Cloud computing is a set of web-based resources and services. Cloud services are delivered worldwide from data centers. By providing virtual resources via the internet, cloud computing facilitates its consumers. Google apps, provided by Google and Microsoft SharePoint, are a general example of cloud services. The rapid growth in the "cloud computing" field also increases serious security concerns. Security remained a constant problem for Open Systems and the Internet. Lack of security is the only obstacle to broad cloud computing adoption. The cloud computing boom has created many security challenges for consumers and service providers. This survey aims to identify the most vulnerable security threats in cloud computing, enabling both end users and vendors to understand the key security threats associated with cloud computing. Our work will enable researchers and security professionals to know about the concerns of users and vendors and critical analysis of the various proposed security models and tools. In a cloud computing environment, all data resides over a set of networked resources, enabling access to data via virtual machines. Because these data centers may be beyond the reach and control of users in any corner of the world, there are multiple security and privacy challenges that need to be understood and addressed. There are various issues that need to be addressed in a cloud computing scenario regarding security and privacy. This survey paper aims at elaborating and analyzing the numerous unresolved issues that threaten the adoption and diffusion of cloud computing.

Cloud computing, Cloud Security , DDoS attacks, Software as a Service (SaaS), Platform as a Service (PaaS), Infrastructure as a Service (IaaS).

[1] H. Abbas, O. Maennel, S. Assar, “Security and privacy issues in cloud computing”, Institut Mines-Télécom and Springer-Verlag France 2017.
[2] M. H. Khan, “A Survey of Security Issues For Cloud Computing”, Journal of Network and Computer Applications, ELSEVIER 2016.
[3] B. Duncan, M. Whittington, “Enhancing Cloud Security and Privacy: The Power and the Weakness of the Audit Trail”, CLOUD COMPUTING 2016 : The Seventh International Conference on Cloud Computing, GRIDs, and Virtualization.
[4] D. Puthal, B. P. S. Sahoo, S. Mishra, S. Swain, “Cloud Computing Features, Issues and Challenges: A Big Picture”, 2015 International Conference on Computational Intelligence & Networks (CINE 2015)
[5] M. Ali, S U. Khan, A V. Vasilakos, “Security in cloud computing: Opportunities and challenges”, Information Sciences 305 (2015) pp 357–383 ELSEVIER.
[6] M.Al Morsy, Z.Grundy, Ingo Müller, “An Analysis of the Cloud Computing Security Problem”, 17th Asia-Pacific Software Engineering Conference (APSEC 2010) Cloud Workshop, Sydney, Australia, 30 November-03 December 2010.
[7] Rongxing et al, ―Secure Provenance: The Essential Bread and Butter of Data Forensics in Cloud Computing‖, ASIACCS‘10, Beijing, China..
[8] R. La‘Quata Sumter, ―Cloud Computing: Security Risk Classification‖, ACMSE 2010, Oxford, USA
[9]Mladen A. Vouch, ―Cloud Computing Issues, Research and Implementations‖, Journal of Computing and Information Technology - CIT 16, 2008, 4, 235–246
[10]Wenchaoet al, ―Towards a Data-centric View of Cloud Security‖, CloudDB 2010, Toronto, Canada
[11] Soren Bleikertz et al, ―Security Audits of Multi-tier Virtual Infrastructures in Public Infrastructure Clouds‖, CCSW 2010, Chicago, USA.
[12] Wayne A. Jansen, ―Cloud Hooks: Security and Privacy Issues in Cloud Computing‖, 44th Hawaii International Conference on System Sciesnces 2011.
[13] Dan Lin & Anna Squicciarini, ―Data Protection Models for Service Provisioning in the Cloud‖, SACMAT‘10, 2010, Pittsburgh, Pennsylvania, USA
[14]. Cong Wang, Qian Wang, Kui Ren, and Wenjing Lou, “Ensuring Data Storage Security in Cloud Computing,”
17th International workshop on Quality of Service, USA, pp.1-9, July 13-15, 2009, ISBN: 978-1-4244-3875-4
[15].Shantanu Pal, Sunirmal Khatua, Nabendu Chaki, Sugata Sanyal, “A New Trusted and Collaborative Agent Based Approach for Ensuring Cloud Security,” Annals of Faculty Engineering Hunedoara International Journal of Engineering (Archived copy), scheduled for publication in vol. 10, issue 1, January 2012. ISSN: 1584-2665.
[16]Josh Karlin, Stephanie Forrest, Jennifer Rexford, “Autonomous Security for Autonomous Systems,” Proc. Of Complex Computer and Communication Networks; vol. 52, issue. 15, pp. 2908- 2923, Elsevier, NY, USA, 2008.
[17] I Foster, Yong Zhao, I Raicu, and S Lu. Cloud computing and grid computing 360-degree compared. In Grid Computing Environments Workshop, 2008. GCE `08,
[18] Peter Mell and Tim Grance. The NIST definition of cloud computing. National Institute of Standards and Technology, 53(6):50, 2009. 7, 9
[19] William; Athley Ambrose. Cloud Computing : Security Risks, SLA, and Trust. 2010. With Cloud Computing becoming a popular term on the Information Technology (IT) market, security and accountability has become important issues to highlight.
[20] S. Ramgovind, Mariki M. Elo_, and E. Smith. “The management of security in cloud computing “ Information Security for South Africa (ISSA), 2010
[21]Parkhill D (1966) The challenge of the computer utility. Addison- Wesley, Reading
[22] D. Naccache et al., “Buffer Overflow Attacks,” Encyclopedia of Cryptography and Security, Boston, MA: Springer US, 2011, pp. 174–177.
[23] K.S. Kumar and N.R. Kisore, “Protection against Buffer Overflow Attacks through Runtime Memory Layout Randomization,” in Intl Conf. on Information Technology, 2014, pp. 184–189.
[24] C.P. Pfleeger and S.L. Pfleeger, "Security in computing," Prentice Hall, 2006.
[25] C. Cowan et al., “StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks, ” 7th USENIX Security Symp., San Antonio, Texas, Jan. 1998.
[26] S.K. Das, K. Kant, and N. Zhang, "Handbook on securing cyber-physical critical infrastructure," Morgan Kaufmann, 2012.
[27] A. Chonka, Y. Xiang, W. Zhou, and A. Bonti, “Cloud security defence to protect cloud computing against HTTP-DoS and XML-DoS attacks,” J. Netw. Comput. Appl., vol. 34 (4), July 2011, pp. 1097–1107.
[28] A. Mitrokotsa and C. Douligeris, “Detecting denial of service attacks using emergent self-organizing maps,” 5th IEEE Intl. Sym. on Signal Processing and Information Technology, 2005, pp. 375–380.
[29] P.L.S. Kumari and A. Damodaram, “An Alternative Methodology for Authentication and Confidentiality Based on Zero Knowledge Protocols Using Diffie-Hellman Key Exchange,” Intl. Conf. on Information Technology, 2014, pp. 368–373.
[30] Z. Wang, K. Sun, S. Jajodia, and J. Jing, “Proof of Isolation for Cloud Storage,” Secure Cloud Computing, Springer, New York, 2014, pp. 95–121. [31] L. Rodero-Merino, L. Vaquero, E. Caron, F. Desprez, and A. Muresan, “Building Safe PaaS Clouds: a Survey on Security in Multitenant Software Platforms,” Computers and Security, vol. 31 (1), Feb. 2012.
[32]R.L. Krutz and R.D. Vines, "Cloud security : a comprehensive guide to secure cloud computing,"Wiley, 2010.