See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/349303347

Cloud Security

Technical Report · January 2021

DOI: 10.13140/RG.2.2.13876.58242

CITATIONS READS
2 6,997

3 authors:

Kashim Kyari Mohammed Aisha Abdulrahman Abba

13 PUBLICATIONS 3 CITATIONS
Middlesex University, UK
5 PUBLICATIONS 3 CITATIONS
SEE PROFILE
SEE PROFILE

Aisha Muhammad
Middlesex University, UK
6 PUBLICATIONS 3 CITATIONS

SEE PROFILE

All content following this page was uploaded by Kashim Kyari Mohammed on 14 February 2021.

The user has requested enhancement of the downloaded file.

 Cloud Security

Aisha A. Abba Aisha Muhammad Kashim K. Mohammed

Department of Computer Science Department of Computer Science Department of Computer Science
Middlesex University Middlesex University Middlesex University
Flic-en-flac, Mauritius Flic-en-flac, Mauritius Flic-en-flac, Mauritius
[email protected] [email protected] [email protected]

• Storage of personal data of clients on cloud servers

Abstract—In the last decade, cloud computing has been that are remote servers not operated by clients.
incorporated in various industries, from Health to Military, which
has been meticulously guided by exploring related technologies in Both above three cloud computing states are severely
the industry and academia alike. The individual and enterprise vulnerable to security breaches that make study and
computing model have shifted from on-site infrastructure to investigation on the security aspects of cloud computing
remote data centres which is accessible via internet and managed practice an imperative. There have been a variety of different
by cloud service providers. However, this paradigm shift in mixes that are being used in the cloud storage realm, but the
computing introduces security concerns to individuals and basic principle remains the same – infrastructure, or services
enterprises. To increase cloud deployment, these security concerns stay somewhere else with someone else's possession, and
need to be thoroughly reviewed and addressed. This paper customers borrow it for the time they use it infrastructures
reviews the cloud security issues and concerns , while addressing (Chaturvedi & Gupta, 2020). On certain cases, confidential data
various key topics like vulnerabilities, threats and mitigations, and stored on external cloud servers must also be counted. Safety
cloud models.
has been at the forefront of secure programming activities.
When it is possible for any unauthorized entity to 'snake' on any
private device by means of various 'hacking' methods; the
expansion of the scope to access someone's personal data via
Index Terms—Cloud Computing, Security
cloud storage effectively poses more security issues.
Cloud computing is unlikely to remove this expanding scope
due to its existence and attitude to it. Therefore, stability has
1 INTRODUCTION
always been a challenge for cloud storage activities. Robust
Cloud computing is a model for fast, on demand network security and secure computing technology are not a one-off
access to a shared network. Configurable computing resource endeavour, but a continual one – which makes it important to
pool (e.g., networks, servers, storage, software, and services) evaluate and understand the state-of-the-art cloud computing
that includes configurable computing resources. With security as a necessary activity. Cloud is primarily classified as
minimum management effort or service provider involvement, private cloud, group cloud, hybrid cloud, and public cloud.
it can be easily provisioned and published. Many of us are going (Mondal et. Al., 2020).
to see a paradigm change in information technology in our lives. Discussion in this paper only assumes one type of cloud. There
Current advances in the world of computation may have is a public cloud as this statement would match all the features
significantly altered the way computing, as well as definition of of some other type of cloud. Thanks to its diverse capacity, the
capital in computing. In cloud computing network, the services cloud storage solution is the fifth utility to follow the current
are generally in the premise or network of someone else and water, gas, and telephony services, rather than simply another
accessed Cloud users remotely (Alam, 2020). facility.
Processing is performed remotely, meaning that a person's data The research discussed in this paper is structured with a view to
and other items need to be sent to a cloud infrastructure or exploring and defining the solution to cloud storage, security
computer for processing, and the output is returned. Upon problems and questions that need to be considered in this paper.
fulfilment of the requested processing in certain cases, it might Deployment to a cloud-based computing platform. The
be appropriate or at least feasible for a person to store data on importance of security in cloud computing, security issues,
remote cloud servers. This involve the following three sensitive cloud security threats, including architectural illustration, cloud
states or situations that are of special interest in the security attacks, solutions, and critical analysis of existing
organizational context of cloud computing: solutions was considered in the context of the debate of this
• Transmission of confidential personal data to the cloud article.
server,
• Transmission of data from the cloud server to the
computers of the clients and
 2 BACKGROUND OF STUDY
2.1 Cloud Computing: Background
2.1.1 What is cloud security?
The IT world has developed from mainframes to client
computers, cloud computing, and the internet virtualization.
Cloud computing offers a centralized repository of configurable
IT service (e.g., computation, networking, applications,
storage, and Information) on demand, as a distributed and
versatile service, across a networked system, on a measured
(pay-per-use or subscription) basis, which needs limited
maintenance effort, is focused on service-level arrangements
between the service provider and customers and is mostly used
by the service provider and consumers. This also takes the form
of internet-based tools or programs that users can view and use
with a web interface as if it were a program installed locally on
their personal computer (Abdul-Jabbar et. Al., 2020) .
Cloud computing can provide application (software-as-
service), hardware (infrastructure-as-a-service) or technology
tools (platform-as-a-service) that are accessible on request, to Figure 1 Architectural framework of Cloud Computing (Driesen &
Eberlein, 2012)
opposed licensed software and tools, or hardware purchases.
3.1.1 Essential Characteristics
The type and quality of operation and the specifications for
The five main characteristics of cloud computing provided by
cloud storage are, in most cases, decide upon in the Service
NIST includes:
Level Agreement (SLA) between the service provider and the
I. On-demand self-service:
customer (Alam, 2020).
Using web services and management interfaces, consumers can
make requests, manage access and services directly when
2.1.2 Cloud role players.
needed. This can be achieved without any human interaction
Applications and other IT facilities are managed in-house in the
with service providers (Lee et. Al ., 2020)
conventional IT setting. Cloud computing provides
II. Broad network access:
applications, IT platforms, storage, or other resources in the
Cloud capabilities, data and services presented in the cloud
cloud, somewhere within the bounds of the Internet. Services
network must be accessible using standard mechanisms that
are offered by a third-party provider who hides the complexity
facilitate the use of heterogeneous systems for thin or thick
of the underlying networks from the end customer.
client platforms (Herman et. Al., 2020). Devices like
Cloud computing building blocks are hardware and software
workstations, mobile phones, laptops etc. run with standard
architectures that allow infrastructure scaling and virtualization.
protocol and it is the nature of the cloud to support the
Cloud computing architecture also involves cloud services
protocols.
(mediated services) offered by cloud service providers
III. Resources Pooling:
(vendors, third parties or brokers) to cloud customers
The cloud providers provide large physical and virtual
(companies, IT staff or end users) over networked networks
computing resources pooled and shared among multiple
(i.e., Virtual private network or the Internet). These cloud
consumers. These resources are dynamically allocated
storage services are regulated by contractual arrangements
according to the demands of the consumers, usually in a multi-
(SLAs) defining customer specifications and the obligation of
tenant environment (Lee et. Al ., 2020).
the vendor to them (Sunyaev, 2020).
IV. Rapid elasticity:
Capabilities, data, and services in the cloud can be elastically
3 ARCHITECTURAL FRAMEWORK
provisioned and released as it is a feature of the cloud to be
Cloud computing combines different technologies to deliver elastic. These capabilities are scaled rapidly as per the demands
effective services to end-users. In this section, the architectural of the consumers, in any quantity and at any given time.
framework of cloud computing is presented and shown in the V. Measured service:
figure 1. To understand the security issues of cloud computing, The cloud system's metering functionality can be used to
one of the most important things to understand is the framework optimize and monitor services automatically according to
and basic concept of what is involved in the cloud. In most customer demands. It is then possible to track the use of
literature, authors refer to the architecture of the cloud defined resources and report them to both the provider and the
by the National Institute of Standards and Technology (NIST). consumer. Where the consumers are charged in a pay-as-you-
The definition of cloud computing by the institute is widely use manner (Lee et. Al ., 2020).
accepted and used to offer a clear understanding of the cloud.
According to NIST, these cloud models comprises of five (5) 3.1.2 Service Models
essential characteristics, three (3) cloud models and four (4) The "SPI MODEL" is a generally accepted framework for
delivery models. defining the model of cloud computing services. The acronym
“SPI” reflects the three cloud-based services model: software-
as-a-service (SaaS), platform-as-a-service (PaaS), and I. Cloud provider:
infrastructure-as-a-service (IaaS): A cloud provider is referred to as a purveyor of cloud resources
I. Software as a service (SaaS): (Birje et. Al., 2017).The primary responsibility of the cloud
SaaS is a capability provided to customers by a third-party provider is to make and ensure that the cloud services are
provider to use its program, transfer data to remote storage on a available to the consumer.
cloud infrastructure. The programs are accessible from a variety II. Cloud consumer:
of client devices through either a thin interface such as a The cloud consumer is an entity or organization that consumes
browser or a program interface (Kavis, 2014). SaaS is typically and uses cloud resources offered by the cloud providers (Birje
available on demand to its customers. Salesforce, Oracle CRM, et. Al., 2017).
and Google Docs are well known examples of SaaS. III. Cloud broker
II. Platform-as-a-service (PaaS): A cloud broker operates between the consumer and the cloud
PaaS is a platform-oriented model with a higher-level provider as an intermediary. The integration of resources can be
programmable platform (Kavis, 2014). It provides a capability too difficult for a customer to manage alone as the cloud
to customers to develop and deploy application onto the cloud infrastructure continues to evolve. Instead of a cloud provider,
infrastructure. The platform provides libraries, API’s, a consumer can request assistance from the broker to implement
programming models, IDE implemented and operated remotely their desired services (Birje et. Al., 2017).
for developing applications. Windows Azure, Google App IV. Cloud carrier
Engine and RedHat OpenShift are examples of PaaS with an The cloud carrier is a communication link, responsible for the
extensible environment. transfer of data amongst all entities. In cloud computing, the
III. Infrastructure-as-a-service (IaaS): internet serves as the carrier using the HTTP protocol to transfer
IaaS provides customers with essential computing tools to information to/amongst various entities (Birje et. Al., 2017).
deploy and run arbitrary software’s that could include operating V. Cloud auditor
systems and applications. It offers basic storage, virtualized A cloud auditor is a third-party entity that carries out an
infrastructure, and other abstract hardware and operating independent examination on all cloud processes, controls,
systems that can be managed by a service API (Velev, 2011). performances, and security threats with the intent to express an
Examples of IaaS solutions are Amazon Web Service, opinion on them (Birje et. Al., 2017).
Microsoft System Centre, and VMware vCloud Suite.
4 CLOUD COMPUTING SECURITY
3.1.3 Deployment models
Regardless of the service model used, there are four key models 4.1.1 Security Issues in Cloud Computing
in which cloud services can be implemented. Cloud security is accomplished, in part, by third party controls
I. Private cloud: and assurance, just as in conventional outsourcing
The private cloud is managed and controlled internally by a arrangements. However, since there is no universal cloud
single organization or by third party auditing (TPA). The computing security standard, there are additional problems
private cloud model has a highly virtualized data centre located associated with this. Often cloud services adopt their own
within the clients’ firewall. It has unique workloads that offers proprietary protocols and encryption technologies and
a well-managed environment, efficient use of computing implement various security models that need to be judged on
resources, protection, and compliance (S. Pal, 2011). their own merits. In the cloud paradigm of the manufacturer, it
II. Community cloud: is essentially up to the adoption of customer organizations, this
Here, several organizations must share the same cloud is to ensure that protection in the cloud follows their own
infrastructure jointly with a particular group that has the same security policies by receiving specifications from the supplier.
interest. Interest maybe requirements, services, security Danger evaluation, due diligence, and assurance practices
measures or applications. (Singh & Chatterjee, 2017).
III. Public cloud: As a result, the security problems posed by companies seeking
Public cloud is provided for free use by the public. It may be to employ cloud platforms are not fundamentally different from
owned, controlled, and operated by, or a combination of a those relying on their own in-house controlled businesses. The
corporation, academic, or government entity. It resides at the same external and the same internal hazards are current and
cloud provider's premises. need risk control or acceptance of risks. In the following, we
IV. Hybrid cloud: discuss the information management issues that companies will
This cloud infrastructure is a combination of two or more cloud need to consider, either through vendor insurance or public
models. These infrastructures remain unique but are bound cloud services, or specifically, through the creation and
together by standardized or proprietary technology that enables deployment of security measures in a privately held cloud. In
portability of data and application. specific, the following problems are examined:
• Treatment against information properties in cloud
3.1.4 Cloud roles and boundaries
computing setting
The cloud has various predefined roles. NIST cloud computing
• The forms of attackers and their ability to target the
architecture defines five main roles that are also known as
cloud
actors. These actors (entities or organization) participate in
processes or activities in the cloud infrastructure. This section
explains the roles of each actor.
 • The vulnerability threats involved with the cloud, and that they are well protected from other operations
where applicable, the considerations of attacks and (Mondal et. Al., 2020).
countermeasures • Data Theft: Cloud Storage uses an online cost-effective
• Emerging vulnerability threats in the cloud and scalable data server for operations.
• A few examples of cloud protection accidents. • User level Issues: user can guarantee that there is no lack
of data or data tampering by those customers accessing
A. Components Affecting Cloud Security the same cloud due to their own behaviour.
Numerous security problems for cloud computing remain, • Security issues in Provider level: Provider can allow a
including virtualization, space utilization, momentum strong layer of security between customer and user. It
management, cloud networks, concurrency control, memory should ensure that the server is well defended from any
management, operating systems, and database. For example, potential threats it will face.
protection in a cloud network that interconnects devices in a
cloud must be safe. The Cloud Computing Virtualization model 4.1.2 Cloud Security Threats
results in a variety of security concerns (Ali & Vasilakos, In computer security terms, threats are circumstances that
2015). And the mapping of a virtual machine to a real machine adversely impact the operations of a system. The 2020 cloud
must be performed safely. Concurrency protection includes security report identified the biggest cloud computing threats as
encrypting data as well as ensuring that acceptable protocols for Misconfiguration of the cloud platform, unauthorized access,
data exchange are implemented. Resource allocation and and insecure interface/API (Gautam & Jain, 2020). Other
memory management algorithms must be safe. threats include Hijacking of accounts, External data sharing,
and Malicious insider.
4.1.1.1 Security Issues Faced by Cloud Computing I. Side channel attacks:
Cloud makes it easy to reach the force of computation that The risk of side channel attacks which eventually leak data
beats. They have their own physical realm. It leads to a lot of across multiple virtual machines in the same datacentre is a big
security issues. The cloud service provider guarantees that the issue for cloud delivery models that make use of virtualization
user does not face any issues such as data leakage or data theft. technology (Zhang et. Al, 2016) . This allows attackers to act
Cloud storage architecture uses emerging technologies and as customers to compromise other customers’ data from within
facilities, most of which have not been completely tested in a shared cloud infrastructure.
terms of security. As a result, many users that share the
contaminated cloud are affected. The security problems facing II. Misconfiguration of cloud platforms:
cloud computing are discussed below (Gupta & Gupta, 2014): According to the 2020 cloud security report by AWS,
Misconfiguration of cloud platforms is the leading threat to
• Data Access Control: Often personal data may be cloud computing and a leading cause of data breaches.
obtained inappropriately due to a lack of safe data access Customers outsource their software and data to the cloud, with
control. Critical data in a cloud storage setting is emerging the assurance that their assets are safe within the cloud
as significant security concerns in a cloud-based environment. A minor misconfiguration can compromise the
framework (Mondal et. Al., 2020). system's security, leaving the cloud resources exposed to
• Integrity of data: Integrity of data involves situations attackers. Configurations must, as such, be well in place and
where human error happens as data is entered. Errors may compliant with security policies (Chaturvedi & Gupta, 2020).
occur as data is transferred from one device to another, III. Unauthorized Access:
otherwise hardware malfunctions, such as disk crashes, Unauthorized access is another complex threat to deal with.
may cause error (Mondal et. Al., 2020). Improper access control or misuse of employee credentials will
• Data loss: This is an important cloud computing problem. make it possible for an intruder to obtain direct access, possibly
If banking and corporate transfers, research, and without the knowledge of the organization. Improper access
development concepts are all done online, unknown control in the sense that there are no appropriate access controls
persons may be able to access shared knowledge (Mondal in place to avoid unauthorized access to the cloud
et. Al., 2020). infrastructure. The misuse of employees' credential, which is
due to employee ignorance, as employees log in to the cloud
• Administrative Access to Servers: Consumer access to
infrastructure from various devices, i.e., home desktops, cell
computing power is imperative is imperative to cloud
phones, or reusing passwords between company and personal
service models. In data centres, access to servers with
accounts, or exchange passwords with colleagues to access
elevated privilege is restricted to on-site connections only.
accounts. All this leaves the device vulnerable to external
However, in cloud computing, access to servers with
threats (Chaturvedi & Gupta, 2020).
elevated privilege is done over the internet, making the
IV. Insecure interface/API:
infrastructure vulnerable to attack. Thus, it is crucial to
To access and communicate with cloud services, cloud service
restrict elevated privilege access and properly maintain
providers expose clients with a set of APIs and software
access log for monitoring system control changes
interfaces. The management, monitoring and provisioning of
(Claywomb & Nicoll, 2012).
the cloud services is provided by these interfaces. As such, the
• Privacy Issues: User confidential information
security and availability of the general cloud services depends
confidentiality is extremely critical for cloud computing.
on the security of these fundamental (Chaturvedi & Gupta,
Many servers are external, so the provider can make sure
2020). These interfaces, however, must be configured to protect III. Phishing Attacks:
against accidental as well as malicious attempts to disrupt the Phishing attack is a type of social engineering technique that
protection of these APIs. Weak interface/APIs can expose uses disguised email as a weapon. It occurs when an attacker
clients to various security threats, such as sensitive data masquerades a legitimate entity with a link or an attachment,
leakage, anonymous access, restricted monitoring, modification creating a sense of urgency and curiosity (Mondal & Goswami,
of application configuration settings, etc. 2020). When a user clicks on the link, he/she is redirected to a
V. Hijacking of Accounts: fake website without their knowledge and are asked to enter
Account or service hijacking is done using compromised their login credentials. When the user enters the credentials, the
customer credentials to gain access to the cloud services. This attacker can gain access to it.
can be executed through phishing or manipulation of
vulnerabilities in software. The reuse of credentials often
contributes to such attacks in some situations. With the
compromised credentials, the attackers can gain access to 5 EXISTING SECURITY SOLUTIONS
sensitive parts of the cloud services compromising
confidentiality, integrity, and availability of the services 5.1 Existing Solutions
(Alam, 2020). • Intrusion Detection and Prevention - Intrusion Detection
VI. External Data-Sharing: System (IDS) and Intrusion Prevention System (IPS)
Data sharing has become a vital operation for almost every safeguards enterprise applications and operating systems
organization. The cloud system was built to make data sharing vulnerabilities till a patch or an update is made available,
a lot easier. Using cloud, collaborators can easily be invited via to prevent attacks like Zero-day attack. VMs and Cloud
emails or a shared link that enables anyone with the URL to servers often use similar system software, application
access and adjust the shared resource. While this easy exchange software and physical infrastructure. However, software-
of data is considered an asset, the link may be shared, stolen, or based IDS and IPS deployment on VMs safeguards
guessed, providing unauthorized access to the resources. This protects against vulnerabilities (Negi et. Al., 2020).
could undermine the confidentiality and integrity of the shared
resources (Alam, 2020). Also, once this connection is shared, • Firewall - A firewall can be used to reduce the attack
access to the recipient cannot be revoked. surface of VMs in a typical cloud environment. A two-way
firewall or bi-directional firewall is deployed on specific
VII. Malicious Insider: VMs, while providing an integrated management of
This challenge is a big security concern that is difficult to firewall policy (Li et. Al., 2020). However, the firewall
protect against. It involves an insider who can easily access a policy should include and enable the following templates:
system's critical resources or control over the cloud services at 1. VM separation 2. Fine-grained filtering 3. Coverage of
higher levels with little or no risk of detection. A malicious all frame types and IP-based protocols 4. Ability to create
insider's actions adversely affect the confidentiality, integrity, policies for each network interface.
and availability of information and has an impact on internal
activities, company reputation, and customer trust (Alam, • Log Inspection - Log Inspection and analysis of logs from
2020). operating system and application logs for security related
events. Log Inspection rules allow for the optimization of
4.1.3 Cloud Security Attacks security event detection, usually events lost in multiple log
I. Denial of service attacks: entries (Negi et. Al., 2020). A Security Information and
DoS attack is when an attacker sends thousands of requests to Event Management (SIEM) system ensures maximum
exhaust all the resources the server has until it becomes visibility of events received. However, a cloud-based log
unavailable. The request packet wastes the capacity, inspection software allows for the following: 1. Collation
cryptographic operations, and performance time. This affects of security related actions. 2. Detection of suspicious
the clouds behaviour and availability (Mittal, 2020). Compared activity. 3. A collation of security related events across the
to a DoS attack, a distributed DoS attack is much more server farm.
complicated and harder to detect.
II. Man-in-the-Middle attacks: 5.1.1 Recommendations
A man in the middle attack refers to an attack where a malicious These recommendations are targeted towards cloud service
actor secretly inserts him/herself between two communicating providers and consumers. While considering human factors in
parties to obtain access to information being exchanged or, security, malicious actors have resorted to more advanced ways
possibly alter the data that is been sent and received across of gaining access into protected networks and applications.
without the knowledge of both parties (Jansen, 2020). This However, users should always be wary of malware threats
attack is possible only if the communication channels are not whilst surfing the internet and use a carefully phrased strings of
secured or lack security configurations in the Secure Socket credentials for different applications. Additionally, applications
Layer (SSL) (Jansen, 2020). should enforce a password policy whereby common phrases or
strings of password are unacceptable. According to Goodin
(2012), the more complex a password is, in terms of length,
drastically increases the time taken to crack the password,
eventually addressing the risk of brute-force cracking. The
Secure Hash Algorithm-1 (SHA-1) and the Message Digest 5 6 REFERENCES
(MD5) both have a design goal of being fast and whilst making 1. Abdul-Jabbar, S.S., Aldujaili, A., Mohammed, S.G. and
use of very minimal computing resource. This goal reduces the Saeed, H.S., 2020. Integrity and Security in Cloud
efficacy of brute-force attacks, and a single iteration of crypto Computing Environment: A Review. Journal of Southwest
hash function is not sufficient to store salted passwords. Jiaotong University, 55(1).
However, it is recommended to utilize slower and multi- 2. Alam, T., 2020. Cloud Computing and its role in the
iteration hashing algorithms like bcrypt (Kamal, 2019). This Information Technology. IAIC Transactions on
approach may considerably reduce of brute-force cracking Sustainable Digital Innovation (ITSDI), 1(2), pp.108-115.
methods in cloud computing, but the computational 3. Ali, M., Khan, S. U., & Vasilakos, A. V. (2015). Security
requirements will increase. Hence, it is left to cloud service in cloud computing: Opportunities and
providers to wisely deem between the security level and challenges. Information Sciences (Ny), 305, 357–
performance. 383.Claycomb, W.R. and Nicoll, A., 2012, July. Insider
Another recommendation is for cloud service providers to threats to cloud computing: Directions for new research
enforce Two-Factor Authentication (2FA), as most cloud challenges. In 2012 IEEE 36th Annual Computer Software
service providers like Google and Apple have done. This is and Applications Conference (pp. 387-394). IEEE.
motivated by security intrusion and weak password choices by 4. Birje, M.N., Challagidad, P.S., Goudar, R.H. and Tapale,
consumers (Mohsin et. Al., 2017). The Two-Factor M.T., 2017. Cloud computing review: concepts,
Authentication builds upon the existing login process of technology, challenges, and security. International
provides user ids and passwords by adding a securely generated Journal of Cloud Computing, 6(1), pp.32-57.
and delivered token. This token is a time-based access code 5. Chaturvedi, C. and Gupta, B.B., 2020. Cloud Computing
which is usually refreshed periodically, establishing the One- Security: Taxonomy of Issues, Challenges, Case Studies,
Time-Password (OTP). Similarly, the authentication server and Solutions. In Handbook of Research on Intrusion
runs a time-based algorithm as the initial pre-shared key to Detection Systems (pp. 306-325). IGI Global.
generate synchronized codes with the token. This is requested 6. D. Velev and P. Zlateva, "Cloud Infrastructure
by the login system after the provision of user ids and Security", Lecture Notes in Computer Science, pp. 140-
passwords (Kumar et. Al., 2020). 148,2011. Available:
A systemic, yet prudent examination of cloud deployment https://www.researchgate.net/publication/220865671_Clo
models should be considered in creating a balanced merit to ud_Infrastructure_Security. [Accessed 2 November 2020].
demerit ratio whilst focusing on the security aspect. In that case, 7. Driesen, V. and Eberlein, P., SAP SE, 2012. Brokered
licensed and trusted 3rd party auditors may be called upon. cloud computing architecture. U.S. Patent 8,250,135.
However, to avoid attacks, cloud service providers should close 8. Gautam, R. and Jain, M., 2020. Cloud Computing Security:
OpenDNS resolvers and consider security as the topmost Aws Data Security Credentials. Studies in Indian Place
priority. Security should be deployed in both hardware and Names, 40(3), pp.6385-6389.
software and be implemented in all parts of the Software 9. Goodin, D., 2012. Why passwords have never been
Development Life Cycle (Sen & Madria, 2020). weaker-and crackers have never been stronger. Ars
Technica.
5.2 Conclusion 10. H. Gupta and D. Kumar, "Security Threats in Cloud
Cloud computing has emerged significantly within the past Computing", 2019 International Conference on Intelligent
decade, with major innovations and advances adopted widely Computing and Control Systems (ICCS), 2019. Available:
https://ieeexplore.ieee.org/document/9065542. [Accessed
in various industries due to a more practical service and
26 December 2020].
convenience. Enterprise and Organization reap benefits from
11. H. Schulze, "AWS Cloud Security Report 2020 for | Cloud
adopting cloud solutions within their businesses. However,
cloud security is a vital part of computer security, this poses a Security Alliance", Cloud Security Alliance, 2020.
challenge because of the extensive adoption of cloud computing [Online]. Available:
https://cloudsecurityalliance.org/blog/2020/10/14/aws-
and the internet connection aspect of cloud computing makes
cloud-security-report-2020-for-management-managing-
the service vulnerable to various types of security threats. The
the-rapid-shift-to-cloud/. [Accessed 28 December 2020].
significant threats to cloud security are extensively reviewed in
12. Herman, M., Iorga, M., Salim, A.M., Jackson, R.H., Hurst,
this paper. Additionally, countermeasures and threat mitigation
solutions are offered to serve as recommendations. Similarly, M.R., Leo, R., Lee, R., Landreville, N.M., Mishra, A.K.,
the comprehension of issues faced by cloud security and Wang, Y. and Sardinas, R., 2020. NIST Cloud Computing
Forensic Science Challenges (No. NIST Internal or
workable solutions is vital to diminishing the risks associated
Interagency Report (NISTIR) 8006). National Institute of
to cloud computing adoption.
Standards and Technology.
13. Jansen, L.W.L., Comparing cloud security directions 27. T. Yu and Y. Zhu, "Research on Cloud Computing and
between the academia and the Industry, A survey. Security", 2012 11th International Symposium on
14. Kamal, P., 2019. Security of Password Hashing in Distributed Computing and Applications to Business,
Cloud. Journal of Information Security, 10(02), p.45. Engineering & Science, 2012. Available:
15. Kavis, M.J., 2014. Architecting the cloud: design decisions https://ieeexplore.ieee.org/document/6385297. [Accessed
for cloud computing service models (SaaS, PaaS, and 28 December 2020].
IaaS). John Wiley & Sons. 28. Zhang, D., Jiang, T. and Wu, S., 2020. Brief Talk on Cloud
16. Kumar, S., Jafri, S.A.A., Nigam, N., Gupta, N., Gupta, G., Computing Technology. International Journal of Social
and Singh, S.K., 2020, February. A New User Identity Science and Education Research, 3(6), pp.168-171.
Based Authentication, Using Security and Distributed for
Cloud Computing. In IOP Conference Series: Materials
Science and Engineering (Vol. 748, No. 1, p. 012026). IOP
Publishing Ltd.
17. Lee, C.A., Bohn, R.B., Michel, M., Delaitre, A., Stivalet,
B., Black, P.E., Okun, V., Ribeiro, A., Cohen, T.S., Libert,
J. and Grantham, J., 2020. The NIST Cloud Federation
Reference Architecture 5. NIST Special Publication, 500,
p.332.
18. Li, J., Jiang, H., Jiang, W., Wu, J. and Du, W., 2020, May.
SDN-based Stateful Firewall for Cloud. In 2020 IEEE 6th
Intl Conference on Big Data Security on Cloud
(BigDataSecurity), IEEE Intl Conference on High
Performance and Smart Computing,(HPSC) and IEEE Intl
Conference on Intelligent Data and Security (IDS) (pp.
157-161). IEEE.
19. Mittal, R., 2020, October. Analysis of DDoS Attacks in
Cloud. In 2020 International Conference on Smart
Technologies in Computing, Electrical and Electronics
(ICSTCEE) (pp. 19-23). IEEE.
20. Mohsin, J.K., Han, L., Hammoudeh, M. and Hegarty, R.,
2017, July. Two factor vs multi-factor, an authentication
battle in mobile cloud computing environments.
In Proceedings of the International Conference on Future
Networks and Distributed Systems (pp. 1-10).
21. Mondal, A. and Goswami, R.T., 2020. ENHANCED
HONEYPOT CRYPTOGRAPHIC SCHEME AND
PRIVACY PRESERVATION FOR AN EFFECTIVE
PREDICTION IN CLOUD SECURITY. Microprocessors
and Microsystems, p.103719.
22. Mondal, A., Paul, S., Goswami, R.T. and Nath, S., 2020,
January. Cloud computing security issues & challenges: A
Review. In 2020 International Conference on Computer
Communication and Informatics (ICCCI) (pp. 1-5). IEEE.
23. Negi, P.S., Garg, A. and Lal, R., 2020, January. Intrusion
Detection and Prevention using Honeypot Network for
Cloud Security. In 2020 10th International Conference on
Cloud Computing, Data Science & Engineering
(Confluence) (pp. 129-132). IEEE.
24. S. Gupta and P. Gupta, "A Study of the Issues and Security
of Cloud Computing", International Journal of Computer
Science and Information Technologies, vol. 5, pp. 5432-
5433, 2014. [Accessed 28 December 2020].
25. Singh and K. Chatterjee, "Cloud security issues and
challenges: A survey", Journal of Network and Computer
Applications, vol. 79, pp. 88-115, 2017. Available:
10.1016/j.jnca.2016.11.027 [Accessed 26 December
2020].
26. Sunyaev, A., 2020. Cloud Computing. In Internet
Computing (pp. 195-236). Springer, Cham.

View publication stats