2017 IEEE 2nd International Conference on Big Data Analysis
Review: An Evaluation of Major Threats in Cloud Computing Associated with Big
Data
Kamalpreet Kaur, Ali Syed, Azeem Mohammad, Malka N. Halgamuge
School of Computing and Mathematics, Charles Sturt University, Melbourne, Victoria 3000, Australia
e-mail: ASyed@studygroup.com, AMohammad@studygroup.com, MHalgamuge@studygroup.com
AbstractIn today's corporate society, the productivity,
stability, and management of an organization relies upon the
power of databases. Most organizations outsource their
databases in the form of big data and then transfer it into
cloud. Although cloud computing technology brings many
benefits for an organization, their security risk factor still
remains as a big barrier for its wide-spread adoption.
Therefore, this problem poses a critical question such as: Is
information secure in cloud? Due to this uncertainty, the
primary aim of this study is to describe and identify most
vulnerable aspects of security threats in cloud environment
through content analysis and highlight and evaluate gaps in the
literature to draw scholarly attention. This paper analyzed
content to source data that helps to identify gaps in the
literature. These gaps then have been identified and evaluated
to answer questions with possible solutions. This research will
help both vendors and users about security issues that have
been heightened with recent population advancements and
demands that have been pointed out for improvement. This
study has reviewed literature in the field over the span of six
years, and endeavors to seek answers for the question and cast
solutions through thorough evaluation and analysis: the
security related issues in cloud computing associated with big
data must be taking into account by security practitioners
when assessing the needs of service providers. This study has
found that cloud environment is an innovation, and the blend
of parallel computing and cloud computing can offer various
advantages. It is ideal for different kinds of applications that
can suit different needs if expenses of application modifications
consolidate the cost of setup and maintenance of cloud
computing. This study has analyzed content and has also
found that management solution of only one big secure data
after integrating it with cloud needs yet to be designed.
Keywords-Big Data, MapReduce, Cloud computing, RDBM
I. INTRODUCTION
Big data plays an essential role in the business world, as
storage of significant amounts of complex data securely is
one of the most crucial aspects of corporate operations. In
actual, big data is s term that describes huge amounts of
structured, semi-structured and unstructured data. The
demand of innovative method of processing data in a cost
effective method, in order to provide process automation
and enable decision making is a need and sparks scholarly
interest. Big data has 3Vs: high-volume of data, high-
velocity of data, and high variety of types of information that
needs to be mined. Although, the specific quantity of big
data is not mention anywhere, it can be in petabytes or
Exabyte. According to Peter Skomoroch, before having big
978-1-5090-3619-6/17/$31.00 2017 IEEE
data technologies like MapReduce and Hadoop, it was very
difficult, error-prone and time-consuming to process large
datasets, therefore, with these technologies, dataset
processing is much easier -than the traditional processing
tools.
Many organizations collect this complex data by doing
worldwide surveys to improve their decision-making process
which is extremely important to sustain a healthy future for
their business [1]. Thus, cloud comes with security
challenges as storing big data into the cloud, even though
content owners do not know where their data is kept do not
trust the cloud. First of all, let me introduce what cloud
computing is? Cloud computing is a set of IT services that
provides to end-users over the internet in order to scale up or
down their service requirements. Cloud computing is the
fastest growing sector in IT industry as its capacity increased
dynamically with no investing in new infrastructure and
licening software. There are many advantages of cloud
computing such as cost efficient, storage capacity, back-up
and recovery, quick deployment, easy to access information
from anywhere and much more. Despiteits advantages,
some disadvantages are also there that we need to be aware
of, before using this computing. For instance, technical
issues (network or connectivity problem), security, prone to
attack (hack attacks). However, its pros outweigh its cons
and there is only one thing that we need to be aware of which
is the fact that cloud computing technology needs to be
secured that it would not cause any leaks to stored sensitive
information [2]. Moreover, cloud computing provides virtual
resources to their consumers via the internet so that they can
use cloud infrastructures, services, and softwares. This is a
cheaper way than any other computing systems with zero
maintenance cost. The service provider is only responsible
for providing the availability of services, nonetheless with
services that are also known as "IT on demand" or utility
computing.
Google has introduced MapReduce, as a framework that
uses Hadoop's distribution file system (HDFS) [3]. In
MapReduce, the vast amount of data can be converted into
tuples and then these tuples can be deduced as an input and
then reduced further by dividing these tuples into smaller
sets of tuples. This way, big data can be managed
nonetheless, at the same time, it can still create a problem of
security, due to business growth and monitoring. However,
MapReduce is not sufficient either, as it lacks security of
sensitive data, and confidentiality becomes a huge problem.
Additionally, we will discuss how Hadoop frame will be
used to solve this issue by using different techniques.
Although there are many security and privacy issues, they
368
still can be solved by using encryption, multi-factor
authentication, security hardware, and applications [3].
II. OUTSOURCING DATA AND APPLICATIONS
Cloud computing provides access to data anywhere at
any time; nevertheless, the challenge is to check authorized
entities.
Due to significant challenges caused by monitoring and
so on, cloud computing suffers to reach its full potential.
However, we have to rely on the third party, and cloud
providers, need to make it secure and communicate its
reliability with their customers. When we use cloud
environment, to make decisions about complex data and
platforms as there has not been any other computing ever
done before, [4], [5], as, there is no technical mechanism to
prevent cloud providers from accessing customer's data
unethically. Therefore, it is significant to build a new layer
that can support, a contract negotiation phase between the
cloud provider and end-users. Thus, we need the
combination of technical and nontechnical mechanism to get
clients/customers trust towards cloud environment [6].
III. SECURITY AND PRIVACY CHALLENGES
The Service level agreement- means that the service level
agreement is a contract agreement that is used to build a new
layer that can support a contract negotiation phase between
the cloud provider and customers. However, it is still very
difficult to bargain about security, privacy, and trust, thus,
there are still some ways to assure customers about the fact
that cloud provider provides services which is subjected to a
contract agreement, and this makes it difficult.
(i) Access control: There is a credential based access
control requirement which must be there to access control
and services so that customer's provenance information may
not be leaked.
(ii) Trust management: Service provider needs to build
new access control policies rather than telling customers that
their data would never be breached in order to manage trust
among customers.
(iii) Authentication and identity management: IDM
(Identity Management) mechanisms are used to determine
the authenticate users and services which are based on
credentials and characteristics.
(iv) Privacy and data protection: Privacy is the biggest
issue in all challenges that are discussed so far. However,
most companies are not comfortable to store their
confidential data outside of their premises. By outsourcing
data shared infrastructure, the customers background
information might be at risk. This can be used for many
purposes, such as auditing, trace back, and historically based
access control. This shows that the balance between client's
personal information and privacy is the biggest draw back in
the cloud environment [7], [8].
IV. MATERIAL AND METHOD
The research method used for this study to interpret the
trends of data sourced from analyzing content is to find the
369
proceedings and measure progress to assist in solving this
perplexing, complex issue. This research uses a Historic-
logic method, which will assist in interpreting the findings of
security matters in cloud computing in previous research. By
gathering information and opinion from expert's and
evaluating it through with data retrieved, will allow the study
to shed light in the area for further development.
V. RESULTS AND DISCUSSION
Cloud environment has different domains and each is
having different security and privacy challenges that we need
to consider before migrating data to the cloud. The security
challenges are categorized into different levels including
network level, data level, authentication level etc. However,
the protection of sensitive information is a major concern. In
order to enhance the security, it is most important to provide
access control, authentication, and authorization to the data
that are stored in the cloud. There are three main elements in
the information security that are CIA (Confidentiality,
Integrity, and Availability). However, this is the
responsibility of the cloud provider to supply these basic
elements to the customers. In Figure 1, it is clearly shown
that confidentiality (31%), Integrity (24%), and availability
(19%) are the most threaten attributes as compared to other
attributes including usability, accountability, security, and
reliability. Data security, integrity, and recovery are the
biggest risk in cloud computing. It is very important to know
what happens to the stored data, and if the cloud fails then,
we recover the applications back up. Cloud computing
technology uses third-party networks to access cloud
services. Thus, there are many risks to access the services in
the cloud. There is a need to compare different cloud
providers services before moving on to cloud. These
services are becoming more popular as they are convenient,
affordable and provide storage space [9].
Moreover, cloud systems are encountered with various
attacks such as loss of data, denial of services, unauthorized
access to data, and unauthorized data modification, etc.
Bleikertz et al. [14] have claimed that the advantages of
using Cloud is followed by the security, privacy, and safety
challenges. These difficulties and challenges have prevented
the selection of cloud computing, as it has not been chosen
when everything is considered. It is expressed that, highly
adaptable; nonetheless exceptionally complex cloud
computing administrations are arranged by utilizing web
interface by clients. However, wrong designing of cloud
computing by clients may prompt vulnerable security issues,
and it can factor security issues. This paper has used a
particular type of methodology that can help us understand
issues from the users side and server side. Amazon's Elastic
Compute Cloud (EC2) has been decided for this evaluation.
The strength of this work is that it provides a robust
analysis of vulnerabilities, and security attacks, therefore,
this analysis helps the vendors in order to enhance the
security policies. The weakness is that it is unique to
Amazon, and it could contribute more if it would be general
[14].
Figure 1. The percentage of compromised attributes in cloud environment
associated with big data
A new Architecture and Transparent Cloud Protection
System (TCPS) has been discussed by Lombardi et al. [15]
to improve the security of cloud resources due to the
integrity protection problems in the cloud environment. They
guaranteed that they have recognized the integrity protection
problems, and to address the integrity issues, they have
proposed a framework called TCPS to expand the security of
cloud assets. As indicated by them, their proposed
framework, TCPS can be utilized to watch the visitor's
integrity, and still keep honesty and virtualization. In TCPS
system, in order to manage the image systems, they have
used image filter and scanners in order to detect malicious
images to prevent from security vulnerability and security
attacks. The strength of this work is that, it proposed an
instrument that gives enhanced security, transparency, and
interruption identification system. The limitation is that they
haven't accepted their work, nor have they sent it in expert
cloud computing situation [15].
MapReduce is massive amount of data that can be
converted into tuples and then these tuples can be provided
to reduce it as an input and then reduce these divided tuples
into a smaller set of tuples [16], [17]. This is a way; that big
data can be managed although, at the same time, it will still
create a problem of security, because data monitoring and
business continuity can cause glitches. However,
MapReduce is not sufficient due to lack of security of the
sensitive data. Therefore, the proposed method to reduce
security issues in the cloud is, Airavat. Airavat is a
MapReduce-based system that is used to store and provide
high security and privacy of sensitive data (Healthcare,
shopping transactions, etc.). It is a new integration of access
control. The Airavat uses MapReduce on clusters in parallel
TABLE I. THE COMPARISON OF DIFFERENT CLOUD SECURITY TECHNIQUES
No Author Technique Description
/method used
1. Narwal et al. Kerberos- Kerberos is an authentication system
(2015) encryption uses cryptographic tickets to fend off
technology based sending the plain text passwords over
[11] on Needham- the connecting wire.
Schroeder
protocol
370
processing taking on board the example of healthcare data, if
this sensitive information leaks to the third party, for instance,
insurance companies who can access this data, then the
insurance company can find out about medical conditions
that would result in the increase of their premiums. Therefore,
to protect data from breaches of confidentiality, it is crucial
to provide strong security, this proves that Airavat is the best
technology to secure confidentiality. With the use of this
technique, the untrusted MapReduce program is sent to
Airavat then it could be protected as seen in Figure 1. After
performing the computations of MapReduce, it could cause
leakage of information. It uses a unique system called Linux
(SELinux) to add Mandatory access code when Airavat is
implemented on Hadoop. This technique provides strong
security and privacy by preventing leakage of sensitive data
and uses access control mechanism as it is the first system
that calculates access control with differential privacy
without auditing untrusted codes. The weakness of this
system is that it supports not only small sets of reducers and
generates but also enough noise to assure the differential
privacy of values [17].
Cloud computing is a valuable tool. However,
organizations still need to be understood and managed in
depth and prioritize execution of any agreements.
Fortunately, there are some mitigation strategies if cloud
customers can follow; it may reduce the level of risks [19].
Gatewood [20] suggests that deciding a vendors inside the
audit process, on how frequently the vendor evaluated
external organizations, the principles of the merchant is held
to, regardless of whether it is interested in being examined
consistently. Keeping up consistently with security
arrangements and administrative prerequisites can be hard to
illustrate. Gatewood recommends that as merchants hurry to
create and introduce cloud-based methods; they may miss the
mark on including the essential records of administration
controls. Moreover, investigating a various security features
[21-23] could be an interesting path to explore in the future
to protect Big Data [24].
Researchers have discovered many issues in a cloud
environment and start working on these matters in order to
minimize these problems. There are threats for using utility
computing, as some of the significant results, corresponds to
our given results in the table below. This table summarizes
the different techniques used to address the security and
privacy of the big data in the cloud computing by a different
study. There are new security and privacy issues that are
identified in the rest of the papers that is obsolete to the
argument of this study.
Problem identified Result
Kerberos encrypts This technique provides a secure
considerable shorter one- authentication in an open
way hash environment and it is very costly
regarding CPU power and time.
2. Bertino et al. XML Document- In this, the queries can be processed The information size was XML data document is used for a
(2014) [12] Cryptography and according to the policy provided by increased in XML secure environment to access
digital signature cloud provider, instead of processing format, and it created control of the third party, which
technique all queries. some integrity issues in introduces another trusted layer of
government, health, and security to the model.
finance area because of
the mode of delivery of
content.
3. Kevin Cryptographic The sensitive data can be stored in Managing private and If Intruder can get the database,
Hamlen encrypted form in the database rather public key however, they cannot get actual
(2013) [2] than plain text. data due to encryption of data.

4. Zhou et al. Declarative This technique is used to explore the Data management issues Data-centric security provides
(2016, 2012) Secure Distributed security premises of secure data are listed below: - secure query processing, efficient
[10, 9] Systems (DS2) sharing between the apps hosted on System analysis and end-to-end verification of data,
the clouds. forensic system analysis and forensics
Distributed query
processing
Query correction
assurance
5. Rongxing et Bilinear pairing This system uses five steps to control Data forensics and post Difficult to implement because it is
al. (2010) technique unauthorized user access and resolves examination based on a complex mathematical
[13] disputes of big data. The five steps model. However, this system
are: Setup, key generation, pushes the use of cloud computing
AnonyAuth, AuthAccess, and for full recognition to the public
Provenance tracking
6. Bleikertz et Amazons EC2 Amazon's EC2 have applied Reachability audit of Amazon EC2 provides a robust
al. (2010) specialized query policy language for Amazon security graphs analysis of security attacks and
[14] security analysis model and weigh up and groups vulnerabilities to enhance the
it for the practical domain. This security policies. However, it is
security analysis has been unique to Amazon, and it could be
implemented in Python and weighs up contributed more if it would be
that was calculated on Amazon EC2 general.
7. Lombardi et Transparent Cloud TCPS can be utilized to watch the Cloud security TCPS gives enhanced security,
al. (2010) Protection System visitors integrity and keeping the vulnerabilities and transparency, and interruption
[15] (TCPS) honesty and virtualization. attacks identification system, however, they
have not accepted their work, nor
they have sent in expert cloud
computing situation.
8. Roy et al. Airavat This technique provides strong -It supports a small set of Airavat is the first system that
(2010) [16], MapReduce-based security and privacy by preventing reducers. calculates access control with
[17] system leakage of sensitive data using access -Airavat generates differential privacy without auditing
control mechanism enough noise in order to untrusted codes
assure the differential
privacy of values.
9. Mladen et al. Virtual VCL is an open source end-to-end service A theoretical concept so it is not
(2008) [18] Computing implementation that provides NYU insulation via VPN, SSH proposed as much. It could have
Laboratory students with virtual access to tunnels, and VLANs contributed if the practical things
technique software applications that are were discussed in this work.
academically relevant.

with cloud computing such as databases, networking,

VI. CONCLUSION
This study has reviewed selected publication from
different sources to identify and evaluate gaps regarding
security issues in cloud-associated problems with big data.
The cloud computing is an emerging technology that most of
the organizations are developing, as this system is constantly
evolving in this environment. This system has numerous
benefits, nonetheless, security and privacy issues are at the
top to control sensitive data, including many technologies
virtualization, and operating systems that are problematic as
well. Using different studies, we have identified some major
research problems that should be taken into account to
ensure the security of big datas success. Moreover, the
management solution of only one secure big data after
integrating with the cloud needs is yet to be designed. In
RDBM (Relational Database Management), the problem of
protecting the system from attacks by utilizing the resources
and mitigate risks is only one important problem. However,
the security solutions are being discovered yet, and even

371
leading providers like Amazon, Google, etc. is facing
security issues. Therefore, the decision of adopting cloud
computing is still in the progress and could be based on
ration of benefits to eliminate threats and risk.
REFERENCES
[1] B. Matturdi, X. Zhou, S. Li and F. Lin, "Big Data security
and privacy: A review", China Communications, vol. 11, no.
14, pp. 135-145, 2014.
[2] T. Erl, R. Puttini and Z. Mahmood, Cloud computing. 2013
[3] W. Wei and X. Gu, "SecureMR: A Service Integrity
Assurance Framework for MapReduce", Proceedings of
IEEE CCIS2012, pp. 240-244, 2012..
[4] A. Gholami and E. Laure, "Big Data Security and Privacy
Issues in the CLOUD", International Journal of Network
Security & Its Applications, vol. 8, no. 1, pp. 59-79, 2016.
[5] F. Shaikh and S. Haider, "Security treats in Cloud
Computing", Int. Conf. for Internet Technology and Secured
Transactions (ICITST), Abu Dhabi, pp 214 219, 2011.
[6] P. Hoving and J. Essn, "Minutes from the first meeting of
TC 11, security and protection in information processing
systems", Computers & Security, vol. 4, no. 2, pp. 149-152,
1985.
[7] "IEEE Cloud Computing Special Issue on Cloud Security",
IEEE Cloud Comput., vol. 2, no. 5, pp. c2-c2, 2015.
[8] C. Pfleeger, Security in Computing. Upper Saddle River, NJ:
Prentice Hall PTR, 1997.
[9] Y. Zhang and Y. Zhou, "TransOS: a transparent computing-
based operating system for the cloud", International Journal
of Cloud Computing, vol. 1, no. 4, pp. 287, 2012.
[10] W. Zhou, "Towards a Data-centric View of Cloud Security",
2016.
[11] A. Narwal and S. Tomar, "Kerberos Protocol: A Review",
IJERT, vol. 4, no. 04, 2015.
[12] V. Inukollu, S. Arsi and S. Rao Ravuri, "Security Issues
Associated with Big Data in Cloud Computing",
International Journal of Network Security & Its Applications,
vol. 6, no. 3, pp. 45-56, 2014.
372
[13] Rongxing et al, Secure Provenance: The Essential Bread and
Butter of Data Forensics in Cloud Computing, ASIACCS10,
Beijing, China.
[14] S. Bleikertz et al, "Security Audits of Multi-tier Virtual
Infrastructures in Public Infrastructure Clouds", 2010.
[15] F. Lombardi and R. Pietro, "Transparent Security for
Cloud", SAC '10 Proceedings of the 2010 ACM Symposium
on Applied Computing, no. 978-1-60558-639-7, pp. 414-415,
2010.
[16] I. Roy et al., "Airavat: Security and Privacy for MapReduce",
NSDI, vol. 10, pp. 297-312, 2010.
[17] I. Roy, "Airavat: Security and Privacy for MapReduce",
google.com, 2016.
[18] M. Vouk, "Cloud Computing- Issues, Research and
Implementations", Journal of Computing and Information
Technology, vol. 16, no. 4, p. 235, 2008.
[19] T. Betcher, "Cloud Computing: Key IT-Related Risks and
Mitigation Strategies for Consideration by IT Security
Practitioners", 2010.
[20] B. Gatewood, "Clouds On the Information Horizon: How To
Avoid The Storm", CRM, vol. 43, no. 4, pp. 32-36, 2009.
[21] D. V. Pham, A. Syed, A. Mohammad and M. N. Halgamuge,
"Threat Analysis of Portable Hack Tools from USB Storage
Devices and Protection Solutions", International Conference
on Information and Emerging Technologies, pp 1-5, Karachi,
Pakistan, June 2010.
[22] D. V. Pham, A. Syed, M. N. Halgamuge, Universal serial bus
based software attacks and protection solutions, Digital
Investigation 7 (3), 172-184, 2011.
[23] D. V. Pham, M. N. Halgamuge, A. Syed P. Mendis,
Optimizing windows security features to block malware and
hack tools on USB storage devices, Progress in
electromagnetics research symposium, 350-355, 2010.
[24] V. Vargas, A. Syed, A. Mohammad, and M. N. Halgamuge,
"Pentaho and Jaspersoft: A Comparative Study of Business
Intelligence Open Source Tools Processing Big Data to
Evaluate Performances", Int. Journal of Advanced Computer
Science and Applications (IJACSA), vol 7, no 10, pp 20-29,
November 2016.