Chapter-research

Chapter Two: Literature Review

Student's Name

Name of the Institution

Course Number and Name

Professor

Due Date

Privacy Issues in Multi-Tenant Cloud Computing

Chapter Two: Literature Review

Introduction

A multitenant cloud is a cloud computing architecture that allows customers to share computing resources in a public or private cloud. Multitenant involves different cloud computing clients using or transferring a single computing infrastructure. This arrangement exposes the clients who have agreed to various privacy issues relating to their data and information stored in the cloud (Al-Ruithe et al., 2018). Evidence indicates that some of the privacy issues involved in multitenant cloud computing include data leakage, data breach, and exposure of the private data relating to clients involved in the agreement. As the number of people using cloud computing balloon, privacy issues are becoming a significant problem for many consumers who use the same cloud computing architecture in a private or public setting. It is essential to define what multitenant cloud entails before developing a clear concept or problem that can be investigated. According to Park et al. (2018), "A multitenant cloud is a cloud computing architecture that allows customers to share computing resources in a public or private cloud" (Park et al., 2018). Each tenant's data must be isolated in this cloud computing arrangement and cannot be accessed or seen by the partner tenant. However, the recent growth in technology has made data privacy in cloud computing challenges, posing a big problem to cloud computing providers.

The theoretical foundation for the current privacy issues in multitenant cloud computing is drawn from the study done by Park et al. (2018). According to Park et al. (2018), the most significant privacy issue in multitenant cloud computing is the lack of configurability. Configurability poses a colossal privacy issue in this infrastructure because the tenants have to share the same configuration. However, there is little evidence to provide this theory, and this study will play a significant role in contributing to this theoretical framework (Meng et al., 2021). The purpose of the current study is to investigate privacy and confidentiality issues in multi-tenancy cloud computing. Specifically, in this chapter, studies that have been done in the last five years focusing on this topic will be reviewed through a professional literature review.

Chapter Outline

The current chapter will be structured using headings and subheadings to ensure that each aspect is captured during the literature review. The study will be structured in 12 different sections, of which some may have sub-sections. The twelve sections in the current chapter will include introduction, chapter outline, search strategy, introduction to cloud computing, multi-tenancy cloud computing, and cloud computing deployment models. The other sections will consist of cloud computing service models, multi-tenancy characteristics and architecture, privacy issues in multi-tenancy cloud computing, solution models to the challenges, contributions to the study, and a chapter summary.

Search Strategy

The purpose of the current study is to investigate privacy and confidentiality concerns in multi-tenancy cloud computing. The present chapter focused on reviewing the studies that have been done in the past few years on this topic. To achieve the chapter's goals, inclusion and exclusion criteria were developed based on the year of the study publication and the relevancy of the findings to this study. Only articles that had been published between 2017 to date were selected for review in this study. All the identified articles came from reliable peer-reviewed journals such as the Journal of Cloud Computing: Advances, Systems and Applications (JoCCASA), government institutions, computer engineering professional association publications, symposiums, and whitepapers from the relevant field. Google search was undertaken to access the articles in which keywords such as cloud computing, multi-tenancy, and privacy in multi-tenancy were used.

Introduction to Cloud Computing

Al-Ruithe, Benkhelifa, and Hameed (2018) noted that there had been a considerable surge in the adoption of cloud computing services in the last few years and the trend is likely to upsurge further as organizations continue to realize the benefits of the concept. According to the industry forecasters, the cloud-computing market will likely generate $241 billion in revenue by 2020 compared to the estimated $185 billion. The range of the benefits that are offered by the use of cloud computing and the constant maturity of the concept from an organizational perspective and the vendors is one of the reasons why the concept will increase in popularity not only in data storage but in other parts of organizational management (Barona & Anita, 2017, April). Most organizations and enterprises are using cloud-computing technology because they have realized that it accelerates the business processes by allowing them to enhance their agility and flexibility, which reduces costs that organizations incur (Meng et al., 2021). Cloud computing as a concept can be defined as a technology model designed to enable organizations to access ubiquitous, on-demand, and convenient networks to the shared configurable resources configured. By design, cloud computing platforms are described by five main characteristics that include the following.

Cloud computing provides on-demand self-service, which are unilateral computing services to organizations and end-users. Provide broad network access capabilities, accessed through the clients' platforms, ranging from desktops to mobile phones and tablets. Alsmadi et al. (2018) revealed that the platform providers have access to a pool of resources, serving many customers using different tenant models, which assigns resources based on customer demands. They provided elastic capabilities designed to be rapid and are released based on the customers' scalabilities. They can provide measured services to ensure that the services provided match the client's scalability and are monitored, controlled, and reported as one-way of ensuring transparency to the vendor and the client.

As much as the five mentioned features of cloud computing describe the significant attributes of cloud computing, there are different techniques that the end-users use to access cloud computing infrastructures. Marinescu (2017) noted that the decision to pick the most appropriate technique would depend on many factors, including the volume of data managed, sensitive data, and data confidentiality. Some organizations that operate in regulated industries may find it easy to identify the type of cloud computing infrastructure with the features they want because of the commercially available recommendations. However, such organizations still have to task their information technology teams to perform due diligence on potential providers to determine the best cloud computing infrastructure that meets the organization's needs (Barona & Anita, 2017, April). However, the characters mentioned in this area must be considered. Four main types of cloud computing include hybrid, public, private, and community cloud computing.

Cloud Computing Deployment Models

Cloud deployment models are classified or described based on how the cloud platform is implemented, who has access to it, and is hosted. According to the findings of a study that was done by Smallwood (2019), "All cloud computing deployments operate on the same principle by virtualizing the computing power of servers into segmented, software-driven applications that provide processing and storage capabilities" (Smallwood, 2019). There are four cloud computing deployment models and are discussed below.

Private Cloud Deployment Model

In many instances, a private cloud model is hosted behind a firewall and can be utilized by a single organization or a group of organizations that share the same model. Shaikh and Iyer. (2018, August) Note that private could models are becoming popular today because they allow the organizations or users to exhibit a high level of confidentiality. It is relevant for organizations that operate in industries with increased regulatory requirements. The commonly known colocation providers provide this type of cloud model. Authorized private cloud users can access, utilize and process data in the private cloud from anywhere, just like they could do with public and other cloud models (Barona & Anita, 2017, April). Evidence indicates that some of the privacy issues involved in multitenant cloud computing include data leakage, data breach, and exposure of the private data relating to clients involved in the agreement. As the number of people using cloud computing balloon, privacy issues are becoming a significant problem for many consumers who use the same cloud computing architecture in a private or public setting. It is essential to define what multitenant cloud entails before developing a clear concept or problem that can be investigated.

The difference between the private cloud computing platform and the public deployment is that access is limited to the authorized persons alone, unlike in the public deployment model. Private cloud model, which is designed to provide clouding services to a single organization. Shaikh and Iyer. (2018, August) argued that the provider both hosts this type of platform on the premise of and might be owned by the organization, the provider's client, or the third-party, which may be the vendor. Tight confidentiality and data privacy are one of the main benefits of these deployment models. However, as Guerbouj et al. (2019) noted, its main shortcoming is that it is expensive to deploy because the company that owns it has to cater to the software and infrastructure that support the model, making it expensive to install.

Public Cloud Deployment Model

Unlike the private cloud platforms, public cloud deployment models are designed to be shared by many organizations willing to outsource their cloud computing services. These cloud computing models include those offered by Amazon, Google, and Microsoft, among other entities that offer cloud computing services. Public organizations provide the software and the infrastructure that support the cloud computing services that the clients share. This type of cloud computing model is characterized by high scalability because of the enormous storage volume or space. This model is mainly consumed by the organizations involved in collaborative projects because of their flexibility, and different organizations can access them. According to Baig (2021), the public cloud model is another form of a model designed to be accessed by the public. The government organization, a single business, academic, or a partnership of the two public cloud models can form this model. This type of cloud computing model is hosted at the premises of the service provider. Many organizations that offer public computing services offer the resources in packages as part of the services. Stergiou et al. (2018) noted that "Public cloud examples range from access to a completely virtualized infrastructure that provides little more than raw processing power and storage (Infrastructure as a Service, or IaaS) to specialized software programs that are easy to implement and use (Software as a Service, or SaaS)," (Stergiou et al., 2018). There are several factors that prompt cloud computing users to adopt the public cloud deployment model. One is that it is cheap to install since the organization must install no software and infrastructures. However, the main shortcoming of the model is that the confidentiality and privacy of the data can be compromised.

Community Cloud Deployment Model

The community cloud deployment model is not commonly utilized as compared to the other three types of platforms. Al-Ruithe et al. (2018) noted that community cloud computing platform is highly collaborative and are utilized in many multi-tenancy arrangements. The model is designed to allow cloud computing clients to share the applications. According to Venkatesh and Eastaff (2018), many community cloud computing model consumers are in the same industry, field, practice, or share exact compliance requirements, confidentiality concerns, and performance needs. The other form of cloud computing model is the community cloud model. This model is designed to be accessed and used by a specified community of end-users from identified organizations. Studies have defined the community cloud model differently based on the perceptions of the scholars. El-Zoghby and Azer (2017, December) noted that cloud computing is a private cloud model that functions as a public model. The service may be owned, operated, or managed by one or more organizations included in the community, a third party, or a partnership. The service may be hosted on or off the premises (Xue et al., 2018). The community cloud computing platform users are segmented on their service needs and are common in healthcare, banking and finance, government agencies, and non-profit organizations.

Hybrid Cloud Deployment Model

The last and final form of the model is the hybrid model, which combines two or more models. This model combines private and public models to form a single and more compelling cloud computing deployment model. The model is designed to enable seamless interaction between the public and private data and applications from one model to another. According to Azeez et al. (2019), the decision to adopt a hybrid deployment model depends on the industry's size and nature. Many large organizations with multiple branches have favored this type of cloud computing service. Hybrid cloud models are grouped into two categories: cloudbursting that uses a private model as a primary cloud, application, and storage. The hybrid cloud model also runs most applications and houses data in a private cloud environment but outsources non-critical applications to a public cloud provider. This form of cloud computing model is in the form of an application (Azeez et al., 2019). For instance, this model form can be formed through a combination of the private and public models infused on specific technology formations. The benefits of the hybrid cloud deployment model are overwhelming and include privacy and confidentiality of the data and the cost-effectiveness of installing the services.

Figure 1: Cloud Computing Deployment Models

Multi-Tenancy Cloud Computing

Several scholars have directed their interests and energy in investigating multi-tenancy in cloud computing today. There are a plethora of studies that have been published focusing on the issues around multi-tenancy cloud. According to Gupta et al. (2018), data privacy concerns and confidentiality have been the primary issues bedeviling and limiting the concept of multi-tenancy cloud computing. Evidence suggests that organizations and individuals consuming cloud computing services need to be concerned with the privacy and confidentiality of their information stored in the cloud. Multi-tenancy is defined differently. However, many scholars have agreed that the sharing of resources in cloud computing facilitates the community cloud deployment model. Ghorbel et al. (2017) noted that although the users of multi-tenancy cloud computing services enjoy many benefits, they are also faced with integrity and confidentially risks. To better understand privacy issues in multi-tenancy cloud services, exploring what constitutes a multi-tenancy cloud is imperative.

Many organizations and individuals have adopted the multi-tenancy cloud because of its economic benefits from sharing and virtualization of computing resources. Hathaliya and Tanwar (2020) noted that "Multi-Tenancy implies different meanings from different points of view and services. In SaaS, Multi-Tenancy implies; when two or more users use the same software or application that is provided by the Cloud Service Provider irrespective of the resources" (Sahmim & Gharsellaoui, 2017). Similarly, multi-tenancy occurs differently in the case of PaaS. In PaaS, multi-tenancy is only achieved when different clients share a platform or VM. This is different for IaaS, where multi-tenancy occurs when different platforms that belong to different users share the same cloud resources. The idea of multi-tenancy explains the significance of sharing resources as SaaS by the clients and reducing cloud computing costs. However, it is interesting to note that using multi-tenancy cloud computing can apply different techniques to attain their multi-tenancy needs.

In this cloud computing arrangement, the service consumers are known as tenants who choose and subscribe to a package that they feel can satisfy their computing needs. This can be done in all cloud computing service models that include IaaS, PaaS, and IaaS. However, Stergiou and Psannis (2017) noted that SaaS is the best platform for multi-tenancy because it allows the clients to own, maintain, and host software and infrastructure applications of the service provider. In many ways, the application level of multi-tenancy is compared to SaaS. It includes a structure and design that enable many clients to host through a single application or server. Maliszewski et al. (2018, July) noted that many of the prevailing multitenant models are not flexible apart from the operational and maintenance costs benefits and the multiple software types it provides to the users. Many of the available multi-tenancy applications are designed to align with SaaS applications that enable many different consumers with different computing needs to share the same software, the infrastructure of applications (Stergiou & Psannis, 2017). One of the main features of multi-tenancy is that the applications are designed more flexibly, allowing each client to customize it to meet their cloud computing requirements, needs, and demands. Similarly, it is predictable in terms of use, and therefore, consumers are allowed to pay for what they have consumed at the end of the month.

Although multi-tenancy is highly associated with SaaS, it can also be supported by PaaS to a certain level. Sahmim and Gharsellaoui (2017) noted that PaaS platforms support multi-tenancy in designing and developing applications. However, many PaaS platforms do not have the features that support tenant customization, as are SaaS and IaaS to a certain extend. Chenthara et al. (2019) noted that "The mechanism of multi-tenancy provides application data partitioned between tenants, including the ability to offer a unique namespace string ID for each tenant supported by various vendors of multi-tenancy services, such as data isolation, data store, and caching service," (Chenthara et al., (2019). Finally, Kumar et al. (2017) revealed that the main benefits of multi-tenancy are reducing computing costs and enhancing resource sharing among cloud computing clients with similar needs. However, the drawbacks of the concept are also far-reaching. They are in many cases related to scalability of the services, privacy of the data due to confidentiality and integrity risks, and high risks of data leakage since the applications are shared. These issues compromise the confidentiality of data in multi-tenancy, limiting its use or adoption by cloud computing clients.

Cloud Computing Service Models

There are three types of cloud computing service categories categorized as a platform, services, and applications. The categories include Software-as-a-service (SaaS), Platform-as-a-service (PaaS) and Infrastructure-as-a-service (IaaS) (Marinescu, 2017). These are the types that the cloud computing team must understand when evaluating cloud service-providing vendors to ensure that the needs of the organizations are met. Many service providers are flooding the cloud computing market, but some do not have the knowledge that may be required to serve sensitive organizations. Available evidence indicates that cloud computing teams should not just consider the hypes in the market since no one platform can meet the requirements of the organization's networking (Ma et al., 2018). The team should perceive cloud computing as a logical evolution of utility networking to enrich themselves on how the preferred platforms will secure the organizational data and networking services.

Software as a Service

Under the Software as a Service, the service provider provides application software as an on-demand service. Consumers using this platform may acquire application software from different providers or vendors, which increases the flexibility of the infrastructure and software supporting customization of the platform in the process. This is a platform that highly supports multi-tenancy because of the minimized privacy issues associated with the platform. Although getting the applications from different providers is an advantage in this platform, it is also a considerable risk to the privacy and confidentiality of the data. This is because it becomes challenging to compose the different applications into one platform and protect the information contained in the operating system. According to Gai et al. (2017), "SaaS, providers typically enable services with a large number of integrated features, resulting in less extensibility for customers" (Gai et al. (2017). The merit of the platform is that the service provider is responsible for the privacy and confidentiality of the applications, data, and services. This is common in the public cloud deployment model, where many consumers have tight confidentiality requirements that the provider must meet before a deal is completed. Similarly, private IaaS users may require enhanced confidentiality and privacy to safeguard their customized requirements.

Platform as a Service

Platform as a Service is a bit different from other delivery models because it focuses on a programming environment to allow the clients to access and use more application building blocks. Almusaylim and Jhanjhi (2020) noted that these programming environments have some limitations to application architecture, such as controlling the application's services or access from the operating system. According to Almusaylim and Jhanjhi (2020), "a PaaS environment might limit access to well-defined parts of the file system, thus requiring a fine-grained authorization service" (Almusaylim & Jhanjhi, 2020). One of the main reasons PaaS has found use in multi-tenancy is that it gives the clients the freedom to build their applications apart from the ones provided by the delivery model. This means that the platform is more flexible and allows customization of the services. However, just like IaaS, the consumers are responsible for the platform's privacy and confidentiality, making it less secure. Similarly, consumers are responsible for differentiating between workspaces and applications in the platform that limits its use.

Infrastructure as a Service

Based on the tenets of the IaaS, the providers of the cloud computing services provide the consumers with a set of virtualized components such as the virtual machines and storage space that consumers are allowed to anchor their applications and operate in the process. Consumers who design and operate using this platform are found in virtual operating systems and virtual machines. In this platform, many issues limit the application of this type of service delivery model. Some of the issues include the hardening of the host, the confidentiality of the inter-host communication, and the ability to trust virtual machines. According to Khodashenas et al. (2017, June), these are some of the issues that limit the use of IaaS in multi-tenancy cloud computing because it is vulnerable to confidentiality and integrity issues. However, in other application areas, IaaS is the most extensible service delivery model but provides few application-like features absent in some instances. Under this platform, the consumers must secure the applications, operating system, and content, limiting its application in multi-tenancy cloud computing. Despite the client's responsibilities in the confidentiality of the platform, the provider also has the mandate to provide low-level privacy and confidentiality assurances and services.

Figure 2: Cloud Computing Service Deployment Models

Multi-Tenancy Characteristics and Architecture

According to Kumar et al. (2018), understanding the characteristics and architectures of multi-tenancy cloud computing is essential towards comprehending the privacy and confidentiality issues in this field of cloud services. This section of the literature review focused on understanding the studies investigating the characteristics and the architecture of multi-tenancy cloud computing.

Characteristics of Multi-Tenancy Cloud Computing

Sharing Of the Hardware Resources

Kumar et al. (2019) noted that each customer has their virtual machines customized to meet their computing needs in a conventional single-tenant computing setting. Kumar et al. (2019) revealed that the number of tenants who can use the platform is limited because of the nature of virtual machines used in their perspective. This is different for multi-tenancy, where many different tenants can share the same software or application, increasing resource utilization and cutting operation costs.

High Level of Configurability

Karthiban and Smys. (2018, January) focused on investigating the degree of configurability in multi-tenancy cloud computing. All the customers share the same application instance in multi-tenancy, unlike a single-tenant where each consumer has a customized application instance. Because of this, different consumers or tenants sharing the same application have different computing needs, which must be met in the process. Because of these, the services under multi-tenancy are designed with a high degree of configurability to ensure that they can be configured and customized to meet the needs of different tenants.

Similarly, Guerbouj et al. (2019) noted that all product designs are integrated with configuration options in a multi-tenancy setting. Because of these reasons, many applications in the multi-tenancy setting are run next to each other to enhance sustainability. This ensures that the platform's functions are enhanced by also increasing data privacy in the operating system.

Shared Database and Application Instances

Applications in the multi-tenancy are runtime configured and are therefore not different, as is the case in single tenancy, where customization may create application variations. According to Karthiban and Smys. (2018, January), the number of instances is few or one in many cases, but all the applications may be duplicated to enhance scalability in multi-tenancy cloud computing. In this way, deploying applications in this setting is easy and faster as compared to single tenancy.

Similarly, Alrawais et al. (2017) argued that "new data aggregation opportunities are opened because all tenant data is in the same place. Hence, user behaviors traces can be collected easily, which can help improve user experience" (Alrawais et al., 2017). In this way, there is the high and effective utilization of hardware resources in multi-tenancy, enhancing cheaper and swift maintenance of the applications. The platform is cost-effective and presents opportunities for data aggregations.

Data Management Architecture in Multi-Tenancy

Studies have indicated that cloud computing can be defined by multi-tenancy. This is because the shared applications in multi-tenancy change dynamics in the area achieve the economic benefits of cloud computing. In this setting, many clients can access and utilize the same application, although they are exposed to some privacy issues in the process. However, Ali et al. (2018) noted that the application designs in multi-tenancy are designed to distinguish between users to ensure that no user uses data of another user. Therefore, Ali et al. (2018) revealed the three techniques utilized in the multi-tenancy perspective: physical separation, using a database, and virtualization.

Similarly, Guan et al. (2018) noted that multi-tenancy could be achieved through using dedicated technology which provides or allow users to access resources individually. This model has been relied on to assure the platform users of their privacy, confidentiality, and data integrity. This is called physical separation in multi-tenancy, and it is less commonly used because it is the most expensive method of achieving multi-tenancy.

The three main architectures for managing multitenant data in the cloud include storing data relating to each tenant on a separate database. This is also the most common and most accessible form of data isolation. Secondly, using a single database to house different tenants with their tables classified into schema created or designed for a specific tenant. Marwan et al. (2018) termed this approach effective as it allows more data to be stored in the same space, making it easy to retrieve. The final framework stores data of different tenants in the same database and similar sets of tables. This has been the riskiest approach to data storage in multi-tenancy and exposes the information to privacy issues. Goyal et al. (2019, February) noted that "multi-tenancy, on Cloud environments provides seemingly limitless scalability and an alternative to the expensive data center infrastructure, it raises confidentiality and privacy issues because it hands the processing and storage task over to third parties" (Goyal et al., 2019, February).

Conceptual Architecture in Multitenant Application Management

All layers of applications are affected in multitenant cloud computing. However, to enhance data privacy in multitenant cloud computing, three areas have to be focused on by the service providers and the consumers. Separating user data is warranted in multitenant settings because the applications and databases are shared in many instances. To ensure that privacy issues are managed in multitenant cloud computing, access control and authentication must be implemented to ensure that a user cannot access the data of another user. Secondly, Park et al. (2018) noted that consumers could feel that their data is secure if the processes and procedures are configured from a multitenant perspective. This includes general configuration, workflow configuration, data input-output configuration, and layout style configuration. Finally, there must be a high level of data isolation in multitenant settings to enhance data privacy. Data isolation is necessitated by the fact that applications and databases are shared in many instances. Therefore, data isolation using techniques such as authentication will limit the platform users to their data alone.

Figure 3: Multitenant Architecture With Tenant-Isolated Components

Privacy and Confidentiality Challenges in Multi-Tenancy Cloud Computing

The benefits of multitenant cloud computing are overwhelming based on the recent findings. However, these benefits are limited to some privacy and confidentiality challenges that the platform face today. According to Sun (2020), privacy issues limit the concept regarded as one of the essential components of cloud computing. Sun (2020) noted that multitenant cloud computing has contributed to resource utilization and the cost-effective nature of the practice. However, many organizations using cloud computing services cannot shift to multi-tenancy computing because of the privacy issues that put client data at risk of being compromised by other system users. Despite the benefits, the challenges that stop the implementation of this type of cloud computing are many. According to Xiong et al. (2018), physical data isolation considered a measure of privacy and confidentiality in multi-tenancy, may not be effective enough based on the technique used to implement the approach. Physical isolation of data needs to be done more effectively to achieve its obstructing intrusion goals. Considering this argument, it becomes apparent that a malicious tenant may infiltrate another tenant's data sharing the platform with others through the shared components of multi-tenancy. The violation of privacy, in this case, can be done by introducing the code to the SaaS platform, utilizing the loopholes in the applications that are shared, or through advanced hacking.

Singh et al. (2021, July) noted that one of the main challenges to multi-tenancy privacy is that much of the software is not easy to test for the confidentiality of the data. However, many of the producers of developers of the software will argue that their products are secure, yet they are not. Many service providers have no confidentiality software and applications yet promote that their servers are secure and limit data privacy issues. This has been an enormous problem that has slowed down the use of multitenant cloud computing. Similarly, Joshi et al. (2018) argued that human error in data privacy and confidentiality management in cloud computing is another privacy challenge. Indeed, many recent data breaches involving colossal amounts of money have been instigated due to human errors. Many employees or system administrators are, in many instances, likely to contravene the authentication of the users allowing unauthorized persons to access private data in the servers. If this occurs, data privacy violations will likely occur (Joshi et al., 2018). Similarly, some organizational employees have violated the confidentiality and information privacy policies of their organizations intentionally or accidentally. Data privacy will be violated if this is the case in any organization giving way to unauthorized access.

Khoso et al. (2021) noted that multi-tenancy in cloud computing could set an environment where the attacker and the victim share the same platform. This is a huge privacy issue that many confidentiality and privacy models or literature have not provided solutions to. The hypervisor or resident operating system may not detect attackers on the same platform as the victim. George Amalarethinam and Rajakumari (2019) argued that any tenant within the multitenant arrangement could attack the neighbor because simple methods such as side channels can be used to infiltrate the database of tables of another tenant. Similarly, multi-tenancy is considered a privacy risk in cloud computing because privacy and confidentiality of the information can be menaced. Although the system users are virtually isolated, they are still connected concerning hardware since tenants share the same hardware. Amalarethinam and Rajakumari (2019) related multitenant to multitasking where many resources such as network, CPU, software, and applications are shared. And just like it is the case of multitasking, multi-tenancy is prone to privacy and confidentiality lapses.

Virtualization

Virtualization, which refers to the abstraction of computer resources, is one of the key features in cloud computing privacy, confidentiality, and security. Through utilizing virtualization technology, dynamic resource allocation and providing services are possible. It also enables the user to install several OSs in one physical machine without interfering with one another. According to Kaur et al. (2020), different virtualization technologies have been developed and implemented in different industries, and some of them include VMware and Xen. Privacy issues in multi-tenancy cloud computing arise because there is a high level of sharing the resources such as the machines and databases provided by the computing services provider. According to Singh and Dhurandher (2020, December), virtualization causes losing control over personal and private data. The client may lose control over the location where data is stored, security and privacy policies, and over the people who may access the data, which is common in multi-tenancy cloud computing services.

Singh and Dhurandher (2020, December) noted that privacy and confidentiality could easily be breached in multi-tenancy because the attacker can easily manipulate the hypervisor (the software layer between the operating system and the hardware) and gain access a virtual machine that different tenants share. The presence of a hypervisor in this architecture increases the attack surface since it adds the application program interfaces (APIs) and the sockets, enhancing the system's complexity. However, there are contrary accounts that authors have observed on this issues; according to Pulkkinen (2018), the existence of a hypervisor in the multi-tenancy cloud computing infrastructure increased the privacy and confidentiality of the data in the architecture because it reduced the number of attacks because of its efficiency as compared to conventional operating systems. Pulkkinen (2018) focused on several issues undermining the effectiveness of multi-tenancy cloud services because of virtualization. Privacy issues that are instigated by virtualization in cloud computing services, according to the available publication, include cross-virtual machine attacks (instigated by another tenant in the cloud arrangement), malicious system administration attacks (instigated by insiders working for the cloud vendor), and another area of vulnerability is virtual machine hopping.

Cross Virtual Machine Attack

This privacy and security vulnerability enables the system attacker to steal data from the information system without leaving any trace or raising the alarm. According to Kumar et al. (2018, December), system hackers can achieve this by placing the malicious virtual machine on the physical server where the targeted client’s virtual machine is installed. System hackers achieve this by determining the location of the target client’s VM instance is installed. To determine where the VM is located, the adversaries used networking probing tools such as the nmap, wget, and hping, among others. The adversary should determine if there are two VM instances by comparing IP addresses to see if they match and measure the small packet round-trip time.

A study done by Kumar et al. (2018, December) noted that providers such as Amazon had launched new instances of virtual machines installed on a single physical machine which increases the vulnerability of the physical machine because malicious VMs can easily be placed on the physical machine. Privacy and confidentiality of the client’s data are therefore violated once the malicious and the client’s VMs have been aligned on a particular physical machine since they can share some resources, including CPU pipelines, data cache, and network access, among others. Maliszewski et al. (2018, July) noted that it is therefore easy for the attacker to steal a user’s passwords because the attacker measures cache usage to estimate the server's current load, estimate traffic rate, and keystroke timing by attacking the virtual machine. Similarly, Maliszewski et al. (2018, July) provide several mitigating strategies to combat cross-VM attacks such as co-residency, placement prevention, and NoHype.

Malicious System Administration (malicious SysAdmin)

Campanile et al. (2020) noted that malicious system administration vulnerability is caused by the privileged administrators who have access to the memory of the client’s virtual machine. In many instances, systems with xenaccess can allow the administrators to access virtual machines' memory during run time by running the systems user’s level process domain0. Kumar et al. (2017) noted that this vulnerability could be enhanced by the increasing number of multi-tenants and demand for cloud computing services, increasing privacy and confidentiality of data vulnerabilities. Several frameworks have been proposed to mitigate this vulnerability of data to privacy and confidentiality. According to Khodashenas et al. (2017, June) and Kaur et al. (2020), the vulnerability can be solved by implementing a trusted cloud computing platform (TCCP). The trusted cloud computing platform effectively protects the privacy and confidentiality of new client’s virtual machines. Kaur et al. (2020) noted that “TCCP is a set of technologies developed by the Trusted Computing Group (TCG) to face the concern of untrusted execution environment.

TCCP guarantees that the execution of virtual machines doesn't leak any information and keeps data confidential” (Kaur et al., 2020). The tool solves the problem because it bars any privileged administrator from accessing the virtual machine memory and closes the execution in a protected perimeter. This privacy protection model is founded on the Trusted Platform Module, which is installed or incorporated on the motherboards of the machine and includes other peripheral technologies such as authenticated booting, sealed storage, and remote attestation. Similarly, Khodashenas et al. (2017, June) noted that privacy could be achieved in multi-tenancy using the TCCP by combining TCCP and virtualization technology. The combination is effective because it helps the user to gain greater confidentiality on virtual machines. Privacy is enhanced in this model because the virtual machine operating system is customized. Privacy can also be increased since the combination of the TCCP and virtual technologies protect code from the cloud service providers and disable less useful virtual devices. Kaur et al. (2020) noted that clients’ data confidentiality is significantly improved against the service provider. Only valid users can boot the target virtual machines if the listed procedures are implemented.

Figure 4: Trusted Cloud Computing Platform (TCCP) architecture.

Virtual Machine Hopping

This is a kind of vulnerability where the adversary hacks into the virtual machine using different techniques and takes control of other virtual machines in the system. The hacker can achieve the goals by manipulating or exploiting the hypervisor’s vulnerabilities. However, according to Yadav et al. (2021), virtual machine hoping vulnerability is founded on the assumption that the software layer between the operating system and the hardware or physical machine has a security lapse. Yadav et al. (2021) noted that hackers could not achieve their goals when targeting a cloud service system with a robust hypervisor. This implies that multi-tenancy cloud computing infrastructures and architectures should be designed with a robust hypervisor to mitigate the issue of privacy breaches through virtual machine hopping.

Data Location

Once the information or data has crossed borders which may be country borders or company boundaries, it is faced with numerous privacy and security risks. According to Lejaha, 2017), many of cloud computing service users do not know where their data is stored. For these reasons, concerns relating to privacy, accessibility, and protection of personal data have dominated regional and national data protection policies. The whereabouts of data location is a huge concern that organizations handling private data have today because it balloons their worries over data safety and protection. In multi-tenancy cloud computing, data is stored in multiple locations in different countries and regions with no information provided to the consumers about the location where their data is stored.

Stergiou et al. (2018) noted that because of a lack of knowledge on the whereabouts of consumer data in multi-tenancy cloud computing, consumers are constantly worried about the legal and compliance requirements of their data. The situation is even more complex considering the different laws and data regulation policies that different countries have implemented. Studies have indicated that data location issues are divided into three main categories according to literature. The study done by Kumar et al. (2018, December) indicates that the three data location categories include data combination and commingling, outsourcing, and offshoring.

Data Outsourcing Privacy Challenge

Data outsourcing is a major privacy issue in multi-tenancy cloud computing because data leaves the company jurisdiction and is stored in locations known by the cloud service providers alone. According to Ali et al. (2018), “customers physically lose control on their data, and this loss of control is one of the main causes of cloud insecurity and raises governance and accountability questions in data outsourcing architecture” (Ali et al., 2018). Since the data owner does not know where data is stored and who has access to it, clients in a multi-tenancy cloud service become more concerned because they share several resources in this arrangement.

General Issues in Data Outsourcing. Literature provides several privacy and security issues related to data outsourcing in cloud computing, especially in multi-tenancy clouds services. Many consumers using cloud computing services ask how they are sure that their data is stored safely and in compliance with the law and how private and confidential their data is. Maliszewski et al. (2018, July) noted that in a traditional operating system, the user is sure of where the data is stored and can ensure that data privacy and confidentiality are met by implementing different measures. However, this is different in multi-tenancy cloud computing as the system user trusts the data with other third parties responsible for the storage, safe, confidentiality, and privacy of their data. Campanile et al. (2020) noted that outsourcing data would lead to data privacy violations because the data is in the storage system of a third party. The data owner has no control over the private data in this arrangement.

Nevertheless, regardless of the risks that data is exposed to in outsourcing arrangement, Kumar et al. (2017) and Khodashenas et al. (2017, June) argued that outsourcing of data maybe even secure as compared to the traditional data storage systems. This is because cloud computing service providers have a team of experts with experience and skills to safeguard and store data, unlike individual storage systems where the individual computer user may not have the skills to safeguard data in the computer. Because of this finding, many consumers embrace cloud computing services for their data storage compared to indoor data storage systems. However, Singh and Dhurandher (2020, December) do not agree with this argument. Singh and Dhurandher (2020, December) noted that “the levels of privacy and anonymity for a user will be lower than a desktop user, and some consensus on this topic is required as future research” (Singh & Dhurandher, 2020, December). This argument cannot be overlooked, and it is because of this, the issue has to be explored further through research.

Yadav et al. (2021) noted that several measures had been implemented to enhance consumers' confidence in the multi-tenancy cloud computing g category by assuring them that their data privacy is guaranteed. NIST guidelines have been provided, and cloud computing providers with or without multi-tenancy cloud services must adhere to the guidelines. Yadav et al. (2021) note that “a framework outlining which activities and steps an organization should follow to ensure that the outsourcing of data is done securely and compliance with all organizational policies while maintaining privacy” (Yadav et al., 2021). Several requirements need to be followed when uploading and accessing the stored data in a multi-tenancy setting and include requirements specification, privacy and security risk assessments, and determining the competency of the service provider. Adhering to these requirements will ensure that data privacy is assured in using multi-tenancy cloud services and enjoy the benefits of the cloud architecture.

Customers’ Privacy Requirements, Policies, and Lack of Execution Control. Different organizations and individuals using multi-tenancy cloud services have different privacy levels requirements for their data. Lejaha, R. (2017) noted that healthcare, finance and banking, legal and consultancy, and technology organizations need a high level of data privacy compared to small and medium enterprises or business start-ups. However, many of the available multi-tenancy cloud service providers offer their consumers the same level of data privacy protection with similar and inflexible Service Level Agreements (SLA). This practice of holding to the SLA compromises the data privacy requirements of organizations dealing with sensitive data, which causes privacy concerns. According to Stergiou et al. (2018), “a poor provider selection can affect company reputation, customer trust, and service delivery. If cloud service providers could include better policies and practices, users could be able to assess better privacy and confidentiality risks they face” (Stergiou et al., 2018).

Similarly, consumers who have consented to the multi-tenancy like other consumers of cloud computing do not have complete control over the execution of the resources remotely since many of the resources are shared. Again, the consumers have no remote execution and control of their data, so they cannot determine whether their data is stored according to the applicable laws. Therefore, consumers in multi-tenancy cloud service arrangements cannot inspect and monitor how the data is being stored, safeguarded of telling people or entities that have access to their data hence raising privacy issues or concerns. This means that dishonest employees in a cloud computing service organization may compromise consumer data without the owner knowing. It is a fact that many service providers deal with large volumes of data from different tenants in multi-tenancy cloud computing arrangements. In this way, meeting the different data privacy demands of the consumers in this setting requires a high level of commitment and determination from the providers’ perspective.

Xue et al. (2018) recommended cloud computing vendors “cloud computing industry to establish standards in the paradigm, as the current lack of them makes it difficult to users to analyze and assess the differences between cloud service vendors” (Xue et al., 2018). This is important because the privacy policy of the tenant may not align with that of the vendor. Therefore, having established standards to control data privacy policies will enhance the confidence of the consumers in the provider to safeguard their data.

Audit, Monitoring, and Accountability. Audit monitoring is the only way tenants in multitenant cloud service arrangements can hold their service providers accountable for their data privacy and security. Al-Ruithe et al. (2018) argued that the purpose of data audit and monitoring is “the purpose is to watch what happened in the Cloud system to ensure that privacy requirements, SLAs and compliance with laws are enforced when their personal information is in the cloud” (Al-Ruithe et al., 2018). However, this is one area that is very limited regarding consumer access as they have no access to information relating to the collection, usage, user profiling to ensure high privacy recommendations.

Some consumers may not like how their data content is monitored or is audited, but they may not change this because they have no access to such information. Hathaliya and Tanwar 2020) noted that some cloud service providers might be required to disclose and provide reports to the authorities, government agencies, and security committees or organizations on the nature of the information stored in their databases. This is done in many cases without the knowledge of the data owners, something that violates their privacy in the process.

Data Offshoring

Offshoring is the movement of the data from one region to the other or region to the other. In a nutshell, offshoring is the mobility of data across different jurisdictions, including companies, among individuals and countries. However, in many instances, this area of data privacy literature has focused on data mobility across international boundaries. As expected, data movement or offshoring of data increases the risks that data from different organizations face today due to legal and compliance regulation complexities. In a multi-tenancy setting, cloud service providers serve consumers from different parts of the world.

In contrast, these providers may not have data locations in some countries where the consumers reside. According to NIST, the “organization’s responsibility to operate in agreement with established laws, regulations, standards, and specifications” (NIST). Compliance also includes the understanding of who is maintaining the outsourced data.

General Issues in Offshoring. Several studies have been done to investigate privacy issues related to data offshoring in multi-tenancy cloud computing. The studies have provided consumers privacy concerns regarding g to offshoring while providing the frameworks to mitigate the concerns. Some cloud service providers do not inform their consumers of the location of their data because of the data governance and processes safeguards or policies. One of the main issues found in this perspective reflected in the study of Campanile et al. (2020) is which laws are applied to information in offshore perspective and how this is determined. The nature and location of the data is an important issue and significantly affects data privacy since some jurisdictions have laws and regulations that may limit access to information stored in their jurisdiction. Similarly, some jurisdiction, for instance, China has different laws relating to data security and privacy which many other jurisdictions have noted as vague. Therefore, consumers whose data is stored in countries such as China may feel or may have privacy concerns because of the poor regulation of the cyber industry in China.

Another privacy issue that has been identified from a study done by Campanile et al. (2020) is the compliance regulations that the company or the consumer has to follow before joining or moving data to multi-tenancy cloud service. In the European Union, the legislation bars the processing of personal information to the cloud if the data subject is not aware of the processing and the purpose for the actions. This is different from other jurisdictions that allow the processing of personal information to the clouds without necessarily notifying the subject of the action or the purpose of the action. When this is the situation, it becomes difficult for the tenants to upload or access their data when they need to do so at their own time.

Similarly, it is imperative to understand that cloud computing service vendors are in business, and they generate huge revenues based on the number of subscribers. In this way, they will promise consumers who intended to buy their data privacy and security services. These promises may include disclosure of their data location to motivate such clients to buy their services. The promises may enhance the consumers' confidence in their data privacy, but in a real sense, data may not be stored in the locations that the providers have disclosed. According to Khodashenas et al. (2017, June), cloud service providers split their data storage facilities into many different jurisdictions to reduce the risks of data breach and damage experienced when data is stored in the same jurisdiction. This is a critical concern for the consumers because they cannot tell which laws and regulations apply to their data. This is also a huge privacy issue because the tenants may violate the policies and regulations relating to data handling without their consent because they are unaware of the laws that apply to their data.

Legal and regulatory issues. As already mentioned in the general privacy issues related to the offshoring section, different jurisdictions have varying privacy laws that regulate data storage and access. To make it worse, many of the legal issues relating to data privacy are involved or addressed during the assessment of the contract formed. These include Service Level Agreements (SLA) and User Licensing Agreements (ULA). According to Pulkkinen (2018), the privacy concern here is that some of the privacy laws in different jurisdictions are outdated or ambiguous and do not capture the essence of cloud computing, especially multi-tenancy cloud services.

Several studies have investigated legal and regulatory compliance effects on the privacy of data stored offshore. One of the privacy issues in this perspective is the dissimilar perception of the jurisdiction of what constitutes privacy or what amounts to privacy violation. These concerns have resulted in different legal battles in courts, which have refused to fade because of other jurisdictions' different interpretations of privacy. The authors explain some examples of conflicting regulations are the U.S. Federal Rules of Civil Procedure (FRCP) and the EU Directive. For instance, the definition of privacy in the United States and the European Union is broad. It is regulated by different laws, including data security, privacy, cyber, and human rights laws. According to Yadav et al. (2021), “even though many laws have been published to protect users' privacy and businesses secrets, they are out of date and inapplicable to scenarios where more parties enter in action (like Cloud Computing)” (Yadav et al., 2021). Yadav et al. (2021) believe that such complex and multiple laws that define privacy make it difficult to determine what exactly constitutes data privacy.

Similarly, Yadav et al. (2021) noted that many established laws control or regulate data privacy offshore. Interestingly, privacy laws are different and apply differently to different industries or sectors. For instance, in the United States, financial sector data and information privacy is regulated by Gramm Leach Bliley Act which provides additional requirements compared to the health insurance portability and accountability act (HIPAA) that apply to the healthcare industry. Given the difference in the laws that apply to different sectors, privacy regulation experiences gaps and making it difficult to define what constitutes privacy data violation. Lejaha, R. (2017) noted that “some of the laws do not regulate activities of the third-party providers of health care businesses, so a legal demand by a private party to a CSP for disclosure of protected health information would lead users’ private information to be disclosed,” (Lejaha, 2017). This makes it difficult to understand which law applies to areas that are not regulated by the established privacy laws in the sector.

Data Combination and Commingling In Multi-Tenant Cloud Computing

Data combination and commingling is a major privacy issue in multi-tenancy cloud computing. Ali et al. (2018) defined data combination as separating customers’ stored private data in the cloud from other tenants. Considering the definition of data combination, it is one of the main processes in cloud computing that focuses on cloud computing data privacy in multi-tenancy clouds service arrangement. According to Ali et al. (2018), multi-tenancy cloud computing consumers need to be assured that their data is stored separately from other tenants. In a situation where private data is stored in the same database, the risks of privacy violations became evident and became exposed to attacks and virus transmission. When information is kept in the same database, an attack on a single tenant may likely spread to other tenants and cause a huge privacy violation and reduce data integrity. Therefore, cloud service providers need to be careful when handling data in a multitenant environment. Hathaliya and Tanwar (2020) noted no evidence linking data commingling and combination to virtualization. However, virtualization is frequently applied to data combination and commingling to reduce the risks associated with this privacy concern in a multi-tenancy setting.

Solution Models to the Privacy Challenges in Multi-Tenancy Cloud Computing

Literature on Privacy Solution Models

Data privacy and confidentiality seem to be very complex matters regarding cloud computing and other forms of computing. However, the tendency has become even more pronounced with the recent development in cloud computing resulting in the multi-tenancy cloud computing model (Meng et al., 2021). Several studies have developed important models that can be implemented at the organizational and service provider levels to enhance data privacy in multitenant cloud computing settings. The models provide a theoretical framework that can be used to mitigate privacy issues that have been identified to limit the implementation of the multi-tenancy cloud.

Namasudra et al. (2017, February) noted that providing the best enterprise resource planning platform to small and medium enterprises is the best way to deal with privacy concerns among these organizations using multi-tenancy cloud computing. The authors noted that many small and medium enterprises are familiarizing with cloud computing, and mastering the risks associated with multi-tenancy computing is essential for designing effective and customized cloud computing services. Namasudra et al. (2017, February) concluded that two factors could be implemented to secure organization data involving cloud computing: persistency layer abstraction and dynamic instance composition. Additionally, Ahmad (2018) also proposed another privacy assurance model that can be customized and used in multi-tenancy to achieve data privacy. In this model, the authors argued that the storage service should be given authentication, auditing, encryption, or decryption to a different cloud provider. Ahmad (2018) concluded that the model could protect data from service providers and external attacks, therefore, rendering data safe.

According to Mukherjee et al. (2017), data can be secured in multi-tenancy if two encryption strategy will be implemented. The authors suggested that encryption should be done during the file upload by the client and during file distribution by the service provider while providing data backup. The authors used the HMAC (hashed message authentication code to encrypt the data to develop the model. The main shortfall of the model is that it increased time since it was a two-step authentication model. In a different study, Gupta et al. (2020) designed a new trust model for cloud storage confidentiality, examining all outgoing cloud requests in real-time to identify sensitive data and using the trusted platform module (TPM) to encrypt these data. The authors of the model employed the famous Kerberos authentication recommendations to design the system user authentication. This authentication model is authentic and is used to encrypt trusted and secure gateway.

Privacy issues need to be evaluated using a proven model to implement the best solutions to mitigate them effectively. Deep et al. (2020) developed adequate confidentiality and privacy vulnerability model to conduct privacy threat evaluation in multi-tenancy cloud computing. The model was developed using the confidentiality service level agreements (SLAs) model used widely to assess and evaluate data confidentiality and privacy in different information technology systems. According to the authors, the developed model deals with emergency privacy and confidentiality issues, traditional aspects of confidentiality, data and system integrity and confidentiality, and system privacy capability levels (Meng et al., 2021). The authors proposed an algorithm through which the cloud service provider can control the user itself, using two different techniques, namely compression and encryption, hence increasing data privacy in the systems involved in multi-tenancy cloud computing.

Subramanian and Jeyaraj (2018) presented a multi-tenancy cloud computing confidentiality and privacy model that focused on sharing of resources. The authors argued that many privacy issues result from the risks of sharing applications, software, and hardware in multi-tenancy infrastructures. The model was validated and tested using Google data and was designed to enhance the confidentiality and privacy of data in multi-tenancy cloud services. Similarly, Nikkhah and Sabherwal (2017) provide an authentication system for multitenant models in the cloud, dubbed Multi-Tenancy Authorization System (MTAS). The MTAS model focused on enhancing trust among the tenants sharing the same multi-tenancy platform, and it was founded on the famous Role-Based Access Control (RBAC). Shivanna et al. (2017) presented a multi-tenancy authorization system with federated identity for Cloud-based environments using shibboleth. The model was aimed at helping individuals and organizations in cloud computing environments safeguard the privacy of their files and information stored in the cloud.

Models that have been discussed in this section are fundamental and have been proven to be very effective in maintaining the confidentiality and privacy of the data and other information stored or shared in multi-tenancy cloud services. As the number of organizations shifting to cloud computing and specifically multi-tenancy cloud computing increases, this area is likely to be the most targeted by cybercriminals. Because of this, it needs to be fully secured (Meng et al., 2021). Organizations that will adopt and implement some of the confidentiality and privacy models discussed in this section will find it easy and cost-effective to maintain their data privacy and confidentiality in the long run. This will help them harness the benefits of cloud computing, multi-tenancy in particular, and save on operational and computing costs.

Governance, Control, and Auditing Data Privacy Issues Solutions

Control, governance, and auditing data privacy risks originate from the cloud service providers' activities and the consumers' roles in mitigating privacy risks when handling or accessing data. Many of the privacy issues here are solved using technology-based solution models that are in many instances bestowed in the data governance and control management literature or frameworks. The frameworks and literature is founded on the premises of data and center computing. The frameworks applied regardless of the employed service deployment technique are PaaS, SaaS, or IaaS.

Separation of duties framework

Separation of duties in the cloud computing or information technology framework is data security and privacy model that segregate functions, tasks, and components into multiple subtasks and assign the responsibilities to different individuals. According to Xue et al. (2018), the main role of the separation of duties framework is to eliminate or reduce conflicts of interest among the service providers’ employees that may lead to data privacy compromises. As already noted, one of the data privacy challenges is malicious system administration. In this way, assigning the roles to different individuals within the architecture will ensure that the idea of privileged administrator is to eliminate hence safeguarding the privacy of consumers’ data.

Many of the privacy challenges in cloud computing result from the classification and definition of roles. Most of the security and privacy breaches in cloud computing are caused by the providers’ dishonest employees. Implementing a separation of duties framework in the organization will ensure that no employee has exclusive rights to access all system areas and reduce incidences of data breaches. According to Xue et al. (2018), there has been little time or opportunity for SoD rigor to develop and stabilize into standard roles due to the rising number of cloud computing services providers. Data privacy breaches are increased because not all tenants in multi-tenancy have the same reliance on cloud computing service providers to provide data security and privacy.

Similarly, Lejaha, R. (2017) noted that privacy could be achieved in multi-tenancy using the TCCP by combining TCCP and virtualization technology. The combination is effective because it helps the user to gain greater confidentiality on virtual machines. Privacy is enhanced in this model because the virtual machine operating system is customized. Privacy can also be increased since the combination of the TCCP and virtual technologies protect code from the cloud service providers and disable less useful virtual devices. Today, many commercial data security applications and products are infused with the separation of duties model that defines the responsibility of each role in the cloud computing service providers. Some of the security and privacy products that have the separation of duties model include Enterprise Single Sign-On (ESSO) and Identity and Access Management (IAM) software sites. Since the risks associated with this solution model originate from internetworking and visualization, Kumar et al. (2018, December) linked the model to other data privacy solutions, including co-residency and NoHype.

Kumar et al. (2018, December) note that co-residency detection security framework help to remove co-residency in multi-tenancy cloud computing. However, the authors did not shy away from explaining the model's limitations to the benefits of multitenant cloud computing, such as cost-saving. The authors concluded the study by recommending that data privacy in multi-tenancy is highly assumed in a setting where tenants are trustworthy or by using secure and well-designed virtual machines to protect personal information. According to Al-Ruithe et al. (2018), “NoHype attempts to minimize the degree of shared infrastructure by removing the hypervisor while still retaining the key features of virtualization” (Al-Ruithe et al., 2018). These actions are important in securing personal data privacy in the system because they will eliminate cache side channels and retain multi-tenancy properties. Al-Ruithe et al. (2018) also explained the shortcomings of implementing NoHype as a privacy safeguard in multi-tenancy cloud service. The authors observed that such actions would require changing of hardware to make them less practical. Similarly, some studies have recommended removing the software layer between the hardware and the operating system to prevent a data privacy breach. However, this recommendation has its shortcomings, such as exposing the system to risks of internal attacks that malicious system administrators may instigate.

Another data privacy and security solution suggested to be effective in this area is implementing the placement prevention mechanism. According to Lejaha, R. (2017), this type of framework consists of obfuscating co-residence in Virtual Machines by having Dom0 (Dom0 or Domain0 as the superior layer that manages the hardware of Virtual Machines). Domain0 activates the response of the security elements in traceroute or sometimes randomly assigns internal IP to deactivate any launched virtual machines in the system, stopping data breaches.

Auditing and Client Controls

According to the study done by Khodashenas et al. (2017, June), many information technology auditing models like CobiT and Systrust depend on the logging information to provide evidence of sufficient governance and controls. This implies that all actions that can change or modify information stored in the cloud are logged. The logs are regulated by standard policies that originate from access, retention, disposal, and archival. In multi-tenancy cloud computing, all tenants are audited to ensure that each tenant maintains a minimum set of allowable security exposure. Pulkkinen (2018) noted that the existence of such standard policies might reduce the risks associated with data privacy breaches even if the policies are not required to be complete and verbose of logging user access.

Similarly, Pulkkinen (2018) noted that “the model helps to ensure that a weak tenant’s lax security posture cannot allow an intruder access to an infection vector with which to exploit and compromise another tenant’s Cloud-based services” (Pulkkinen, 2018). Considering the benefits of audit and client access control to safeguarding data privacy in a multi-tenancy setting, all multi-tenancy cloud computing contracts must include concise audit and client control terms to increase data privacy. The model requires all the tenants in the contract to be fully aware of the privacy and security consequences of using multi-tenancy cloud computing services. Similarly, the framework defines the roles and responsibilities of each party to the contract as they relate to maintaining data privacy and security in the information technology systems.

Configuration, Design and Change Management Data Privacy Issues Solutions

These types of risks are specific to multitenant cloud infrastructure. However, studies have indicated that they have their foundation in other cloud computing architectures, and it is because of this, they do not apply to multitenant cloud computing alone. According to Marwan et al. (2018), privacy risks associated with configuration, design, and change management of data are linked to internetworking and the virtualization of resources in this area. Therefore, most of these privacy risks are associated with multi-tenancy architectures that have adopted IaaS and PaaS.

Trusted Cloud Computing Platform and Environment

In the previous section, a trusted cloud computing platform was discussed as it related to the multitenant environment. Multitenant Trusted Computing Environment Model protects data by implementing two different concepts of the TCCP in a multi-tenancy perspective: Platform Attestation and Transitive Trust.

Transitive Trust. In this framework, a computer can only be initialized when commanded by the core of trust measurement. This can be a hardware chip, encrypted firmware signed by an administrator and perceived as trustworthy, a ROM model, or a microcode. The framework aligns with a pathway of trust that is established by a bootstrap process. The framework is founded on the concept that one level of initialization or authorization is implicitly trusted by the previous level passing the secure microkernel. Marwan et al. (2018) noted that The TCCP and the Transitive Trust model are part of most modern operating systems. MTCEM asserts that this model can be extended to Cloud computing.

Platform Attestation. In this framework, an information technology system can be accessed, or data can be accessed if the computing platform mechanism proves to the third party that it can be trusted. Marwan et al. (2018) noted that “platform attestation refers to a system’s capability to deem trustworthy by other systems with which it must interact, or to in turn be deemed trustworthy by those other systems” (Marwan et al., 2018). The main challenge of implementing this framework is to define the sensible and measurable metrics that can be relied on to determine the trustworthiness of the computing platform. However, Marwan et al. (2018) observed that several attestation prototypes had been developed specifically for cloud computing and multi-tenancy. Through these prototypes, the trustworthiness of the computing platforms is determined by assessing previous behaviors or past behavior trends.

For instance, a computing platform will be regarded as trustworthy if the request aligns with patterns of normal or expected computing behaviors. This implies that some computing services may be denied if the request is sent during odd hours. To protect the privacy of data using this platform, the request may also be validated if it defines the competing properties of the platform, such as the memory status of the hardware and checksum validations from the virtual machines. Deep et al. (2020) noted that implementing the MTCEM model in multi-tenancy cloud computing platform is that the guest tenant in the IaaS or PaaS is admitted to the available different security and privacy domains and serve many dissimilar security components through the applicable policies.

Figure 5: Multi-tenant Trusted Computing Environment Model (MTCEM).

Securing Shared Services

Shared services are the main underlying concept of multi-tenancy cloud computing and cloud computing as a whole. In this way, the focus should be on securing the shared services in this architecture to ensure that mistakes made by one tenant do not affect other tenants sharing resources in this architecture. According to Stergiou et al. (2018), “These services are available to each tenant in an MTA and form the fundamental value proposition of most CSP’s service offerings” (Stergiou et al., 2018). However, studies have indicated that shared resources and services in this perspective take a different line depending on the nature of cloud computing being interrogated. The privacy risks associated with this perspective are mitigated in different ways. However, the most challenging issue is that many of the challenges can be mitigated based on the service deployment model that the architecture was built on.

According to Xue et al. (2018), the privacy issues can be solved in this context by maintaining an independent map for each tenant in the multitenant cloud computing setting. The cloud computing service vendors must maintain dynamic and updated mapping information relating to their foundational technical infrastructures. The independence map provides, in this case, should be based on the needs of each tenant’s virtualized servers or instances (Xue et al., 2018). This is an effective method of maintaining client data privacy as communication with the clients if any abnormal occurrence is experienced. For instance, if the resources, server, or database have been compromised, the service provider can identify affected clients and notify them promptly.

In general, multitenant data privacy risks in PaaS, IaaS, and SaaS to lesser extent tenants can be mitigated by implementing the Virtual Private Cloud. According to Ali et al. (2018), this can be achieved when the service provides, develop and allocate each tenant a potentially at a payable premium, a rationally or physically separated substructure on which to run. However, many cloud computing service providers do not implement this framework because it reduces their profitability and convinces potential tenants to buy their services. Xue et al. (2018) noted that “If every risk-averse tenant demands their physical infrastructure, then the CSP essentially becomes a co-location provider and can offer little beyond the low-margin benefits of shared rack space and HVAC to their clients” (Xue et al., 2018).

Availability in Multitenant Platform

In the CIA security pyramid of cloud computing, availability is perceived as the third pillar coming third after confidentiality and integrity. As expected, a multitenant environment poses huge availability risks to some tenants, especially guest tenants, because of the activities of other tenants in the system. For instance, Deep et al. (2020) noted a risk of availability through lack of concerted, global workload optimization, principally for batch processing and predominantly within SaaS cloud service providers. Deep et al. (2020) noted that most of the workload in multitenant cloud computing is optimizing resource allocation for each tenant in the platform. This is especially challenging for clients involved in internet-based businesses such as social media, e-business, and time-sensitive human interactions such as healthcare, emergency services, and customer care.

According to Khodashenas et al. (2017, June), “batch-based computing typically involves single-threaded applications, asynchronous processing, serial execution of job steps, and high rates of I/O to large sequentially organized datasets” (Khodashenas et al., 2017, June). This practice introduces a risk exposed by the service deployment of SaaS, which in many instances uses a single application server to serve many tenants in a multi-tenant setting. According to Khodashenas et al. (2017, June), “batch workload planning and optimization may require multiple tenants within an MTA to sign up for a centralized batch production scheduling service” (Khodashenas et al., 2017, June). Several security and privacy frameworks have been developed to mitigate the challenges, including placement protection, initial performance evaluation, collection and analysis data for re-planning, and batch task planning.

Logical Security, Access Control and Encryption Data Privacy Solutions

The solutions in this category address challenges resulting from application-driven and, as such, are more applicable to PaaS and SaaS Cloud environments. They deal primarily in designing security systems related to access to individual applications, data, or business functions within an MTA-based Cloud service offering. Evidence suggests that organizations and individuals consuming cloud computing services need to be concerned with the privacy and confidentiality of their information stored in the cloud. Multi-tenancy is defined differently. However, many scholars have agreed that sharing of resources in cloud computing facilifacilitatess the community cloud deployment model

Encryption Protocols

Multi-tenancy cloud computing segment offerings provide important data privacy and confidentiality through their strong and reliable encryption protocols. In this platform, each tenant is provided with their encryption keys, and in some instances, the tenants are involved in the development, storage, and destroying the keys. Although this is the case among several cloud computing service providers in a multitenant setting, some providers lack security and privacy of clients’ data because they lack what Kumar et al. (2018, December) called lack of security by diversity. Evidence indicates that some of the privacy issues involved in multi-tenant cloud computing include data leakage, data breach, and exposure of the private data relating to clients involved in the agreement. As the number of people using cloud computing balloon, privacy issues are becoming a significant problem for many consumers who use the same cloud computing architecture in a private or public setting. It is essential to define what multi-tenant cloud entails before developing a clear concept or problem that can be investigated.

According to Khodashenas et al. (2017, June), “the data of several (or potentially all) MTA clients is encrypted with the same encryption algorithm, either AES, Blowfish or any other industrial-strength encryption suite in multi-tenancy cloud computing” (Khodashenas et al., 2017, June). Despite these security and privacy measures, there still exists a loophole that may compromise data privacy. Once the encryption protocol is compromised, or the cipher suite is broken or tampered with, the compromised tenant’s encryption makes it easy to compromise the encryption of other tenants in the platform. Considering the risks that such a scenario may cause, two models have been developed by Ali et al. (2018) to mitigate this privacy and security risk, as discussed in detail below:

Predictive encryption. In this model, each encrypts key owner has many grained control protocols on who can access encrypted data. This way, cloud service providers segment data stores and ensure that some are decrypted. Some are encrypted based on the nature of data in the segmented datasets to allow individual tenants only to access their particular dataset or segments (Ali et al., 2018). This framework ensures that compromising encryption of one tenant in the platform does not necessarily compromise other tenants’ encrypted data segments. This security and privacy measure is important because it limits the volume of data compromised in case of a data breach in a multi-tenancy setting.

Homomorphic Encryption. This framework allows the tenants in a multi-tenant relationship to process cipher text data without necessarily decrypting them before processing. The framework was developed to ensure that no malicious attackers can intercept and compromise decrypted data when processing. Study findings revealed that organizations and individuals consuming cloud computing services need to be concerned with the privacy and confidentiality of their information stored in the cloud. Multi-tenancy is defined differently. However, many scholars have agreed that sharing of resources in cloud computing facilitates the community cloud deployment model. Data security and privacy are protected using this framework because it is not easy to compromise encrypted data.

Identity Access and Management

Identity access and management framework is a very important privacy model regarding multi-tenant cloud computing. This is because the offering has vast needs based on the subscribed services. In this way, implementing an integrated Identity and Access Management model is important for protecting data in a multi-tenant architecture. According to Singh and Dhurandher (2020, December), some of the solutions in this perspective include single-sign-on, RBAC, and delegation, which should be designed with a complete IAM solution. According to Singh and Dhurandher (2020, December), “IAM enables persistent authorization for customers in terms of their identity and entitlement across multiple clouds” (Singh & Dhurandher, 2020, December). However, despite the effectiveness of the IAM security and privacy framework, its implementation is not a walk in the park because it involves several challenges. Because of this, Singh and Dhurandher (2020, December) advocated for adopting the federated IAM in cloud computing or multitenant cloud computing architectures or by each tenant.

Federated Authentication. Singh and Dhurandher (2020, December) noted that “standards are generally weak and in development, some (for instance, Open Authentication (OAuth and OpenID) can extend consumer-based SSO to enterprise” (Singh & Dhurandher, 2020, December). Just like it is required by the networking site users to supply their credentials to access the privileges of other websites associated with these networking sites, federated authentication acts in the same principles. The global credential of the tenants is also recognized by multi-tenant cloud computing services providers of choice.

Federated Access Management. According to Yadav et al. (2021), “cloud computing service providers delegate authentication to a third party through Identity Management-as-a-Service (IDaaS) providers under the federated access management framework” (Yadav et al., 2021). This practice enhances data privacy in cloud computing because it simplifies access management for multi-tenant cloud service clients. The framework is founded on the security policy configuration that plays across numerous cloud service providers. Yadav et al. (2021) noted that the development or implementation of a federated access management framework contributes to structuring the global metapolicy that integrated the different policies developed and implemented by different cloud services providers.

Chapter Summary

The purpose of the current study was to investigate privacy issues in multi-tenancy cloud computing. Throughout this chapter (literature review), I have discussed many or different areas that scholars have investigated relating to the research topic. I began the chapter by discussing the topic in detail, providing essential explanations in the process. I also looked at the study problem and purpose. I also explained the strategy I used to identify the articles or resources reviewed in this section. I discussed what is cloud computing and multi-tenancy cloud computing in detail based on published literature. I did not hesitate to discuss some of the deployment methods that cloud computing implemented and looked at the service deployment models. The other aspects of the topic that have been discussed in this chapter include cloud computing service models, multi-tenancy characteristics and architecture, privacy issues in multi-tenancy cloud computing, solution models to the challenges, contributions to the study.

However, the drawbacks of the concept are also far-reaching. They are in many cases related to scalability of the services, privacy of the data due to confidentiality and integrity risks, and high risks of data leakage since the applications are shared. These issues compromise the confidentiality of data in multi-tenancy, limiting its use or adoption by cloud computing clients. Logical security, access control, and encryption data privacy solutions address challenges resulting from application-driven and, as such, are more applicable to PaaS and SaaS Cloud environments. They deal mostly in designing security systems related to access to individual applications, data, or business functions within an MTA-based Cloud service offering. Evidence suggests that organizations and individuals consuming cloud computing services need to be concerned with the privacy and confidentiality of their information stored in the cloud.

Multi-tenancy is defined differently. However, many scholars have agreed that sharing resources in cloud computing facilitates the community cloud deployment model. Configuration, design, and change management data privacy issues solutions address types of risks specific to multi-tenant cloud infrastructure. However, studies have indicated that they have their foundation in other cloud computing architectures. Because of this, they do not apply to multi-tenant cloud computing alone. Studies have shown that privacy risks associated with configuration, design, and change management of data are linked to internetworking and the virtualization of resources in this area. Therefore, most of these privacy risks are associated with multi-tenancy architectures that have adopted IaaS and PaaS. I have realized from the literature review that scholars have published a plethora of literature on this topic, especially in the past ten years. However, I restricted myself to studies that have been done in the past five years.

References

Ahmad, T. (2018). Confidentiality of Provider sides in Data Privacy and Data Accessibility Issues in Cloud computing. University of Sindh Journal of Information and Communication Technology, 2(1), 7-10.

Ali, O., Shrestha, A., Soar, J., & Wamba, S. F. (2018). Cloud computing-enabled healthcare opportunities, issues, and applications: A systematic review. International Journal of Information Management, 43, 146-158.

Almusaylim, Z. A., & Jhanjhi, N. Z. (2020). Comprehensive review: Privacy protection of user in location-aware services of mobile cloud computing. Wireless Personal Communications, 111(1), 541-564.

Alrawais, A., Alhothaily, A., Hu, C., & Cheng, X. (2017). Fog computing for the internet of things: Confidentiality and privacy issues. IEEE Internet Computing, 21(2), 34-42.

Al-Ruithe, M., Benkhelifa, E., & Hameed, K. (2018). Data Governance Taxonomy: Cloud versus Non-Cloud. Sustainability, 10(1), 95.

Alsmadi, D., & Prybutok, V. (2018). Sharing and storage behavior via cloud computing: Confidentiality and privacy in research and practice. Computers in Human Behavior, 85, 218-226.

Azeez, N. A., & Van der Vyver, C. (2019). Confidentiality and privacy issues in e-health cloud-based system: A comprehensive content analysis. Egyptian Informatics Journal, 20(2), 97-108.

Baig, M. M. A. (2021). Cloud Computing Ethical Issues: A Review Paper To Investigate And Provide Suggestions For Solving Data Privacy Issues Of Cloud Computing. Turkish Journal of Computer and Mathematics Education (TURCOMAT), 12(7), 1433-1438.

Barona, R., & Anita, E. M. (2017, April). A survey on data breach challenges in cloud computing confidentiality: Issues and threats. In 2017 International Conference on Circuit, Power and Computing Technologies (ICCPCT) (pp. 1-8). IEEE.

Campanile, L., Iacono, M., Marrone, S., & Mastroianni, M. (2020). On Performance Evaluation of Security Monitoring in Multitenant Cloud Applications. Electronic Notes in Theoretical Computer Science, 353, 107-127.

Chenthara, S., Ahmed, K., Wang, H., & Whittaker, F. (2019). Confidentiality and privacy-preserving challenges of e-health solutions in cloud computing. IEEE Access, 7, 74361-74382.

Deep, S., Zheng, X., Jolfaei, A., Yu, D., Ostovari, P., & Kashif Bashir, A. (2020). A survey of confidentiality and privacy issues in the Internet of Things from the layered context. Transactions on Emerging Telecommunications Technologies, e3935.

El-Zoghby, A. M., & Azer, M. A. (2017, December). Cloud computing privacy issues, challenges, and solutions. In 2017 12th International Conference on Computer Engineering and Systems (ICCES) (pp. 154-160). IEEE.

Gai, K., Qiu, M., & Zhao, H. (2017). Privacy-preserving data encryption strategy for big data in mobile cloud computing. IEEE Transactions on Big Data.

George Amalarethinam, D. I., & Rajakumari, S. (2019). A Survey on Confidentiality Challenges in Cloud Computing.

Ghorbel, A., Ghorbel, M., & Jmaiel, M. (2017). Privacy in cloud computing environments: a survey and research challenges. The Journal of Supercomputing, 73(6), 2763-2800.

Goyal, N., Pandey, A. K., Gupta, S. K., & Pandey, R. (2019, February). The suppleness of Multi-Tenancy in Cloud Computing: Advantages, Privacy Issues, and Risk Factors. In Proceedings of International Conference on Sustainable Computing in Science, Technology and Management (SUSCOM), Amity University Rajasthan, Jaipur-India.

Guan, Y., Shao, J., Wei, G., & Xie, M. (2018). Data confidentiality and privacy in fog computing. IEEE Network, 32(5), 106-111.

Guerbouj, S. S. E., Gharsellaoui, H., & Bouamama, S. (2019). A Comprehensive Survey on Privacy and Confidentiality Issues in Cloud Computing, IoT, and Cloud of Things. International Journal of Service Science, Management, Engineering, and Technology (IJSSMET), 10(3), 32-44.

Gupta, B. B., Yamaguchi, S., & Agrawal, D. P. (2018). Advances in confidentiality and privacy of big multimedia data in mobile and cloud computing. Multimedia Tools and Applications, 77(7), 9203-9208.

Gupta, M., Abdelsalam, M., Khorsandroo, S., & Mittal, S. (2020). Confidentiality and privacy in intelligent farming: Challenges and opportunities. IEEE Access, 8, 34564-34584.

Hathaliya, J. J., & Tanwar, S. (2020). An exhaustive survey on confidentiality and privacy issues in Healthcare 4.0. Computer Communications, 153, 311-335.

Joshi, A. P., Han, M., & Wang, Y. (2018). A survey on confidentiality and privacy issues of blockchain technology. Mathematical foundations of computing, 1(2), 121.

Karthiban, K., & Smys, S. (2018, January). Privacy-preserving approaches in cloud computing. In 2018 2nd International Conference on Inventive Systems and Control (ICISC) (pp. 462-467). IEEE.

Kaur, J., Agrawal, A., & Khan, R. A. (2020). Security Issues in Fog Environment: A Systematic Literature Review. International Journal of Wireless Information Networks, 27, 467-483.

Khodashenas, P. S., Betzler, A., Lloreda, J. G., Jimeno, E., Trajkovska, I., Del Vecchio, L., & Whitehead, A. (2017, June). Ensuring Quality of Service in a multi-tenant cloud-enabled RAN environment. In 2017 European Conference on Networks and Communications (EuCNC) (pp. 1-5). IEEE.

Khoso, F. H., Arain, A. A., Lakhan, A., Kehar, A., & Nizamani, S. Z. (2021). Proposing a Novel IoT Framework by Identifying Confidentiality and Privacy Issues in Fog Cloud Services Network. Int. J, 9, 592-596.

Kumar, N., Vasilakos, A. V., & Rodrigues, J. J. (2017). A multi-tenant cloud-based DC nano grid for self-sustained smart buildings in smart cities. IEEE Communications Magazine, 55(3), 14-21.

Kumar, P. S., Parthiban, L., & Jegatheeswari, V. (2019). Privacy and confidentiality issues in cloud computing using the idyllic approach. International Journal of Networking and Virtual Organisations, 21(1), 30-42.

Kumar, S., Bahsoon, R., Chen, T., Li, K., & Buyya, R. (2018, December). Multi-tenant cloud service composition using evolutionary optimization. In 2018 IEEE 24th international conference on parallel and distributed systems (ICPADS) (pp. 972-979). IEEE.

Kumar, S., Singh, S. K., Singh, A. K., Tiwari, S., & Singh, R. S. (2018). Privacy-preserving confidentiality using biometrics in cloud computing. Multimedia Tools and Applications, 77(9), 11017-11039.

Lejaha, R. (2017). SDN-based security solutions for multi-tenancy NFV (Master's thesis, University of Cape Town).

Ma, X., Zhang, F., Chen, X., & Shen, J. (2018). Privacy-preserving multi-party computation delegation for deep learning in cloud computing. Information Sciences, 459, 103-116.

Maliszewski, A. M., Griebler, D., Schepke, C., Ditter, A., Fey, D., & Fernandes, L. G. (2018, July). The NAS benchmark kernels for single and multi-tenant cloud instances with lxc/kvm. In 2018 International Conference on High-Performance Computing & Simulation (HPCS) (pp. 359-366). IEEE.

Marinescu, D. C. (2017). Cloud computing: theory and practice. Morgan Kaufmann.

Marwan, M., Kartit, A., & Ouahmane, H. (2018). A cloud-based solution for collaborative and secure sharing of medical data. International Journal of Enterprise Information Systems (IIS), 14(3), 128-145.

Meng, S., He, X., & Tian, X. (2021). Research on Fintech development issues based on embedded cloud computing and extensive data analysis. Microprocessors and Microsystems, 83, 103977.

Mukherjee, M., Matam, R., Shu, L., Maglaras, L., Ferrag, M. A., Choudhury, N., & Kumar, V. (2017). Confidentiality and privacy in fog computing: Challenges. IEEE Access, 5, 19293-19304.

Namasudra, S., Roy, P., & Balusamy, B. (2017, February). Cloud computing: fundamentals and research issues. In 2017 Second International Conference on Recent Trends and Challenges in Computational Models (ICRTCCM) (pp. 7-12). IEEE.

Nikkhah, H. R., & Sabherwal, R. (2017). A Privacy-Confidentiality Model of Mobile Cloud Computing Applications. In ICIS.

Park, S. H., Simeone, O., & Shamai, S. (2018). Multi-tenant C-RAN with spectrum pooling: Downlink optimization under privacy constraints. IEEE Transactions on Vehicular Technology, 67(11), 10492-10503.

Pulkkinen, T. (2018). Cloud outsourcing guidelines and data protection regulation in Europe: Context of online banking self-service channels.

Sahmim, S., & Gharsellaoui, H. (2017). Privacy and confidentiality in internet-based computing: cloud computing, internet of things, a cloud of things: a review. Procedia computer science, 112, 1516-1522.

Shaikh, A. A., & Iyer, K. (2018, August). Confidentiality and Privacy Issues in Cloud Computing. In International Conference on Intelligent Data Communication Technologies and Internet of Things (pp. 1299-1306). Springer, Cham.

Shivanna, K., Deva, S. P., & Santoshkumar, M. (2017). Privacy preservation in cloud computing with double encryption method. In Computer Communication, Networking and Internet Confidentiality (pp. 125-133). Springer, Singapore.

Singh, A., Kaur, A., & Gupta, D. (2021, July). Reviewing Trust Issues in Cloud Computing. In Journal of Physics: Conference Series (Vol. 1969, No. 1, p. 012043). IOP Publishing.

Singh, S. K., & Dhurandher, S. K. (2020, December). The architecture of Fog Computing, Issues and Challenges: A Review. In 2020 IEEE 17th India Council International Conference (INDICON) (pp. 1-6). IEEE.

Smallwood, R. F. (2019). Information Governance: Concepts, strategies, and best practices. John Wiley & Sons.

Stergiou, C., & Psannis, K. E. (2017). Efficient and secure big data delivery in cloud computing. Multimedia Tools and Applications, 76(21), 22803-22822.

Stergiou, C., Psannis, K. E., Gupta, B. B., & Ishibashi, Y. (2018). Confidentiality, privacy & efficiency of sustainable cloud computing for big data & IoT. Sustainable Computing: Informatics and Systems, 19, 174-184.

Subramanian, N., & Jeyaraj, A. (2018). Recent confidentiality challenges in cloud computing. Computers & Electrical Engineering, 71, 28-42.

Sun, P. (2020). Confidentiality and privacy protection in cloud computing: Discussions and challenges. Journal of Network and Computer Applications, 160, 102642.

Venkatesh, A., & Eastaff, M. S. (2018). A study of data storage confidentiality issues in cloud computing. International Journal of Scientific Research in Computer Science, Engineering and Information Technology, 3(1), 1741-1745.

Xiong, H., Zhang, H., & Sun, J. (2018). Attribute-based privacy-preserving data sharing for dynamic groups in cloud computing. IEEE Systems Journal, 13(3), 2739-2750.

Xue, K., Hong, J., Ma, Y., Wei, D. S., Hong, P., & Yu, N. (2018). Fog-aided verifiable privacy-preserving access control for latency-sensitive data sharing in vehicular cloud computing. IEEE Network, 32(3), 7-13.

Yadav, A. K., Bharti, R. K., & Raw, R. S. (2021). SA2-MCD: Secured Architecture for Allocation of Virtual Machine in Multitenant Cloud Databases. Big Data Research, 24, 100187.