Secure Multi-Tenancy in Cloud Computing: Challenges and Solutions
Abstract
Multi-tenancy is a defining feature of cloud computing, allowing multiple customers to share resources within the same infrastructure. While this enhances resource utilization and cost efficiency, it also introduces significant security concerns, such as data leakage, unauthorized access, and resource contention. This paper investigates the key security challenges associated with multi-tenancy in cloud environments and proposes a novel framework for secure tenant isolation. The framework leverages cryptographic techniques, secure hypervisors, and policy-based access controls to ensure data confidentiality and integrity. Through a series of simulations and real-world case studies, the proposed solution demonstrates improved resistance to cross-tenant attacks and enhanced overall security posture. The study concludes with recommendations for cloud service providers to strengthen multi-tenant security.
References
Almutairi, A., Sarfraz, M., Basalamah, S., Aref, W. G., & Ghafoor, A. (2012). A distributed access control architecture for cloud computing. IEEE Software, 29(2), 36–44.
Bhardwaj, S., Jain, L., & Jain, S. (2010). Cloud computing: A study of infrastructure as a service (IaaS). International Journal of Engineering and Information Technology, 2(1), 60–63.
Chen, D., & Zhao, H. (2012). Data security and privacy protection issues in cloud computing. Proceedings of the International Conference on Computer Science and Electronics Engineering (pp. 647–651).
Cloud Security Alliance. (2011). Security guidance for critical areas of focus in cloud computing (Version 3.0). Cloud Security Alliance.
Gupta, P., Seetharaman, A., & Raj, J. R. (2013). The usage and adoption of cloud computing by small and medium businesses. International Journal of Information Management, 33(5), 861–874.
Jensen, M., Schwenk, J., Gruschka, N., & Iacono, L. L. (2011). On technical security issues in cloud computing. Proceedings of the IEEE International Conference on Cloud Computing (pp. 109–116).
Khan, K. M., & Malluhi, Q. M. (2010). Establishing trust in cloud computing. IT Professional, 12(5), 20–27.
Li, X., Ping, L., Rong, C., & Zhang, Y. (2012). Efficient encryption for cloud storage. Proceedings of the IEEE International Conference on Cloud Computing (pp. 511–514).
Ristenpart, T., Tromer, E., Shacham, H., & Savage, S. (2009). Hey, you, get off my cloud: Exploring information leakage in cloud computing. Proceedings of the 16th ACM Conference on Computer and Communications Security (pp. 199–212).
Subashini, S., & Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing. Journal of Network and Computer Applications, 34(1), 1–11.