Home
Giới thiệu
Tài khoản
Đăng nhập
Quên mật khẩu
Đổi mật khẩu
Đăng ký tạo tài khoản
Liệt kê
Công trình khoa học
Bài báo trong nước
Bài báo quốc tế
Sách và giáo trình
Thống kê
Công trình khoa học
Bài báo khoa học
Sách và giáo trình
Giáo sư
Phó giáo sư
Tiến sĩ
Thạc sĩ
Lĩnh vực nghiên cứu
Tìm kiếm
Cá nhân
Nội dung
Góp ý
Hiệu chỉnh lý lịch
Thông tin chung
English
Đề tài NC khoa học
Bài báo, báo cáo khoa học
Hướng dẫn Sau đại học
Sách và giáo trình
Các học phần và môn giảng dạy
Giải thưởng khoa học, Phát minh, sáng chế
Khen thưởng
Thông tin khác
Tài liệu tham khảo
Hiệu chỉnh
Số người truy cập: 109,883,509
A Systematic Analysis of CloudSecurity Challenges andMitigation Strategies in Modern Organizations
Tác giả hoặc Nhóm tác giả:
Bui Minh Duc, Vo Hung Cuong
Nơi đăng:
International Journal of Social Analytics;
S
ố:
Vol. 7 No. 12 (2022);
Từ->đến trang
: 11-25;
Năm:
2022
Lĩnh vực:
Khoa học;
Loại:
Bài báo khoa học;
Thể loại:
Quốc tế
TÓM TẮT
As organizations increasingly migrate to cloud-based systems, the security challenges inherent to these environments have become a growing concern. This research aims to systematically analyze key security issues affecting cloud computing, providing a comprehensive overview categorized into six primary domains: Data-related Issues, Access and Authentication Issues, Infrastructure and Platform Vulnerabilities, Attack and Malicious Activity, Provider-related Challenges, and Regulatory and Compliance Concerns.Data-related issues include unauthorized data breaches, accidental or malicious data loss, and vulnerabilities related to data transfer, often exacerbated by unencrypted connections. Access and Authentication Issues focus on the unauthorized use of accounts through hijacking, insider threats emanating from malicious employees, and exposure due to misconfiguration of cloud resources. Infrastructure and Platform Vulnerabilities involve risks such as insecure Application Programming Interfaces (APIs), vulnerabilities in shared technologies like hypervisors, and multi-tenancy risks arising from the cohabitation of multiple clients on the same infrastructure. The category of Attack and Malicious Activity involves Denial of Service (DoS) attacks that aim to make resources unavailable and the abuse of cloud services for malicious activities, like deploying botnets. Provider-related Challenges encapsulate the limited control and flexibility that clients have over their cloud environments, alongside a general lack of transparency regarding a provider's security operations. Additionally, vendor lock-in presents its own set of challenges, making it cumbersome for organizations to switch providers or migrate data. Lastly, Regulatory and Compliance Concerns focus on the difficulties organizations face in adhering to regional and industry-specific regulations while using cloud services. Tailored controls and measures should be implemented to mitigate these risks effectively, requiring an in-depth understanding of the intricacies involved in each domain. This research aims to serve as a resource for organizations to develop robust cloud security strategies
ABSTRACT
As organizations increasingly migrate to cloud-based systems, the security challenges inherent to these environments have become a growing concern. This research aims to systematically analyze key security issues affecting cloud computing, providing a comprehensive overview categorized into six primary domains: Data-related Issues, Access and Authentication Issues, Infrastructure and Platform Vulnerabilities, Attack and Malicious Activity, Provider-related Challenges, and Regulatory and Compliance Concerns.Data-related issues include unauthorized data breaches, accidental or malicious data loss, and vulnerabilities related to data transfer, often exacerbated by unencrypted connections. Access and Authentication Issues focus on the unauthorized use of accounts through hijacking, insider threats emanating from malicious employees, and exposure due to misconfiguration of cloud resources. Infrastructure and Platform Vulnerabilities involve risks such as insecure Application Programming Interfaces (APIs), vulnerabilities in shared technologies like hypervisors, and multi-tenancy risks arising from the cohabitation of multiple clients on the same infrastructure. The category of Attack and Malicious Activity involves Denial of Service (DoS) attacks that aim to make resources unavailable and the abuse of cloud services for malicious activities, like deploying botnets. Provider-related Challenges encapsulate the limited control and flexibility that clients have over their cloud environments, alongside a general lack of transparency regarding a provider's security operations. Additionally, vendor lock-in presents its own set of challenges, making it cumbersome for organizations to switch providers or migrate data. Lastly, Regulatory and Compliance Concerns focus on the difficulties organizations face in adhering to regional and industry-specific regulations while using cloud services. Tailored controls and measures should be implemented to mitigate these risks effectively, requiring an in-depth understanding of the intricacies involved in each domain. This research aims to serve as a resource for organizations to develop robust cloud security strategies
© Đại học Đà Nẵng
Địa chỉ: 41 Lê Duẩn Thành phố Đà Nẵng
Điện thoại: (84) 0236 3822 041 ; Email: dhdn@ac.udn.vn