Department: ICT

Cloud Computing and Security

Name: Shishay Hadush

ID : MTR/718/13

Course name : Information System Security

Instructor Name : DR. BIRKINESH

Review of "Cloud Computing and Security"

Authors: Mansoor Bigdeloo, Mostafa Ramezani, Abolfazl Rafat

Published in: Indonesian Journal of Innovation and Applied Sciences (IJIAS), Volume 2 Issue
2, June 2022
DOI: 10.47540/ijias.v2i2.518

1. Introduction

In their article "Cloud Computing and Security," Mansoor Bigdeloo, Mostafa Ramezani, and
Abolfazl Rafat discuss the emergence of cloud computing as a transformative innovation in the
IT industry, enabling organizations to efficiently manage resources and data through the
Internet[1][2] It highlights the five essential features of cloud computing, including self-service,
network-wide access, resource pooling, rapid elasticity, and measured service, which collectively
enhance user experience and operational efficiency[3]. The study emphasizes the critical security
vulnerabilities associated with cloud computing, such as privileged user access management,
regulatory compliance, and data protection, which require urgent attention from
organizations[4][5]. It also addresses the challenges of data location and segregation, which can
impact user privacy and security, particularly in multi-tenant environments[4][6] The article
concludes by recommending that organizations assess their capabilities and risks related to cloud
security, ensuring that they implement robust measures to protect sensitive data[5].

2. Summary of the Article

The paper reviews 28 research articles on cloud storage challenges and solutions from the past
five years, focusing on security concerns. It uses the CIA triad (Confidentiality, Integrity,
Availability) to categorize challenges and employs a rigorous screening process for relevant
studies[1][2][3]. Results are presented in a table mapping challenges to the CIA triad. The paper
discusses innovative solutions like encryption and access control, emphasizing the need for a
"privacy by design" approach to enhance security in cloud services[1][2][3].

3. Critique

3.1 Strengths of the Article

The article systematically reviews 28 papers, analyzing cloud storage challenges and solutions
from the last five years, enhancing understanding of the cloud security landscape[1][2]. It uses
the CIA triad (Confidentiality, Integrity, Availability) to categorize issues, ensuring a structured
analysis[3]. The inclusion criteria boost reliability by focusing on relevant studies, while various
innovative solutions highlight diverse approaches to cloud security, inspiring further
research[1][2]. By emphasizing recent publications, the article reflects current trends in cloud
storage security, making it a valuable resource for researchers and practitioners.

3.2 Weaknesses of the Article

The article primarily emphasizes the CIA triad, potentially overlooking critical aspects of cloud security,
such as regulatory compliance and user behavior[1][2]. While the systematic review is thorough, it may
miss emerging trends and technologies in cloud security, resulting in gaps in the findings[4][3]. Some
proposed solutions require significant computational resources, making them impractical for smaller
organizations with limited infrastructure[1][2]. The article insufficiently addresses insider threats and user
behavior, which can significantly compromise cloud security[4][3]. Finally, there is a lack of critical
evaluation regarding the effectiveness of the identified solutions in real-world scenarios, which is
essential for understanding their practical applicability[1][2].

4. Summary

Cloud computing has emerged as a significant topic in modern computing, enhancing efficiency
by centralizing resources and eliminating the need for hardware installation and management.
Key models include Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and
Software as a Service (SaaS). Additionally, cloud computing supports scientific applications and
high-performance computing.

5. Conclusion

41% percent of commercial entities leverage public clouds for substantial workloads. However,
security concerns are hindering cloud deployment, even as IT budgets for cloud solutions
continue to rise. Key challenges include a shortage of skilled resources, varying maturity levels,
and complex commercial structures. This document reviews security vulnerabilities and potential
solutions in cloud computing. Urgent considerations involve privileged user access, regulatory
compliance, and data protection. Assessments should evaluate organizational capabilities,
technology risks, and policy-related risks.

References

1. ISO/IEC 22123-1:2023(E) - Information technology - Cloud computing - Part 1:

Vocabulary. International Organization for Standardization. 2023.
2. https://www.sciencedirect.com/science/article/abs/pii/S0167739X11000689
3. https://cloudsecurityalliance.org/research/guidance#
4. Edwards, J. (2016). Cloud computing services: Professional obligations and ethics.
Brief, 43(3), 32-34.
5. Schintler, L. A., & McNeely, C. L. (2017). Cloud Services. Springer International
Publishing, pp. 1-4.
6. Khanna, L., & Jaiswal, A. (2013). Cloud Computing: Security Issues and Description
of Encryption Based Algorithms to Overcome Them. IJARCSSE