computer Science and Applications, Vol. 7,
[141]. D. Wang, D. He, P. Wang and C.-H. Chu,
"Anonymous two-factor authentication in
distributed systems: certain goals are beyond
2016
[149]. I. Nwobodo, "Cloud computing: models
services utility advantages security issues and
attainment", IEEE Trans. Dependable Secur.
prototype",
Comput., vol. 12, no. 4, pp. 428-442, 2015
Networking and Applications, pp. 1207-1222,
[142]. T.
Galibus,
V.
V.
Krasnoproshin,
R.
Albuquerque and E. Freitas, Elements of
Wireless
Communications
2016
[150]. P. A. Abdalla and A. Varol, "Advantages to
Disadvantages of Cloud Computing for Small-
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
151
Dr. Nikhat Akhtar et al Int J Sci Res Sci Eng Technol, September-October-2021, 8 (5) : 113-152
Sized Business", 7th International Symposium
on Digital Forensics and Security (ISDFS),
2019
Cite this article as:
Dr. Nikhat Akhtar, Dr. Bedine Kerim, Dr. Yusuf
Perwej, Dr. Anurag Tiwari, Dr. Sheeba Praveen, "A
Comprehensive Overview of Privacy and Data
Security for Cloud Storage", International Journal of
Scientific Research in Science, Engineering and
Technology (IJSRSET), Online ISSN : 2394-4099,
Print ISSN : 2395-1990, Volume 8 Issue 5, pp. 113-151,
September-October
doi
2021.
Available
at
: https://doi.org/10.32628/IJSRSET21852
Journal URL : https://ijsrset.com/IJSRSET21852
International Journal of Scientific Research in Science, Engineering and Technology | www.ijsrset.com | Vol 8 | Issue 5
152