Next Article in Journal
A Scalable and Highly Configurable Cache-Aware Hybrid Flash Translation Layer
Previous Article in Journal
Exploring Graphics Processing Unit (GPU) Resource Sharing Efficiency for High Performance Computing
Computers 2014, 3(1), 1-35; doi:10.3390/computers3010001

Cloud Computing Security: A Survey

1,* , 2
1 Qatar Computing Research Institute (QCRI), Qatar Foundation, Doha, Qatar 2 Department of Electrical and Computer Engineering, Newark College of Engineering, New Jersey Institute of Technology, University Heights, Newark, NJ 07102, USA 3 College of Information Technology, United Arab Emirates University, PO Box 15551, Al Ain, United Arab Emirates
* Author to whom correspondence should be addressed.
Received: 5 September 2013 / Revised: 14 November 2013 / Accepted: 27 January 2014 / Published: 3 February 2014
View Full-Text   |   Download PDF [478 KB, 9 February 2014; original version 3 February 2014]   |   Browse Figures


Cloud computing is an emerging technology paradigm that migrates current technological and computing concepts into utility-like solutions similar to electricity and water systems. Clouds bring out a wide range of benefits including configurable computing resources, economic savings, and service flexibility. However, security and privacy concerns are shown to be the primary obstacles to a wide adoption of clouds. The new concepts that clouds introduce, such as multi-tenancy, resource sharing and outsourcing, create new challenges to the security community. Addressing these challenges requires, in addition to the ability to cultivate and tune the security measures developed for traditional computing systems, proposing new security policies, models, and protocols to address the unique cloud security challenges. In this work, we provide a comprehensive study of cloud computing security and privacy concerns. We identify cloud vulnerabilities, classify known security threats and attacks, and present the state-of-the-art practices to control the vulnerabilities, neutralize the threats, and calibrate the attacks. Additionally, we investigate and identify the limitations of the current solutions and provide insights of the future security perspectives. Finally, we provide a cloud security framework in which we present the various lines of defense and identify the dependency levels among them. We identify 28 cloud security threats which we classify into five categories. We also present nine general cloud attacks along with various attack incidents, and provide effectiveness analysis of the proposed countermeasures.
Keywords: cloud computing; cloud security; security vulnerabilities; threats; attacks; insider attackers cloud computing; cloud security; security vulnerabilities; threats; attacks; insider attackers
This is an open access article distributed under the Creative Commons Attribution License (CC BY) which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Share & Cite This Article

Further Mendeley | CiteULike
Export to BibTeX |
EndNote |
MDPI and ACS Style

Khalil, I.M.; Khreishah, A.; Azeem, M. Cloud Computing Security: A Survey. Computers 2014, 3, 1-35.

View more citation formats

Related Articles

Article Metrics


[Return to top]
Computers EISSN 2073-431X Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert