Cloud computing security

[7] Therefore, cloud service providers must ensure that thorough background checks are conducted for employees who have physical access to the servers in the data center.

In order to conserve resources, cut costs, and maintain efficiency, cloud service providers often store more than one customer's data on the same server.

To handle such sensitive situations, cloud service providers should ensure proper data isolation and logical storage segregation.

These controls protect cloud environments and are put in place to safeguard any weaknesses in the system and reduce the effect of an attack.

This cloud security engineering process includes such things as access to the executives, techniques, and controls to ensure applications and information.

Though the idea of cloud computing isn't new, associations are increasingly enforcing it because of its flexible scalability, relative trustability, and cost frugality of services.

[citation needed] It is generally recommended that information security controls be selected and implemented according to and in proportion to the risks, typically by assessing the threats, vulnerabilities and impacts.

This is normally achieved by serving cloud applications from professionally specified, designed, constructed, managed, monitored and maintained data centers.

Moreover, digital identities and credentials must be protected as should any data that the provider collects or produces about customer activity in the cloud.

Since the cloud is a shared environment with other customers or tenants, following penetration testing rules of engagement step-by-step is a mandatory requirement.

[21] Scanning the cloud from outside and inside using free or commercial products is crucial because without a hardened environment your service is considered a soft target.

Since the cloud is a shared environment with other customers or tenants, following penetration testing rules of engagement step-by-step is a mandatory requirement.

While cloud computing is on the cutting edge of information technology there are risks and vulnerabilities to consider before investing fully in it.

Consumers as well that intend to use clouds to store their customer's data must also be aware of the vulnerabilities of having non-physical storage for private information.

[29] What makes this so dangerous is that the person carrying out the attack is able to gain a level of privilege of having essentially root access to the machine.

[30] With the global pandemic that started early in 2020 taking effect, there was a massive shift to remote work, because of this companies became more reliant on the cloud.

This massive shift has not gone unnoticed, especially by cybercriminals and bad actors, many of which saw the opportunity to attack the cloud because of this new remote work environment.

Constantly keeping up to date with the latest security measures and policies, mishaps in communication are some of the things that these cybercriminals are looking for and will prey upon.

The change to remote work was so sudden that many companies simply were unprepared to deal with the tasks and subsequent workload they have found themselves deeply entrenched in.

Recent research conducted in 2022 has revealed that the Trojan horse injection method is a serious problem with harmful impacts on cloud computing systems.

By relying on attributes ABE circumvents needing to share keys directly, as with PKI, as well as having to know the identity of the receiver, as with IBE.

It then encrypts it to produce ciphertext that only a user that possesses a set of attributes that satisfies the access structure will decrypt the message.

Finally, the Decrypt algorithm takes the public parameters, the ciphertext, the private key, and user attributes as input.

With this information, the algorithm first checks if the users’ attributes satisfy the access structure and then decrypts the ciphertext to return the data.

[36] In KP-ABE, the attribute sets are used to describe the encrypted texts and the private keys are associated to the specified policy that users will have for the decryption of the ciphertexts.

Another interesting feature of Fully Homomorphic Encryption or FHE for short is that it allows operations to be executed without the need for a secret key.

[39] Its goal is to be a much more secure and efficient method of encryption on a larger scale to handle the massive capabilities of the cloud.

In order to improve search efficiency, symmetric-key SE generally builds keyword indexes to answer user queries.

This has the obvious disadvantage of providing multimodal access routes for unauthorized data retrieval, bypassing the encryption algorithm by subjecting the framework to alternative parameters within the shared cloud environment.

Aside from the security and compliance issues enumerated above, cloud providers and their customers will negotiate terms around liability (stipulating how incidents involving data loss or compromise will be resolved, for example), intellectual property, and end-of-service (when data and applications are ultimately returned to the customer).

Cloud suppliers security and privacy agreements must be aligned to the demand(s) requirements and requlations