research paper on cloud computing security issues pdf

A Systematic Literature Review on Cloud Computing Security: Threats and Mitigation Strategies

Ieee account.

• Change Username/Password
• Update Address

Purchase Details

• Payment Options
• Order History
• View Purchased Documents

Profile Information

• Communications Preferences
• Profession and Education
• Technical Interests
• US & Canada: +1 800 678 4333
• Worldwide: +1 732 981 0060
• Contact & Support
• About IEEE Xplore
• Accessibility
• Terms of Use
• Nondiscrimination Policy
• Privacy & Opting Out of Cookies

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity. © Copyright 2024 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.

Advertisement

A literature survey of security issues in Cloud, Fog, and Edge IT infrastructure

• Published: 18 October 2022

Cite this article

• Patricia Akello 1 , 2 ,
• Nicole Lang Beebe 1 , 2 &
• Kim-Kwang Raymond Choo   ORCID: orcid.org/0000-0001-9208-5336 1 , 2  

614 Accesses

Explore all metrics

Increasing complexity in and interconnectivity between technologies and systems (e.g., cloud computing, Internet of Things (IoT), fog and edge computing) can complicate data processing and security requirements. Thus, in this paper we review existing literature survey articles focusing on cloud, fog and edge computing platforms and infrastructures. We then present the result of a systematic survey of existing literature surveys. Our research uses the PRISMA methodology and grounded theory to guide the review process, along with grounded theory for the classification of identified issues. The issues together with research trends and future research recommendations are then discussed, with the objective of informing future research agenda.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price includes VAT (Russian Federation)

Instant access to the full article PDF.

Rent this article via DeepDyve

Institutional subscriptions

Similar content being viewed by others

A Comprehensive Survey on Security of Single Source Cloud to Distributed Enviroments Edge and Fog Computing

A Pragmatic Analysis of Security Concerns in Cloud, Fog, and Edge Environment

An Overview on Security Challenges in Cloud, Fog, and Edge Computing

Mell, P., & Grance, T. (2011). “The NIST definition of cloud computing,”

Ramachandra, G., Iftikhar, M., & Khan, F. A. (Jan. 2017). A Comprehensive Survey on Security in Cloud Computing. Procedia Comput Sci , 110 , 465–472. doi: https://doi.org/10.1016/j.procs.2017.06.124

Biswas, A. R., & Giaffreda, R. (2014). “IoT and cloud convergence: Opportunities and challenges,” in 2014 IEEE World Forum on Internet of Things (WF-IoT), Mar. pp. 375–376. doi: https://doi.org/10.1109/WF-IoT.2014.6803194

Bonomi, F., Milito, R., Zhu, J., & Addepalli, S. (2012). “Fog Computing and Its Role in the Internet of Things,” in Proceedings of the First Edition of the MCC Workshop on Mobile Cloud Computing, New York, NY, USA, pp. 13–16. doi: https://doi.org/10.1145/2342509.2342513

Khan, S., Parkinson, S., & Qin, Y. (Aug. 2017). Fog computing security: a review of current applications and security solutions. J Cloud Comput , 6 (1), 19. doi: https://doi.org/10.1186/s13677-017-0090-3

Rodero-Merino, L., Vaquero, L. M., Caron, E., Muresan, A., & Desprez, F. (Feb. 2012). Building Safe PaaS Clouds: A Survey on Security in Multitenant Software Platforms. Comput Secur , 31 (1), 96–108. doi: https://doi.org/10.1016/j.cose.2011.10.006

Pearce, M., Zeadally, S., Hunt, R., “Virtualization: Issues, Security Threats, and, & Solutions (2013). ” ACM Comput Surv, vol. 45, no. 2, p. 17:1–17:39, Mar. doi: https://doi.org/10.1145/2431211.2431216

Pande, V. K., Marlecha, C., & Kayte, S. (2016). “A Review-Fog Computing and Its Role in the Internet of Things,”

Moher, D., Liberati, A., Tetzlaff, J., Altman, D. G., & Group, T. P. (2009). “Preferred Reporting Items for Systematic Reviews and Meta-Analyses: The PRISMA Statement,” PLOS Med., vol. 6, no. 7, p. e1000097, Jul. doi: https://doi.org/10.1371/journal.pmed.1000097

Corbin, J. M., & Strauss, A. (1990). “Grounded theory research: Procedures, canons, and evaluative criteria,” Qual. Sociol., vol. 13, no. 1, pp. 3–21, Mar. doi: https://doi.org/10.1007/BF00988593

Chukwu, E., & Garg, L. (2020). A Systematic Review of Blockchain in Healthcare: Frameworks, Prototypes, and Implementations. Ieee Access : Practical Innovations, Open Solutions , 8 , 21196–21214. doi: https://doi.org/10.1109/ACCESS.2020.2969881

Article   Google Scholar  

Maphosa, M., Doorsamy, W., & Paul, B. S. (2022). Factors Influencing Students’ Choice of and Success in STEM: A Bibliometric Analysis and Topic Modeling Approach. Ieee Transactions On Education , 1–13. doi: https://doi.org/10.1109/TE.2022.3160935

Wilson, M., Sampson, M., Barrowman, N., & Doja, A. (Apr. 2021). Bibliometric Analysis of Neurology Articles Published in General Medicine Journals. JAMA Netw Open , 4 (4), e215840. doi: https://doi.org/10.1001/jamanetworkopen.2021.5840

Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (Feb. 2013). An analysis of security issues for cloud computing. J Internet Serv Appl , 4 (1, p. 5,), doi: https://doi.org/10.1186/1869-0238-4-5

Jouini, M., & Rabai, L. B. A. (2014). “Surveying and Analyzing Security Problems in Cloud Computing Environments,” in 2014 Tenth International Conference on Computational Intelligence and Security, Nov. pp. 689–693. doi: https://doi.org/10.1109/CIS.2014.169

Patel, A., Taghavi, M., Bakhtiyari, K., Celestino, J., & Júnior (Jan. 2013). An intrusion detection and prevention system in cloud computing: A systematic review. J Netw Comput Appl , 36 (1), 25–41. doi: https://doi.org/10.1016/j.jnca.2012.08.007

Rebollo, O., Mellado, D., & Fernández-Medina, E., “A Systematic Review of Information Security Governance Frameworks in the Cloud Computing Environment,” p.18

Wolfswinkel, J. F., Furtmueller, E., & Wilderom, C. P. M. (2013). “Using grounded theory as a method for rigorously reviewing literature,” Eur. J. Inf. Syst., vol. 22, no. 1, pp. 45–55, Jan. doi: https://doi.org/10.1057/ejis.2011.51

Birkmeier, D., & Overhage, S. (2009). “On Component Identification Approaches – Classification, State of the Art, and Comparison,”in Component-Based Software Engineering, pp.1–18

Osanaiye, O., Choo, K. K. R., & Dlodlo, M. (2016). “Distributed Denial of Service (DDoS) Resilience in Cloud,” J Netw Comput Appl, vol. 67, no. C, pp. 147–165, May doi: https://doi.org/10.1016/j.jnca.2016.01.001

Stojmenovic, I., & Wen, S. (2014). “The Fog computing paradigm: Scenarios and security issues,” in 2014 Federated Conference on Computer Science and Information Systems, Sep. pp. 1–8. doi: https://doi.org/10.15439/2014F503

Hong, J. B., Nhlabatsi, A., Kim, D. S., Hussein, A., Fetais, N., & Khan, K. M. (Feb. 2019). Systematic identification of threats in the cloud: A survey. Computer Networks , 150 , 46–69. doi: https://doi.org/10.1016/j.comnet.2018.12.009

Patil, R., & Modi, C. (2019). “An Exhaustive Survey on Security Concerns and Solutions at Different Components of Virtualization,” ACM Comput. Surv. CSUR, vol. 52, no. 1, p. 12:1–12:38, Feb. doi: https://doi.org/10.1145/3287306

Kumar, R., & Goyal, R. (Aug. 2019). On cloud security requirements, threats, vulnerabilities and countermeasures: A survey. Comput Sci Rev , 33 , 1–48. doi: https://doi.org/10.1016/j.cosrev.2019.05.002

Subramanian, N., & Jeyaraj, A. (Oct. 2018). Recent security challenges in cloud computing. Computers & Electrical Engineering , 71 , 28–42. doi: https://doi.org/10.1016/j.compeleceng.2018.06.006

Singh, A., & Chatterjee, K. (Feb. 2017). Cloud security issues and challenges: A survey. J Netw Comput Appl , 79 , 88–115. doi: https://doi.org/10.1016/j.jnca.2016.11.027

Coppolino, L., D’Antonio, S., Mazzeo, G., & Romano, L. (Apr. 2017). Cloud security: Emerging threats and current solutions. Computers & Electrical Engineering , 59 , 126–140. doi: https://doi.org/10.1016/j.compeleceng.2016.03.004

Tari, Z., Yi, X., Premarathne, U. S., Bertok, P., & Khalil, I. (2015). “Security and Privacy in Cloud Computing: Vision, Trends, and Challenges,” IEEE Cloud Comput., vol. 2, no. 2, pp. 30–38, Mar. doi: https://doi.org/10.1109/MCC.2015.45

Ali, M., Khan, S. U., & Vasilakos, A. V. (Jun. 2015). Security in cloud computing: Opportunities and challenges. Information Sciences , 305 , 357–383. doi: https://doi.org/10.1016/j.ins.2015.01.025

Singh, S., Jeong, Y. S., & Park, J. H. (Nov. 2016). A survey on cloud computing security: Issues, threats, and solutions. J Netw Comput Appl , 75 , 200–222. doi: https://doi.org/10.1016/j.jnca.2016.09.002

Fernandes, D. A. B., Soares, L. F. B., Gomes, J. V., Freire, M. M., & Inácio, P. R. M. (2014). “Security issues in cloud environments: a survey,” Int. J. Inf. Secur., vol. 13, no. 2, pp. 113–170, Apr. doi: https://doi.org/10.1007/s10207-013-0208-7

Abbas, A., & Khan, S. U. (2014). “A Review on the State-of-the-Art Privacy-Preserving Approaches in the e-Health Clouds,” IEEE J. Biomed. Health Inform., vol. 18, no. 4, pp. 1431–1441, Jul. doi: https://doi.org/10.1109/JBHI.2014.2300846

Aguiar, E., Zhang, Y., & Blanton, M. (2014). “An Overview of Issues and Recent Developments in Cloud Computing and Storage Security,”. In K. J. Han, B. Y. Choi, & S. Song (Eds.), High Performance Cloud Auditing and Applications (pp. 3–33). New York, NY: Springer. doi: https://doi.org/10.1007/978-1-4614-3296-8_1

Chapter   Google Scholar  

Oktay, U., & Sahingoz, O. K. (2013). “Proxy Network Intrusion Detection System for cloud computing,” in 2013 The International Conference on Technological Advances in Electrical, Electronics and Computer Engineering (TAEECE), May pp. 98–104. doi: https://doi.org/10.1109/TAEECE.2013.6557203

Modi, C., Patel, D., Borisaniya, B., Patel, A., & Rajarajan, M. (Feb. 2013). A Survey on Security Issues and Solutions at Different Layers of Cloud Computing. J Supercomput , 63 (2), 561–592. doi: https://doi.org/10.1007/s11227-012-0831-5

Rong, C., Nguyen, S. T., & Jaatun, M. G. (Jan. 2013). Beyond lightning: A survey on security challenges in cloud computing. Computers & Electrical Engineering , 39 (1), 47–54. doi: https://doi.org/10.1016/j.compeleceng.2012.04.015

Pearson, S. (2013). “Privacy, Security and Trust in Cloud Computing. In S. Pearson, & G. Yee (Eds.), ” in Privacy and Security for Cloud Computing (pp. 3–42). London: Springer London. doi: https://doi.org/10.1007/978-1-4471-4189-1_1

Xiao, Z., & Xiao, Y. (Second 2013). Security and Privacy in Cloud Computing. Ieee Communication Surveys And Tutorials , 15 (2), 843–859. doi: https://doi.org/10.1109/SURV.2012.060912.00182

Perez-Botero, D., Szefer, J., & Lee, R. B. (2013). “Characterizing Hypervisor Vulnerabilities in Cloud Computing Servers,” in Proceedings of the 2013 International Workshop on Security in Cloud Computing, New York, NY, USA, pp. 3–10. doi: https://doi.org/10.1145/2484402.2484406

Kulkarni, G., Gambhir, J., Patil, T., & Dongare, A. (2012). “A security aspects in cloud computing,” in IEEE International Conference on Computer Science and Automation Engineering, Jun. 2012, pp. 547–550. doi: https://doi.org/10.1109/ICSESS.2012.6269525

Zissis, D., & Lekkas, D. (2012). Addressing cloud computing security issues. Future Gener Comput Syst , 28 (3), 583–592

Vaquero, L. M., Rodero-Merino, L., & Morán, D. (Jan. 2011). Locking the Sky: A Survey on IaaS Cloud Security. Computing , 91 (1), 93–118. doi: https://doi.org/10.1007/s00607-010-0140-x

Che, J., Duan, Y., Zhang, T., & Fan, J. (Jan. 2011). Study on the Security Models and Strategies of Cloud Computing. Procedia Engineering , 23 , 586–593. doi: https://doi.org/10.1016/j.proeng.2011.11.2551

Behl, A., & Behl, K. (2012). “An analysis of cloud computing security issues,” in 2012 World Congress on Information and Communication Technologies, Oct. pp. 109–114. doi: https://doi.org/10.1109/WICT.2012.6409059

Grobauer, B., Walloschek, T., & Stocker, E. (2011). “Understanding Cloud Computing Vulnerabilities,” IEEE Secur. Priv., vol. 9, no. 2, pp. 50–57, Mar. doi: https://doi.org/10.1109/MSP.2010.115

Subashini, S., & Kavitha, V. (Jan. 2011). A survey on security issues in service delivery models of cloud computing. J Netw Comput Appl , 34 (1), 1–11. doi: https://doi.org/10.1016/j.jnca.2010.07.006

Zhou, M., Zhang, R., Xie, W., Qian, W., & Zhou, A. (2010). “Security and Privacy in Cloud Computing: A Survey,” in 2010 Sixth International Conference on Semantics, Knowledge and Grids, Nov. pp. 105–112. doi: https://doi.org/10.1109/SKG.2010.19

Takabi, H., Joshi, J. B. D., & Ahn, G. J. (2010). “Security and Privacy Challenges in Cloud Computing Environments,” IEEE Secur. Priv., vol. 8, no. 6, pp. 24–31, Nov. doi: https://doi.org/10.1109/MSP.2010.186

Zhang, P., Zhou, M., & Fortino, G. (Nov. 2018). Security and trust issues in Fog computing: A survey. Future Gener Comput Syst , 88 , 16–27. doi: https://doi.org/10.1016/j.future.2018.05.008

Roman, R., Lopez, J., Mambo, M., et al. (Jan. 2018). : A survey and analysis of security threats and challenges,” Future Gener. Comput. Syst., vol. 78, pp. 680–698, doi: https://doi.org/10.1016/j.future.2016.11.009

Mukherjee, M., et al. (2017). Security and Privacy in Fog Computing: Challenges. Ieee Access : Practical Innovations, Open Solutions , 5 , 19293–19304. doi: https://doi.org/10.1109/ACCESS.2017.2749422

Alrawais, A., Alhothaily, A., Hu, C., & Cheng, X. (2017). “Fog Computing for the Internet of Things: Security and Privacy Issues,” IEEE Internet Comput., vol. 21, no. 2, pp. 34–42, Mar. doi: https://doi.org/10.1109/MIC.2017.37

Stojmenovic, I., Wen, S., Huang, X., & Luan, H. (2016). An overview of Fog computing and its security issues. Concurr Comput Pract Exp , 28 (10), 2991–3005. doi: https://doi.org/10.1002/cpe.3485

Yi, S., Qin, Z., & Li, Q. (2015). “Security and Privacy Issues of Fog Computing: A Survey,” in Wireless Algorithms, Systems, and Applications, pp. 685–695

Yi, S., Li, C., & Li, Q. (2015). “A Survey of Fog Computing: Concepts, Applications and Issues,” in Proceedings of the 2015 Workshop on Mobile Big Data, New York, NY, USA, pp. 37–42. doi: https://doi.org/10.1145/2757384.2757397

Lee, K., Kim, D., Ha, D., Rajput, U., & Oh, H. (2015). “On security and privacy issues of fog computing supported Internet of Things environment,” in 2015 6th International Conference on the Network of the Future (NOF), Sep. pp. 1–3. doi: https://doi.org/10.1109/NOF.2015.7333287

Wang, Y., Uehara, T., & Sasaki, R. (2015). “Fog Computing: Issues and Challenges in Security and Forensics,” in 2015 IEEE 39th Annual Computer Software and Applications Conference, Jul. vol. 3, pp. 53–59. doi: https://doi.org/10.1109/COMPSAC.2015.173

Kolhar, M., Abu-Alhaj, M. M., & Abd El-atty, S. M. (Jan. 2017). Cloud Data Auditing Techniques with a Focus on Privacy and Security. Ieee Security And Privacy , 15 (1), 42–51. doi: https://doi.org/10.1109/MSP.2017.16

“NVD - CVE (2020). -2018-18808.” https://nvd.nist.gov/vuln/detail/CVE-2018-18808 (accessed Feb. 14,

Fazzini, K., “A Technical Slip-up Exposes Cloud Collaboration Risks,” Wall Street Journal, Jun. 13, 2017. Accessed: Feb. 04, 2020. [Online]. Available: https://www.wsj.com/articles/a-technical-slip-up-exposes-cloud-collaboration-risks-1497353313

Sgandurra, D., & Lupu, E. (2016). Evolution of Attacks, Threat Models, and Solutions for Virtualized Systems. ACM Comput Surv , 48 (3), 1. doi: https://doi.org/10.1145/2856126 . 46:38, Feb

Chaudhary, D., Bhushan, K., & Gupta, B. B. (2018). “Survey on DDoS Attacks and Defense Mechanisms in Cloud and Fog Computing,” Int. J. E-Serv. Mob. Appl. IJESMA, vol. 10, no. 3, pp. 61–83, Jul. doi: https://doi.org/10.4018/IJESMA.2018070104

Gupta, B. B., & Badve, O. P. (2017). “Taxonomy of DoS and DDoS attacks and desirable defense mechanism in a Cloud computing environment,” Neural Comput. Appl., vol. 28, no. 12, pp. 3655–3682, Dec. doi: https://doi.org/10.1007/s00521-016-2317-5

“Vulnerability and Threat Trends Research Report,” Skybox Security, Jul. 11 (2019). https://www.skyboxsecurity.com/trends-report (accessed Feb. 14, 2020)

Muncaster, P. (2019). “Over a Third of Firms Have Suffered a Cloud Attack,” Infosecurity Magazine, Aug. 22, https://www.infosecurity-magazine.com:443/news/over-third-firms-have-suffered/ (accessed Feb. 14, 2020)

d Silva, C. M. R., d Silva, J. L. C., Rodrigues, R. B., Campos, G. M. M., Nascimento, L. M., & Garcia, V. C. (2013). “Security Threats in Cloud Computing Models: Domains and Proposals,” in IEEE Sixth International Conference on Cloud Computing, Jun. 2013, pp. 383–389. doi: https://doi.org/10.1109/CLOUD.2013.125

“Top Threats to Cloud Computing (2019). : Egregious,” Cloud Security Alliance. https://cloudsecurityalliance.org/artifacts/top-threats-to-cloud-computing-egregious-eleven/ (accessed Sep.13,

“Top Threats to Cloud Computing Plus: (accessed Apr. 01, 2019). ” Cloud Security Alliance. https://cloudsecurityalliance.org/artifacts/top-threats-cloud-computing-plus-industry-insights/

Akello, P., Beebe, N. L., & Raymond, K. K. C., “Volitional non-malicious insider threats: At the intersection of COVID-19, WFH and cloud-facilitated shadow-apps,” 27th Annu. Am. Conf. Inf. Syst. AMCIS 2021, 2021, Accessed: May 27, 2022. [Online]. Available: https://pesquisa.bvsalud.org/global-literature-on-novel-coronavirus-2019-ncov/resource/pt/covidwho-1513605

Silic, M., & Back, A. (Sep. 2014). Shadow IT – A view from behind the curtain. Comput Secur , 45 , 274–283. doi: https://doi.org/10.1016/j.cose.2014.06.007

Mallmann, G. L., Maçada, A. C. G., & Oliveira, M. (2018). “The influence of shadow IT usage on knowledge sharing: An exploratory study with IT users,” Bus. Inf. Rev., vol. 35, no. 1, pp. 17–28, Mar. doi: https://doi.org/10.1177/0266382118760143

Shaikh, A., “Shadow-IT System and Insider Threat: An Assessment of an Opportunity Dimension for the Identity Theft,” in HCI International 2018 – Posters’ Extended Abstracts, Cham, 2018, pp. 314–317. doi: https://doi.org/10.1007/978-3-319-92285-0_44

Silic, M., Barlow, J. B., & Back, A. (2017). “A new perspective on neutralization and deterrence: Predicting shadow IT usage,” Inf. Manage., vol. 54, no. 8, pp. 1023–1037, Dec. doi: https://doi.org/10.1016/j.im.2017.02.007

Walterbusch, M., Fietz, A., & Teuteberg, F. (2017). Missing cloud security awareness: investigating risk exposure in shadow IT. J Enterp Inf Manag Jul . doi: https://doi.org/10.1108/JEIM-07-2015-0066

Cappelli, D. M., Moore, A. P., & Trzeciak, R. F. (2012). The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud) . Addison-Wesley

Barona, R., & Anita, E. A. M. (2017). “A survey on data breach challenges in cloud computing security: Issues and threats,” in 2017 International Conference on Circuit,Power and Computing Technologies (ICCPCT), Apr. pp. 1–8. doi: https://doi.org/10.1109/ICCPCT.2017.8074287

“Study Finds (2020). ‘Lurking Malice’ in Cloud Hosting Services.” https://www.news.gatech.edu/2016/10/19/study-finds-lurking-malice-cloud-hosting-services (accessed Feb. 14,

Korolov, M. (2016). “Ransomware prevalent in cloud-based malware,” CSO Online, Sep. 08, https://www.csoonline.com/article/3117751/ransomware-prevalent-in-cloud-based-malware.html (accessed Feb. 04, 2020)

Pearson, S., & Benameur, A. (2010). “Privacy, Security and Trust Issues Arising from Cloud Computing,” in 2010 IEEE Second International Conference on Cloud Computing Technology and Science, Nov. pp. 693–702. doi: https://doi.org/10.1109/CloudCom.2010.66

Ranger, S. (2020). “GitHub hit with the largest DDoS attack ever seen,” ZDNet. https://www.zdnet.com/article/github-was-hit-with-the-largest-ddos-attack-ever-seen/ (accessed Feb.15,

“Web attack knocks BBC websites offline - BBC News (2020). ” https://www.bbc.com/news/technology-35204915 (accessed Feb. 15,

Luo, S., Lin, Z., Chen, X., Yang, Z., & Chen, J. (2011). “Virtualization security for cloud computing service,” in 2011 International Conference on Cloud and Service Computing, Dec. pp. 174–179. doi: https://doi.org/10.1109/CSC.2011.6138516

ssd-researcher (2018). “SSD Advisory – Oracle VirtualBox Multiple Guest to Host Escape Vulnerabilities,” SSD Secure Disclosure, Jan. 24, https://ssd-disclosure.com/archives/3649/ssd-advisory-oracle-virtualbox-multiple-guest-to-host-escape-vulnerabilities (accessed Feb. 06, 2020)

Ahmed, U., Raza, I., & Hussain, S. A. (2019). “Trust Evaluation in Cross-Cloud Federation: Survey and Requirement Analysis,” ACM Comput Surv, vol. 52, no. 1, p. 19:1–19:37, Feb. doi: https://doi.org/10.1145/3292499

“Top 6 Cloud Security Issues in Cloud Computing (2020). ” https://www.skyhighnetworks.com/cloud-security-blog/6-cloud-security-issues-that-businesses-experience/ (accessed Feb.15,

Huang, J., & Nicol, D. M. (Apr. 2013). Trust mechanisms for cloud computing. J Cloud Comput Adv Syst Appl , 2 (1, p. 9,), doi: https://doi.org/10.1186/2192-113X-2-9

vurukonda, N., Rao, B. T., & “A Study on Data Storage Security Issues in Cloud Computing. (Jan. 2016).” Procedia Comput. Sci., 92,128–135, doi: https://doi.org/10.1016/j.procs.2016.07.335 .

Rao, R. V., & Selvamani, K. (Jan. 2015). Data Security Challenges and Its Solutions in Cloud Computing. Procedia Comput Sci , 48 , 204–209. doi: https://doi.org/10.1016/j.procs.2015.04.171

“2019 Data Breaches (2020). : 4 Billion Records Breached So Far | Norton.” https://us.norton.com/internetsecurity-emerging-threats-2019-data-breaches.html (accessed Feb. 15,

B. G. Rama and 11/21/2017, “Uber Discloses Year-Old AWS Data Breach, Exposing Millions of Users -,” AWSInsider. https://awsinsider.net/articles/2017/11/21/uber-aws-data-breach.aspx

Chang, V., & Ramachandran, M. (Jan. 2016). “Towards Achieving Data Security with the Cloud Computing Adoption Framework,” IEEE Trans. Serv. Comput., 9, 1,138–151, doi: https://doi.org/10.1109/TSC.2015.2491281 .

Kandias, M., Stavrou, V., Bozovic, N., & Gritzalis, D. (2013). “Proactive Insider Threat Detection Through Social Media: The YouTube Case,” in Proceedings of the 12th ACM Workshop on Workshop on Privacy in the Electronic Society, New York, NY, USA, pp. 261–266. doi: https://doi.org/10.1145/2517840.2517865

Rundle, J., “Human Error Often the Culprit in Cloud Data Breaches,” Wall Street Journal, Aug. 27, 2019. Accessed: Feb. 15, 2020. [Online]. Available: https://www.wsj.com/articles/human-error-often-the-culprit-in-cloud-data-breaches-11566898203

Duncan, A. J., Creese, S., & Goldsmith, M. (2012). “Insider Attacks in Cloud Computing,” in IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications, Jun. 2012, pp. 857–862. doi: https://doi.org/10.1109/TrustCom.2012.188

Esposito, C., Santis, A. D., Tortora, G., Chang, H., & Choo, K. R. (Jan. 2018). “Blockchain: A Panacea for Healthcare Cloud-Based Data Security and Privacy?,” IEEE Cloud Comput., 5, 1,31–37, doi: https://doi.org/10.1109/MCC.2018.011791712 .

“Security Update - About Facebook (2020). ” https://about.fb.com/news/2018/09/security-update/ (accessed Feb. 15,

“Expect, A. P. I. (accessed Feb. 15, 2020). Breaches to Accelerate.” https://www.darkreading.com/application-security/expect-api-breaches-to-accelerate/d/d-id/1332504

“Why Cloud Computing Cyber Security Risks Are On The Rise (2020). :Report.” https://www.forbes.com/sites/jeanbaptiste/2019/07/25/why-cloud-computing-cyber-security-risks-are-on-the-rise-report/#71c281ea5621 (accessed Feb. 15,

de Carvalho, C. A. B., de Andrade, R. M., de Castro, M. F., Coutinho, E. F., & Agoulmine, N. (Apr. 2017). State of the art and challenges of security SLA for cloud computing. Computers & Electrical Engineering , 59 , 141–152. doi: https://doi.org/10.1016/j.compeleceng.2016.12.030

“Resource Library | McAfee (2020). ” https://www.mcafee.com/enterprise/en-us/resource-library.html (accessed Feb.15,

TerryLanfear (accessed Nov. 21, 2019). “Shared responsibility in the cloud - Microsoft Azure.” https://docs.microsoft.com/en-us/azure/security/fundamentals/shared-responsibility

Aluvalu, R., & Muddana, L., “A Survey on Access Control Models in Cloud Computing,” in Emerging ICT for Bridging the Future - Proceedings of the 49th Annual Convention of the Computer Society of India (CSI) Volume 1, Cham, 2015, pp. 653–664. doi: https://doi.org/10.1007/978-3-319-13728-5_73

L. H et al., “Risk based access control in cloud computing,” in 2015 International Conference on Green Computing and Internet of Things (ICGCIoT), pp. 1502–1505. doi: https://doi.org/10.1109/ICGCIoT.2015.7380704

Tsidulko, J. (2017). “AWS Warns Users To Secure Storage Buckets,” CRN, Jul. 19, https://www.crn.com/news/cloud/300089076/aws-warns-users-to-secure-storage-buckets.htm (accessed Feb. 15, 2020)

“Latest Cloud Security Trends Report From RedLock CSI Team Highlights Serious Growth in Cryptojacking (accessed Feb. 15, 2020). Continuing Lack of Compliance with Industry Standards.” https://redlock.io/news/redlock-cloud-security-trends-report-highlights-lack-of-compliance-with-industry-standards

Hong, J. I., & Landay, J. A. (2004). “An architecture for privacy-sensitive ubiquitous computing,” in Proceedings of the 2nd international conference on Mobile systems, applications, and services, Boston, MA, USA, Jun. pp. 177–189. doi: https://doi.org/10.1145/990064.990087

Aloraini, A., & Hammoudeh, M. (2017). “A Survey on Data Confidentiality and Privacy in Cloud Computing,” in Proceedings of the International Conference on Future Networks and Distributed Systems, New York, NY, USA, p. 10:1–10:7. doi: https://doi.org/10.1145/3102304.3102314

Rocha, F., “Insider threat: memory confidentiality and integrity in the cloud,” Ph.D., University of Newcastle Upon Tyne (United Kingdom), England, 2015. Accessed: Sep. 22, 2018. [Online]. Available: https://search.proquest.com/docview/1827514860/?pq-origsite=primo

Sicari, S., Rizzardi, A., Grieco, L. A., & Coen-Porisini, A. (Jan. 2015). Security, privacy and trust in Internet of Things: The road ahead. Computer Networks , 76 , 146–164. doi: https://doi.org/10.1016/j.comnet.2014.11.008

“Exploring container (2019). security: the shared responsibility model in GKE,”Google Cloud Blog. https://cloud.google.com/blog/products/containers-kubernetes/exploring-container-security-the-shared-responsibility-model-in-gke-container-security-shared-responsibility-model-gke/ (accessed Nov. 21,

Zhang, G., Li, T., Li, Y., Hui, P., & Jin, D. (2018). “Blockchain-Based Data Sharing System for AI-Powered Network Operations,” J. Commun. Inf. Netw., vol. 3, no. 3, pp. 1–8, Sep. doi: https://doi.org/10.1007/s41650-018-0024-3

Bakshi, A., & Dujodwala, Y. B. (2010). “Securing Cloud from DDOS Attacks Using Intrusion Detection System in Virtual Machine,” in 2010 Second International Conference on Communication Software and Networks, Feb. pp. 260–264. doi: https://doi.org/10.1109/ICCSN.2010.56

Chonka, A., Xiang, Y., Zhou, W., & Bonti, A. (2011). “Cloud security defence to protect cloud computing against HTTP-DoS and XML-DoS attacks,” J. Netw. Comput. Appl., vol. 34, no. 4, pp. 1097–1107, Jul. doi: https://doi.org/10.1016/j.jnca.2010.06.004

Modi, C., Patel, D., Borisaniya, B., Patel, H., Patel, A., & Rajarajan, M. (Jan. 2013). A survey of intrusion detection techniques in Cloud. J Netw Comput Appl , 36 (1), 42–57. doi: https://doi.org/10.1016/j.jnca.2012.05.003

Patel, A., Taghavi, M., Bakhtiyari, K., & Júnior, J. C. (2012). “Taxonomy and Proposed Architecture of Intrusion Detection and Prevention Systems for Cloud Computing,” in Proceedings of the 4th International Conference on Cyberspace Safety and Security, Berlin, Heidelberg, pp. 441–458. doi: https://doi.org/10.1007/978-3-642-35362-8_33

Wang, J., Wu, L., Choo, K. K. R., & He, D. (2020). “Blockchain-Based Anonymous Authentication With Key Management for Smart Grid Edge Computing Infrastructure,” IEEE Trans. Ind. Inform., vol. 16, no. 3, pp. 1984–1992, Mar. doi: https://doi.org/10.1109/TII.2019.2936278

Ahmed, M., & Litchfield, A. T. (Jan. 2018). Taxonomy for Identification of Security Issues in Cloud Computing Environments. J Comput Inf Syst , 58 (1), 79–88. doi: https://doi.org/10.1080/08874417.2016.1192520

Hassan, B. M., Fouad, K. M., & Hassan, M. F. (2015). “Keystroke Dynamics Authentication in Cloud Computing: A Survey,” Int J Enterp Inf Syst, vol. 11, no. 4, pp. 99–120, Oct. doi: https://doi.org/10.4018/IJEIS.2015100105

Khan, M. A. (Aug. 2016). A survey of security issues for cloud computing. J Netw Comput Appl , 71 , 11–29. doi: https://doi.org/10.1016/j.jnca.2016.05.010

Li, H., Lu, R., Misic, J., & Mahmoud, M. (May 2018). Security and Privacy of Connected Vehicular Cloud Computing. IEEE Netw , 32 (3), 4–6. doi: https://doi.org/10.1109/MNET.2018.8370870

Mollah, M. B., Azad, M. A. K., & Vasilakos, A. (Apr. 2017). Security and privacy challenges in mobile cloud computing: Survey and way ahead. J Netw Comput Appl , 84 , 38–54. doi: https://doi.org/10.1016/j.jnca.2017.02.001

Jayasinghe, U., Lee, G. M., MacDermott, Á., & Rhee, W. S. (2019). “TrustChain: A Privacy Preserving Blockchain with Edge Computing,” Wireless Communications and Mobile Computing, https://www.hindawi.com/journals/wcmc/2019/2014697/ (accessed Feb. 14, 2020)

Bhatia, T., & Verma, A. K. (Jun. 2017). Data Security in Mobile Cloud Computing Paradigm: A Survey, Taxonomy and Open Research Issues. J Supercomput , 73 (6), 2558–2631. doi: https://doi.org/10.1007/s11227-016-1945-y

Shin, Y., Koo, D., & Hur, J. (2017). “A Survey of Secure Data Deduplication Schemes for Cloud Storage Systems,” ACM Comput Surv, vol. 49, no. 4, p. 74:1–74:38, Jan. doi: https://doi.org/10.1145/3017428

Sookhak, M., et al., “Remote Data Auditing in Cloud Computing Environments: A Survey, Taxonomy, and Open Issues,”ACM Comput. Surv., vol. 47, no. 4, p. 65:1–65:34, May 2015, doi: https://doi.org/10.1145/2764465

Stolfo, S. J., Salem, M. B., & Keromytis, A. D. (2012). “Fog computing: Mitigating insider data theft attacks in the cloud,” in Security and Privacy Workshops (SPW), 2012 IEEE Symposium on, pp. 125–128. Accessed: Feb. 21, 2017. [Online]. Available: http://ieeexplore.ieee.org/abstract/document/6227695/

Tang, J., Cui, Y., Li, Q., Ren, K., Liu, J., & Buyya, R. (2016). “Ensuring Security and Privacy Preservation for Cloud Data Services,”ACM Comput Surv, 49, 1,p. 13:1–13:39, Jun. doi: https://doi.org/10.1145/2906153 .

Faniyi, F., & Bahsoon, R. (2016). A Systematic Review of Service Level Management in the Cloud. ACM Comput Surv , 48 (3), 1. doi: https://doi.org/10.1145/2843890 . 43:27, Feb

Chen, L., Lee, W. K., Chang, C. C., Choo, K. K. R., & Zhang, N. (2019). “Blockchain based searchable encryption for electronic health record sharing,” Future Gener. Comput. Syst., vol. 95, pp. 420–429, Jun. doi: https://doi.org/10.1016/j.future.2019.01.018

Zhen, P., Zhao, G., Min, L., & Li, X. (2014). “A Survey of Chaos-Based Cryptography,” in Proceedings of the 2014 Ninth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, Washington, DC, USA, pp. 237–244. doi: https://doi.org/10.1109/3PGCIC.2014.69

Bishop, M., & Gates, C. (2008). Defining the insider threat . ACM

Li, X., Zhao, X., International Conference on Cloud Computing and, & Data, B. (“Survey on Access Control Model in Cloud Computing Environment,” in Proceedings of the 2013). Washington, DC, USA, 2013, pp. 340–345. doi: https://doi.org/10.1109/CLOUDCOM-ASIA.2013.103

Liang, X., Zhao, J., Shetty, S., Liu, J., & Li, D. (2017). “Integrating blockchain for data sharing and collaboration in mobile healthcare applications,” in 2017 IEEE 28th Annual International Symposium on Personal, Indoor, and Mobile Radio Communications (PIMRC), Oct. pp. 1–5. doi: https://doi.org/10.1109/PIMRC.2017.8292361

Hammi, M. T., Hammi, B., Bellot, P., & Serhrouchni, A. (Sep. 2018). Bubbles of Trust: A decentralized blockchain-based authentication system for IoT. Comput Secur , 78 , 126–142. doi: https://doi.org/10.1016/j.cose.2018.06.004

Nguyen, T. D. T., Pham, H. A., & Thai, M. T. (2018). “Leveraging Blockchain to Enhance Data Privacy in IoT-Based Applications,” in Computational Data and Social Networks, Cham, pp.211–221. doi: https://doi.org/10.1007/978-3-030-04648-4_18

Sohal, A. S., Sandhu, R., Sood, S. K., & Chang, V. (May 2018). A cybersecurity framework to identify malicious edge device in fog computing and cloud-of-things environments. Comput Secur , 74 , 340–354. doi: https://doi.org/10.1016/j.cose.2017.08.016

Wang, Y. L., & Yang, S. C. (2014). “A Method of Evaluation for Insider Threat,” in 2014 International Symposium on Computer, Consumer and Control, Jun. pp. 438–441. doi: https://doi.org/10.1109/IS3C.2014.121

Sharma, P. K., Singh, S., Jeong, Y. S., & Park, J. H. (2017). “DistBlockNet: A Distributed Blockchains-Based Secure SDN Architecture for IoT Networks,” IEEE Commun. Mag., vol. 55, no. 9, pp. 78–85, Sep. doi: https://doi.org/10.1109/MCOM.2017.1700041

Dorri, A., Kanhere, S. S., & Jurdak, R. (2017). “Towards an Optimized BlockChain for IoT,” in 2017 IEEE/ACM Second International Conference on Internet-of-Things Design and Implementation (IoTDI), Apr. pp. 173–178

“BlockPro | Proceedings of the 1st Workshop on Blockchain-enabled Networked Sensor Systems (accessed Feb. 15, 2020). ” https://dl.acm.org/doi/abs/10.1145/3282278.3282281

“Healthcare Data Gateways (accessed Feb. 16, 2020). : Found Healthcare Intelligence on Blockchain with Novel Privacy Risk Control | SpringerLink.” https://link.springer.com/article/10.1007 /s10916-016-0574-6

Download references

Acknowledgements

This work is partially supported by NSF CREST Grant HRD-1736209.

Author information

Authors and affiliations.

Department of Management Information Systems, University of Montana, 59812, Missoula, MT, USA

Patricia Akello, Nicole Lang Beebe & Kim-Kwang Raymond Choo

Department of Information Systems and Cyber Security, University of Texas,, San Antonio, 78249, TX, USA

You can also search for this author in PubMed   Google Scholar

Corresponding author

Correspondence to Patricia Akello .

Additional information

Publisher’s note.

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Electronic supplementary material

Below is the link to the electronic supplementary material.

Supplementary Material 1

Rights and permissions.

Springer Nature or its licensor holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Akello, P., Beebe, N.L. & Choo, KK.R. A literature survey of security issues in Cloud, Fog, and Edge IT infrastructure. Electron Commer Res (2022). https://doi.org/10.1007/s10660-022-09615-y

Download citation

Published : 18 October 2022

DOI : https://doi.org/10.1007/s10660-022-09615-y

Share this article

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

• Cloud computing security
• Fog Computing Security
• Edge Computing Security
• Systematic review
• Literature Survey
• Find a journal
• Publish with us
• Track your research

Academia.edu no longer supports Internet Explorer.

To browse Academia.edu and the wider internet faster and more securely, please take a few seconds to  upgrade your browser .

Enter the email address you signed up with and we'll email you a reset link.

• We're Hiring!
• Help Center

Cloud Computing: Security Issues and Research Challenges

Related Papers

VIJAY GACHANDE

Blessing Mambo

IJCSMC Journal

In today’s era almost all the organizations are preferring to use cloud as their primary storage. Once the organization uploads its data to cloud, then the organization has no control over it. Then comes the security challenges in handling data to cloud service providers. While selecting a Cloud Service Provider we need to be aware about that service provider before giving our data because as from now you will not have all the control. This paper gives a better understanding on the concept of cloud computing and the risks that came up after outsourcing data handling tasks. Section 1 is Introduction, Section 2 discusses on various Service Models in Cloud Computing, Section 3 contains Cloud Deployment Models, Section 4 focuses on Security Issues and Challenges in Cloud Computing.

Kartheek D N

Jitender Grover

Cloud Computing is one of the popular techniques in distributed computing due to its ability to minimize the cost of computing when scalability and flexibility of computer process get increased. Cloud Computing provides shared resources and services via internet. Services are delivered through data center. Cloud Computing allows an interesting business proposal for IT industries to provide IT services without any extra investment. Client is able to perform heavy computer processes with low capable device (like mobile) which has resource to run the web browser. But cloud computing is crowded with many security related issues. When client saves his data to the company’s cloud, there may be chance of data breaching. So the purpose of this paper is to search out various issues in cloud computing where all computing is done on the server side and both data & tasks are stored on the data centers.

Innovative Research Publications

Victor Ginsburgh

Comptes Rendus De L Academie Des Sciences Serie Ii Fascicule B-mecanique Physique Astronomie - C R ACAD SCI SER II B

Frédéric Reverdy

Acoustic waves propagate at group velocity which is, for anisotropic media, different of phase velocity. When acoustic waves are generated by laser impact, the complex shape of the ray curve makes the interpretation of the signals obtained after propagation through this kind of media difficult. In order to avoid such difficulties, a method is presented which allows the synthesis of acoustical plane wavefronts for which the phase velocity is easily accessible, using signals obtained for various source-detector positions.

Eugeniusz Koda

Dendri Lusi

Hanya oleh karena anugerah Tuhan, sehingga kita boleh layak dihadapan-Nya

RELATED PAPERS

2021 IEEE International Symposium on Information Theory (ISIT)

Mahdi Cheraghchi

Catherine Dargemont

M.C. Cabrera

Indian Journal of Science and Technology

Lowell Quisumbing

2015 7th International IEEE/EMBS Conference on Neural Engineering (NER)

Journal of Investigative Dermatology

Journal of Applied Physics

Thierry de LAROCHELAMBERT

Rafael Guerrero

Alexandre Cozer

BMJ case reports

Hemant Kumar

Higher Education in Portugal 1974-2009

Maria E Gonçalves

A publication of school of Arts and social sciences , College of Education, Agbor

Agidi Pally

kedar Sharma

The International Spectator

Stimmen der Zeit

Ingeborg Gabriel

Revista Latinoamericana De Psicopatologia Fundamental

Doris Luz Rinaldi

BMC Nursing

peter palamara

F1000Research

GUSTAVO BEOJONE MESSI

International Journal of Speech Technology

Dominique Estival

The Astrophysical Journal

H. Kjeldsen

hbgjfgf hyetgwerf

•   We're Hiring!
•   Help Center
• Find new research papers in:
• Health Sciences
• Earth Sciences
• Cognitive Science
• Mathematics
• Computer Science
• Academia ©2024