Securing the Skies- A Critical Analysis of Cloud Infrastructure Vulnerabilities

Vaishnavi Chaudhari; Poonam Dhake; Snehal Salunkhe; Mahendra Suryavanshi

Authors

Vaishnavi Chaudhari Student, Department of Computer Science and Application, Dr Vishwanath Karad MIT World Peace University, Pune, Maharashtra, India
Poonam Dhake Student, Department of Computer Science and Application, Dr Vishwanath Karad MIT World Peace University, Pune, Maharashtra, India
Snehal Salunkhe Student, Department of Computer Science and Application, Dr Vishwanath Karad MIT World Peace University, Pune, Maharashtra, India
Mahendra Suryavanshi Assistant Professor, Department of Computer Science and Application, Dr Vishwanath Karad MIT World Peace University, Pune, Maharashtra, India

Keywords:

Cloud Security, Authentication, Access Control, Hypervisor, Data Breaches

Abstract

Cloud computing offers storage, infrastructure, computing, networking, databases, platform, software, and analytics services over the Internet. It provides numerous benefits including scalability, cost management, broad access to resources, elasticity, resource pooling. Though cloud computing is mature and widely adopted computing model in software as well as non-software industries, it has several issues regarding security as it provides most of the cloud services over the public infrastructure. Denial of service (DOS), malware injection, insecure APIs, data loss, data breaches, hypervisor vulnerabilities, VM escape are a few major issues in cloud computing. In this paper, authors tried to provide a comprehensive analysis of critical security issues in cloud computing. Furthermore, this paper critically analyses the existing solutions to the various security issues in the cloud computing model.

References

Suryavanshi, Mahendra, Ajay Kumar, and Jyoti Yadav. "Balanced Multipath Transport Protocol for Mitigating MPTCP Incast in Data Center Networks." International Journal of Next-Generation Computing 12, no. 3 (2021).

Roy, Vasisth, Chaitanya Deshpande, Nikesh Kumar, and Mahendra Suryavanshi. "Cloud computing security issues and existing solutions." Vidhyayana-An International Multidisciplinary Peer-Reviewed E-Journal-ISSN 2454-8596 8, no. si7 (2023): 352-360.

Hassan, Wajid, Te-Shun Chou, Xiaoming Li, Patrick Appiah-Kubi and Omar Tamer. “Latest trends, challenges and solutions in security in the era of cloud computing and software defined networks.” International Journal of Informatics and Communication Technology (IJ-ICT) (2019): n. pag.

Murthy, Ch. V. N. U. Bharathi, M. Lawanya Shri, Seifedine Nimer Kadry and Sangsoon Lim. “Blockchain Based Cloud Computing: Architecture and Research Challenges.” IEEE Access 8 (2020): 205190-205205.

Masdari, Mohammad and Mehran Zangakani. “Green Cloud Computing Using Proactive Virtual Machine Placement: Challenges and Issues.” Journal of Grid Computing 18 (2019): 727 - 759.

Abbasi, Aaqif Afzaal, Almas Abbasi, Shahaboddin Shamshirband, Anthony T. Chronopoulos, Valerio Persico and Antonio Pescapé. “Software-Defined Cloud Computing: A Systematic Review on Latest Trends and Developments.” IEEE Access 7 (2019): 93294-93314.

Gui, Anderes, Yudi Fernando, Muhammad Shabir Shaharudin, Mazita Mokhtar, I Gusti Made Karmawan and Suryanto Suryanto. “Cloud Computing Adoption Using TOE Framework for Indonesia’s Micro Small Medium Enterprises.” JOIV : International Journal on Informatics Visualization (2020): n. pag.

Sridhar, S. D. S. S., and S. Smys. "A survey on cloud security issues and challenges with possible measures." In International conference on inventive research in engineering and technology, vol. 4. 2016.

Sharma, Shubhanjali, Garima Gupta, and P. R. Laxmi. "A survey on cloud security issues and techniques." arXiv preprint arXiv:1403.5627 (2014).

Masadeh, Shadi R., Faiz M. AlShrouf, and A. S. Kumar. "Concerns from Cloud Security Issues: Challenges and Open Problems." International Journal 12, no. 1 (2023).

Khalil, Issa M., Abdallah Khreishah, and Muhammad Azeem. "Cloud computing security: A survey." Computers 3, no. 1 (2014): 1-35.

Padhy, Rabi Prasad, Manas Ranjan Patra, and Suresh Chandra Satapathy. "Cloud computing: security issues and research challenges." International Journal of Computer Science and Information Technology & Security (IJCSITS) 1, no. 2 (2011): 136-146.

Iqbal, Asad. "See discussions, stats, and author profiles for this publication at: https://www.researchgate. net/publication/323614212 Ovarian Leiomyoma Associated with Serous Cystadenoma-A Case Report of an Uncommon Entity Ovarian Leiomyoma Associated with Serous Cystadenoma-A Case Report of an Uncommon Entity." (2023).

Abdelrazek, Mohamed, John Grundy, and I. Mueller. "An analysis of the cloud computing security problem." (2010).

K. Surya, M. Nivedithaa, S. Uma and C. Valliyammai, "Security issues and challenges in cloud," 2013 International Conference on Green Computing, Communication and Conservation of Energy (ICGCE), Chennai, India, 2013, pp. 889-893, doi: 10.1109/ICGCE.2013.6823560.

Muthu, Dayalan. (2017). Security Issues and Challenges in Cloud Computing. Journal of emerging technologies and innovative research, 4(11), 38-40-38-40.

Pradip, Patil. (2015). Cloud Security Issues. Journal of Information Engineering and Applications, 5(1), 31-34.

Kuyoro, Shade O., Femi L. Ibikunle and Oludele Awodele. “Cloud computing security issues and challenges.” International Journal for Advance Research and Development 3 (2011): 24-26.

Kumar, Rajendra. “Cloud computing and security issue.” International Journal of Engineering and Computer Science (2016): n. pag.

Ghosh, Soumalya, Shiv Kumar Verma, Uttam Ghosh and Mohammed S. Al-Numay. “Improved End-to-End Data Security Approach for Cloud Computing.” Sustainability (2023): n. pag.

Qazi, Farhan. “Application Programming Interface (API) Security in Cloud Applications.” EAI Endorsed Transactions on Cloud Systems (2023): n. pag.

Sirisha, A. and G. Geetha Kumari. “API access control in cloud using the Role Based Access Control Model.” Trendz in Information Sciences & Computing(TISC2010) (2010): 135-137.

Joe-Ibekwe, Glory. “Enhancing Cloud Security By Using Secure Apis In Business Enterprises In The USA.” International Journal of Scientific and Research Publications (2024): n. pag.

Ali, Munwar, Low Tang Jung, Ali Hassan Sodhro, Asif Ali Laghari, Samir Birahim Belhaouari, and Zeeshan Gillani. "A Confidentiality-based data Classification-as-a-Service (C2aaS) for cloud security." Alexandria Engineering Journal 64 (2023): 749-760.

Surianarayanan, Chellammal, and Pethuru Raj Chelliah. "Integration of the internet of things and cloud: Security challenges and solutions–a review." International Journal of Cloud Applications and Computing (IJCAC) 13, no. 1 (2023): 1-30.

Padhy, Rabi Prasad, Manas Ranjan Patra, and Suresh Chandra Satapathy. "Cloud computing: security issues and research challenges." International Journal of Computer Science and Information Technology & Security (IJCSITS) 1, no. 2 (2011): 136-146.

Khalil, Issa M., Abdallah Khreishah, and Muhammad Azeem. "Cloud computing security: A survey." Computers 3, no. 1 (2014): 1-35.

Kalaiprasath, R., R. Elankavi, and R. Udayakumar. "Cloud security and compliance-a semantic approach in end to end security." International Journal on Smart Sensing and Intelligent Systems 10, no. 5 (2017): 482-494.

Almutairy, Nadiah M., Khalil Hamdi Ateyeh Al-Shqeerat and Husam Ahmed Al Hamad. “A Taxonomy of Virtualization Security Issues in Cloud Computing Environments.” Indian Journal of Science and Technology (2019): n. pag.

Kumari, Neha. “A Study of Hypervisor Based Virtualization and Related Major Security Issues in Cloud Computing Architecture.” International Journal for Research in Applied Science and Engineering Technology (2023): n. pag.

Qureshi, Muhammad Bilal, Muhammad Shuaib Qureshi, Saqib Tahir, Aamir Anwar, Saddam Hussain, Mueen Uddin and Chin-Ling Chen. “Encryption Techniques for Smart Systems Data Security Offloaded to the Cloud.” Symmetry 14 (2022): 695.

Chandrasekhar, Dr.Tadi and Sumanth Kumar. “A Noval Method for Cloud Security and Privacy Using Homomorphic Encryption Based on Facial Key Templates.” Journal of Advances in Information Technology (2022): n. pag.

Patel, Subhash Chandra, Sumit Kumar Jaiswal, Ravi Shankar Singh and Jyoti Chauhan. “Access Control Framework Using Multi-Factor Authentication in Cloud Computing.” Int. J. Green Comput. 9 (2018): 1-15.

Tuyishime, Emmanuel, Titus Constantin Balan, Petru Adrian Cotfas, Daniel Tudor Cotfas and Alexandre Rekeraho. “Enhancing Cloud Security—Proactive Threat Monitoring and Detection Using a SIEM-Based Approach.” Applied Sciences (2023): n. pag.

Ananda Ravuri, Et al.. “Evaluation of Cloud-Based Cyber Security System.” International Journal on Recent and Innovation Trends in Computing and Communication (2023): n. pag.

Shropshire, Jordan and Ryan Benton. “Container and VM Visualization for Rapid Incident Response.” (2019).

Nagarajan Krishnamurthy, Et. al. “Exploring the Cloud: Vulnerabilities and Cybersecurity Challenges.” International Journal on Recent and Innovation Trends in Computing and Communication (2023): n. pag.

Polozhentsev, Artem, Sergiy Gnatyuk, Rat Berdibayev, Viktoriia Sydorenko and Oksana Zhyharevych. “Novel Cyber Incident Management System for 5G-based Critical Infrastructures.” 2023 IEEE 12th International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS) 1 (2023): 1037-1041.

Fernández, Eduardo B., Nobukazu Yoshioka and Hironori Washizaki. “Cloud Access Security Broker (CASB): A pattern for secure access to cloud services.” (2015).

https://peoplactive.com/blog/cryptography-in-cloud-computing/

https://www.bmc.com/blogs/containers-vs-virtual-machines/

https://secureops.com/blog/casb-and-dlp/