Document Type : Review Article

Author

1Deptartment of Computer Science Engineering, Vishnu Institute of Technology, Kovvada, India.

Abstract

Cloud computing created a revolution in the way IT organizations and IT teams manage their internal digital resources and workloads. One major drawback or limitation of cloud computing, among others, is security. Cloud computing is plagued by a plethora of threats and vulnerabilities, with new ones being identified from time to time. Year-by-year, minor to significant security incidents are reported across the globe. To the best of knowledge, there is no research artifact in the recent past that covers the recent advancements in cloud computing security. To address this issue, this paper provides an analysis of the literature in the past few years related to cloud computing security. Taxonomy related to cloud computing threats and vulnerabilities is provided by extending threats proposed by Cloud Security Alliance, which can educate cloud users and guide cloud providers to strengthen or audit their security policies and practices. Finally, state-of-the-art countermeasures and solutions to safeguard the cloud against different threats are also provided.

Keywords

[1] P M Mell and T Grance. The NIST definition of cloud computing. Technical report, National Institute of Standards and Technology, Gaithersburg, MD, 2011.
[2] Oracle. ORACLE AND KPMG CLOUD THREAT REPORT 2019 Defining Edge Intelligence: Closing Visibility Gaps with a Layered Defense Strategy Read Full Report. Technical report, 2019.
[3] Netskope. 2019 Cloud Security Report, 2019.
[4] Issa Khalil, Abdallah Khreishah, and Muhammad Azeem. Cloud Computing Security: A Survey. Computers, 3(1):1–35, feb 2014.
[5] Nelson Gonzalez, Charles Miers, Fernando Red´ıgolo, Marcos Simpl´ıcio, Tereza Carvalho, Mats N¨aslund, and Makan Pourzandi. A quantitative analysis of current security concerns and solutions for cloud computing. Journal of Cloud Computing, 1(1):1–18, jul 2012.
[6] Keiko Hashizume, David G. Rosado, Eduardo Fern´andez-Medina, and Eduardo B. Fernandez. An analysis of security issues for cloud computing. Journal of Internet Services and Applications, 4(1):1–13, feb 2013.
[7] Mazhar Ali, Samee U. Khan, and Athanasios V.Vasilakos. Security in cloud computing: Opportunities and challenges. Information Sciences, 305:357–383, jun 2015.
[8] Minhaj Ahmad Khan. A survey of security issues for cloud computing, aug 2016.
[9] Luigi Coppolino, Salvatore D’Antonio, Giovanni Mazzeo, and Luigi Romano. Cloud security: Emerging threats and current solutions. Computers and Electrical Engineering, 59:126–140, apr 2017.
[10] Gururaj Ramachandra, Mohsin Iftikhar, and Farrukh Aslam Khan. A Comprehensive Survey on Security in Cloud Computing. In Procedia Computer Science, volume 110, pages 465–472. Elsevier B.V., jan 2017.
[11] Ashish Singh and Kakali Chatterjee. Cloud security issues and challenges: A survey, feb 2017.
[12] Srijita Basu, Arjun Bardhan, Koyal Gupta, Payel Saha, Mahasweta Pal, Manjima Bose, Kaushik Basu, Saunak Chaudhury, and Pritika Sarkar. Cloud computing security challenges & solutions-A survey. In 2018 IEEE 8th Annual Computing and Communication Workshop and Conference, CCWC 2018, volume 2018-Janua, pages 347–356. Institute of Electrical and Electronics Engineers Inc., feb 2018.
[13] Jin B. Hong, Armstrong Nhlabatsi, Dong Seong Kim, Alaa Hussein, Noora Fetais, and Khaled M. Khan. Systematic identification of threats in the cloud: A Survey. Computer Networks, 150:46–69, feb 2019.
[14] Rakesh Kumar and Rinkaj Goyal. On cloud security requirements, threats, vulnerabilities and countermeasures: A survey. Computer Science Review, 33:1–48, 2019.
[15] M. Swathy Akshaya and G. Padmavathi. Taxonomy of Security Attacks and Risk Assessment of Cloud Computing, volume 750. Springer Singapore, 2019.
[16] Lubna Alhenaki, Alaa Alwatban, Bashaer Alamri, and Noof Alarifi. A Survey on the Security of Cloud Computing. 2nd International Conference on Computer Applications and Information Security, ICCAIS 2019, pages 1–7, 2019.
[17] Hamed Tabrizchi and Marjan Kuchaki Rafsanjani. A survey on security challenges in cloud computing: issues, threats, and solutions. Journal of Supercomputing, 76(12):9493–9532, dec 2020.
[18] Siyakha N. Mthunzi, Elhadj Benkhelifa, Tomasz Bosakowski, Chirine Ghedira Guegan, and Mahmoud Barhamgi. Cloud computing security taxonomy: From an atomistic to a holistic view. Future Generation Computer Systems, 107:620–644, jun 2020.
[19] Shailendra Mishra, Sunil Kumar Sharma, and Majed A. Alowaidi. Analysis of security issues of cloud-based web applications, 2020.
[20] Umer Ahmed Butt, Muhammad Mehmood, Syed Bilal Hussain Shah, Rashid Amin, M. Waqas Shaukat, Syed Mohsan Raza, Doug Young Suh, and Md Jalil Piran. A review of machine learning algorithms for cloud computing security. Electronics (Switzerland), 9(9):1–25, 2020.
[21] Nnamdi Chuka-Maduji and Vaibhav Anu.Cloud Computing Security Challenges and Related Defensive Measures: A Survey and Taxonomy. SN Computer Science, 2(4), 2021.
[22] P.S. Suryateja. Threats and Vulnerabilities of Cloud Computing A Review. International Journal of Computer Sciences and Engineering, 6(3):297–302, mar 2018.
[23] P.S. Suryateja. Cloud Service Models Threats and Vulnerabilities: A Review. International Journal on Future Revolution in Computer Science & Communication Engineering, 4(4):563–567, 2018.
[24] Mihai Christodorescu, Reiner Sailer, Douglas Lee Schales, Daniele Sgandurra, and Diego Zamboni. Cloud security is not (just) virtualization security. Proceedings of the 2009 ACM workshop on Cloud computing security - CCSW’09, page 97, 2009.
[25] Adam Bates, Benjamin Mood, Joe Pletcher, Hannah Pruse, Masoud Valafar, and Kevin Butler. Detecting co-residency with active traffic analysis techniques. In Proceedings of the ACM Conference on Computer and Communications Security, pages 1–12, New York, New York, USA, 2012. ACM Press.
[26] Muhammad Kazim, Rahat Masood, and Muhammad Awais Shibli. Securing the virtual machine images in Cloud computing. In SIN 2013 - Proceedings of the 6th International Conference on Security of Information and Networks, pages 425–428, New York, New York, USA, 2013. ACM Press.
[27] Yinqian Zhang, Ari Juels, Michael K. Reiter, and Thomas Ristenpart. Cross-tenant sidechannel attacks in PaaS clouds. In Proceedings of the ACM Conference on Computer and Communications Security, pages 990–1003, New York, NY, USA, nov 2014. Association for Computing Machinery.
[28] Vikas Jaiman and Gaurav Somani. An order preserving encryption scheme for cloud computing. In ACM International Conference Proceeding Series, volume 2014-September, pages 211–216, New York, New York, USA, sep 2014. Association for Computing Machinery.
[29] Hussain Aljafer, Zaki Malik, Mohammed Alodib, and Abdelmounaam Rezgui. An experimental evaluation of data confidentiality measures on the cloud. In MEDES 2014 - 6th International Conference on Management of Emergent Digital EcoSystems, Proceedings, pages 117–124, New York, New York, USA, sep 2014. Association for Computing Machinery, Inc.
[30] Jakub Szefer, Pramod Jamkhedkar, Diego Perez-Botero, and Ruby B. Lee. Cyber defenses for physical attacks and insider threats in cloud computing. In ASIA CCS 2014 - Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security, pages 519–524, New York, NY, USA, jun 2014. Association for Computing Machinery, Inc.
[31] Wei Huang, Afshar Ganjali, Beom Heyn Kim, Sukwon Oh, and David Lie. The State of Public Infrastructure-as-a-Service Cloud Security. ACM Computing Surveys, 47(4):1–31, 2015.
[32] Ioannis Papagiannis, Pijika Watcharapichat, Divya Muthukumaran, and Peter Pietzuch. BrowserFlow: Imprecise data flow tracking to prevent accidental data disclosure. In Proceedings of the 17th International Middleware Conference, Middleware 2016, pages 1–13, New York, NY, USA, nov 2016. Association for Computing Machinery, Inc.
[33] Xiaojing Liao, Chang Liu, Damon McCoy, Elaine Shi, Shuang Hao, and Raheem Beyah. Characterizing long-Tail SEO spam on cloud web hosting services. In 25th International World Wide Web Conference, WWW 2016, pages 321–332, Republic and Canton of Geneva, Switzerland, apr 2016. International World Wide Web Conferences Steering Committee.
[34] Manel Medhioub, Mohamed Hamdi, and TaiHoon Kim. A New Authentication Scheme for Cloud-based Storage Applications. Proceedings of the 9th International Conference on Security of Information and Networks - SIN ’16, pages
57–60, 2016.
[35] Priya Anand, Jungwoo Ryoo, Hyoungshick Kim, and Eunhyun Kim. Threat Assessment in the Cloud Environment – A Quantitative Approach for Security Pattern Selection. Imcom ’16, page 8, 2016.
[36] Xiaojing Liao, Sumayah Alrwais, Kan Yuan, Luyi Xing, Xiaofeng Wang, Shuang Hao, and Raheem Beyah. Lurking malice in the cloud: Understanding and detecting cloud repository as a malicious service. In Proceedings of the ACM Conference on Computer and Communications Security, volume 24-28-October-2016, pages 1541–1552, New York, NY, USA, oct 2016.
Association for Computing Machinery.
[37] Upasana Nagar, Xiangjian He, Priyadarsi Nanda, and Zhiyuan Tan. A Framework for Data Security in Cloud using Collaborative Intrusion Detection Scheme. In ACM International Conference Proceeding Series, pages 188–193, New York, NY, USA, oct 2017. Association for Computing Machinery.
[38] Saadi Chaimae and Chaoui Habiba. A new approach to mitigate security threats in cloud environment. In ACM International Conference Proceeding Series, pages 1–7, New York, NY, USA, mar 2017. Association for Computing
Machinery.
[39] Kashyap Thimmaraju, Bhargava Shastry, Tobias Fiebig, Felicitas Hetzelt, Jean Pierre Seifert, Anja Feldmann, and Stefan Schmid. Taking control of cloud systems via the unified packet parser. In CCSW 2017 - Proceedings of the 2017 Cloud Computing Security Workshop, co-located with CCS 2017, pages 11–15, New York, NY, USA, nov 2017. Association for
Computing Machinery, Inc.
[40] Amar Meryem, Douzi Samira, and El Ouahidi Bouabid. Enhancing cloud security using advanced MapReduce k-means on log files. In ACM International Conference Proceeding Series, pages 63–67, New York, New York, USA, jan 2018. Association for Computing Machinery.
[41] Dimitrios Zissis and Dimitrios Lekkas. Addressing cloud computing security issues. Future Generation Computer Systems, 28(3):583–592, mar 2012.
[42] Xiangjian He, Thawatchai Chomsiri, Priyadarsi Nanda, and Zhiyuan Tan. Improving cloud network security using the Tree-Rule firewall. Future Generation Computer Systems, 30(1):116–126, jan 2014.
[43] Yong Yu, Yafang Zhang, Jianbing Ni, Man Ho Au, Lanxiang Chen, and Hongyu Liu. Remote data possession checking with enhanced security for cloud storage. Future Generation Computer Systems, 52:77–85, jul 2015.
[44] Brian Cusack and Eghbal Ghazizadeh. Evaluating single sign-on security failure in cloud services. Business Horizons, 59(6):605–614, nov 2016.
[45] Manish M. Potey, C. A. Dhote, and Deepak H.Sharma. Homomorphic Encryption for Security of Cloud Data. In Procedia Computer Science, volume 79, pages 175–181. Elsevier B.V., jan 2016.
[46] Naresh Vurukonda and B. Thirumala Rao. A Study on Data Storage Security Issues in Cloud Computing. In Procedia Computer Science, volume 92, pages 128–135. Elsevier B.V., jan 2016.
[47] Salman Iqbal, Miss Laiha Mat Kiah, Babak Dhaghighi, Muzammil Hussain, Suleman Khan, Muhammad Khurram Khan, and Kim Kwang Raymond Choo. On cloud security attacks: A taxonomy and intrusion detection and prevention as a service, oct 2016.
[48] Chaimae Saadi and Habiba Chaoui. Cloud Computing Security Using IDS-AM-Clust, Honeyd, Honeywall and Honeycomb. In Procedia Computer Science, volume 85, pages 433–442. Elsevier B.V., jan 2016.
[49] Abdulatif Alabdulatif, Heshan Kumarage, Ibrahim Khalil, and Xun Yi. Privacy-preserving anomaly detection in cloud with lightweight homomorphic encryption. Journal of Computer and System Sciences, 90:28–45, dec 2017.
[50] Laurence T. Yang, Gaoyuan Huang, Jun Feng, and Li Xu. Parallel GNFS algorithm integrated with parallel block Wiedemann algorithm for RSA security in cloud computing. Information Sciences, 387:254–265, may 2017.
[51] Kyriakos Kritikos, Tom Kirkham, Bartosz Kryza, and Philippe Massonet. Towards a security-enhanced PaaS platform for multicloud applications. Future Generation Computer Systems, 67:206–226, feb 2017.
[52] I. Indu, P. M. Rubesh Anand, and Vidhyacharan Bhaskar. Encrypted token based authentication with adapted SAML technology for cloud web services, dec 2017.
[53] Carlos Andr´e Batista de Carvalho, Rossana Maria de Castro Andrade, Miguel Franklin de Castro, Emanuel Ferreira Coutinho, and Nazim Agoulmine. State of the art and challenges of security SLA for cloud computing. Computers and Electrical Engineering, 59:141–152, apr 2017.
[54] Nesrine Kaaniche and Maryline Laurent. Data security and privacy preservation in cloud storage environments based on cryptographic mechanisms, oct 2017.
[55] Hui Cui, Robert H. Deng, and Yingjiu Li. Attribute-based cloud storage with secure provenance over encrypted data. Future Generation Computer Systems, 79:461–472, feb 2018.
[56] Jie Cui, Han Zhou, Hong Zhong, and Yan Xu. AKSER: Attribute-based keyword search with efficient revocation in cloud computing. Information Sciences, 423:343–352, jan 2018.
[57] Sravani Challa, Ashok Kumar Das, Prosanta Gope, Neeraj Kumar, Fan Wu, and Athanasios V. Vasilakos. Design and analysis of authenticated key agreement scheme in cloudassisted cyber–physical systems. Future Generation Computer Systems, 108:1267–1286, jul 2020.
[58] Wenying Zheng, Dengzhi Liu, Xiong Li, and Arun Kumar Sangaiah. Secure sustainable storage auditing protocol (SSSAP) with efficient key updates for cloud computing. Sustainable Computing: Informatics and Systems, 28:100237, dec 2020.
[59] Sreeja Cherillath Sukumaran and Misbahuddin Mohammed. PCR and Bio-signature for data confidentiality and integrity in mobile cloud computing. Journal of King Saud University - Computer and Information Sciences, mar 2018.
[60] P. Ravi Kumar, P. Herbert Raj, and P. Jelciana. Exploring Data Security Issues and Solutions in Cloud Computing. In Procedia Computer Science, volume 125, pages 691–697. Elsevier B.V., jan 2018.
[61] Choon Beng Tan, Mohd Hanafi Ahmad Hijazi, Yuto Lim, and Abdullah Gani. A survey on Proof of Retrievability for cloud data integrity and availability: Cloud storage state-of-the-art, issues, solutions and future trends, may 2018.
[62] Akshay A. Nayak, N. K. Sridhar, G. R. Poornima, and Shivashankar. Security issues in cloud computing and its counter measure. In RTEICT 2017 - 2nd IEEE International Conference on Recent Trends in Electronics, Information and Communication Technology, Proceedings, volume 2018-January, pages 35–41. Institute of Electrical and Electronics Engineers Inc., jul 2017.
[63] Mazhar Ali, Saif U. R. Malik, and Samee U. Khan. DaSCE: Data Security for Cloud Environment with Semi-Trusted Third Party. IEEE Transactions on Cloud Computing, 5(4):642–655, jun 2015.
[64] Meryem Amar, Mouad Lemoudden, and Bouabid EL Ouahidi. Log file’s centralization to improve cloud security. In Proceedings of 2016 International Conference on Cloud Computing Technologies and Applications, CloudTech 2016,
pages 178–183. Institute of Electrical and Electronics Engineers Inc., feb 2017.
[65] Kunding Fang, Xiaohong Li, Jianye Hao, and Zhiyong Feng. Formal Modeling and Verification of Security Protocols on Cloud Computing Systems Based on UML 2.3. In 2016 IEEE Trustcom/BigDataSE/ISPA, 2016.
[66] Nasir Uddin and Mohammad Jabr. File upload security and validation in context of software as a service cloud model. In 2016 6th International Conference on IT Convergence and Security, ICITCS 2016. Institute of Electrical and Electronics Engineers Inc., nov 2016.
[67] Kunal V. Raipurkar and Anil V. Deorankar. Improve data security in cloud environment by using LDAP and two way encryption algorithm. In 2016 Symposium on Colossal Data Analysis and Networking, CDAN 2016. Institute of Electrical and Electronics Engineers Inc., sep 2016.
[68] Haoyu Chen, Shanshan Tu, Chunye Zhao, and Yongfeng Huang. Provenance cloud security auditing system based on log analysis. In Proceedings of 2016 IEEE International Conference of Online Analysis and Computing Science, ICOACS 2016, pages 155–159. Institute of Electrical and Electronics Engineers Inc., sep 2016.
[69] Thomas Lor¨unser, Daniel Slamanig, Thomas L¨anger, and Henrich C. P¨ohls. PRISMACLOUD tools: A cryptographic toolbox for increasing security in cloud services. In Proceedings - 2016 11th International Conference on Availability, Reliability and Security, ARES 2016, pages 733–741. Institute of Electrical and Electronics Engineers Inc., dec 2016.
[70] Preeti Mishra, Emmanuel S. Pilli, Vijay Varadharajant, and Udaya Tupakula. NvCloudIDS: A security architecture to detect intrusions at network and virtualization layer in cloud environment. In 2016 International Conference on Advances in Computing, Communications and Informatics, ICACCI 2016, pages 56–62. Institute of Electrical and Electronics Engineers
Inc., nov 2016.
[71] Deepak Singh and Harsh K. Verma. A new framework for cloud storage confidentiality to ensure information security. In 2016 Symposium on Colossal Data Analysis and Networking, CDAN 2016. Institute of Electrical and Electronics Engineers Inc., sep 2016.
[72] Yiannis Verginadis, Ioannis Patiniotakis, Gregoris Mentzas, Simeon Veloudis, and Iraklis Paraskakis. Data Distribution and Encryption Modelling for PaaS-enabled Cloud Security. 2016 IEEE International Conference on Cloud Computing Technology and Science (CloudCom), pages 497–502, 2016.
[73] Chandan Prakash and Surajit Dasgupta. Cloud computing security analysis: Challenges and possible solutions. In International Conference on Electrical, Electronics, and Optimization Techniques, ICEEOT 2016, pages 54–57. Institute of Electrical and Electronics Engineers Inc., nov 2016.
[74] Sancha Pereira, Andre Alves, Nuno Santos, and Ricardo Chaves. Storekeeper: A SecurityEnhanced Cloud Storage Aggregation Service. In Proceedings of the IEEE Symposium on Reliable Distributed Systems, pages 111–120. IEEE
Computer Society, dec 2016.
[75] Napoleon C. Paxton. Cloud security: A review of current issues and proposed solutions. In Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016, pages 452–455. Institute of Electrical and Electronics Engineers Inc., jan 2017.
[76] Justin Lejeune, Cara Tunstall, Kuo Pao Yang, and Ihssan Alkadi. An algorithmic approach to improving cloud security: The MIST and Malachi algorithms. In IEEE Aerospace Conference Proceedings, volume 2016-June. IEEE Computer Society, jun 2016.
[77] Ankit Grover and Banpreet Kaur. A framework for cloud data security. In Proceeding - IEEE International Conference on Computing, Communication and Automation, ICCCA 2016, pages 1199–1203. Institute of Electrical and Electronics Engineers Inc., jan 2017.
[78] Bin Feng, Xinzhu Ma, Cheng Guo, Hui Shi, Zhangjie Fu, and Tie Qiu. An Efficient Protocol with Bidirectional Verification for Storage Security in Cloud Computing. IEEE Access, 4:7899–7911, 2016.
[79] Bob Duncan, Alfred Bratterud, and Andreas Happe. Enhancing cloud security and privacy: Time for a new approach? In 2016 6th International Conference on Innovative Computing Technology, INTECH 2016, pages 110–115. Institute of Electrical and Electronics Engineers Inc., feb 2017.
[80] J. Vijaya Chandra, Narasimham Challa, and Sai Kiran Pasupuleti. Advanced persistent threat defense system using self-destructive mechanism for cloud security. In Proceedings of 2nd IEEE International Conference on Engineering and Technology, ICETECH 2016, pages 7–11. Institute of Electrical and Electronics Engineers Inc., sep 2016.
[81] Valentina Casola, Alessandra De Benedictis, Madalina Erascu, Massimiliano Rak, and Umberto Villano. A Security SLA-driven Methodology to Set-Up Security Capabilities on Top of Cloud Services. In Proceedings - 2016 10th International Conference on Complex, Intelligent, and Software Intensive Systems, CISIS 2016, pages 549–554. Institute of Electrical and
Electronics Engineers Inc., dec 2016.
[82] Deval Bhamare, Tara Salman, Mohammed Samaka, Aiman Erbad, and Raj Jain. Feasibility of Supervised Machine Learning for Cloud Security. In ICISS 2016 - 2016 International Conference on Information Science and Security. Institute of Electrical and Electronics Engineers Inc., mar 2017.
[83] Farhad Ahamed, Seyed Shahrestani, and Bahman Javadi. Security Aware and EnergyEfficient Virtual Machine Consolidation in Cloud Computing Systems. In 2016 IEEE Trustcom/BigDataSE/ISPA, pages 1516–1523. IEEE, aug 2016.
[84] Chuanyi Liu, Guofeng Wang, Peiyi Han, Hezhong Pan, and Binxing Fang. A Cloud Access Security Broker based approach for encrypted data search and sharing. In 2017 International Conference on Computing, Networking and Communications, ICNC 2017, pages 422–426. Institute of Electrical and Electronics Engineers Inc., mar 2017.
[85] Ihsen Nakouri, Mohamed Hamdi, and Tai Hoon Kim. A new biometric-based security framework for cloud storage. In 2017 13th International Wireless Communications and Mobile Computing Conference, IWCMC 2017, pages 390–395. Institute of Electrical and Electronics Engineers Inc., jul 2017.
[86] Hang Wei, Guan Yu Hu, Xiaoxia Han, Peili Qiao, Zhiguo Zhou, Zhi Chao Feng, and Xiao Jing Yin. A New BRB Model for Cloud Security-State Prediction Based on the LargeScale Monitoring Data. IEEE Access, 6:11907–11920, dec 2017.
[87] Shengli Zhou, Lifa Wu, and Canghong Jin. A privacy-based SLA violation detection model for the security of cloud computing. China Communications, 14(9):155–165, sep 2017.
[88] Bhale Pradeepkumar Gajendra, Vinay Kumar Singh, and More Sujeet. Achieving cloud security using third party auditor, MD5 and identity-based encryption. In Proceeding - IEEE International Conference on Computing, Communication and Automation, ICCCA 2016, pages 1304–1309. Institute of Electrical and Electronics Engineers Inc., jan 2017.
[89] Feng Gao. Application of Generalized Regression Neural Network in Cloud Security Intrusion Detection. In Proceedings - 2017 International Conference on Robots and Intelligent System, ICRIS 2017, pages 54–57. Institute of Electrical and Electronics Engineers Inc., nov 2017.
[90] Sandeep Pisharody, Janakarajan Natarajan, Ankur Chowdhary, Abdullah Alshalan, and DIjiang Huang. Brew: A Security Policy Analysis Framework for Distributed SDN-Based Cloud Environments. IEEE Transactions on Dependable and Secure Computing, 16(6):1011–1025, nov 2019.
[91] Naseer Amara, Huang Zhiqui, and Awais Ali.Cloud Computing Security Threats and Attacks with Their Mitigation Techniques. In Proceedings - 2017 International Conference on CyberEnabled Distributed Computing and Knowledge
Discovery, CyberC 2017, volume 2018-January, pages 244–251. Institute of Electrical and Electronics Engineers Inc., jul 2017.
[92] Manjur Kolhar, Mosleh M. Abu-Alhaj, and Saied M. Abd El-Atty. Cloud data auditing techniques with a focus on privacy and security. IEEE Security and Privacy, 15(1):42–51, jan 2017.
[93] Dean C. Mumme, Brooke Wallace, and Robert McGraw. Cloud Security via Virtualized Outof-Band Execution and Obfuscation. In IEEE International Conference on Cloud Computing, CLOUD, volume 2017-June, pages 286–293. IEEE Computer Society, sep 2017.
[94] Carlo Di Giulio, Read Sprabery, Charles Kamhoua, Kevin Kwiat, Roy H. Campbell, and Masooda N. Bashir. Cloud Standards in Comparison: Are New Security Frameworks Improving Cloud Security? In IEEE International Conference on Cloud Computing, CLOUD, volume 2017-June, pages 50–57. IEEE Computer Society, sep 2017.
[95] Rushikesh Nikam and Manish Potey. Cloud storage security using Multi-Factor Authentication. In 2016 International Conference on Recent Advances and Innovations in Engineering, ICRAIE 2016. Institute of Electrical and Electronics Engineers Inc., 2016.
[96] Xiaochen Liu, Chunhe Xia, Tianbo Wang, and Li Zhong. CloudSec: A Novel Approach to Verifying Security Conformance at the Bottom of the Cloud. In Proceedings - 2017 IEEE 6th International Congress on Big Data, BigData Congress 2017, pages 569–576. Institute of Electrical and Electronics Engineers Inc., sep 2017.
[97] Xing Gao, Zhongshu Gu, Mehmet Kayaalp, Dimitrios Pendarakis, and Haining Wang. ContainerLeaks: Emerging Security Threats of Information Leakages in Container Clouds. In Proceedings - 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2017, pages 237–248. Institute of Electrical and Electronics Engineers Inc., aug
2017.
[98] Yuri Demchenko, Fatih Turkmen, Mathias Slawik, and Cees De Laat. Defining Intercloud Security Framework and Architecture Components for Multi-cloud Data Intensive Applications. In Proceedings - 2017 17th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, CCGRID 2017, pages 945–952. Institute of Electrical and Electronics Engineers Inc., jul 2017.
[99] Amjad Alsirhani, Peter Bodorik, and Srinivas Sampalli. Improving Database Security in Cloud Computing by Fragmentation of Data. In 2017 International Conference on Computer and Applications, ICCA 2017, pages 43–49. Institute of Electrical and Electronics Engineers Inc., oct 2017.
[100] Varan Mahajan and Sateesh K. Peddoju. Integration of network intrusion detection systems and honeypot networks for cloud security. In Proceeding - IEEE International Conference on Computing, Communication and Automation, ICCCA 2017, volume 2017-January, pages 829–834. Institute of Electrical and Electronics Engineers Inc., dec 2017.
[101] Tihomir Orehovaˇcki, Darko Etinger, and Snjeˇzana Babi´c. Perceived security and privacy of cloud computing applications used in educational ecosystem. In 2017 40th International Convention on Information and Communication Technology, Electronics and Microelectronics, MIPRO 2017 - Proceedings, pages 717–722. Institute of Electrical and Electronics Engineers Inc., jul 2017.
[102] Nicolae Paladi, Christian Gehrmann, and Antonis Michalas. Providing User Security Guarantees in Public Infrastructure Clouds. IEEE Transactions on Cloud Computing, 5(3):405–419, jul 2017.
[103] S. Bhattacharya and C. R.S. Kumar. Ransomware: The CryptoVirus subverting cloud security. In 2017 International Conference on Algorithms, Methodology, Models and Applications in Emerging Technologies, ICAMMAET 2017, volume 2017-Janua, pages 1–6. Institute of Electrical and Electronics Engineers Inc., dec 2017.
[104] Carlos Andre Batista De Carvalho, Miguel Franklin De Castro, and Rossana Maria De Castro Andrade. Secure cloud storage service for detection of security violations. In Proceedings- 2017 17th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, CCGRID 2017, pages 715–718. Institute of Electrical and Electronics Engineers Inc., jul 2017.
[105] Nesrine Kaaniche, Mohamed Mohamed, Maryline Laurent, and Heiko Ludwig. Security SLA Based Monitoring in Clouds. In Proceedings - 2017 IEEE 1st International Conference on Edge Computing, EDGE 2017, pages 90–97. Institute of Electrical and Electronics Engineers Inc., sep 2017.
[106] Mortada A. Aman and Egemen K. Cetinkaya. Towards Cloud Security Improvement with Encryption Intensity Selection. In DRCN 2017 - Design of Reliable Communication Networks; 13th International Conference, 2017.
[107] Curtis R. Taylor and Craig A. Shue. Validating security protocols with cloud-based middleboxes. In 2016 IEEE Conference on Communications and Network Security, CNS 2016, pages 261–269. Institute of Electrical and Electronics Engineers Inc., feb 2017.
[108] Kaiping Xue, Weikeng Chen, Wei Li, Jianan Hong, and Peilin Hong. Combining Data Owner-Side and Cloud-Side Access Control for Encrypted Cloud Storage. IEEE Transactions on Information Forensics and Security, 13(8):2062–2074, aug 2018.
[109] Jianting Ning, Zhenfu Cao, Xiaolei Dong, Kaitai Liang, Lifei Wei, and Kim Kwang Raymond Choo. CryptCloud: Secure and Expressive Data Access Control for Cloud Storage. IEEE Transactions on Services Computing, 14(1):111–124, jan 2021.
[110] Ahmad Shawahna, Marwan Abu-Amara, Ashraf S.H. Mahmoud, and Yahya Osais. EDoS-ADS: An Enhanced Mitigation Technique against Economic Denial of Sustainability (EDoS) Attacks. IEEE Transactions on Cloud Computing, 8(3):790–804, jul 2020.
[111] Jing Yao, Yifeng Zheng, Cong Wang, and Xiaolin Gui. Enabling Search over Encrypted Cloud Data with Concealed Search Pattern. IEEE Access, 6:11112–11122, feb 2018.
[112] Guofeng Wang, Chuanyi Liu, Yingfei Dong, Peiyi Han, Hezhong Pan, and Binxing Fang. IDCrypt: A Multi-User Searchable Symmetric Encryption Scheme for Cloud Applications. IEEE Access, 6:2908–2921, dec 2017.
[113] Hina Abrar, Syed Jawad Hussain, Junaid Chaudhry, Kashif Saleem, Mehmet A. Orgun, Jalal Al-Muhtadi, and Craig Valli. Risk Analysis of Cloud Sourcing in Healthcare and Public Health Industry. IEEE Access, 6:19140–19150, feb 2018.
[114] Ihsan H. Abdulqadder, Deqing Zou, Israa T. Aziz, Bin Yuan, and Weiming Li. SecSDNCloud: Defeating Vulnerable Attacks Through Secure Software-Defined Networks. IEEE Access, 6:8292–8301, jan 2018.
[115] Shengmin Xu, Guomin Yang, Yi Mu, and Robert H. Deng. Secure Fine-Grained Access Control and Data Sharing for Dynamic Groups in the Cloud. IEEE Transactions on Information Forensics and Security, 13(8):2101–2113, aug 2018.
[116] Anirban Basu, Jaideep Vaidya, Hiroaki Kikuchi, Theo Dimitrakos, and Srijith K. Nair. Privacy preserving collaborative filtering for SaaS enabling PaaS clouds. Journal of Cloud Computing, 1(1):1–14, jul 2012.
[117] Aryan TaheriMonfared and Martin Gilje Jaatun. Handling compromised components in an IaaS cloud installation. Journal of Cloud Computing: Advances, Systems and Applications, 1(1):16, aug 2012.
[118] Roland Schwarzkopf, Matthias Schmidt, Christian Strack, Simon Martin, and Bernd Freisleben. Increasing virtual machine security in cloud environments. Journal of Cloud Computing, 1(1):1–12, jul 2012.
[119] Robert Denz and Stephen Taylor. A survey on securing the virtual cloud. Journal of Cloud Computing, 2(1):17, nov 2013.
[120] Umme Habiba, Rahat Masood, Muhammad Awais Shibli, and Muaz A. Niazi. Cloud identity management security issues & solutions: a taxonomy. Complex Adaptive Systems Modeling, 2(1):5, dec 2014.
[121] Nikos Fotiou, Apostolis Machas, George C.Polyzos, and George Xylomenos. Access control as a service for the Cloud. Journal of Internet Services and Applications, 6(1):11, dec 2015.
[122] Yang Yang. Attribute-based data retrieval with semantic keyword search for e-health cloud. Journal of Cloud Computing, 4(1):1–6, dec 2015.
[123] Rashmi Rai, Gadadhar Sahoo, and Shabana Mehfuz. Exploring the factors influencing the cloud computing adoption: a systematic study on cloud migration. SpringerPlus, 4(1):1–12, dec 2015.
[124] Md Iftekhar Salam, Wei Chuen Yau, Ji Jian Chin, Swee Huay Heng, Huo Chong Ling, Raphael C.W. Phan, Geong Sen Poh, Syh Yuan Tan, and Wun She Yap. Implementation of searchable symmetric encryption for privacypreserving keyword search on cloud storage. Human-centric Computing and Information Sciences, 5(1):1–16, dec 2015.
[125] Sabout Nagaraju and Latha Parthiban. Trusted framework for online banking in public cloud using multi-factor authentication and privacy protection gateway. Journal of Cloud Computing, 4(1):1–23, dec 2015.
[126] Jongkil Kim and Surya Nepal. A Cryptographically Enforced Access Control with a Flexible User Revocation on Untrusted Cloud Storage. Data Science and Engineering, 1(3):149–160, sep 2016.
[127] Kefeng Fan, Xiangzhen Yao, Xiaohe Fan, Yong Wang, and Mingjie Chen. A new usage control protocol for data protection of cloud environment. Eurasip Journal on Information Security, 2016(1):7, dec 2016.
[128] Lewis Nkenyereye, Youngho Park, and Kyung Hyune Rhee. A secure billing protocol over attribute-based encryption in vehicular cloud computing. Eurasip Journal on Wireless Communications and Networking, 2016(1):196, dec 2016.
[129] Sheren A. El-Booz, Gamal Attiya, and Nawal combining time-based one-time password and automatic blocker protocol. Eurasip Journal on Information Security, 2016(1):13, dec 2016.
[130] Hanshu Hong and Zhixin Sun. An efficient and traceable KP-ABS scheme with untrusted attribute authority in cloud computing. Journal of Cloud Computing, 5(1):2, dec 2016.
[131] Johanna Ullrich, Jordan Cropper, Peter Fr¨uhwirt, and Edgar Weippl. The role and security of firewalls in cyber-physical cloud computing. Eurasip Journal on Information Security, 2016(1):18, dec 2016.
[132] No¨elle Rakotondravony, Benjamin Taubmann, Waseem Mandarawi, Eva Weish¨aupl, Peng Xu, Bojan Kolosnjaji, Mykolai Protsenko, Hermann de Meer, and Hans P. Reiser. Classifying malware attacks in IaaS cloud environments. Journal of Cloud Computing, 6(1):26, dec 2017.
[133] Niharika Singh and Ashutosh Kumar Singh. Data Privacy Protection Mechanisms in Cloud, mar 2018.
[134] Abdul Razaque and Syed S. Rizvi. Privacy preserving model: a new scheme for auditing cloud stakeholders. Journal of Cloud Computing, 6(1):7, dec 2017.
[135] Liangming Wang and Fagui Liu. A trusted measurement model based on dynamic policy and privacy protection in IaaS security domain. Eurasip Journal on Information Security, 2018(1):1–8, dec 2018.
[136] Adel Abusitta, Martine Bellaiche, and Michel Dagenais. An SVM-based framework for detecting DoS attacks in virtualized clouds under changing environment. Journal of Cloud Computing, 7(1):9, dec 2018.
[137] Leandro V. Silva, Pedro Barbosa, Rodolfo Marinho, and Andrey Brito. Security and privacy aware data aggregation on cloud computing. Journal of Internet Services and Applications, 9(1):6, dec 2018.
[138] Faraz Fatemi Moghaddam, Philipp Wieder, S¨uleyman Berk C¸ emberci, and Ramin Yahyapour. Cloud security distributary set (CSDS): A policy-based framework to define multi-level security structure in clouds. ACM International Conference Proceeding Series, Part F1481:74–79, 2019.
[139] Chenglu Jin, Vasudev Gohil, Ramesh Karri, and Jeyavijayan Rajendran. Security of Cloud FPGAs: A Survey. 0(0), 2020.
[140] Talal Halabi and Martine Bellaiche. A brokerbased framework for standardization and management of Cloud Security-SLAs. Computers and Security, 75:59–71, 2018.
[141] Gregory Levitin, Liudong Xing, and Yuanshun Dai. Co-residence based data vulnerability vs. security in cloud computing system with random server assignment. European Journal of Operational Research, 267(2):676–686, 2018.
[142] Flora Amato, Francesco Moscato, Vincenzo Moscato, and Francesco Colace. Improving security in cloud by formal modeling of IaaS resources. Future Generation Computer Systems, 87:754–764, 2018.
[143] Agnieszka Jak´obik, Francesco Palmieri, and Joanna Ko lodziej. Stackelberg games for modeling defense scenarios against cloud security threats. Journal of Network and Computer Applications, 110:99–107, 2018.
[144] Daniel Grzonka, Agnieszka Jak´obik, Joanna Ko lodziej, and Sabri Pllana. Using a multiagent system and artificial intelligence for monitoring and improving the cloud performance and security. Future Generation Computer Systems, 86:1106–1117, 2018.
[145] Yepeng Liu, Yongjun Ren, Chunpeng Ge, Jinyue Xia, and Qirun Wang. A CCAsecure multi-conditional proxy broadcast reencryption scheme for cloud storage system. Journal of Information Security and Applications, 47:125–131, 2019.
[146] Antonio Celesti, Maria Fazio, Antonino Galletta, Lorenzo Carnevale, Jiafu Wan, and Massimo Villari. An approach for the secure management of hybrid cloud–edge environments. Future Generation Computer Systems, 90:1–19, 2019.
[147] Salah Al-Sharhan, Esraa Omran, and Kamran Lari. An integrated holistic model for an eHealth system: A national implementation approach and a new cloud-based security model. International Journal of Information Management, 47(July 2017):121–130, 2019.
[148] Rajendra Patil, Harsha Dudeja, and Chirag Modi. Designing an efficient security framework for detecting intrusions in virtual network of cloud computing. Computers and Security, 85:402–422, 2019.
[149] Valentina Casola, Alessandra De Benedictis, Massimiliano Rak, and Umberto Villano. A novel Security-by-Design methodology: Modeling and assessing security by SLAs with a quantitative approach. Journal of Systems and Software, 163(May):0–56, 2020.
[150] Chao Lei, Hongjun Dai, Zhilou Yu, and Rui Li. A service recommendation algorithm with the transfer learning based matrix factorization to improve cloud security. Information Sciences, 513(xxxx):98–111, 2020.
[151] Chandrasegar Thirumalai, Senthilkumar Mohan, and Gautam Srivastava. An efficient public key secure scheme for cloud and IoT security. Computer Communications, 150:634–643, 2020.
[152] Omar Ali, Anup Shrestha, Akemi Chatfield, and Peter Murray. Assessing information security risks in the cloud: A case study of Australian local government authorities. Government Information Quarterly, 37(1):101419, 2020.
[153] Kashish A. Shakil, Farhana J. Zareen, Mansaf Alam, and Suraiya Jabin. BAMHealthCloud: A biometric authentication and data management system for healthcare data in cloud. Journal of King Saud University - Computer and Information Sciences, 32(1):57–64, 2020.
[154] Peng Cheng Wei, Dahu Wang, Yu Zhao, Sumarga Kumar Sah Tyagi, and Neeraj Kumar. Blockchain data-based cloud data integrity protection mechanism. Future Generation Computer Systems, 102:902–911, 2020.
[155] Siyakha N. Mthunzi, Elhadj Benkhelifa, Tomasz Bosakowski, Chirine Ghedira Guegan, and Mahmoud Barhamgi. Cloud computing security taxonomy: From an atomistic to a holistic view. Future Generation Computer Systems, 107:620–644, 2020.
[156] Preeti Mishra, Ishita Verma, and Saurabh Gupta. KVMInspector: KVM Based introspection approach to detect malware in cloud environment. Journal of Information Security and Applications, 51:102460, 2020.
[157] Mohammad Wazid, Ashok Kumar Das, Vivekananda Bhat K, and Athanasios V. Vasilakos. LAM-CIoT: Lightweight authentication mechanism in cloud-based IoT environment. Journal of Network and Computer Applications, 150:102496, 2020.
[158] Pan Jun Sun. Security and privacy protection in cloud computing: Discussions and challenges. Journal of Network and Computer Applications, 160:102642, 2020.
[159] Suyel Namasudra, Debashree Devi, Seifedine Kadry, Revathi Sundarasekar, and A. Shanthini. Towards DNA based data security in the cloud computing environment. Computer Communications, 151(December 2019):539–547, 2020.
[160] Parminder Singh, Avinash Kaur, Pooja Gupta, Sukhpal Singh Gill, and Kiran Jyoti. RHAS: robust hybrid auto-scaling for web applications in cloud computing. Cluster Computing, 24(2):717– 737, 2021.
[161] Chenlin Huang, Wei Chen, Lu Yuan, Yan Ding, Songlei Jian, Yusong Tan, Hua Chen, and Dan Chen. Toward security as a service: A trusted cloud service architecture with policy customization. Journal of Parallel and Distributed Computing, 149:76–88, 2021.
[162] Tian Wang, Yang Li, Weiwei Fang, Wenzheng Xu, Junbin Liang, Yewang Chen, and Xuxun Liu. A Comprehensive Trustworthy Data Collection Approach in Sensor-Cloud System. IEEE Transactions on Big Data, 7790(c):1–1, 2018.
[163] Sangwon Hyun, Jinyong Kim, Hyoungshick Kim, Jaehoon Jeong, Susan Hares, Linda Dunbar, and Adrian Farrel. Interface to Network Security Functions for Cloud-Based Security Services. IEEE Communications Magazine, 56(1):171–178, 2018.
[164] Aobing Sun, Guohong Gao, Tongkai Ji, and Xuping Tu. One Quantifiable Security Evaluation Model for Cloud Computing Platform. Proceedings - 2018 6th International Conference on Advanced Cloud and Big Data, CBD 2018, pages 197–201, 2018.
[165] Ahmed A.Abd El-Latif, Bassem Abd-El-Atty, M. Shamim Hossain, Samir Elmougy, and Ahmed Ghoneim. Secure quantum steganography protocol for fog cloud internet of things. IEEE Access, 6(c):10332–10340, 2018.
[166] Yoshita Sharma, Himanshu Gupta, and Sunil Kumar Khatri. A Security Model for the Enhancement of Data Privacy in Cloud Computing. Proceedings - 2019 Amity International Conference on Artificial Intelligence, AICAI 2019, pages 898–902, 2019.
[167] Xiang Li, Qixu Wang, Xiao Lan, Xingshu Chen, Ning Zhang, and Dajiang Chen. Enhancing cloud-based IoT security through trustworthy cloud service: An integration of security and reputation approach. IEEE Access, 7(c):9368–9383, 2019.
[168] Carl Hauser, Eugene Litvinov, Xiaochuan Luo, Qiang Zhang, Dave Anderson, Theo Gkountouvas, Ming Meng, Ken Birman, and Anjan Bose. Gridcloud: Infrastructure for cloud-based wide area monitoring of bulk electric power grids.
IEEE Transactions on Smart Grid, 10(2):2170–2179, 2019.
[169] Chang Choi and Junho Choi. Ontology-Based Security Context Reasoning for Power IoTCloud Security Service. IEEE Access, 7:110510–110517, 2019.
[170] B. Thirumaleshwari Devi, S. Shitharth, and M. A. Jabbar. An Appraisal over Intrusion Detection Systems in Cloud Computing Security Attacks. 2nd International Conference on Innovative Mechanisms for Industry Applications, ICIMIA 2020 - Conference Proceedings, (Icimia):722–727, 2020.
[171] Caixia Yang, Liang Tan, Na Shi, Bolei Xu, Yang Cao, and Keping Yu. AuthPrivacyChain: A Blockchain-Based Access Control Framework with Privacy Protection in Cloud. IEEE Access, 8:70604–70615, 2020.
[172] Vaggelis Atlidakis, Patrice Godefroid, and Marina Polishchuk. Checking Security Properties of Cloud Service REST APIs. Proceedings - 2020 IEEE 13th International Conference on Software Testing, Verification and Validation, ICST 2020, pages 387–397, 2020.
[173] Kennedy A. Torkura, Muhammad I.H. Sukmana, Feng Cheng, and Christoph Meinel. CloudStrike: Chaos Engineering for Security and Resiliency in Cloud Infrastructure. IEEE Access, 8:123044–123060, 2020.
[174] Adesh Kumari, Vinod Kumar, M. Yahya Abbasi, Saru Kumari, Pradeep Chaudhary, and Chien Ming Chen. CSEF: Cloud-Based Secure and Efficient Framework for Smart Medical System Using ECC. IEEE Access, 8:107838–107852, 2020.
[175] Pengtao Liu. Public-key encryption secure against related randomness attacks for improved end-to-end security of cloud/Edge computing. IEEE Access, 8:16750–16759, 2020.
[176] Talal Halabi and Martine Bellaiche. Towards Security-Based Formation of Cloud Federations: A Game Theoretical Approach. IEEE Transactions on Cloud Computing, 8(3):928–942, 2020.
[177] Hai Jin, Zhi Li, Deqing Zou, and Bin Yuan. DSEOM: A Framework for Dynamic Security Evaluation and Optimization of MTD in Container-Based Cloud. IEEE Transactions on Dependable and Secure Computing, 18(3):1125–1136, 2021.
[178] Xinrui Ge, Jia Yu, Hanlin Zhang, Chengyu Hu, Zengpeng Li, Zhan Qin, and Rong Hao. Towards Achieving Keyword Search over Dynamic Encrypted Cloud Data with Symmetric-Key Based Verification. IEEE Transactions on Dependable and Secure Computing, 18(1):490–504, 2021.
[179] Prachi Deshpande, S. C. Sharma, S. K. Peddoju, and S. Junaid. HIDS: A host based intrusion detection system for cloud computing environment. International Journal of Systems Assurance Engineering and Management, 9(3):567–576, 2018.
[180] Pradip Kumar Sharma, Jung Hyun Ryu, Kyung Yeob Park, Jin Ho Park, and Jong Hyuk Park. Li-Fi based on security cloud framework for future IT environment, 2018.
[181] Vishruti Kakkad, Meshwa Patel, and Manan Shah. Biometric authentication and image encryption for image security in cloud framework. Multiscale and Multidisciplinary Modeling, Experiments and Design, 2(4):233–248, 2019.
[182] Vaishali Singh and S. K. Pandey. Cloud Security Ontology (CSO). Springer International Publishing, 2019.
[183] Sheng Cao, Gexiang Zhang, Pengfei Liu, Xiaosong Zhang, and Ferrante Neri. Cloudassisted secure eHealth systems for tamperproofing EHR via blockchain. Information Sciences, 485:427–440, 2019.
[184] Kriti Bhushan and B. B. Gupta. Distributed denial of service (DDoS) attack mitigation in software defined network (SDN)-based cloud computing environment. Journal of Ambient Intelligence and Humanized Computing, 10(5):1985–
1997, 2019.
[185] V. Vijayakumar, M. K. Priyan, G. Ushadevi, R. Varatharajan, Gunasekaran Manogaran, and Prathamesh Vijay Tarare. E-Health Cloud Security Using Timing Enabled Proxy ReEncryption. Mobile Networks and Applications, 24(3):1034–1045, 2019.
[186] K. R. Sajay, Suvanam Sasidhar Babu, and Yellepeddi Vijayalakshmi. Enhancing the security of cloud data using hybrid encryption algorithm. Journal of Ambient Intelligence and Humanized Computing, (2018), 2019.
[187] Jinan Shen, Xuejian Deng, and Zhenwu Xu. Multi-security-level cloud storage system based on improved proxy re-encryption. Eurasip Journal on Wireless Communications and Networking, 2019(1), 2019.
[188] D. Praveena and P. Rangarajan. A machine learning application for reducing the security risks in hybrid cloud networks. Multimedia Tools and Applications, 79(7-8):5161–5173, 2020.
[189] Haralambos Mouratidis, Shaun Shei, and Aidan Delaney. A security requirements modelling language for cloud computing environments. Software and Systems Modeling, 19(2):271–295, 2020.
[190] Hooman Alavizadeh, Hootan Alavizadeh, Dong Seong Kim, Julian Jang-Jaccard, and Masood Niazi Torshiz. An Automated Security Analysis Framework and Implementation for MTD Techniques on Cloud, volume 11975 LNCS. Springer International Publishing, 2020.
[191] Teena Joseph, S. A. Kalaiselvan, S. U. Aswathy, R. Radhakrishnan, and A. R. Shamna. A multimodal biometric authentication scheme based on feature fusion for improving security in cloud environment. Journal of Ambient Intelligence
and Humanized Computing, 12(6):6141–6149, 2021.
[192] Muhammad Tahir, Muhammad Sardaraz, Zahid Mehmood, and Shakoor Muhammad. CryptoGA: a cryptosystem based on genetic algorithm for cloud data security. Cluster Computing, 24(2):739–752, 2021.
[193] Venkata Koti Reddy Gangireddy, Srihari Kannan, and Karthik Subburathinam. Implementation of enhanced blowfish algorithm in cloud environment. Journal of Ambient Intelligence and Humanized Computing, 12(3):3999–4005, 2021.
[194] V. Vijayakumar and K. Umadevi. Protecting user profile based on attribute-based encryption using multilevel access security by restricting unauthorization in the cloud environment, 2021.
[195] N. Indira, S. Rukmani Devi, and A. V. Kalpana. R2R-CSES: proactive security data process using random round crypto security encryption standard in cloud environment, 2021.
[196] Omar Achbarou, My Ahmed El Kiram, Outmane Bourkoukou, and Salim Elbouanani. A New Distributed Intrusion Detection System Based on Multi-Agent System for Cloud Environment. International Journal of Communication Networks and Information Security (IJCNIS), 10(3):2018, 2018.
[197] Ngoc T. Le and Doan B. Hoang. A Threat Computation Model using a Markov Chain and Common Vulnerability Scoring System and its Application to Cloud Security. Journal of Telecommunications and the Digital Economy, 7(1):37–56, 2019.
[198] Suyel Namasudra. An improved attribute-based encryption technique towards the data security in cloud computing, 2019.
[199] K. Venkatraman and K. Geetha. Dynamic virtual cluster cloud security using hybrid steganographic image authentication algorithm. Automatika, 60(3):314–321, 2019.
[200] Osama Hosam and Muhammad Hammad Ahmad. Hybrid design for cloud data security using combination of AES, ECC and LSB steganography. International Journal of Computational Science and Engineering, 19(2):153–161, 2019.
[201] Erkuden Rios, Eider Iturbe, Xabier Larrucea, Massimiliano Rak, Wissam Mallouli, Jacek Dominiak, Victor Munt´es, Peter Matthews, and Luis Gonzalez. Service level agreement-based GDPR compliance and security assurance in (multi)Cloud-based systems. IET Software, 13(3):213–222, 2019.
[202] Y. Kiran Kumar and R. Mahammad Shafi. An efficient and secure data storage in cloud computing using modified RSA public key cryptosystem. International Journal of Electrical and Computer Engineering, 10(1):530–537, 2020.
[203] Alabi Orobosade, Thompson Aderonke, Alese Boniface, and Arome J. Cloud Application Security using Hybrid Encryption. Communications on Applied Electronics, 7(33):25–31, 2020.
[204] S. Immaculate Shyla and S. S. Sujatha. Cloud Security: LKM and Optimal Fuzzy System for Intrusion Detection in Cloud Environment. Journal of Intelligent Systems, 29(1):1626–1642, 2020.
[205] Urszula Ogiela. Cognitive cryptography for data security in cloud computing. Concurrency and Computation: Practice and Experience, 32(18):1–4, 2020.
[206] Bijeta Seth, Surjeet Dalal, Vivek Jaglan, Dac Nhuong Le, Senthilkumar Mohan, and Gautam Srivastava. Integrating encryption techniques for secure data storage in the cloud. Transactions on Emerging Telecommunications Technologies, (January):1–24, 2020.
[207] Muhammad Imran Tariq, Shakeel Ahmed, Nisar Ahmed Memon, Shahzadi Tayyaba, Muhammad Waseem Ashraf, Mohsin Nazir, Akhtar Hussain, Valentina Emilia Balas, and Marius M. Balas. Prioritization of information security controls through fuzzy AHP for cloud computing networks and wireless sensor networks. Sensors (Switzerland), 20(5):1–36, 2020.
[208] Shumaila Shahzadi, Bushra Khaliq, Muhammad Rizwan, and Fahad Ahmad. Security of Cloud Computing Using Adaptive Neural Fuzzy Inference System. Security and Communication Networks, 2020, 2020.
[209] Opeoluwa Ore Akinsanya, Maria Papadaki, and Lingfen Sun. Towards a maturity model for health-care cloud security (M2HCS). Information and Computer Security, 28(3):321–345, 2020.
[210] Guangxue Zhang, Tian Wang, Guojun Wang, Anfeng Liu, and Weijia Jia. Detection of hidden data attacks combined fog computing and trust evaluation method in sensor-cloud system. Concurrency Computation, 33(7):1, 2021.
[211] New nation-state cyberattacks - Microsoft On the Issues.
[212] The Facts on News Reports About Facebook Data — Meta.
[213] Colonial Pipeline Cyber Attack: Hackers Used Compromised Password - Bloomberg.
[214] 4 real-life examples of SaaS data loss... — Spanning.
[215] Gnolia - Wikipedia.
[216] Bupa fined £175,000 after employee stole 500,000 customer records and tried to sell them online.
[217] Trade Secret Theft — FBI.
[218] San Jose Man Sentenced To Two Years Imprisonment For Damaging Cisco’s Network — USAO-NDCA — Department of Justice.
[219] A 1.3-Tbs DDoS Hit GitHub, the Largest Yet Recorded — WIRED.
[220] How we’re tackling evolving online threats.
[221] Slickwraps apologizes to customers after comically bad data breach - The Verge.
[222] Est´ee Lauder Exposes 440M Records, with Email Addresses, Network Info — Threatpost.
[223] Have I Been Pwned warns of DatPiff data breach impacting millions.
[224] OG department store customers’ personal details leaked in data breach, Singapore News - AsiaOne.
[225] Why a Data Breach at a Genealogy Site Has Privacy Experts Worried - The New York Times.
[226] Security Experts Weigh In On Massive Data Breach Of 150 Million MyFitnessPal Accounts.
[227] Marriott International Notifies Guests of Property System Incident — Marriott News Center.
[228] The Disney+ Credential Stuffing Attack Could Happen to You.
[229] 500K Zoom Accounts Discovered for Sale on the Dark Web.
[230] Capital One data breach: A hacker gained access to 100 million credit card applications and accounts - CNN.
[231] Online marketing company exposes 38+ million US citizen records.
[232] Virtual machines hide ransomware until the encryption process is done - Help Net Security.
[233] Australian sports fan portal leaks 132GB of private data.
[234] Russia’s Hacking Success Shows How Vulnerable the Cloud Is to Cyberattacks.
[235] Hackers Raided Panasonic Server for Months, Stealing Personal Data of Job Seekers.
[236] How the US government hack happened, explained by an expert - Vox.
[237] Target’s Data Breach: The Commercialization of APT — SecurityWeek.Com.
[238] Russian Nuke Scientists, Ukrainian Professor Arrested for Bitcoin Mining.
[239] Abusing cloud services to fly under the radar – NCC Group Research.
[240] Inside a massive cyber hack that risks compromising leaders across the globe - ABC News (Australian Broadcasting Corporation).
[241] Brazil: Millions of Records Leaked, Including Biometric Data.
[242] Lifelabs Data Breach, the Largest Ever in Canada, May Cost the Company Over $1 Billion in Class-Action Lawsuit - CPO Magazine.
[243] Microsoft Security Shocker As 250 Million Customer Records Exposed Online.
[244] NHS data breach exposes 24 staff data in Scotland — News — GRC World Forums.
[245] Secret NHS files reveal plans for coronavirus contact tracing app — WIRED UK.
[246] Hackers publish ExecuPharm internal data after ransomware attack — TechCrunch.
[247] IT giant Cognizant confirms data breach after ransomware attack.
[248] Memorial Health System alerts patients to possible data breach — News, Sports, Jobs - News and Sentinel.
[249] The CPU catastrophe will hit hardest in the cloud - The Verge.
[250] KrebsOnSecurity Hit With Record DDoS – Krebs on Security.
[251] DDoS attack on Dyn - Wikipedia.