Cloud computing has revolutionized the management of technological resources by providing scalable, accessible, and cost-effective services. However, this paradigm faces significant challenges in ensuring data security and privacy. Among the most critical threats are vulnerabilities in application programming interfaces (APIs), unintended data exposure, code injection attacks, and denial-of-service (DoS) events. This paper reviews existing challenges and proposes solutions ranging from enhanced API security to advanced encryption techniques (including homomorphic and DNA-based encryption), robust access control mechanisms, and comprehensive disaster recovery strategies. The discussion encompasses various cloud service models (IaaS, PaaS, SaaS) and deployment architectures (public, private, hybrid, and community), ending with recommendations for future research to develop more integrated security frameworks for cloud environments.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Securing Cloud Infrastructure: Challenges and Solutions

  • Raúl Lozada-Yánez,
  • Washington Luna-Encalada,
  • Nayely Ocaña-Yanza,
  • Marilyn Lopez-Lopez,
  • Jhon Troya-Cuestas

摘要

Cloud computing has revolutionized the management of technological resources by providing scalable, accessible, and cost-effective services. However, this paradigm faces significant challenges in ensuring data security and privacy. Among the most critical threats are vulnerabilities in application programming interfaces (APIs), unintended data exposure, code injection attacks, and denial-of-service (DoS) events. This paper reviews existing challenges and proposes solutions ranging from enhanced API security to advanced encryption techniques (including homomorphic and DNA-based encryption), robust access control mechanisms, and comprehensive disaster recovery strategies. The discussion encompasses various cloud service models (IaaS, PaaS, SaaS) and deployment architectures (public, private, hybrid, and community), ending with recommendations for future research to develop more integrated security frameworks for cloud environments.