Data security has consistently been a major issue in information technology. In the cloud computing
environment, it becomes particularly serious because the data is located in different places even in
all the globe. Data security and privacy protection are the two main factors of user’s concerns about
the cloud technology. Though many techniques on the topics in cloud computing have been
investigated in both academics and industries, data security and privacy protection are becoming
more important for the future development of cloud computing technology in government, industry,
and business. Data security and privacy protection issues are relevant to both hardware and software
in the cloud architecture. This study is to review different security techniques and challenges from
both software and hardware aspects for protecting data in the cloud and aims at enhancing the data
security and privacy protection for the trustworthy cloud environment. In this paper, we make a
comparative research analysis of the existing research work regarding the data security and privacy
protection techniques used in the cloud computing.
Cloud computing is the future in the field of computation. In the cloud computing environment,
both applications and resources are delivered on demand over the Internet as services. Cloud is an
environment of the hardware and software resources in the data centers that provide diverse services
over the network or the Internet to satisfy user’s requirements.
Cloud computing can be considered as a new computing archetype that can provide services on
demand at a minimal cost. Cloud computing is closely related to but not the same as grid computing
Grid computing integrates diverse resources together and controls the resources with the unified
operating systems to provide high performance computing services, while cloud computing
combines the computing and storage resources controlled by different operating systems to provide
services such as large-scaled data storage and high performance computing to users.
Cloud computing will enable services to be consumed easily on demand. Cloud computing has the
characteristics such as on-demand self-service, location independent resource pooling, rapid
resource elasticity, usage-based pricing, and transference of risk. Cloud computing technology is
currently changing the way to do business in the world.
Cloud computing is very promising for the IT applications.
Security problems in cloud computing
Data integrity is one of the most critical elements in any information system. Generally, data
integrity means protecting data from unauthorized deletion, modification, or fabrication.
Data integrity is easily achieved in a standalone system with a single database. Data integrity in the
standalone system is maintained via database constraints and transactions, which is usually finished
by a database management system (DBMS).
Data integrity in the cloud system means preserving information integrity. The data should not be
lost or modified by unauthorized users.
Owing to the large quantity of entities and access points in a cloud environment, authorization is
crucial in assuring that only authorized entities can interact with data. By avoiding the unauthorized
access, organizations can achieve greater confidence in data integrity. The monitoring mechanisms
offer the greater visibility into determining who or what may have altered data or system
information, potentially affecting their integrity. Cloud computing providers are trusted to maintain
data integrity and accuracy. However, it is necessary to build the third party supervision mechanism
besides users and cloud service providers.
3. Data Confidentiality
Data confidentiality is important for users to store their private or confidential data in the cloud.
Authentication and access control strategies are used to ensure data confidentiality. The data
confidentiality, authentication, and access control issues in cloud computing could be addressed by
increasing the cloud reliability and trustworthiness.
Because the users do not trust the cloud providers and cloud storage service providers are virtually
impossible to eliminate potential insider threat, it is very dangerous for users to store their sensitive
data in cloud storage directly. Simple encryption is faced with the key management problem and
cannot support complex requirements such as query, parallel modification, and fine-grained
4. Data Availability
Data availability means the following: when accidents such as hard disk damage, IDC fire, and
network failures occur, the extent that user’s data can be used or recovered and how the users verify
their data by techniques rather than depending on the credit guarantee by the cloud service provider
The issue of storing data over the trans boarder servers is a serious concern of clients because the
cloud vendors are governed by the local laws and, therefore, the cloud clients should be cognizant
of those laws. Moreover, the cloud service provider should ensure the data security, particularly data
confidentiality and integrity. The cloud vendor should provide guarantees of data safety.
5. Data Privacy
Privacy is the ability of an individual to hide information about themselves and thereby reveal them
In the cloud, the privacy means when users visit the sensitive data, the cloud services can prevent
direct data leakage of the data.
Information privacy is the privacy of personal information and usually relates to personal data
stored on computer systems.
Data privacy is also known as Information privacy .
MEASURES TAKEN TO SECURE THE CLOUD
Encryption is usually used to ensure the confidentiality of data. It ensures the data security even in
the cloud storage. So the data uploaded and downloaded from the cloud can be secured by
encrypting the data from outside and then decrypted by the authenticated users.
However, the encryption system involves very complicated calculation, and the cost of computing
and storage is very high. This leads to the fact that the full encryption is still far from real
A cryptographic algorithm named Diffie-Hellman is proposed for secure communication ,which is
quite different to the key distribution management mechanism.
For more flexibility and enhanced security, a hybrid technique that combines multiple encryption
algorithms such as RSA, 3DES, and random number generator has been proposed. RSA is useful
for establishing secure communication connection through digital signature based authentication
while 3DES is particularly useful for encryption of block data. Besides, several encryption
algorithms for ensuring the security of user data in the cloud computing are discussed.
2. Encrypted Search and Database
Because the encryption algorithm is inefficient, researchers turn to study the applications of
encryption algorithm in the cloud environment. Encrypted search is a common operation.
Manivannan and Sujarani have proposed a lightweight mechanism for database encryption
known as transposition, substitution, folding, and shifting (TSFS) algorithm. However, as the
numbers of keys are increased, the amount of computations and processing also increases.
3. Distributive Storage
Distributive storage of data is also a promising approach in the cloud environment. The security
issues related to data privacy in the cloud computing including integrity of data, intrusion, and
availability of service in the cloud is very common nowadays. To ensure the data integrity, one
option could be to store data in multiple clouds or cloud databases. The data to be protected from
internal or external unauthorized access are divided into chunks and Shamir’s secret algorithm is
used to generate a polynomial function against each chunk. Ram and Sreenivaasan have proposed a
technique known as security as a service for securing cloud data.
4. Hybrid Technique
A hybrid technique is defined for data confidentiality and integrity , which uses both key sharing
and authentication techniques. The connectivity between the user and the service provider can be
made more secure by utilizing powerful key sharing and authentication processes. RSA public key
algorithm can be used for secure distribution of the keys between the user and cloud service
A three-layered data security technique is proposed :
The first layer is used for authenticity of the cloud user either by one factor or by two factor
The second layer encrypts the user’s data for ensuring protection and privacy;
The third layer does fast recovery of data through a speedy decryption process.
STEPS TAKEN FOR THE DATA AVAILABILTY
1. Reliable Storage Agreement
The most common abnormal behavior of untrusted storage is that the cloud service providers may
discard part of the user’s update data, which is hard to be checked by only depending on the simple
data encryption. Additionally, a good storage agreement needs to support concurrent modification
by multiple users.
SPORC implemented the safety and reliable real-time interaction of cloud information for multiple
users with the help of the trusted cloud environment, and untrusted cloud servers can only access
the encrypted data.
However, operation types supported by reliable storage protocol support are limited, and most of
the calculations can only occur in the client.
2. Reliability of Hard-Drive
Hard-drive is currently the main storage media in the cloud environment. Reliability of hard disks
formulates the foundation of cloud storage. Current SMART mechanism could not predict the error
rate of hard disks. Studies show the correlation between the soft error and hard error of hard disks,
and they also found that the soft error could not predict the hard errors of hard-drives precisely only
about 1/3 probability that hard errors follow the soft errors.
Cloud computing is a promising and emerging technology for the next generation of IT
applications. The barrier and hurdles toward the rapid growth of cloud computing are data security
and privacy issues. Reducing data storage and processing cost is a mandatory requirement of any
organization, while analysis of data and information is always the most important tasks in all the
organizations for decision making. So no organizations will transfer their data or information to the
cloud until the trust is built between the cloud service providers and consumers. A number of
techniques have been proposed by researchers for data protection and to attain highest level of data
security in the cloud. However, there are still many gaps to be filled by making these techniques
more effective. More work is required in the area of cloud computing to make it acceptable by the
cloud service consumers. This paper surveyed different techniques about data security and privacy,
focusing on the data storage and use in the cloud, for data protection in the cloud computing
environments to build trust between cloud service providers and consumers.