Cloud Computing Security Challenges & Solutions-A Survey Srijita Basu Department of Computer Science & Engineering. IEM Institute of Engg. & Management Kolkata, India srijita.basu202@gmail.com Arjun Bardhan, Koyal Gupta,Payel Saha, Mahasweta Pal,Manjima Bose, Kaushik Basu,Saunak Chaudhury, Pritika Sarkar Department of Computer Science & Engg & IT Institute of Engg. & Management Kolkata, India {bardhan.arjun, koyal.gupta1107}@gmail.com Abstract— Cloud Computing and its’ related security issues as well as countermeasures are one of the highly debated topics in today’s research field. Though, various surveys regarding Cloud security are already prevalent, there remains a certain gap between the proper mapping of these issues to their corresponding solutions. Some surveys present the Virtualization issues and solutions while other deal with the access control mechanisms, but what lacks is a common framework that would at the same time generalize the concept of cloud security as well as intricately analyze its’ specific requirements. Moreover, countermeasures that are provided in a survey must clearly depict the issue that it is handling. Keeping all these factors in mind this survey paper has been designed so as to cover the necessary areas with a proper interconnection between them and lastly discuss a set of open problems in this domain. Keywords—: Cloud computing, Virtualization, Data security I. INTRODUCTION Cloud reflects the concept of a distributed system comprising of a group of virtual machines that can be dynamically provisioned to meet the varying resource requirements of a customer [1] and the entire base of this Cloud-Customer relationship is governed by the SLA (Service Level Agreement). The National Institute of Standards and Technology (NIST) defines Cloud as a model that enables convenient on-demand network access to a shared pool of configurable computing resource e.g. network, storage, hardware, applications, etc. that can be rapidly allocated, scaled as well as released with minimum management effort or service provider intervention[2]. Cloud relieves the user of the overhead of physical installation and maintenance of her system, which automatically reduces the overall cost and enhances the system efficiency. Embracement of Cloud based services results in introduction of an abstraction layer between the physical storage or servers and the user whose data or services are being processed in the Cloud. The present scenario is such that the Cloud consumer who can be the data or service owner has to rely completely on the Cloud Service Provider (CSP) for the privacy and security of her information. The notion of mutual trust is achieved to some extent by negotiating the SLA but still a good number of cloud specific security issues become inevitable that need to be handled by either the CSP or the user itself. Data holds the topmost position when it comes to IT security concerns, irrespective of the infrastructure being used. Cloud Computing is no exception to this, moreover it focuses on added security concerns because of its distributed nature and multi-tenant architecture. The data life cycle comprises its generation, storage, usage, distribution and destruction. Each CSP should support all these phases in the data life cycle with appropriate security mechanisms [3]. For example, if the web application (shared application) is insecurely programmed, a customer could possibly use an SQL injection [4] to gain unauthorized access to another customer’s data, and delete or manipulate it. To prevent this, appropriate security measures must be implemented. The phenomenon of data deletion is again somewhat crucial in the cloud and therefore should be handled carefully by the CSP to ensure permanent and complete destruction of data on a client’s request. Moreover, the data backups (scope, saving intervals, saving times, storage duration, etc.) used to avoid data losses should be transparent and auditable for the customers. All these issues and several others need to be taken care of while using a cloud service Virtualization plays another important role in cloud computing since it allows for the appropriate degree of customization, security, isolation, and manageability that are fundamental for delivering IT services on demand. IaaS (discussed in later section) is based on the concept of hardware virtualization whereas programming level virtualization contributes for the PaaS (discussed in later section) offerings. With virtualization, comes the concept of Server Consolidation, which enables sharing of resources of a single physical server by a number of applications or services simultaneously without interfering, or even revealing it to the client applications. Thus, it is quite clear from the discussions so far that Virtual Machines construct the entire back-end for Cloud based services. At the same time it induces certain threats for the Cloud. It opens the door to a new and unexpected form of phishing. The capability of emulating a host in a completely transparent manner may led to extraction of sensitive information from the guest by malicious programs. 978-1-5386-4649-6/18/$31.00 ©2018 IEEE 347