Thông tin chung
  English
  Đề tài NC khoa học
  Bài báo, báo cáo khoa học
  Hướng dẫn Sau đại học
  Sách và giáo trình
  Các học phần và môn giảng dạy
  Giải thưởng khoa học, Phát minh, sáng chế
  Khen thưởng
  Thông tin khác
  Tài liệu tham khảo
  Hiệu chỉnh
 
Số người truy cập: 109,883,509

 A Systematic Analysis of CloudSecurity Challenges andMitigation Strategies in Modern Organizations
Tác giả hoặc Nhóm tác giả: Bui Minh Duc, Vo Hung Cuong
Nơi đăng: International Journal of Social Analytics; Số: Vol. 7 No. 12 (2022);Từ->đến trang: 11-25;Năm: 2022
Lĩnh vực: Khoa học; Loại: Bài báo khoa học; Thể loại: Quốc tế
TÓM TẮT
As organizations increasingly migrate to cloud-based systems, the security challenges inherent to these environments have become a growing concern. This research aims to systematically analyze key security issues affecting cloud computing, providing a comprehensive overview categorized into six primary domains: Data-related Issues, Access and Authentication Issues, Infrastructure and Platform Vulnerabilities, Attack and Malicious Activity, Provider-related Challenges, and Regulatory and Compliance Concerns.Data-related issues include unauthorized data breaches, accidental or malicious data loss, and vulnerabilities related to data transfer, often exacerbated by unencrypted connections. Access and Authentication Issues focus on the unauthorized use of accounts through hijacking, insider threats emanating from malicious employees, and exposure due to misconfiguration of cloud resources. Infrastructure and Platform Vulnerabilities involve risks such as insecure Application Programming Interfaces (APIs), vulnerabilities in shared technologies like hypervisors, and multi-tenancy risks arising from the cohabitation of multiple clients on the same infrastructure. The category of Attack and Malicious Activity involves Denial of Service (DoS) attacks that aim to make resources unavailable and the abuse of cloud services for malicious activities, like deploying botnets. Provider-related Challenges encapsulate the limited control and flexibility that clients have over their cloud environments, alongside a general lack of transparency regarding a provider's security operations. Additionally, vendor lock-in presents its own set of challenges, making it cumbersome for organizations to switch providers or migrate data. Lastly, Regulatory and Compliance Concerns focus on the difficulties organizations face in adhering to regional and industry-specific regulations while using cloud services. Tailored controls and measures should be implemented to mitigate these risks effectively, requiring an in-depth understanding of the intricacies involved in each domain. This research aims to serve as a resource for organizations to develop robust cloud security strategies
ABSTRACT
As organizations increasingly migrate to cloud-based systems, the security challenges inherent to these environments have become a growing concern. This research aims to systematically analyze key security issues affecting cloud computing, providing a comprehensive overview categorized into six primary domains: Data-related Issues, Access and Authentication Issues, Infrastructure and Platform Vulnerabilities, Attack and Malicious Activity, Provider-related Challenges, and Regulatory and Compliance Concerns.Data-related issues include unauthorized data breaches, accidental or malicious data loss, and vulnerabilities related to data transfer, often exacerbated by unencrypted connections. Access and Authentication Issues focus on the unauthorized use of accounts through hijacking, insider threats emanating from malicious employees, and exposure due to misconfiguration of cloud resources. Infrastructure and Platform Vulnerabilities involve risks such as insecure Application Programming Interfaces (APIs), vulnerabilities in shared technologies like hypervisors, and multi-tenancy risks arising from the cohabitation of multiple clients on the same infrastructure. The category of Attack and Malicious Activity involves Denial of Service (DoS) attacks that aim to make resources unavailable and the abuse of cloud services for malicious activities, like deploying botnets. Provider-related Challenges encapsulate the limited control and flexibility that clients have over their cloud environments, alongside a general lack of transparency regarding a provider's security operations. Additionally, vendor lock-in presents its own set of challenges, making it cumbersome for organizations to switch providers or migrate data. Lastly, Regulatory and Compliance Concerns focus on the difficulties organizations face in adhering to regional and industry-specific regulations while using cloud services. Tailored controls and measures should be implemented to mitigate these risks effectively, requiring an in-depth understanding of the intricacies involved in each domain. This research aims to serve as a resource for organizations to develop robust cloud security strategies
© Đại học Đà Nẵng
 
 
Địa chỉ: 41 Lê Duẩn Thành phố Đà Nẵng
Điện thoại: (84) 0236 3822 041 ; Email: dhdn@ac.udn.vn