Hussain et al.

(IJECI) 2023 IJECI)

ISSN: 2522-3429 (Print)
ISSN: 2616-6003 (Online)
International Journal for
Electronic Crime Investigation
DOI: https://doi.org/10.54692/ijeci.2023.0701125

Research Article Vol. 7 issue 1 Year 2023

Security Issues and challenges in Cloud Computing

Hussain Akbar, Muhammad Zubair and Muhammad Shairoze Malik

Department of Information Technology, Superior University Lahore Pakistan
Corresponding author: [email protected]

Received: November 20, 2022; Accepted: January 20, 2023; Published: March 03, 2023

Abstract:
A cloud computing model allows customers to use a pool of shared computer resources on-demand
or pay-per-use basis. In terms of capital investment and operational cost reductions, cloud-based
computing offers users and organizations many benefits. Despite these advantages, several challeng-
es still limit the adoption of cloud computing. A crucial concern that is usually taken into account is
security. Without this vital component, the computing model has a negative influence, which causes
suffering on the human, ethical, and economic levels. This essay will look at the security issues that
cloud entities must deal with. This group includes Cloud Service Provider, the Data Owner, and the
Cloud User—concentrating on the communication, computation, and service level agreements that
make up the crypto-cloud. It will offer the required updates by evaluating the origins and conse-
quences of different cyberattacks.

Key words: Cloud computing, security, high performance, challenges, quality.

1. Introduction shared pool of quickly manipulable program-

mable grids, servers, amenities, storage, and
Users are given a network-based software.” [1]. On-demand self-service,
environment perception through cloud High-performance network access, Accelerat-
computing, which makes it possible to share ed Elasticity, High Scalability, and Defined
calculations and resources anywhere in the Performance are the processing type traits
world. Cloud computing is described by the shown in Fig. 1. Four deployment types are
National Institute of Standards and Technology also offered, including Community, Private,
(NIST) as "a template for delivering the appro- Hybrid, and Public Clouds. Hybrid, communi-
priate and when required internet access to a ty, private, and public clouds. The three service

Int.J. Elect.Crime Investigation 7(1):IJECI MS.ID- 02 (2023) 09

 Security Issues and challenges in Cloud Computing

models—PAAS (Platform as a Service), IAAS computing are oblivious to the precise location
(Infrastructure as a Service), and SAAS (Soft- of their sensitive data. Due to the quick propa-
ware as a Service)—are then connected with gation of threats in virtualized environments,
this model. The NIST definition of cloud conventional security measures like host-based
computing provides the necessary framework, antivirus, firewalls, and intrusion detection
illustrating commonalities, including technologies do not provide sufficient security
Geographic Distribution, Homogeneity, Virtu- in server virtualization.
alization, and Service Orientation.
2.1. Cloud computing dangers and threats
Security concerns must be considered when Walker [2], on the other hand, highlighted that
using the cloud service models with all the the Cloud Security Alliance (CSA) had
levels. When the stories are contrasted, the published a list of the top 12 cloud-related
browser's significant dependence puts it at the risks. Table 1 contains a list of these twelve
top. In contrast, the lower levels are more dangers. Data breaching is the most pressing
focused on web services. Overall operational security concern that requires attention among
costs and investments are reduced, and these threats.
improved productivity and scalability through-
out the levels. 2.2. Security in crypto-cloud
As Kamara [3] explained, there are several
Depending on the customer’s needs, hybrid, upsides to utilizing a public cloud. They also
community, private, and public cloud service noted several security hazards associated with
models may be used. using public cloud services. Many serious
worries center on the possibility of damage to
Organization: The security issues are the data's privacy and authenticity. Kamara [3]
highlighted in the following two sections. The 2010 presented a crypto-cloud architecture,
problems with security in Service Level Agree- which is depicted clearly in Fig. 3. There are
ment (SLA), computational, data, and commu- three primary actors involved: the data's owner
nication levels are addressed in Sections 4–7. (the Data Authority), the data's end user (the
Lastly, Section 8 concludes with the author's consumer), and the storage service provider
research with other previous studies for (the Cloud Storage Service Provider) (CSSP).
comparison. Customers or users of cloud services are grant-
ed authorized access to encrypted files upload-
2. Challenges With Security ed by the data authority. After those steps, the
requested file may be downloaded and
Because cloud service providers (CSPs) have decrypted using the proper tokens and creden-
data centers in different geographical tials. These three groups have unique data
locations, which presents several security protection problems in their communications,
issues and dangers, consumers in cloud computations, and SLAs.

10 Int.J. Elect.Crime Investigation 6(4):IJECI MS.ID- 02 (2022)

 Security Issues and challenges in Cloud Computing

Table 1. CSA'S Top 12 threats fundamental security criteria. Just like the root
anchors the tree in the ground, the issues
Threat no. Threat name identified at the root must be correctly treated.
1 Violated privacy. The security tree, figuratively represented as
the fruits and leaves on a tree, provides advan-
2 Passwords and authentication
issues. tages in terms of anything/everything as a
Service (XaaS) when these fundamental condi-
3 Broken APIs and hacked user
tions are duly satisfied. Data is transmitted
interfaces.
securely using the protocols (TLS) and (SSL),
4 Taking advantage of loopholes
which stand for Transport Layer Security and
in the system.
Secure Socket Layer, respectively.
5 Taking someone else's account
without permission. 4. The Quality Of
6 Contaminated by malicious Communication
insiders.
7 The APT virus, or Advanced Due to attacks on Virtual Machines (VMs),
Persistent Threat. there will surely be communication challenges
8 Inaccessible files are forever due to the VMs' shared resources, infrastruc-
gone. ture, etc. Bhadauria [5] separates this into three
9 Having not done enough categories: network, host, and application.
research. These three tiers of interaction serve as a basis
for detecting attacks.
10 Misuse of cloud services.
11 Attacks using the denial-of-ser-
4.1. Security on the level of the network
vice (DoS) protocol.
Data privacy and security are two of the most
12 Shared technology, shared important aspects of any network infrastruc-
dangers. ture. When it comes to safety on a network
level, the problems include the following:

3. Security Issues That Cloud ● Attacks Made Against Domain Name

Companies Must Deal Servers
● Hijacking of prefixes in the Border
Authentication, integrity, transparency, confi- Gateway Protocol (BGP).
dentiality, availability, and audits are a few
● Concerns Regarding the Reuse of IP
fundamental security criteria that must be
Addresses
addressed in addition to legal security stand-
ards, according to Rebollo [4]. The security ● Sniffer Attacks etc.
tree in Fig. 4 is an example of the value of

Int.J. Elect.Crime Investigation 6(4):IJECI MS.ID- 02 (2022) 11

 Security Issues and challenges in Cloud Computing

4.2. The security of the application level 5.1. Challenges posed by virtualization
Applications require security to prevent allow- Virtualization may be thought of as the
ing attackers the opportunity to obtain control abstraction of physical resources. The terms
over them by changing settings that they "desktop virtualization," "application virtual-
haven't been permitted to modify. ization," "network virtualization," " and
"server virtualization "machine virtualization"
Their configurations. are examples of some of the most prevalent
categories of virtualization.
 Cookie Poisoning is one of the problems
that must be addressed at this level. Multiple instances of Virtual Machines make
 DDoS. up the virtual layer, which is made up of these
machines. It paints a picture of a virtual and
 The manipulation of the hidden field
distributed environment that operates on top of
 An attack with a dictionary the cloud architecture and is managed by a
 Breaking CAPTCHAs cloud provider. The virtualization layer allows
 Hacking Google it to simultaneously deploy and operate several
virtual machines (VMs) on the same physical
host. It is carried out by a particular component
4.3 Security measures used at the host level or piece of software known as the hypervisor
At the level of the operating system, which is or the Virtual Machine Monitor (VMM), which
the foundation upon which applications run, divides up resources among the several VM
host risks are handled. Worms, viruses, and instances and ensures that they remain isolat-
Trojan horses are the primary dangers found at ed. VMs can communicate with one another
the host level. over the virtual switch, thanks to the virtual
network. Ram, the Central Processing Unit
● Profiling. (CPU), and storage are examples of hardware
● Methods for breaking passwords. resources included in the physical layer.

● Footprinting.
5.1.1. Security problems at the virtual
● A refusal to provide a service.
machine level (also known as the virtual
● Unauthorized entry or use layer)
The virtual machines go through their unique
life cycles, which include a variety of states
5. Computational Level
such as being created, pending, operating,
suspended, restarted, powered off, shut down,
One of the most challenging problems to solve
destroyed, and others.
on a computational level is figuring out how to
implement virtualization in the cloud.
5.1.1.1. Cloning a virtual machine (VM)

12 Int.J. Elect.Crime Investigation 6(4):IJECI MS.ID- 02 (2022)

 Security Issues and challenges in Cloud Computing

Cloning a virtual machine (VM) means creat- only with the virtual machine being moved but
ing a clone of an existing VM with the exact also with the new VM host. Live VM migra-
identification (ID), computer name, Internet tion and non-live VM migration are the two
Protocol (IP), and Media Access Control forms of migration. Compared to non-live
(MAC) addresses. This process is referred to as migration, the live migration process results in
VM cloning. The cloned virtual machine (VM) a more difficult task.
shares its virtual resources with the original
virtual machine (VM), referred to as the 5.1.1.4. Virtual Machine Exit
parent. The cloned virtual machine is unaffect- Virtual machines (VMs) often operate in
ed by any modifications made to the original secluded and self-contained settings within the
VM after completing the cloning process, and host. Any effort by the virtual machine (VM)
vice versa. Because both virtual machines to directly interact with the hypervisor by
(VMs) will use the same network, there will be intervening in an isolated environment would
a duplication of IP addresses, which may cause result in the VM escaping the environment.
security problems. Therefore, this problem must be handled
carefully to avoid compromising the overall
5.1.1.2. Isolation of VMs virtual setup.
To guarantee safety and security, the VMs need
to be isolated. Virtual machines (VMs) can be 5.1.1.5. VM rollback
kept secure by isolating them from one anoth- Allows virtual machines to be reset to their
er, even if another VM running on the same previous state at any time. Restoring the
physical host is breached. However, virtual afflicted virtual machines to their last state may
machine isolation is not a foolproof solution involve the removal of hazardous viruses and
when the hypervisor has been breached. The worms. As a result, virtual machines (VMs)
virtual machines' shared usage of IP addresses, might be re-exposed to security flaws when
which breaks the isolation between them, rollbacks are performed. Memory snapshot
causes problems that must be fixed as soon as was protected by Sabahi [7] using per-page
possible. This may bring the whole system's encryption in conjunction with hashing. The
performance down. memory contents were hashed using a Merkle
hash tree, with the pages' granularity determin-
5.1.1.3. Migration of Virtual Machines ing the hash's precision. Maintaining logs for
Virtual Machines may be moved simply from the processes, exceptionally suspend/resume
one server to another, which helps improve the and migration, is the recommended best
efficiency with which resources are used. practice. An in-depth investigation indicates
Automating this procedure to achieve load that VM rollback, if not managed safely, might
balancing and energy savings is possible. activate even hazardous viruses and worms.
Because of the dynamic nature of the migra- This was discovered as a result of an investiga-
tion, there is a potential for security issues, not tion into the matter.

Int.J. Elect.Crime Investigation 6(4):IJECI MS.ID- 02 (2022) 13

 Security Issues and challenges in Cloud Computing

5.1.1.6. VM sprawl system and the regular application to mitigate

Uncontrolled deployment of virtual machines VM poaching successfully. The issues posed
is known as "VM sprawl," and it's a problem by virtual machines (VMs) are addressed in the
that can be avoided. According to Bose [8], publications listed in Table 2.
VM sprawling is a scenario in which there is a
linear growth in the number of VMs, but most The overall study shown in Table 2 displays
themes are inactive. There is a risk that a the many options available to ensure the safety
significant amount of the host's resources will of VMs. A comparison of the many methods
be wasted. Virtual machine sprawl must be that have been suggested eliminates the possi-
controlled to manage resources with the fewest bility of an increase in either the amount of
possible efforts efficiently. time required for the execution or the number
of test systems. To keep the integrity of the
5.1.1.7. Virtual Machine (VM) Hopping and system intact, it is recommended that virtual
Virtual Machine (VM) Hyper Jumps machines (VMs) not be subjected to the trans-
Virtual Machine (VM) hopping refers to the mission of packets at a fast pace as well as
process of getting access to another VM by avoiding the application of false assumptions,
exploiting a flaw in the hypervisor. Because of which would make the problem more complex,
this vulnerability, remote assaults and malware and avoiding the oversight of certain specific
can infiltrate and eventually take control of the assumptions and parameters. The Advanced
middleware packages running on the underly- Cloud Protection System (ACPS) raises the
ing host by jumping from virtual machine to level of security and keeps the integrity intact
virtual machine (VM to VM). The most while degrading performance only a little. Wei
susceptible virtual machines (VMs) are [9] came up with the idea for a system that
frequently singled out as the entry point for assumes several virtual machines (VMs)
further assaults on the system. belong to the same organization, even if they
are hosted on a shared network. The authors
This problem will need to be addressed at some have argued that there is a requirement for the
point in the future. The vulnerability in the provision of a protected system, regardless of
hypervisor creates a single point of failure in the virtual machines (VMs) deployed by
the system. various enterprises on the same shared
network.
5.1.1.8. Virtual machine (VM) poaching
The vulnerabilities in the operating system and 5.1.2. Hypervisor level (Virtualization layer)
applications cause the system to behave unan- Qin [10] mentioned that a hypervisor keeps
ticipatedly. They use up the system resources, track of virtual machines as they are created,
which might fail other virtual machines hosted stopped, restarted, and moved around. The
on the same host. It is recommended that Hypervisor or Virtual Machine Monitor
patches be applied to both the guest operating (VMM) is nothing more than a low-level code

14 Int.J. Elect.Crime Investigation 6(4):IJECI MS.ID- 02 (2022)

 Security Issues and challenges in Cloud Computing

that is capable of independent operation ods, in their manner, ensure a safe hypervisor.
regardless of the operating system. The hyper- Based on the comparison results, it is suggest-
visor facilitates virtualization by pooling avail- ed that multi-factor authentication be used to
able resources and supporting many tenants. strengthen the hypervisor's security further.
The hypervisor-based virtualization technique Protection against software-related vulnerabil-
known as para-virtualization is the one that is ities in virtualization cloud computing
used most frequently. Complete virtualization infrastructures (VCCI) is achieved by combin-
and virtualization aided by hardware Accord- ing physical and virtual measures.
ing to Sabahi [7], hypervisor-based virtualiza-
tion is prone to having a single point of failure. Table 2: Security issues in V.M. compared to
The current methods for improving hypervisor similar systems.
security are listed in Table 3. All these meth-

S. Author Title of the Work proposed Strengths Weakness

No security scheme
1 Schwarzkopf, The protection of Checker for updates: Find Prevents execution The time
2012 cloud-based software that has become of flawed VMs. required to
virtual machines. obsolete (inactive)—free Handles multiple complete a
online hacking toolkit: software task will
Runs tests on virtual repositories from linearity
machines (VMs) before different vendors. Quantity of
releasing them. test systems
has grown.
Identifying
software
defects that
cause network
disruptions.
2 Bindra, 2012 The Analysis and Suggest doing a security Assures the safety ……
Risk Management review of the virtual of the virtual
of Virtual Machine machine images. machine image
Images on the
Cloud.
3 Shea, 2013 Experiments and Strengthening the stability SYN- proxies are When sending
Analysis of and safety of current now in place. DOS tiny packets
Virtual Machine virtualization attacks are no match rapidly, issues
Performance technologies. for container-based occur.
During (Denial of Service) virtualization.
Distributed Attacks.
Denial of Service
Attacks

Int.J. Elect.Crime Investigation 6(4):IJECI MS.ID- 03 (2022) 15

 Security Issues and challenges in Cloud Computing

4 Qin, 2012 State-of-the-art Separated the problems Methods are Some of the
Safeguarding into several virtualization classified as either identified
Virtual Machines security categories. "within" or performance
in the Cloud. "outside" the V.Ms. factors are
ignored. Some
plans are
overly
complicated
and based on
false
assumptions.

5 Lombardi, 2010 Safe and sound Highly Efficient Anti- Better protection for Minimal hit to
virtualization on Cloud Systems (ACPS). cloud data. Constant performance.
the cloud. vigilance ensures
that no one's
honesty is
compromised.
6 Duncan, 2013 Insider Threats to Using digital forensics and Ethernet tap There isn't a
Migrating Virtual system administration detection of packet simple way to
Machines in the methods, identify sniffing. tell if a
Cloud. malicious insider activity. network is
being
passively
tapped or not.
7 Wu, 2010 Safeguarding Recommended an Improve safety by Virtual
Virtual Machine innovative framework for adding a firewall machines
virtual networks to and a routing layer (VMs) should
Networks in the manage VM-to-VM to your secure, only be used
Cloud. interaction. shared network. within a
Defeats attempts company's
that attempt to sniff shared
or fake your signal. network.

5.1.2.1. Threats in virtual networking address spoofing (faking an IP address),

The potential dangers of virtual networks are VLAN hopping (breaking network segrega-
that they are challenging to construct securely tion), etc., have been cataloged by Laniepce [6]
and that all the cloud components need to be and will need to be quickly addressed in the
connected. Brohi [11] has argued that hypervi- future.
sor-resident VFs (Virtual Firewalls) on the
VMM is a need for protecting virtual 5.1.2.2.VM-to-VM attack
machines. Threats like as traffic eavesdropping Vvirtual machine (VM) can be attacked by
(intercepting network communication), another VM on the same physical host, using

16 Int.J. Elect.Crime Investigation 6(4):IJECI MS.ID- 03 (2022)

 Security Issues and challenges in Cloud Computing

hypervisor vulnerabilities and perhaps a side TCB and introduces new vulnerabilities.
channel attack to compromise the coveted VM,
as described by Laniepce [6]. Zhang [12] has 5.1.2.5. Hyperjacking / hypervisor subversion
suggested a methodology for systematically When an attacker uses a compromised virtual
identifying and investigating several common machine (VM) to access the hypervisor and
but elusive inter-VM assaults. Therefore, then uses that access to try to take over the
action is required to resolve the problem. virtualization layer. Miller [15] has described
the assaults on dropbox, Linkedin, etc., result-
5.1.2.3. Security issue with VM introspec- ing from hyperjacking. According to Micro-
tion soft's latest page on Hyperjacking, "viruses
Virtual machine (VM) introspection is a planted in the hardware/BIOS can't be identi-
security concern since it allows for monitoring fied by the O.S." These problems cause bottle-
VMs on a physical server. Expanded [13] necks that must be addressed.
coverage of VMI tools for the hypervisor.
Intruding in private virtual machines is a sure 5.1.2.6. Issue due to resource sharing
way to get unauthorized access to their Sharing shared resources is a source of conten-
contents and running processes. That's why tion since a malevolent VM might cause the
cutting-edge safeguards against intrusion are intended VMs to go without essential resourc-
required. es. Seventy-five percent of security issues,
according to Wueest [16], are the result of
5.1.2.4. Issues due to virtualized trusted sharing resources. The cloud computing
computing (VTC) paradigm relies heavily on the pooling of
Problems with virtual trusted computing available resources. Therefore, it's crucial to
(VTC) are an emerging concern since this work out the kinks in the system that prevent
technology represents the next logical step in people from pooling their resources.
virtualization but has the potential to compro-
mise security if it fails. As described by Lanie- 5.1.2.7. Challenges to the Security and Isola-
pce [6], Trusted Platform Module (TPM), a tion of Virtual Machines (VMs) Caused by
dedicated TPM is required for each virtual Hypervisors: The hypervisor controls the
machine (VM) and hypervisor. However, the degree of separation between virtual machines.
hypervisor often controls a single hardware There is a risk that guests' secrets will be
TPM, which might introduce vulnerabilities. revealed if the hypervisor's security is not
Dongxi L [14] mentioned vTPM and certifi- guaranteed. Therefore, the hypervisor needs
cate and critical administration. Trusted better techniques for controlling access.
Platform Module (TPM) implementation in
software exacerbates existing problems in the

Int.J. Elect.Crime Investigation 6(4):IJECI MS.ID- 03 (2022) 17

 Security Issues and challenges in Cloud Computing

Table 3: Here are a few publications that discuss the difficulties with hypervisor security
S. Author Title of the security scheme Work proposed Strengths Weakness
no.
1 Romney, 2013 Hypervisors' Versatility, co-created a The use of more When virtual
Adaptability, and Master of Science than one memory (VM)
Productivity in the in Cyber Security authentication size grows from
Classroom of Engineers. and Information method 200 to 770, it
Assurance (MS- improves safety. becomes a
CSIA) degree The bandwidth crucial concern.
program at NU has been
with Efficiency doubled from 50
Student access to Mbps to 100
cutting-edge Mbps.
technology;
agility;
flexibility;
simplicity of
cloning;
2 Sabahi, 2012 Safeguarding Virtualization Recommended a A safer Both VSEM and
in a Cloud Setting different environment. VREM are
Technology based on a approach to Identifies an essential to the
hypervisor is used. virtualization overflow attack. effectiveness of
security that Better use a security
relies on a virtualization. system.
hypervisor.
3 Turnbull, 2013 Limitations: Examining Four possible Cloud
Possible Entry Points for attacks in the computing is
Hypervisor Attacks. ESXi5.0 now safer to
hypervisor were eliminate data
found and rerouting and
examined. system call
hooking.
4 Brohi, 2013 Security Risks in Virtualized The Protected VCCI
Cloud Computing Virtualization by tracing
Environments: Identification Attack Model intrusions both
and Analysis (VCCI). (VMM) is a from the inside
technique for and the outside.
virtualizing CCI-
style attacks
against VCCI.

18 Int.J. Elect.Crime Investigation 6(4):IJECI MS.ID- 03 (2022)

 Security Issues and challenges in Cloud Computing

5 Laniepce, 2013 Intruder Detection and advocated for a Perhaps most That's up to the
Prevention in IaaS Clouds hypervisor-based encouraging, it reliability of
using Hypervisor-Based method of strengthens end your cloud
Engineering. keeping tabs on users’ virtual service.
things machine (VM)
security.
6 Nimgaonkar, Ctrust is an infrastructure for The Ctrust Gives people a The
2012 running applications in the framework, a sense of safety incorporation of
cloud safely and reliably. proposed attack and confidence. hardware
model, and a Scalable. design.
prototype
implementation
are presented.

The VMM/Hypervisor from both internal and (CPU), memory, network interface card (NIC),
external threats. When an overflow attack and storage space (among other resources). If a
occurs, hypervisor-based monitoring immedi- visitor can circumvent DAC and MAC due to a
ately alerts the administrator. By safeguarding hypervisor flaw, isolated protections are at
the hypervisor as a whole, we can eliminate a risk. Hardware security and vulnerability
potential catastrophic failure point (SPoF). If considerations have been brought to light, as
you want to implement the no hypervisor idea, Zissis [17] has noted. In the lack of protection
you'll have to upgrade your operating system to hardware, a variety of dangers, including
to include all the capabilities that hypervisors Distributed Denial of Service (DDOS),
typically provide. However, doing so increases hardware disruption, hardware theft, hardware
the already high complexity of the OS beneath modification, abuse of infrastructure, and so
it. This means that the hypervisor is essential on, are a possible; server placement, firewall
for implementing virtualization. upkeep, and hardware health monitoring are all
problems at the physical layer, as categorized
For cloud computing to work, virtualization by Mathisen [18].
must be at its core. The VMM allows for the
construction, suspension, restart, activation, In addition to the problems described above,
and allocation of resources for Virtual hardware health monitoring is essential, as
Machines (VMs). The cloud computing Turnbull [19] explains. This is necessary for
paradigm suffers from SPoF's performance determining the capabilities of the various
degradation and must be protected. hardware components and conveying that
information to the kernel and the virtualization
Cloud-based virtual machines (VMs) share the manager. To reduce the impact of issues in the
hardware layer's central processing unit physical layer, the system should employ a

Int.J. Elect.Crime Investigation 6(4):IJECI MS.ID- 03 (2022) 19

 Security Issues and challenges in Cloud Computing

robust authentication method in the virtual 6.1.1. Data Lineage

Border to lessen hyperjacking's associated There's the concept of "data lineage," which
problems. refers to the history of where and from whom
specific data has been collected. Data lineage
6. Problems With The Data Itself is a concept suggested by Bhadauria and
Sanyal [5]. It's useful for auditing. Due to the
Any crypto-cloud system's entities may be non-linear structure of the cloud, it is one of the
considered extensions of the data that serves as most challenging and time-consuming aspects
its source and beating organ. Table 1 shows of tracing.
that CSA feels data breaches are the most
significant security risk. Understanding how 6.1.2. Data Leakage
many layers of protection the new computing The second problem is data leakage, which
technology offers to the data the author occurs whenever more than one tenant access-
foresees before adopting is crucial since es data. As Sabahi [7] described, one of the
hacking skills are also well-versed. Data Leak- concerns is information loss. Security flaws in
age is a problem that arises when data is stored Google Docs have been known since at least
off-site (outside of our control) to support March 2009, when Chen first brought them to
several tenants. Data at every point of its life light [20]. With such a high risk of compro-
cycle—from creation to distribution to use to mised information, handling must be done
sharing to archiving to deletion, as outlined by with extreme caution. Leaks of sensitive infor-
Chen [20]—must be safeguarded. Generally, mation can occur through various channels,
there are two types of data level security: those including instant messaging, email, webmail,
that apply while the data is in motion and when blogs/wikis, malicious web pages, the file
the information is at rest. Since data transmis- transfer protocol (FTP), and USB/mass storage
sion is performed using TLS by default, there devices.
are no additional security concerns associated
with data-in-transit compared to data-at-rest. 6.2. DATA- IN-REST
It's more appealing to a hacker to access data Vyas [21] presented a method for ensuring data
when it's resting in storage. integrity and performance during cloud storage
and retrieval. Improve cloud data security by
6.1. Information in transit storing encrypted files, hash files, and
During data transfers, entities in the meta-data.
crypto-cloud interact with one another.
Instances of the following problems may arise Data security in the cloud, using cryptographic
due to the entities' attempts to communicate mechanisms to protect individual privacy, is a
with one another via a secure communication topic that has been extensively reviewed by
channel, such as Transport Layer Security. Chatterjee [22].

20 Int.J. Elect.Crime Investigation 7(1):IJECI MS.ID- 02 (2023)

 Security Issues and challenges in Cloud Computing

6.2.1. Data Recovery secure location. Replication maintenance

Data recovery is extracting data from damaged compromises data safety.
or unreadable storage media and restoring it
for use. Figure 11 shows the progression 6.2.4. Data isolation
through the four stages of data recovery. When Information must be kept completely isolated
a file is deleted, just its information is erased; from unauthorized access. Access control and
the data itself is still stored on the disc. encryption methods should protect sensitive
Retrieval using "file carving" is possible. information from prying eyes. A user's identifi-
Bifragment gap carving, Smart Carving, and cation can provide several fine-grained access
Carving memory dumps are a few examples of control types, such as attribute-based,
popular Carving techniques. Problems with the time-based, etc. Isolation is a very exclusive
operating system, the disc, or the deletion of setting. Carelessness can result in a virtual
files are common obstacles to data recovery. machine (VM) to VM assault, compromising
These obstacles must be conquered. user privacy.

6.2.2. Data Remanence/Sanitization/Removal 6.2.5. Data segregation

All data must be thoroughly and safely wiped The separation of data across users in a virtual-
after its useful life. One of the most time-hon- ized cloud environment is known as "data
ored methods of cleaning data is overwriting. segregation." Data segregation is a concern
As stated by Chen [20], physical properties brought up by multi-tenancy, according to
allow for the restoration/recovery of lost data, Negi [24]. Data segregation in the cloud should
which might lead to the exposure of private be accomplished with the help of highly
information. It is feasible to retrieve informa- protected protocols and encryption methods.
tion from damaged storage media with the SQL injection, unsecured storage, and improp-
proper knowledge and tools. There has to be er data validation contribute to data segrega-
consideration given to the persistence of data tion issues. In a multi-tenant setting, the
after deletion. difficulty of data segregation can be reduced
by catering to tenants' specific needs in the
6.2.3. Data backup ways outlined.
Data loss occurs when data is updated often. In
the event of data loss, it is essential to have a 6.2.6. Data Lock-in
recent backup stored in the cloud or on an Data lock-in is the most significant barrier to
external server. The 3-2-1 rule, as outlined by achieving data portability and interoperability,
Bhargav Vora [23], requires keeping three bringing us to point six. Sax [25] warns that,
copies of all critically significant data: one according to a well-documented industry
primary copy and two backups. Two separate perspective, the possibility of cloud provider
storage mediums are used to protect against lock-in impedes the free flow of data into,
potential threats. Hold one duplicate in a throughout, and beyond the cloud. Due to the

Int.J. Elect.Crime Investigation 7(1):IJECI MS.ID- 02 (2023) 21

 Security Issues and challenges in Cloud Computing

lock-in nature, it is challenging to integrate ensures that only authorized parties may read
data from many sources. Cloud users should be and change stored information. Independent
unaffected by the current situation with one verification of data integrity is possible. How-
provider. ever, Kaur [26] offered a data correctness
system that assured data security through a
6.2.7. Data Location third-party audit. Static and dynamic data
Where the data is physically stored is crucial to require security measures to prevent accidental
the success of any storage as a service model. or malicious use or disclosure.
Users are hesitant to keep sensitive data in the
cloud due to the lack of transparency surround- 2. Integrity and computational correctness are
ing the data's physical location. It's a typical data provenance aspects, referred to as "prove-
challenge for businesses. Concerns about data nance." Provenance may be defined as (integri-
safety, legality, and meeting regulatory stand- ty + computational correctness =). However,
ards arise when their whereabouts are Muhammad Rizwan Asghar[27] emphasized
unknown. This is a complicated matter because the significance of provenance in post-incident
certain cloud storage services can't be relied investigations by explaining how data is creat-
on. ed. Martin[28] proposed a risk-based strategy
for determining origin. Data provenance
Problems that arise when data is both in presented several difficulties, including
motion and at rest constitute Section 6.3. computational cost, storage overhead, platform
independence, and application independence.
1. The first tenet of sound data management

Table 4: The current methods for fixing Data Level Challenges

S. no Author Title of the Work proposed Strengths Weakness

security scheme

1 Chen, 2012 The challenges Survey: Data Discussed the

of protecting security and data security and
sensitive data privacy at privacy studies
and personal different stages that will be
privacy in the of the data's life conducted in the
cloud. cycle were future
analyzed.

2 Wang, 2012 The move Saving money Accurately Stores

toward safe and on bandwidth pinpointing the supplemental
reliable cloud and processing source of data data structures
storage services. by auditing problems in a locally for ease of
cloud storage. hurry. Dynamic usage.
efficiency.

22 Int.J. Elect.Crime Investigation 7(1):IJECI MS.ID- 02 (2023)

 Security Issues and challenges in Cloud Computing

3 Liu, 2013 Safe Multi- With MONA, 100% Safe and

Owner Cloud cloud-based Effective.
Data Sharing for groups may be Revoked users
Evolving dynamic and incur no
Communities, or responsive. additional costs
Mona. for storage or
processing.
4 Wei, 2014 Protection of Prevention of This first protocol Using SecCloud
personal data privacy breaches audits safe takes a little
during cloud and promotion storage and longer than the
computing of a trustworthy computation— original protocol.
storage and auditing the bare
processing. methodology for minimum.
computing.

5 Dong, 2014 Developing a A strategy Data privacy is

cloud-based file- utilizes both CP- efficient,
sharing service ABE and IBE scalable, and
that meets these methods. adaptable. Safe
criteria— and allowing for
efficient, granular
scalable, and permissions
protective of
user privacy—is
a primary goal
of modern cloud
computing.

6 Dong, 2015 Cloud-based An identity- Safe online data Data

data based, multi- sharing with synchronization
collaboration level encryption granular and security
services that system for use in permissions concerns have
prioritize an insecure Efficient Minimal not been
security and cloud computational, resolved.
scalability, aka environment. networking, and
SECO. storing overhead.

7 Khalid, Protocol for A method for Simplicity to

2013 improved establishing implementing
authentication trust and Compatible
and exchanging
authorization information in
based on an untraceable
security and fashion.
privacy,
implemented in
the cloud.

Int.J. Elect.Crime Investigation 7(1):IJECI MS.ID- 02 (2023) 23

 Security Issues and challenges in Cloud Computing

8 Sun, 2013 A system for The use of Effective. The differences

assessing properties is Effectiveness at between defects
encryption recommended to finding problems that have been
software based verify the is rather good. mimicked and
on its properties. security of those that occur
encryption in real-time are
software. striking. The
Number of
Metamorphic
Relationships is
bounded (Mrs)

9 Liu, 2014 Cloud-based A TimePRE that Accomplishes The user's total

data sharing causes a user's efficient and number of keys
security protocol privileges to granular access will increase
that uses time- lapse on their control. A safe proportionally.
based proxy re- own time. and helpful The price of
encryption. option There is no decryption is
granularity in the little.
time
measurements.

10 Koo, 2013 Safe and quick A fast Optimal for Large

decryption of information Data Archives
encrypted data. retrieval system Controlled entry
Data on the based on ABE. and rapid
cloud utilizing searching
attribute-based
encryption.

11 Puthal, The efficient Security It cuts down on

2017 security of verification for time spent
large-scale massive data communicating.
sensing data streams using Increases
streams based dynamic prime verification
on a dynamic numbers efficiency. Saves
prime number. (DPBSV). time. Make use of
minimum size.

12 Shaikh, Cloud A system for Strength and

2015 computing collecting and safety are greatly
security is only analyzing data enhanced.
achievable with tested with
properly representative
organized data. data sets.

24 Int.J. Elect.Crime Investigation 7(1):IJECI MS.ID- 02 (2023)

 Security Issues and challenges in Cloud Computing

The most fundamental component of a cloud given time. SLAs may be broken down into
that needs protection is its data. Threats to data three distinct tiers: customer-centric,
security can occur both while information is in service-centric, and multi-tiered. The amount
transit and while it is stored. Without adding to of money and workforce allocated is crucial
the cost of storage, transmission, or comput- and shouldn’t be underestimated.
ing, Table 4 outlines the several security
concerns that must be overcome. For instance, While privacy concerns motivate the develop-
the SecCloud method adds negligible time ment of service-level agreements, principles of
over the currently used, more insecure proto- honesty motivate their introduction. Hoehl
col. Reducing exposure even if doing so causes [29]. Risk reduction and efficient assignment
unexpected financial strain. Combinations of of responsibilities between parties is facilitated
encryption methods that are efficient, scalable, by incorporating security metrics within the
adaptable, secure, and allow for granular SLA. Regarding security management, no one
control over who has access to data. Research SLA standard fits all scenarios. However,
in the future can focus on methods that measures such as the European Commission's
improve security while requiring less work SPECS (Secure Provisioning of Cloud Servic-
from administrators. es) and ENISA's (European Network and
Information Security Agency) guarantee
A system that provides maximum security at a security by requiring the upkeep of SLAs.
minimum cost in terms of memory, bandwidth Quality of Service (quality of service) may be
and processing power is urgently required. The improved using SLA. Define, negotiate, moni-
system must be reliable, extensible, and safe. tor, and enforce the terms of a contract using
Security, however, should not be an Service Level Agreements. While defining and
afterthought; instead, it should permeate the negotiating a contract, both parties can deter-
entire system and be built at each step (Compu- mine their respective roles and the duration of
tational, Communicational, and Service Level their separation agreements. The relationship
Agreement). between the supplier and the customer is
strengthened using monitoring and enforce-
7. Service Level Agreements ment.
(Slas)
Guaranteed service availability was also
Providers are responsible for delivering servic- brought forward by Dash [30]. Depending on
es to customers by agreed-upon SLAs. The the SLA, the provider's capabilities, the
obligation of upholding SLAs falls on efficiency of the users, and the accessibility of
crypto-fundamental cloud entities' shoulders. the services will vary. To mitigate any adverse
Bandwidth, central processing unit, memory, outcomes, consider the following information.
and critical management are just a few factors Loss of bandwidth and operations, business
that might affect resource allocation at any continuity, data location, data appropriation,

Int.J. Elect.Crime Investigation 7(1):IJECI MS.ID- 02 (2023) 25

 Security Issues and challenges in Cloud Computing

data integrity, and data dependability are just a ous chances for hackers to crack the
few of the many concerns that must be crypto-system exist nowadays due to the
addressed. The pay-as-you-go business cannot proliferation of security threats. However,
persist without adequate SLAs. many studies and polls agree with the author's
vote. Cloud computing still appears to be in its
8. Wrapping Up infancy regarding protecting user data.

Questions of data, system and Service Level Table 5 shows how our survey stacks up
Agreement security are examined. Security against previous survey papers when compar-
problems with virtualization and data are seen ing the three foundational dimensions. The
as the most dangerous to a computer system. table reveals that very few reports have
The benefit of cloud computing is enhanced comprehensively examined the causes and
through virtualization, a core component of the consequences of problems at the Virtual
cloud. The problems that can arise at the Machine, Hypervisor, and Hardware levels of
virtual, virtualization and physical levels are computing. Future research on Service Level
discussed. There are two main types of data Agreements has to be deeper and broader. This
security problems: those that occur when the article paves the way for future research in
data is at rest and those that occur while it is in cloud computing to explore previously
transit. Both are investigated, and there's a uncharted territory.
pressing need to resolve any problems. Numer-

Table 5: A look at our study in comparison to others from three different vantage points
S. no Author Communication level Computational/Functional level SLA lev el
Network level Application level Virtualization Data security
V.M. level Hypervisor level Hardware level

1 Ali, 2015 X X X X X
2 Rong, 2013 X X
3 Zissis, 2012 X X X X
4 Sun, 2011 X X X
5 Shahzad, 2014 X X X
6 Rao, 2015 X X
7 Soofi, 2014 X X X
8 Warhade, 2014 X X X
9 Padhy, 2011 X X X X X
10 Denz, 2013 X X X
11 Ouedraogo, 2015 X X X X
12 Rawat, 2014 X X
13 Our survey X X X X X X X

26 Int.J. Elect.Crime Investigation 7(1):IJECI MS.ID- 02 (2023)

 Security Issues and challenges in Cloud Computing

Table 5: A look at our study in comparison to Associated Mitigation Techniques”. Int J

others from three different vantage points Comput Appl (0975-888). vol. 47, no.
18. June 2012.
Security should not be an afterthought for
cloud service providers; it should be a primary [6] S. Laniepce, M. Lacoste, M. Kassi-Lahl-
concern. ou, F. Bignon, K. Lazri and A. Wailly.
“Engineering intrusion prevention
9. References services for iaas clouds: the way of the
hypervisor”, 2013.IEEE seventh
international symposium on service-ori-
[1] P. Mell and T. Grance. “The NIST
ented system engineering.
definition of cloud computing”. Nation-
al Institute of Standards and Technolo- [7] F. Sabahi. “Secure virtualization for
gy; 2009http://csrc.nist.gov/groups/ cloud environment using hypervi-
SNS/cloud-computing. sor-based technology”. Int J Mach Learn
Comput. vol. 2, no. 1. February 2012.
[2] K. Walker. “Cloud security alliance(C-
SA)”. The treacherous 12: cloud [8] R. Bose and D. Sardar. “A Secure
computing top threats in 2016. https://- Hypervisor-based technology creates a
cloudsecurityalliance.org/media/news/- secure cloud environment”. Int J Emerg
cloud-security-alliance-releases- Res Manage Technol. Vol. 4, no. 2.
the-treacherous-twelve-cloud-comput- February 2015.
ing-top-threats-in-2016/.
[9] L. Wei, H. Zhu, Z. Cao, X. Dong, W. Jia,
[3] S. Kamara and K. Lauter. “Cryptograph- Y. Chen and AV Vasilakos. “Security and
ic cloud storage”. Microsoft Research privacy for storage and computation in
Cryptography Group; January 2010 cloud computing”. Inf Sci;258: pp.
http://research.microsoft.com/- 371–386. 2014. www.elsevier.com/lo-
pubs/112576/cryptocloud.pdf. cate/ins.

[4] O. Rebollo, D. Mellado, E. Fernan- [10] Z. Qin, Q. Zhang, C. Wan and Y. Di.
dez-Medina and H. Mouratidis. “Empir- “State-of-the-art virtualization security
ical evaluation of a cloud computing in cloud computing”. J Inf Comput Sci.
information security governance frame- vol.9, no. 6. 2012.
work”. Inf SoftwareTechnol 2015. vol.
58: pp. 44–57www.elsevier.com/lo-
cate/infsof.

[5] R. Bhadauria and S. Sanyal. “Survey on

security issues in Cloud Computing and

Int.J. Elect.Crime Investigation 7(1):IJECI MS.ID- 02 (2023) 27

 Security Issues and challenges in Cloud Computing

28 Int.J. Elect.Crime Investigation 7(1):IJECI MS.ID- 02 (2023)