Article no: 01
CITATION: Doshi, R., & Kute, V. (2020, February). A Review Paper on Security Concerns in Cloud Computing and Proposed Security Models. In 2020 International Conference on Emerging Trends in Information Technology and Engineering (ic-ETITE) (pp. 1-4). IEEE. DOI: 10.1109/ic-ETITE47903.2020.37
SUMMARY: (Doshi, 2020) described that to deal with security threats. There is a number of new techniques that ensures the dependability, reliability and privacy of the services provided through cloud computing. In this article, the author has mentioned a whole idea and history of cloud computing in detail with security concerns. Moreover, some proposed solutions mentioned ensuring security using the infrastructure. It has been seen that this technique has new and its efficiency has to tested yet in terms of providing security.
This article is not cited by many people yet because of its latest publication. But It provides a viable solution for resolving the issues. But, if this technique is studied in detail, it is examined that this technique is not sufficient to deal with all the threats. So, there will also be some alternate technique that is tested and used though.
CRITIQUE: In this paper, security threats of cloud computing are studied in a very unique way. After that, a viable and efficient solution is provided to resolve security threats. Talking of the approach used, in this paper, a third party is introduced that makes possible the secure interaction between the two parties and works on providing the desired security. The cryptography technique is used in which infrastructure method is used to provide the desired security and ensure the integrity of computing.
Article no: 02
CITATION: Hussain, S. A., Fatima, M., Saeed, A., Raza, I., & Shahzad, R. K. (2017). Multilevel classification of security concerns in cloud computing. Applied Computing and Informatics, 13(1), 57-65. DOI: 10.1016/j.aci.2016.03.001
SUMMARY: (Hussain, 2017) described that a multilevel classification model presents to identify the attack types and risk levels at each cloud layer. They classify the risks as low, medium, and high based on the cloud layer type. Their findings conclude that the risk level depends on the position of could layer and infrastructure layer affected mostly by attacks. Furthermore, the severe attacks depend on data encryption technique, multi-tenancy and authentication mechanism.
According to Google scholar, this paper has 73 citations and 6 revisions, which confirms its reliability. By studying this paper in detail, it has been analyzed that the proposed approach leads to the provision of dynamic security concerns at each cloud layer.
CRITIQUE: In this paper, all layers of cloud computing are covered in motive of providing security risk analysis. Along with the models, involved security challenges are discussed and their possible solutions using modern technologies are mentioned. It has been seen that this technique has the potential to provide the advanced, secure and efficient platform for security concerns.
Article no: 03
CITATION: Halabi, T., & Bellaiche, M. (2017). Towards quantification and evaluation of security of Cloud Service Providers. Journal of Information Security and Applications, 33, 55-65. doi: 10.1016/j.jisa.2017.01.007
SUMMARY: (Talal Halabi, 2017) used some metrics to evaluate the services that provides the security on cloud. To evaluate the security services at each layer of cloud architecture, they use Goal-Question-Metric method that set the performance parameter. Further, to automate the evaluation process of the cloud service provider, a cumulative weighting criteria build.
Based on Google scholar, this paper is cited by 36 people, and by reading this paper researcher can evaluate their security services to be implemented on cloud architecture. The paper is limited in the sense that it provides criteria set based on Goal-Question-Metric only that is a bit old method. So, this paper can be helpful to evaluate basic security services.
CRITIQUE: In this paper, some evaluation criteria parameter has developed based on Goal-Question-Metric method that is best for characterization but not suitable for categorization of security services. Also, the metrics based on Goal-Question-Metric method are not presented for real cloud security data. The optimization of such parameters is also a major concern.
Article no: 04
CITATION: Yang, C., Huang, Q., Li, Z., Liu, K., & Hu, F. (2017). Big Data and cloud computing: innovation opportunities and challenges. International Journal of Digital Earth, 10(1), 13-53. doi: 10.1080/17538947.2016.1239771
SUMMARY: (Chaowei Yang, 2016) described that big data has vast applications in the field of information technology and it is a need of modern world as it can open new horizons for cloud computing, storage, analytics in software and networking. Principles of Big Data along with geospatial sciences provide the source for finding theoretical and technical optimized solutions for processing big data and cloud computing.
This paper is cited by a lot of people which depicts that the information provided in this paper is very reliable. The current research was supported by NASA ASIT program and funding for the research was generated by a number of big groups including NASA, Harris, Northrop Grumman, Amazon and United Nations. This also lays foundation on authenticity and reliability of current data.
CRITIQUE: In this article, author has stressed on the use and application of Big Data and its synchronization with cloud computing. Cloud computing acts like a solution provider for big data. Application domains of Big Data drive advancement in cloud computing and create new requirements in relevant technology domains.
Article no: 05
CITATION: Khan, S., & AlAjmi, M. F. (2019). A Review on Security Concerns in Cloud Computing and their Solutions. IJCSNS, 19(2), 10. doi: 10.21275/v5i3.nov161993
SUMMARY: (Shakir Khan, 2019) explained in this paper, main threats related to privacy and consistency are discussed which reduces the reliability and privacy in cloud computing architecture. Such threats are Outsourcing, Data redundancy, Recovery, Server downtime, Heterogeneity and Multi tenancy for User access.
This article is read by more than 150 people but not cited yet, which means that number of people has found this only informative but not usable according to needs. According to my opinion, security level is very effective but only works on risks affiliated with virtualization.
CRITIQUE: In this paper, main security threats or issues which affect the safety and privacy of the computing are mentioned here. Such risks are higher if the data is processes through all layers of could architecture, but the presented approach is also depended on user because data is encrypted, and it has no idea that from which location data is provided. In case of any hack or disaster, recovery of data is another problem because of such encryption and investigation of illegal activity.
Article no: 06
CITATION: Mishra, A., Mathur, R., Jain, S., & Rathore, J. S. (2013). Cloud computing security. International Journal on Recent and Innovation Trends in Computing and Communication, 1(1), 36-39. https://downloadnema.com/wp-content/uploads/2018/07/Article-1247-www.downloadnema.com_.pdf
SUMMARY: (Mishra, 2013) described that computing which involves multi tenancy in itself, in which same resources under same sever are shared by all the users and also involve virtualization in it comes with lot of risks of its own and such risks can’t be dealt by the default security techniques so new set of rules and regulations must be set for them to ensure the reliability of the transfer and usage.
Based on the records, this paper is cited by more than 380 people and by analyzing this paper we get idea of many affiliated threats and their adverse effects. But only mentioning the risks involved and giving no information of the techniques to tackle such threats make this article incomplete.
CRITIQUE: after studying this article thoroughly it has been seen that computing having multi tenancy and virtualization in it which introduces their own risks requires a new level of security. Because the traditional security levels in such case are failed to provide the required level of privacy and there is more probability of leak or hack of information.
Article no: 07
CITATION: Ahmat, K. (2015). Emerging Cloud Computing Security Threats. arXiv preprint arXiv:1512.01701. biburl: https://dblp.org/rec/journals/corr/Ahmat15.bib
SUMMARY: (Ahmat, 2015) explained that cloud computing is need of the time because it can store and transfer a bunch of information. That’s why modern big organization like Amazon or Google are utilizing their services for their business at such massive scale. But author also mentions the security risks attached and give analysts reviews on that too.
This paper is cited by more than 100 people which guarantees its information. This paper has divided the risks according to the service provided but it does not give us the solutions or techniques to minimize such risks.
CRITIQUE: In this paper, writer mentioned the security threats along with their service models to get a better understanding view. Using software for service has its own threats like data privacy, access, backup and authentication etc. On the contrary, using Platform for service has risks of applications privacy as they can hacked if their code is known to hacker. In the last, using infrastructure for service has its own risks which must be considered.
Article no: 08
CITATION: Yeboah-Boateng, E. O. (2018). Cyber-Security Concerns With Cloud Computing: Business Value Creation and Performance Perspectives. In Cyber Security and Threats: Concepts, Methodologies, Tools, and Applications (pp. 995-1026). IGI Global. doi: 10.4018/978-1-5225-5634-3.ch049
SUMMARY: (Yeboah-Boateng, 2018) researched and analyzed the concerns of cyber security on cloud computing with the perspective of Cloud Service Provider and end-user. The author exemplifies these concerns in developing economies. It has been seen that cloud computing comes under the virtual environment so it has number of risks and threat that affects its integrity, confidentiality and authenticity..
This book chapter has not cited by many people due to payment issue, but it shows suitable security management and its effect on economy. The information provided here is efficient but not sufficient to deal with all risks.
CRITIQUE: To tackle the cyber security threats, different approaches are used and each one is efficient in its own way like in intrusion detection, all the network working is analyzed and complete report is sent to admin through which admin will be aware of any illegal activity and can take action in mean time. In this way, the study not only talk about security but also its effect on economy.
Article no: 09
CITATION: Potluri, S. (2016). Primary Methods to Address the Data Security Problems in Cloud Computing. IUP Journal of Computer Sciences, 10(1/2), 18. url: https://search.proquest.com/openview/cba2764efd2c8125df3fc7671790c7e9/1?pq-origsite=gscholar&cbl=2029993
SUMMARY: (Potluri, 2016) told a brief and basic information about the cloud computing and its models is provided. According to that, any information or data that is transferred using a network comes under the cloud computing. It has its own pros and cons involved. Pros are the easiness in transfer and modern need and cons are the security threats involved which limits the privacy or reliability of the information.
This article has three different versions and is cited by hundreds of people. According to my opinion, the basic techniques to ensure the security are enough on basic level but on higher transaction or storage, such techniques are limited, and more advanced techniques must be studied to guarantee the privacy of computing.
CRITIQUE: In this study, author has considered all main risks and threats involved in the transfer which compromise the privacy and some basic techniques are provided to address such risks such as encryption or consistency. Such basic techniques secure the computing to some extent which is enough at basic transfer.
Article no: 10
CITATION: Sharma, S., Gupta, G., & Laxmi, P. R. (2014). A survey on cloud security issues and techniques. arXiv preprint arXiv:1403.5627. url: https://arxiv.org/abs/1403.5627
SUMMARY: (Sharma, 2014) described that it has been seen that usage of such computing has increased much in a short time and now a days this service is utilized in both academic and industrial level. But, with the increase in number of users, its risk or threat also elevates because of its multi tenancy, availability etc..
As per shown by Google scholar, this paper has 4 different versions and is cited by more than 70 people. In this paper, security risks affiliated with the cloud computing having multi tenancy are discussed and some appropriate solutions are also mentioned to remove such risks. Before implementing the solution technique on any large scale, initial prototype check is also done.
CRITIQUE: In this one, the writer highlights some of security risks produced due to multi tenancy like service denial, lack of service, port scanning or Flood Attack. There are some techniques discussed that can be utilized to ensure that such hindrances or problems will not occur.
Article no: 11
CITATION: Kazim, M., & Zhu, S. Y. (2015). A survey on top security threats in cloud computing. Science and Information (SAI) Organization Ltd. doi: 10.14569/IJACSA.2015.060316#sthash.hDOJaK6L.dpuf
SUMMARY: (Kazim, 2015) explained some main and frequent occurring security risks are mentioned in detail as per predicted from name of the article. Such threats may lead to loss of data or information, breach of data. Moreover, main networks threats that can result in service denial or data hijacking are also described here. To stop such threats modern APIs, authentication or encryptions are required.
This paper is cited by more than 245 people and it also has 7 different versions which shows level of reliability of this article. But, unfortunately the information provided in this paper is incomplete.
CRITIQUE: In this article, major threats in network computing are mentioned and their viable solutions are also provided. The best solution to deal with loss of data is to have whole data backup in separate system. To avoid service denial, best technique is to add all security requirements in network. Strong authentication and encryption is the best way to tackle the insecure APIs problems or threats.
Article no: 12
CITATION: Giri, S., & Shakya, S. (2019). Cloud Computing and Data Security Challenges: A Nepal Case. International Journal of Engineering Trends and Technology, 67 (3), 146, 150. doi: 10.14445/22312803/ijctt-v67i3p128
SUMMARY: (Giri, 2019) described that how the data security can be ensured in cloud computing specially in Nepal country. Furthermore, the author analyzes the major cloud services, its vulnerabilities and security challenges while dealing with cloud computing. In this light the survey is written, in which all mechanisms are studied keeping in mind the data security risks, data operation, data storage, data integrity, data access and data breaches.
According to Google Scholar, this article has more than 60 citations and 10 different versions, but if we study this one in detail, we see that information provided here is insufficient because it only mentions data security issues and does not provide any example of data.
CRITIQUE: Initially the work highlight the overall cloud architecture and then examine the different security threats or risks in cloud computing like data access, data operation, loss, recovery, backup of data. Along with simple information, the survey is conducted on basic data process in Nepal, so can only be considered for that country. Moreover, they did not provide any example of data breaches, vulnerabilities and security tools.