Survey on Data Security and Privacy Issues in Cloud Computing and Existing Security Techniques by Tehseen Afzal, Saman Saeed, Pages 61-73

Survey on Data Security and Privacy Issues in Cloud Computing and Existing Security Techniques

 

Tehseen Afzal1, Saman Saeed2

Capital University of Science and Technology, Islamabad, Pakistan

tehseen_fjwu@yahoo.com1, Samansaeed836@gmail.com2

Abstract

Cloud computing is an ever-growing technology and need of the hour as it allows the optimum use of resources as well as it provides efficient services to cloud users including storage, computations etc. Users’ data is stored and processed in the cloud. However, many organizations are reluctant to share their data on cloud due to data security and privacy concerns. Several techniques have been adopted to deal with data security issues and win the cloud users’ trust. Therefore, it is very essential to use security measures to reduce the data security risks of cloud users. In this paper, a survey study has been conducted on data security issues in cloud and discussed some existing techniques which are used to secure data that is stored in the cloud. The concepts of cloud computing and current security mechanisms are briefly discussed in this paper, after a thorough study of different data issues and security mechanism, a few recommendations are given at the end to improve the protection of data on the cloud.

References

  • Mell, Peter, and Tim Grance. “The NIST definition of cloud computing.” (2011).
  • Takabi, Hassan, James BD Joshi, and Gail-Joon Ahn. “Security and privacy challenges in cloud computing environments.”IEEE Security & Privacy 8, no. 6 (2010): 24-31.
  • Gorelik, Eugene. “Cloud computing models.” PhD diss., Massachusetts Institute of Technology, 2013.
  • Hwang, Kai, Sameer Kulkareni, and Yue Hu. “Cloud security with virtualized defense and reputation-based trust mangement.” InDependable, Autonomic and Secure Computing, 2009. DASC’09. Eighth IEEE International Conference on, pp. 717-722. IEEE, 2009.
  • Zissis, Dimitrios, and Dimitrios Lekkas. “Addressing cloud computing security issues.”Future Generation computer systems 28, no. 3 (2012): 583-592.
  • Jensen, Meiko, Jorg Schwenk, Jens-Matthias Bohli, Nils Gruschka, and Luigi Lo Iacono. “Security prospects through cloud computing by adopting multiple clouds.” InCloud Computing (CLOUD), 2011 IEEE International Conference on, pp. 565-572. IEEE, 2011.
  • Zhou, Minqi, Rong Zhang, Wei Xie, Weining Qian, and Aoying Zhou. “Security and privacy in cloud computing: A survey.” InSemantics Knowledge and Grid (SKG), 2010 Sixth International Conference on, pp. 105-112. IEEE, 2010.
  • Xiao, Zhifeng, and Yang Xiao. “Security and privacy in cloud computing.”IEEE Communications Surveys & Tutorials 15, no. 2 (2013): 843-859.
  • Ghebghoub, Y., S. Oukid, and O. Boussaid. “A Survey on Security Issues and the Existing Solutions in Cloud Computing.”International Journal of Computer and Electrical Engineering 5, no. 6 (2013): 587.
  • Foster, Ian, Yong Zhao, Ioan Raicu, and Shiyong Lu. “Cloud computing and grid computing 360-degree compared.” InGrid Computing Environments Workshop, 2008. GCE’08, pp. 1-10. Ieee, 2008.
  • Hashizume, Keiko, David G. Rosado, Eduardo Fernández-Medina, and Eduardo B. Fernandez. “An analysis of security issues for cloud computing.”Journal of Internet Services and Applications 4, no. 1 (2013): 5.
  • Ghebghoub, Y., S. Oukid, and O. Boussaid. “A Survey on Security Issues and the Existing Solutions in Cloud Computing.”International Journal of Computer and Electrical Engineering 5, no. 6 (2013): 587.
  • Hamlen, Kevin, Murat Kantarcioglu, Latifur Khan, and Bhavani Thuraisingham. “Security issues for cloud computing.”Optimizing Information Security and Advancing Privacy Assurance: New Technologies: New Technologies 150 (2012).
  • Ryan, Mark D. “Cloud computing security: The scientific challenge, and a survey of solutions.”Journal of Systems and Software 86, no. 9 (2013): 2263-2268.
  • Hwang, Kai, Sameer Kulkarni, and Yue Hu. “Cloud security with virtualized defense and reputation-based trust management.” In Dependable, Autonomic and Secure Computing, 2009. DASC’09. Eighth IEEE International Conference on, pp. 717-722. IEEE, 2009.
  • Shen, Zhidong, and Qiang Tong. “The security of cloud computing system enabled by trusted computing technology.” InSignal Processing Systems (ICSPS), 2010 2nd International Conference on, vol. 2, pp. V2-11. IEEE, 2010.
  • Jensen, Meiko, Jorg Schwenk, Jens-Matthias Bohli, Nils Gruschka, and Luigi Lo Iacono. “Security prospects through cloud computing by adopting multiple clouds.” InCloud Computing (CLOUD), 2011 IEEE International Conference on, pp. 565-572. IEEE, 2011.
  • Chandramouli, Ramaswamy, and Scott Rose. “Secure domain name system (DNS) deployment guide.”NIST Special Publication 800 (2006): 81-2.
  • Li, Jin, Jingwei Li, Xiaofeng Chen, Chunfu Jia, and Wenjing Lou. “Identity-based encryption with outsourced revocation in cloud computing.”Ieee Transactions on computers 64, no. 2 (2015): 425-437.
  • Juels, Ari, and Alina Oprea. “New approaches to security and availability for cloud data.”Communications of the ACM 56, no. 2 (2013): 64-73.
  • Rahman, Masudur, and Wah Man Cheung. “A novel cloud computing security model to detect and prevent DoS and DDoS attack.”International Journal of Advanced Computer Science and Applications (IJACSA) 5, no. 6 (2014).
  • Rani, Meena, and Cherry Assistant Professor. “Role-Based Access Mechanism in Cloud Computing: Survey.”
  • Hashem, Ibrahim Abaker Targio, Ibrar Yaqoob, Nor Badrul Anuar, Salimah Mokhtar, Abdullah Gani, and Samee Ullah Khan. “The rise of “big data” on cloud computing: Review and open research issues.”Information Systems 47 (2015): 98-115.
  • El Mrabti, Almokhtar Ait, Najim Ammari, Anas Abou El Kalam, Abdellah Ait Ouahman, and Mina De Montfort. “New mechanism for Cloud Computing Storage Security.”International Journal of Advanced Computer Science & Applications 1, no. 7: 526-539.
  • Jakimoski, Kire. “Security Techniques for Data Protection in Cloud Computing.”International Journal of Grid and Distributed Computing 9, no. 1 (2016): 49-56.
  • Duan, Qiang, Yuhong Yan, and Athanasios V. Vasilakos. “A survey on service-oriented network virtualization toward convergence of networking and cloud computing.”IEEE Transactions on Network and Service Management 9, no. 4 (2012): 373-392.
  • John Bethencourt, John, Amit Sahai, and Brent Waters. “Ciphertext-policy attribute-based encryption.” InSecurity and Privacy, 2007. SP’07. IEEE Symposium on, pp. 321-334. IEEE, 2007.
  • Arapinis, Myrto, Sergiu Bursuc, and Mark Ryan. “Privacy-supporting cloud computing by in-browser key translation.”Journal of Computer Security 21, no. 6 (2013): 847-880.
  • Ziyad, S., and S. Rehman. “Critical Review of Authentication Mechanisms in Cloud Computing.”International Journal of Computer Science Issues (IJCSI) 11, no. 3 (2014): 145.
  • Ziyad, S., and S. Rehman. “Critical Review of Authentication Mechanisms in Cloud Computing.”International Journal of Computer Science Issues (IJCSI) 11, no. 3 (2014): 145.
  • Xi, Kai, Yan Tang, and Jiankun Hu. “Correlation keystroke verification scheme for user access control in cloud computing environment.”The Computer Journal (2011): bxr064.
  • Jensen, Meiko, Jorg Schwenk, Jens-Matthias Bohli, Nils Gruschka, and Luigi Lo Iacono. “Security prospects through cloud computing by adopting multiple clouds.” InCloud Computing (CLOUD), 2011 IEEE International Conference on, pp. 565-572. IEEE, 2011.
  • de la Prieta, Fernando, María Navarro, Jose A. García, Roberto González, and Sara Rodríguez. “Multi-agent System for Controlling a Cloud Computing Environment.” Portuguese Conference on Artificial Intelligence, pp. 13-20. Springer Berlin Heidelberg, 2013.
  • Ryan, Mark D. “Cloud computing security: The scientific challenge, and a survey of solutions.”Journal of Systems and Software 86, no. 9 (2013): 2263-2268.
  • Santos, Nuno, Krishna P. Gummadi, and Rodrigo Rodrigues. “Towards Trusted Cloud Computing.”HotCloud 9, no. 9 (2009): 3.
  • Ouedraogo, Moussa, Severine Mignon, Herve Cholez, Steven Furnell, and Eric Dubois. “Security transparency: the next frontier for security research in the cloud.”Journal of Cloud Computing 4, no. 1 (2015): 12.
  • Michalas, Antonis, and Rafael Dowsley. “Towards trusted ehealth services in the cloud.” InUtility and Cloud Computing (UCC), 2015 IEEE/ACM 8th International Conference on, pp. 618-623. IEEE, 2015.
  • Hashizume, Keiko, David G. Rosado, Eduardo Fernández-Medina, and Eduardo B. Fernandez. “An analysis of security issues for cloud computing.”Journal of Internet Services and Applications 4, no. 1 (2013): 5.
  • Lombardi, Flavio, and Roberto Di Pietro. “Secure virtualization for cloud computing.”Journal of Network and Computer Applications 34, no. 4 (2011): 1113-1122.
  • Michalas, Antonis. “Sharing in the Rain: Secure and Efficient Data Sharing for the Cloud.” In2016 International Conference for Internet Technology And Secured Transactions, pp. 589-595. 2016.
  • Robertson, B.: Top Five Cloud Computing Adoption Inhibitors, cited 1 December(2009)
  • Vael. (2010, 24 July 2010). Cloud Computing: An insight into the Governance & Security aspects.
  • Cloud Security Alliance. (2009, 20 May 2010). Security Guidance for Critical Areas of Focus in Cloud Computing.
  • Third Brigade. (2008, 21 July 2009). Cloud Computing Security: Making Virtual Machines Cloud-Ready.
  • Li, Ming, Shucheng Yu, Yao Zheng, Kui Ren, and Wenjing Lou. “Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption.”IEEE transactions on parallel and distributed systems 24, no. 1 (2013): 131-143.