Abstract
Cloud services have gained popularity due to the number of advantages they provide to organizations and individuals such as reduced cost, better storage, and improved performance. However, a lot of organizations are still not willing to shift their traditional in-house services to the Cloud due to the various security implications. Many Cloud service users are worried about the security of their data and privacy being violated. There are many reported cases of Cloud service providers illegally collecting personal data of their customers, which has led to service providers being viewed with greater suspicion than before. To overcome this, Cloud service providers must ensure that they inform the users exactly about which data is being used and how it is used.
While it is the duty of the Cloud service provider to protect the data confidentiality and privacy of their customers, this should not be misunderstood or misused by customers to conduct illegal activities because Cloud service providers have to abide by the rules and regulations, including co-operating with law enforcement agencies if they need any particular customer’s data. In this paper, we research the main security aspects for ensuring data confidentiality and privacy.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Mell P, Grance T (2011) The NIST definition of cloud computing: recommendations of the national institute of standards and technology. NIST Special Publication 800-145
Shayan J, Azarnik A, Chuprat S, Karamizadeh S, Alizadeh M (2014) Identifying Benefits and risks associated with utilizing cloud computing. Int J Comput Softw Eng 3(3):1–6
Hashemi S (2013) Cloud computing technology: Security and trust challenges. Int J Secur Priv Trust Manage 2(5):1–7
Denworth J (2015) Adoption of cloud computing in the enterprise: the progress in 2015. http://betanews.com/2015/12/29/adoption-of-cloud-computing-in-the-enterprise-the-progress-in-2015. Accessed 12 Jan 2017
Giannakouris K, Smihily M (2016) Cloud computing - statistics on the use by enterprises. http://ec.europa.eu/eurostat/statistics-explained/index.php/Cloud\_computing\_-\_statistics\_on\_the\_use\_by\_enterprises. Accessed 18 Dec 2016
Singh I, Mishra KN, Alberti A, Singh D, Jara A (2015) A novel privacy and security framework for the cloud network services. In: 9th international conference on innovative mobile and internet services in ubiquitous computing, pp 301–305
Agrawal D, Abbadi AE, Shiyuan W (2013) Secure and privacy-preserving database services in the cloud. In: International conference on data engineering, pp 1268–1271
Abuhussein A, Bedi H, Shiva S (2012) Evaluating security and privacy in cloud computing services: a stakeholder’s perspective. In: International conference on internet technology and secured transactions, pp 388–395
Tari Z (2014) Security and privacy in cloud computing. IEEE Cloud Comput 1(1):54–57
Al-Jaberi MF, Zainal A (2014) Data integrity and privacy model in cloud computing. In: International symposium on biometrics and security technologies, pp 280–284 (2014)
Alouane M, El Bakkali H (2015) Security, privacy and trust in cloud computing: A comparative study, In: International conference on cloud technologies and applications, pp 1–8 (2015)
Xiang T, Bo A (2011) The issues of cloud computing security in high-speed railway. Electron Mech Eng Inf Technol 8:4358–4363
Ashktorab V, Taghizadeh SR (2012) Security threats and countermeasures in cloud computing. Int J Appl Innov Eng Manage 1(2):234–245
Subashini S, Kavitha V (2011) A survey on security issues in service delivery models of cloud computing. J Netw Comput Appl 34(1):1–11
Mukherjee K, Sahoo G (2012) A novel methodology for security and privacy of cloud computing and its use in e-Governance. In: World congress in information and communication technologies, pp 561–566
Yu S, Lou W, Ren K (2012) Data security in cloud computing. In: Das SK, Kant K, Zhang N (eds) Handbook on Securing Cyber-Physical Critical Infrastructure. Morgan Kaufmann, San Francisco
Pant VK, Prakash J, Asthana A (2015) Three step data security model for cloud computing based on RSA and steganography. In: Green computing and internet of things, pp 490–494
Bamiah M, Brohi S, Chuprat S, Brohi MN (2012) Cloud implementation security challenges, cloud computing technologies, In: International conference on applications and management, pp 174–178
Hamouda S (2012) Security and privacy in cloud computing. In: International conference on cloud computing technologies, applications and management, pp 241–245
Takabi H, Joshi JBD, Gail-Joon A (2010) Security and privacy challenges in Cloud computing environments. IEEE Secur Priv 8(6):24–31
NICCS (2016) A glossary of common cybersecurity terminology. https://niccs.us-cert.gov/glossary#confidentiality. Accessed 13 Jan 2017
Jian W, Yan Z, Shuo J, Jiajin L (2010) Providing privacy preserving in Cloud computing. In: International conference on human system interactions, pp 472–475
Lin QT, Wang CD, Pan J, Ling L, Lai JH (2015) Local data security and privacy protection in Cloud service applications. In: 9th international conference on frontier of computer science and technology, pp 254–258
Acquisti, A (2017) The economics of personal data and the economics of privacy. http://www.oecd.org/sti/ieconomy/46968784.pdf. Accessed 13 Jan 2017
Arora H (2017) Google to pay $17 million for unauthorized tracking of safari users. http://www.techspot.com/news/54731-google-to-pay-17-million-for-unauthorized-tracking-of-safari-users.html. Accessed 14 Jan 2017
Firstpost (2013) Privacy violation: google play store handing out user info to developers. http://m.tech.firstpost.com/news-analysis/privacy-violation-google-play-store-handing-out-user-info-to-developers-212914.html. Accessed 14 Jan 2017
Chen D, Zhao H (2012) Data security and privacy protection issues in cloud computing. Int Conf Comput Electr Eng 1:647–651
The New York Times (2013) Claims that google violates gmail user privacy. http://www.nytimes.com/interactive/2013/10/02/technology/google-email-case.html?_r=0. Accessed 13 Dec 2016
Will M, Ko R (2015) A guide to homomorphic encryption. In: The cloud security ecosystem: technical, legal, business and management issues, pp 1–34
Bleiberg S (2016) Cloud adoption and risk in healthcare. https://www.skyhighnetworks.com/cloud-security-blog/93-of-cloud-services-in-healthcare-are-medium-to-high-risk/. Accessed 13 Dec 2016
Chou TS (2013) Security threats on cloud computing vulnerabilities. Int J Comput Sci Inf Technol 5(3):79
Ashford W (2016) Cyber attacks move to cloud with increased adoption, report shows. http://www.computerweekly.com/news/2240219265/Cyber-attacks-move-to-cloud-with-adoption-report-shows. Accessed 13 Dec 2016
Pachal P (2016) Apple strengthens icloud security in wake of celeb nude photo hack. http://mashable.com/2014/09/16/apple-strengthens-icloud-security/#6GyDJNTV88qn. Accessed 15 Dec 2016
Rando N (2016) Cloud security breaches still the stuff of IT nightmares. http://searchcloudcomputing.techtarget.com/feature/Cloud-security-breaches-still-the-stuff-of-IT-nightmares. Accessed 15 Dec 2016
Imperva (2016) Imperva Hacker intelligence initiative uncovers new “Man in the Cloud” attacks that use popular file synchronization services. http://globenewswire.com/news-release/2015/08/05/757974/0/en/Imperva-Hacker-Intelligence-Initiative-Uncovers-New-Man-In-the-Cloud-Attacks-That-Use-Popular-File-Synchronization-Services.html. Accessed 12 Dec 2016
Singel R (2016) Encrypted email company Hushmail spills to Feds. http://www.wired.com/2007/11/encrypted-e-mail. Accessed 15 Dec 2016
Delamore B, Ko R (2015) Security as a service (SecaaS) - an overview. In: The cloud security ecosystem: technical, legal, business and management issues, pp 1–10
Maxwell W, Wolf C (2016) A global reality: governmental access to data in the cloud: a comparative analysis of ten international jurisdictions. http://www-05.ibm.com/ch/services/documents/sce/br-government-access-to-cloud-data.pdf. Accessed 8 Dec 2016
Rautela S, Negi A, Chaudhary P (2015) Data security and updation of data lifecycle in cloud computing using key-exchange algorithm. Int J Adv Res Comput Commun Eng 8:380–386
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Science+Business Media Singapore
About this paper
Cite this paper
Balasooriya L N, P., Wibowo, S., Wells, M. (2018). Data Security and Privacy on the Cloud: Driving to the Next Era of Technology with Confidence. In: Kim, K., Joukov, N. (eds) Mobile and Wireless Technologies 2017. ICMWT 2017. Lecture Notes in Electrical Engineering, vol 425. Springer, Singapore. https://doi.org/10.1007/978-981-10-5281-1_22
Download citation
DOI: https://doi.org/10.1007/978-981-10-5281-1_22
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-5280-4
Online ISBN: 978-981-10-5281-1
eBook Packages: EngineeringEngineering (R0)