Enhancing Data Security and Access Control in Cloud Computing: A Comparative Study of Active Data Cube Framework (ADCu) and Traditional Approaches

preprint OA: closed
Full text JSON View at publisher
AI-generated deep summary by claude@2026-07, 2026-07-03 · read from full text

This preprint proposes the Active Data Cube (ADCu) framework for enhancing data security and access control in cloud computing by evaluating its ability to mitigate unauthorized access, insider threats, and denial of service (DoS) attacks. The authors compare ADCu against traditional approaches including encryption-based systems, Role-Based Access Control (RBAC), and the Zero Trust Model using an experimental setup with reported outcomes on attack mitigation rate, response time, and resource efficiency. A stated limitation is that the work is a preprint that has not been peer reviewed, and it mainly provides comparative performance and a single healthcare cloud case study rather than broader validation across domains or threat models. Relevance to endometriosis: the paper is not about endometriosis or adenomyosis; it is included in the corpus via keyword match because it discusses healthcare cloud systems that could relate tangentially to health data security contexts.

Read from the paper's body, not the abstract. Not a substitute for reading the paper. No clinical advice. How this works

Full text 146,850 characters · extracted from preprint-html · click to expand
Enhancing Data Security and Access Control in Cloud Computing: A Comparative Study of Active Data Cube Framework (ADCu) and Traditional Approaches | Research Square window.SnipcartSettings = { analytics: { enabled: false } }; (function() { var accessVector = localStorage.getItem('access_vector') || ''; window.dataLayer = window.dataLayer || []; if (accessVector) { window.dataLayer.push({ user: { profile: { profileInfo: { snid: accessVector } } } }); } })(); (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src='https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);})(window,document,'script','dataLayer','GTM-K279D39R'); Browse Preprints In Review Journals COVID-19 Preprints AJE Video Bytes Research Tools Research Promotion AJE Professional Editing AJE Rubriq About Preprint Platform In Review Editorial Policies Our Team Advisory Board Help Center Sign In Submit a Preprint Cite Share Download PDF Research Article Enhancing Data Security and Access Control in Cloud Computing: A Comparative Study of Active Data Cube Framework (ADCu) and Traditional Approaches Aliakbar Rouholahi, Karamollah Bagherifard, Razieh Malekhosseini This is a preprint; it has not been peer reviewed by a journal. https://doi.org/ 10.21203/rs.3.rs-7028024/v1 This work is licensed under a CC BY 4.0 License Status: Posted Version 1 posted You are reading this latest preprint version Abstract This article presents the Active Data Cube (ADCu) framework as an innovative approach to enhancing data security and access control in cloud computing environments. The research evaluates ADCu's effectiveness in mitigating various types of cyber-attacks, including unauthorized access, insider threats, and Denial of Service (DoS) attacks. Through a comprehensive experimental setup, ADCu was compared with traditional security models such as encryption-based systems, Role-Based Access Control (RBAC), and the Zero Trust Model. The results indicate that ADCu outperforms these models in terms of attack mitigation rates, response time, and resource efficiency, making it an ideal solution for scalable and high-performance cloud environments. The study also highlights the potential for further integration with artificial intelligence and blockchain technologies to enhance its capabilities. Finally, a case study in healthcare cloud systems illustrates the practical application and benefits of ADCu in securing sensitive data. This research concludes with suggestions for future work, including expanding ADCu to other domains such as banking and education, and enhancing its adaptability to emerging security threats. Active Data Cube Cloud Security Attack Mitigation Access Control Resource Efficiency Figures Figure 1 Figure 2 Figure 3 Figure 4 Figure 5 1. Introduction 1.1 Overview of Cloud Computing Cloud computing refers to the delivery of a wide range of services over the internet, including data storage, networking, processing power, and software applications. This model allows users to access computing resources without owning or maintaining physical infrastructure, making it more cost-effective and flexible than traditional computing models (Mell & Grance, 2011). By leveraging shared resources, cloud computing offers the ability to scale infrastructure according to demand, allowing for efficient resource allocation. This scalability and flexibility are essential for organizations seeking to optimize their IT infrastructure (Armbrust et al., 2010 ). Cloud services are typically categorized into three service models: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). IaaS provides virtualized computing resources over the internet, allowing businesses to rent IT infrastructure instead of investing in physical hardware (Akinade & Adepoju, 2025 , p. 3). PaaS, on the other hand, offers a platform for developers to build and deploy applications without managing the underlying infrastructure, significantly reducing development time and costs (Buyya et al., 2011). SaaS delivers software applications over the internet, such as email and customer relationship management tools, eliminating the need for local installations and maintenance (Patell & Rekha, 2014 ). The cloud computing model has become a game-changer in the IT industry, offering substantial benefits, including cost reduction, scalability, and accessibility. These advantages have led to widespread adoption across various sectors, including healthcare, finance, and education. However, despite its many benefits, cloud computing also presents significant challenges, especially in terms of data security and privacy. Addressing these concerns is crucial for ensuring the trust and adoption of cloud technologies in sensitive sectors (Zissis & Lekkas, 2012 ). 1.2 Data Security Challenges in Cloud Environments Cloud computing has transformed the way organizations store and process data, offering numerous advantages such as scalability, cost efficiency, and accessibility. However, it also introduces several data security challenges that must be addressed to ensure the confidentiality, integrity, and availability of sensitive information. The primary security concerns in cloud environments revolve around data privacy, data access control, and data integrity. One of the most significant challenges in cloud computing is ensuring data privacy. Since data in the cloud is stored and processed remotely by third-party service providers, users often lose direct control over their information, leading to concerns about unauthorized access and potential breaches. This risk is heightened in multi-tenant cloud environments, where data from different clients is stored on the same physical infrastructure (Subashini & Kavitha, 2011 ). To address this, cloud service providers must implement robust encryption techniques to ensure that data remains private and protected from unauthorized access (Pearson, 2013 ). Another major issue is access control. In cloud environments, where users often access services from various devices and locations, it becomes challenging to maintain secure and efficient access controls. Traditional access control mechanisms, such as Role-Based Access Control (RBAC), may not be sufficient in a cloud environment due to the dynamic and distributed nature of cloud systems. More advanced techniques, such as attribute-based access control (ABAC), are being explored to provide fine-grained and context-aware security (Rasal, 2021 ). Additionally, Single Sign-On (SSO) systems, while convenient for users, can create vulnerabilities if not properly secured, as a breach of a single user account can potentially grant access to multiple cloud services (Fernandes et al., 2014 ). Data integrity is another critical challenge. The integrity of data refers to ensuring that data is accurate, consistent, and unaltered during storage or transmission. Cloud computing systems, particularly in distributed environments, are susceptible to data corruption or unauthorized modification. Implementing cryptographic techniques, such as digital signatures and hashing algorithms, can help verify the integrity of data stored in the cloud (Akinade & Adepoju, 2025 , p. 3). However, these mechanisms must be carefully managed to avoid performance degradation. Furthermore, cloud providers often rely on third-party vendors for critical security tasks, creating a dependency that can introduce risks if the third parties do not follow the same stringent security practices. Regulatory and compliance issues also play a role in data security challenges, as organizations must ensure that their data storage and processing comply with regional laws such as the General Data Protection Regulation (GDPR) in Europe (Zissis & Lekkas, 2012 ). In conclusion, while cloud computing offers substantial benefits, it also requires robust data security strategies to mitigate the risks associated with privacy, access control, and data integrity. Addressing these challenges is essential for organizations to confidently adopt cloud technologies without compromising the security of their sensitive data. 1.3 Importance of Enhancing Data Security and Access Control Enhancing data security and access control in cloud computing environments is of paramount importance due to the increasing reliance on cloud services for storing sensitive data. The cloud offers immense benefits such as cost reduction, scalability, and flexibility; however, these advantages come with the inherent risk of exposing sensitive information to unauthorized access and cyberattacks. As organizations increasingly adopt cloud computing for critical functions such as data storage, healthcare management, and financial transactions, securing this data becomes vital for maintaining the integrity, privacy, and trust of users and organizations alike (Armbrust et al., 2010 ). Data security is essential because cloud environments host massive amounts of sensitive data, including personal information, financial records, and intellectual property. Without robust data security mechanisms, this information is vulnerable to breaches, unauthorized access, and tampering, which can result in significant financial and reputational damage to organizations (Patell & Rekha, 2014 ). As such, cloud service providers must implement strong encryption methods, secure storage solutions, and comprehensive security protocols to ensure that data remains protected from potential attacks, such as man-in-the-middle (MitM) and denial of service (DoS) attacks (Akinade & Adepoju, 2025 ). Access control is equally crucial in cloud computing, especially as cloud systems typically involve numerous users with varying levels of access. Efficient access control mechanisms ensure that only authorized users are permitted to access sensitive information, minimizing the risk of data leaks. Traditional models, such as Role-Based Access Control (RBAC), may not be sufficient in cloud environments where dynamic and flexible access control is needed. More advanced models like Attribute-Based Access Control (ABAC) and Context-Aware Access Control (CAAC) offer the flexibility required to adapt to the continuously evolving nature of cloud systems (Zissis & Lekkas, 2012 ). These mechanisms help organizations manage user identities, control permissions, and track access requests in real-time, thus providing an additional layer of security. The importance of enhancing data security and access control extends beyond protecting individual organizations. As cloud computing enables collaboration and data sharing across industries and borders, it becomes crucial to establish universal standards for security and privacy to promote trust and compliance. For example, regulatory frameworks such as the General Data Protection Regulation (GDPR) in the European Union and the Health Insurance Portability and Accountability Act (HIPAA) in the United States impose strict guidelines on data protection, requiring organizations to adopt secure cloud storage solutions that comply with legal and ethical standards (Pearson, 2013 ). In conclusion, enhancing data security and access control is critical to the ongoing success and widespread adoption of cloud computing. With the proper safeguards in place, organizations can mitigate risks, ensure compliance with regulations, and maintain the confidentiality and integrity of their data, ultimately fostering greater trust among users and stakeholders (Rasal, 2021 ). 1.4 Objective of the Study and Article Overview The primary objective of this study is to explore and enhance the security of cloud computing environments, specifically focusing on data security and access control mechanisms. With cloud computing becoming an integral part of various industries, particularly in sectors such as healthcare, finance, and e-commerce, the need to ensure secure data storage, processing, and access is paramount. This article aims to provide a comprehensive examination of how the Active Data Cube (ADCu) framework can be employed to address common security challenges, such as unauthorized access, data breaches, and malicious cyber-attacks, in cloud environments. This study investigates the potential of ADCu as a novel approach for securing cloud-based data by incorporating both active and passive security measures. The focus will be on evaluating the effectiveness of ADCu in mitigating security risks, enhancing data privacy, and providing a robust framework for access control. By analyzing existing research on cloud security and traditional data protection methods, this article aims to identify the gaps in current cloud security practices and propose ADCu as an innovative solution for improving cloud data security (Akinade & Adepoju, 2025 , Rasal, 2021 ). The article will begin with a detailed overview of cloud computing and its security challenges, followed by an introduction to the ADCu framework. The study will then compare ADCu with traditional cloud security models, such as Role-Based Access Control (RBAC) and data encryption techniques. Through a series of experimental evaluations, the study will assess ADCu's performance in addressing common security concerns, including unauthorized data access, integrity verification, and the efficient management of large-scale cloud data. The research will also provide practical insights into the implementation of ADCu in real-world cloud environments, particularly in healthcare and financial sectors, where data protection is critical. By the end of the article, the study aims to demonstrate that the ADCu framework offers a highly effective solution for enhancing data security and access control in cloud computing, making it an essential tool for organizations that are looking to secure sensitive data in an increasingly digital and cloud-based world. 2. Literature Review 2.1 Cloud Computing Security Landscape Cloud computing has emerged as a transformative technology that fundamentally reshapes how organizations manage their IT infrastructure and deliver services. According to Armbrust et al. ( 2010 ), cloud computing represents a paradigm shift in the delivery of computing resources, offering advantages such as elasticity, pay-as-you-go pricing, and reduced capital expenditure. However, this technological evolution has introduced significant security challenges that continue to evolve with the rapid adoption of cloud services. Mather et al., ( 2009 ) in their seminal work "Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance" identify that while cloud computing offers ideal solutions for controlling IT costs, many organizations lack understanding of the privacy and security implications of these services. The authors emphasize that the shared responsibility model inherent in cloud computing creates unique security challenges, as organizations must navigate the delineation between provider and customer security obligations. Recent systematic literature reviews provide comprehensive insights into the current security landscape. Ahmadi ( 2024 ) conducted an extensive analysis revealing that distributed denial-of-service (DDoS) attacks, account hijacking, malware attacks, and data breaches remain the most prevalent threats in cloud environments. This finding is supported by Khodaparast et al. (2022), who note that cloud computing security challenges are exacerbated by the service-based models (IaaS, PaaS, SaaS) that each present unique vulnerabilities and require tailored security approaches. The quantitative analysis by Gonzalez et al. ( 2012 ) demonstrates that while migrating to the cloud remains financially attractive, organizations must carefully evaluate security aspects before adoption. Their research identifies that security concerns are inherited not only from the underlying technologies used to create cloud services but also from the unique characteristics of cloud architectures, including multi-tenancy, virtualization, and distributed data storage. 2.2 Active Data Cube (ADCu) Framework Overview While the Active Data Cube (ADCu) framework represents an emerging approach to cloud security, its conceptual foundation aligns with modern security architectures that integrate real-time analytics with adaptive security measures. The framework's approach reflects the evolution described by Subramanian and Jeyaraj (2018), who emphasize the need for security mechanisms that can adapt to the dynamic nature of cloud environments. The integration of real-time data analytics in security frameworks has become increasingly critical. As noted by Khan et al. ( 2024 ), modern cloud security frameworks must move beyond static security policies to implement dynamic, context-aware security measures that can respond to evolving threats in real-time. This approach aligns with the ADCu framework's philosophy of integrating continuous monitoring and adaptive security controls. The framework's emphasis on secure query processing and data management corresponds with the challenges identified by Chen and Zhao ( 2012 ), who highlight that data security and privacy protection remain fundamental concerns in cloud computing. The ability to process sensitive data while maintaining confidentiality represents a critical capability for modern cloud security frameworks. 2.3 Traditional Approaches to Data Security in Cloud Environments Traditional security approaches in cloud computing have primarily relied on adaptations of conventional IT security measures. Hashizume et al. ( 2013 ) provide a comprehensive analysis of traditional security mechanisms, including encryption, firewalls, and access control systems. Their research reveals that while these mechanisms provide baseline protection, they often prove insufficient when confronted with cloud-specific threats. Encryption remains a cornerstone of cloud security, as detailed by Bentajer et al. ( 2018 ), who propose advanced cryptographic systems for ensuring data confidentiality in public cloud storage. However, traditional encryption approaches face limitations when dealing with the dynamic nature of cloud environments and the need for data processing in encrypted form. The limitations of traditional security approaches are further elaborated by Jensen et al. ( 2009 ), who identify technical security issues specific to cloud computing that cannot be adequately addressed by conventional security measures. These include vulnerabilities in virtualization layers, challenges in securing multi-tenant environments, and the complexity of managing security across distributed cloud resources. Basu et al. ( 2018 ) conducted a survey revealing that traditional security solutions often fail to address the unique characteristics of cloud environments, particularly in areas such as data location transparency, resource pooling, and rapid elasticity. Their research emphasizes that organizations must adopt cloud-specific security strategies rather than simply extending traditional IT security practices. 2.4 Previous Research and Developments in Cloud Security The evolution of cloud security research has been marked by significant advances in both theoretical understanding and practical implementations. Tari ( 2014 ) provides a foundational overview of security and privacy challenges in cloud computing, establishing a framework for understanding the multifaceted nature of cloud security concerns. Recent developments have focused on addressing specific cloud security challenges through innovative approaches. Abdulsalam and Hedabou ( 2021 ) propose decentralized data integrity schemes that preserve privacy while ensuring data authenticity in cloud environments. This work represents a shift toward distributed security mechanisms that align with the distributed nature of cloud architectures. The research by Nafea and Almaiah ( 2021 ) presents a comprehensive review of cyber security threats in cloud environments, categorizing threats based on their impact and likelihood. Their literature review reveals an evolution from reactive security measures to proactive threat detection and prevention strategies, emphasizing the importance of continuous monitoring and threat intelligence. Kumar and Goyal ( 2019 ) explore on-cloud security requirements, threats, vulnerabilities, and countermeasures through a detailed survey. Their work identifies emerging trends in cloud security research, including the integration of machine learning for threat detection, the development of cloud-native security tools, and the adoption of zero-trust architectures for cloud environments. 2.5 Security Frameworks in Cloud Computing: A Comparative Review The landscape of cloud security frameworks has evolved significantly to address the unique challenges posed by cloud computing. Di Giulio et al. ( 2017 ) conduct a comparative analysis of cloud security standards, examining whether new frameworks are effectively improving cloud security. Their research evaluates frameworks including NIST guidelines, ISO/IEC standards, and industry-specific frameworks. The analysis by Kasse et al., ( 2019 ) provides a comparative evaluation of various cloud security frameworks, including COBIT5, NIST Cybersecurity Framework, ISO/IEC 27017, CSA STAR, and AWS Well-Architected Framework. Each framework offers distinct approaches to addressing cloud security challenges, with varying focus on governance, technical controls, and compliance requirements. Kasse et al., ( 2019 ) present an analysis of cloud security frameworks, examining their strengths, limitations, and implementation requirements. Their research reveals that while traditional compliance-focused frameworks provide clear implementation guidelines, they often lack the flexibility needed to address rapidly evolving cloud threats. In contrast, modern adaptive frameworks offer enhanced protection but require more sophisticated implementation strategies. The emergence of zero-trust architectures represents a paradigm shift in cloud security frameworks. As documented in multiple recent studies, zero-trust principles challenge the traditional perimeter-based security model by implementing continuous verification and least-privilege access controls. This approach is particularly relevant for cloud environments where traditional network boundaries are increasingly meaningless. Recent research has also focused on the practical implementation of security frameworks in cloud environments. The comparative analysis reveals that successful framework implementation requires not only technical controls but also organizational changes, including security awareness training, updated governance structures, and continuous monitoring capabilities. The evolution toward integrated, automated security frameworks represents the future direction of cloud security, promising more effective protection against sophisticated threats while maintaining operational efficiency. 3. Conceptual Framework and Research Design This study explores the Active Data Cube (ADCu) framework as an innovative approach to enhancing data security and access control in cloud computing environments. The conceptual framework is designed to address critical security concerns such as data integrity, confidentiality, and access management in dynamic cloud systems. The ADCu framework incorporates both active and passive security measures, ensuring robust protection of sensitive data across multiple layers. This multi-layered approach offers a comprehensive solution by safeguarding data both during storage and transmission, enforcing secure access policies, and managing data operations across cloud environments. At its core, the ADCu framework is structured into three key layers: Core Data Protection, Data Security and Control, and Data Operations and Management. The Core Data Protection Layer primarily focuses on safeguarding sensitive data through encryption techniques such as homomorphic encryption and secure multi-party computation. These methods protect data from unauthorized access or tampering, ensuring that only authenticated users with the correct permissions can access the data. This foundational layer is crucial for maintaining data confidentiality and security across cloud services. The Data Security and Control Layer plays a central role in managing access control by employing models like Attribute-Based Access Control (ABAC), which allows fine-grained control over who can access specific data based on user attributes or environmental conditions. Additionally, this layer integrates continuous monitoring and auditing mechanisms to detect potential violations or unauthorized access attempts in real time. These active monitoring and policy enforcement tools ensure that only authorized actions are carried out on the protected data, further strengthening the security of cloud systems. Lastly, the Data Operations and Management Layer is responsible for overseeing the movement, backup, and synchronization of data across the cloud. It ensures that data is properly replicated, backed up, and remains accessible to users in a secure manner. This layer also manages data mobility and replication, ensuring data integrity and availability during cloud transitions or in the event of system failures or attacks. By ensuring seamless data operations, this layer plays a vital role in maintaining data continuity and availability across distributed cloud systems. Traditional security approaches, such as encryption-based methods, Role-Based Access Control (RBAC), and the Zero Trust Model, continue to be widely used in cloud computing. These conventional models offer valuable security measures but are often limited in their ability to handle the evolving and dynamic needs of cloud environments. Encryption-based methods, while essential for ensuring data confidentiality, can result in significant performance overheads and do not fully address concerns like access control or data integrity (Buyya et al., 2011). RBAC, although effective for static access control, struggles in environments with dynamic user roles or frequent changes in access needs, making it less adaptable than newer models like ABAC (Akinade & Adepoju, 2025 ). The Zero Trust Model, which assumes no trust by default and mandates continuous authentication, offers robust security but can be resource-intensive and complex to implement, particularly in distributed cloud systems (Patell & Rekha, 2014 ). These limitations underscore the importance of more flexible and efficient frameworks like ADCu, which can dynamically address the security challenges posed by modern cloud environments. 4. Research Methodology The objective of this research is to evaluate the effectiveness of the Active Data Cube (ADCu) framework in enhancing data security and access control in cloud environments. To achieve this, an experimental methodology was designed, including the simulation of various cyber-attacks, the evaluation of key security metrics, and the implementation of the ADCu framework in a controlled cloud environment. 4.1 Experiment Setup and Cyber-Attack Simulation The experimental setup involves creating a cloud-based testbed using OpenStack, a flexible, scalable platform for simulating cloud environments. The testbed allows us to deploy both ADCu and traditional security mechanisms, such as encryption-based systems and Role-Based Access Control (RBAC). Various cyber-attacks, such as unauthorized access attempts, Denial of Service (DoS) attacks, and insider threats, will be simulated to assess how well each security model can mitigate and handle these common threats. The cyber-attacks simulated in this experiment are representative of real-world security challenges. For example, in the unauthorized access simulation, different attack scenarios like brute force and credential stuffing will be used to test the ADCu framework’s ability to block unauthorized access. The Data Security and Control Layer of ADCu, utilizing Attribute-Based Access Control (ABAC), will be evaluated against traditional RBAC, which is commonly used in cloud environments for access management. Additionally, Distributed Denial of Service (DDoS) attacks will be simulated to evaluate ADCu’s ability to protect cloud services from traffic floods. The Core Data Protection Layer will be responsible for preventing data corruption, while the Data Operations and Management Layer will ensure that data is restored and available following such attacks. Finally, insider threats, which are particularly challenging due to the trusted nature of insiders, will also be simulated. ADCu’s continuous monitoring, anomaly detection, and Active Auditing Services (AAS) will be tested to determine how well it detects and mitigates insider attacks, where traditional security models may fail. 4.2 Evaluation Metrics The performance of the ADCu framework and traditional security models will be evaluated based on three critical metrics: attack mitigation rate, response time, and resource consumption. Attack Mitigation Rate measures the effectiveness of each model in preventing successful attacks. This will be calculated by comparing the number of attacks blocked by each model against the total number of attacks attempted. Response Time measures the time taken by each security model to detect and neutralize a threat. Faster response times are crucial in minimizing the damage caused by an attack, and ADCu’s ability to handle threats in real-time will be compared to more traditional models that may rely on slower, manual intervention. Resource Consumption will evaluate the computational overhead introduced by each security model, including CPU usage, memory consumption, and network bandwidth. This metric helps to assess the efficiency of ADCu, which must balance security with the performance needs of cloud environments. These metrics will provide a comprehensive understanding of how ADCu performs in comparison to traditional security systems under various attack scenarios. 4.3 Implementation of ADCu Prototype In the final phase of the research methodology, the ADCu prototype will be implemented in a real-world cloud environment using OpenStack . This cloud environment will simulate various cloud services such as computing, storage, and networking, providing a controlled platform for testing the effectiveness of ADCu in a realistic setting. To ensure comprehensive testing, various security tools will be integrated into the setup. Metasploit will simulate various attack vectors, such as exploits and payloads, while Wireshark will be used to monitor network traffic and analyze potential security issues, like data interception. Additionally, OWASP ZAP , an open-source web application security scanner, will be used to test cloud application security, addressing vulnerabilities such as cross-site scripting (XSS) and SQL injection . By combining these cyber-attack simulations, evaluation metrics, and a real-world implementation of the ADCu prototype, this methodology will provide a thorough assessment of the framework's effectiveness in enhancing cloud security compared to traditional models. 5. Results and Analysis This section presents an in-depth analysis of the experimental evaluation of the Active Data Cube (ADCu) framework in comparison to traditional security models. The evaluation focuses on the framework’s performance across several key metrics: attack mitigation, response time, and resource consumption. Additionally, a case study in healthcare cloud systems is explored to demonstrate the practical applications of ADCu in real-world scenarios. 5.1 Performance of Active Data Cube (ADCu) The effectiveness of the ADCu framework was evaluated based on three key performance metrics: attack mitigation, response time, and resource consumption. These metrics are essential to understanding how well ADCu can perform in cloud environments without compromising security or system performance. 5.1.1 Attack Mitigation Rate The attack mitigation rate is a crucial metric for assessing the framework's ability to prevent and mitigate various types of cyber-attacks. In the experiments, the ADCu framework demonstrated a significantly higher attack mitigation rate across different types of simulated attacks. These attacks included unauthorized access attempts, Denial of Service (DoS) attacks, and insider threats. The following table presents a summary of the attack mitigation rates for ADCu and other traditional security models. Table 5.1 Attack Mitigation Rate Comparison Attack Type ADCu Mitigation Rate Encryption-Based System RBAC Zero Trust Model Unauthorized Access 90% 72% 75% 85% Denial of Service (DoS) 85% 60% 58% 80% Insider Threats 91% 68% 62% 78% Average Mitigation Rate 88.67% 66.67% 65% 81% 5.1.2 Response Time Comparison Response time measures the speed with which the security framework can detect, respond to, and neutralize security threats. Faster response times are critical in minimizing damage caused by attacks. The following table compares the average response times of ADCu and traditional security models under simulated attack conditions. Table 5.2 Average Response Time Comparison Security Model Average Response Time (ms) ADCu 150 Encryption-Based System 320 RBAC 350 Zero Trust Model 250 5.1.3 Resource Consumption Resource consumption is a critical metric for evaluating the efficiency of a security framework. It assesses the CPU usage and memory consumption during both normal operation and under attack conditions. The table below presents the resource consumption for ADCu and traditional models. Table 5.3 Resource Consumption Comparison Security Model CPU Usage (Normal) Memory Usage (Normal) CPU Usage (Under Attack) Memory Usage (Under Attack) ADCu 25% 15% 42% 20% Encryption-Based System 38% 28% 55% 32% RBAC 40% 32% 58% 34% Zero Trust Model 32% 22% 52% 28% 5.2 Comparison with Traditional Security Approaches In this section, we compare the ADCu framework with traditional security models, such as encryption-based systems, RBAC, and the Zero Trust Model. The comparison focuses on their effectiveness in addressing key cloud security challenges, particularly in terms of dynamic access control, data protection, and response times. Encryption-based systems provide robust data confidentiality by encrypting information both in transit and at rest. However, they are limited when it comes to managing dynamic access control or detecting and responding to emerging threats. While encryption ensures that data remains confidential, it does not protect against unauthorized access if the decryption keys are compromised. Moreover, encryption often introduces substantial computational overhead, especially in cloud environments where large datasets and high-volume attack scenarios are common. This limitation makes encryption-based systems less ideal for real-time security needs. In contrast, the ADCu framework offers a more comprehensive approach by combining real-time access control, automated threat detection, and active data protection. This makes ADCu not only more effective in protecting data but also more efficient in mitigating risks in dynamic cloud environments (Patell & Rekha, 2014 ). Similarly, RBAC and Zero Trust are commonly used traditional security models, but each has its drawbacks in cloud environments. RBAC is useful for managing user access based on predefined roles, but it lacks flexibility. It struggles to adapt to dynamic cloud systems where users' roles and access needs constantly evolve. Zero Trust, while strengthening security by continuously verifying every access request, introduces performance issues due to the constant re-authentication process. This leads to higher latency and increased resource consumption, making Zero Trust less optimal in large-scale cloud environments (Patell & Rekha, 2014 ). On the other hand, ADCu uses Attribute-Based Access Control (ABAC), which is more dynamic and flexible, allowing for real-time adjustments to access requirements as they change. Moreover, ADCu’s capability to automate threat detection and respond rapidly to incidents enhances its efficiency compared to Zero Trust, particularly in the context of cloud computing. Overall, the ADCu framework surpasses these traditional models by offering a more adaptable, scalable, and efficient approach to cloud security, especially in handling real-time security challenges and ensuring data protection. 5.3 Experimental Observations In this section, we summarize the key observations from the experimental trials, particularly focusing on the performance of the ADCu framework in simulating a variety of cyber-attacks and evaluating its overall impact on cloud performance and scalability. The results provide insights into how effectively ADCu mitigates threats without significantly affecting system resources. The ADCu framework demonstrated exceptional effectiveness in handling cyber-attacks. It was particularly efficient at detecting and neutralizing unauthorized access attempts and insider threats. The framework's ability to continuously monitor for potential threats and to automatically respond in real time played a significant role in its success. By utilizing real-time monitoring and continuous threat detection, ADCu swiftly identified and neutralized attacks as they occurred, often preventing breaches before they could escalate. In contrast, traditional security models like RBAC and encryption-based systems struggled with detecting and mitigating insider threats, largely because these models are based on static policies that do not adapt to evolving threats. Since RBAC typically relies on predefined user roles and lacks dynamic response mechanisms, it cannot handle unexpected or rapidly changing security events, making it more vulnerable in complex and evolving cloud environments. Similarly, encryption-based systems, while strong in data protection, fail to provide adequate mechanisms for continuous monitoring or adaptive threat detection, leaving systems exposed to real-time attacks (Akinade & Adepoju, 2025 ). This highlights ADCu’s advantage in dynamically managing security risks in cloud systems. Regarding the impact on cloud performance and scalability, the ADCu framework exhibited minimal impact on resource consumption during both normal operations and under heavy attack conditions. Despite the advanced security measures in place, such as real-time monitoring and threat detection, the system maintained low CPU usage and memory consumption, even when subjected to multiple simultaneous attacks. This efficient use of resources indicates that ADCu is not only secure but also highly scalable, capable of handling large volumes of data and managing high loads without sacrificing performance. In fact, ADCu demonstrated that it could maintain a high level of performance while ensuring that security measures were continuously enforced. On the other hand, traditional security models like RBAC and Zero Trust showed significant resource consumption and performance degradation under similar attack conditions. RBAC struggled particularly with scalability, as its rigid structure could not easily adapt to the demands of dynamic, high-traffic cloud environments. Similarly, the Zero Trust Model, while strong in continuous verification of user identities, led to higher latency and increased resource overhead due to the continuous re-authentication process. This resulted in a performance drop, particularly in large-scale systems where low latency and high throughput are crucial. In contrast, ADCu's ability to maintain low resource usage while providing robust security defenses makes it a much more efficient choice for large-scale cloud environments, where performance and scalability are critical to ensuring smooth operations. This underscores ADCu’s edge over traditional security models, which often sacrifice performance for enhanced security. In summary, the ADCu framework not only excelled in cyber-attack mitigation but also demonstrated significant resource efficiency and scalability, making it an ideal choice for large and dynamic cloud environments. Its ability to handle high-performance demands while maintaining strong security measures gives it a distinct advantage over traditional models, especially in complex and evolving cloud infrastructures. 6. Discussion The Active Data Cube (ADCu) framework represents a significant advancement in cloud security, offering a comprehensive solution to the growing concerns of data protection and access control in cloud environments. The findings from this study suggest that ADCu outperforms traditional security models, such as encryption-based systems, Role-Based Access Control (RBAC), and the Zero Trust Model, across multiple key metrics, including attack mitigation rate, response time, and resource consumption. Notably, the ADCu framework demonstrated an 88.67% attack mitigation rate, which was significantly higher than traditional models, which averaged around 65–80%. This is particularly important in environments where sensitive data, such as personal health records, financial transactions, and intellectual property, needs to be secured against unauthorized access or malicious cyber-attacks. The real-time monitoring and continuous auditing provided by ADCu are pivotal in preventing unauthorized access and detecting insider threats—issues that have become increasingly prevalent in modern cloud infrastructures. In addition to its strong security capabilities, the ADCu framework stands out for its resource efficiency. Cloud environments often face a delicate balance between maintaining high security and ensuring system performance, scalability, and availability. The results of the experiment indicate that ADCu excels in minimizing the performance overhead typically associated with security measures. With an average CPU usage of 25% and memory consumption of just 15% during normal operations, ADCu proved to be more resource-efficient compared to traditional systems, which exhibited much higher resource usage, especially under attack conditions. RBAC and Zero Trust, for example, demonstrated CPU usages of 40% and 55% during high-traffic conditions, indicating that while these models provide security, they do so at a significant cost to cloud resources. This efficiency is crucial for large-scale, multi-tenant cloud systems where performance must remain optimal to ensure uninterrupted service delivery and scalability. ADCu’s low resource consumption ensures that cloud service providers can maintain security without sacrificing the ability to scale dynamically, which is an inherent challenge with traditional security models. These findings suggest that ADCu could be highly beneficial in environments with high data throughput and varying workloads, where other security models may slow down performance. The strengths of the ADCu framework lie primarily in its multi-layered security architecture, which integrates real-time threat detection, dynamic access control, and active data protection. By combining these elements, ADCu offers an innovative approach to cloud security that provides fine-grained access control and continuous monitoring, ensuring that data is protected throughout its lifecycle. The Data Security and Control Layer and the Core Data Protection Layer of ADCu play critical roles in blocking unauthorized access and preventing data tampering. This flexibility allows ADCu to adapt to dynamic cloud environments where user roles and access needs frequently change. Traditional models such as RBAC struggle to provide this level of flexibility, often relying on predefined user roles that are not dynamic enough to keep up with changing security requirements. Similarly, while encryption-based systems offer strong protection for data in transit and at rest, they do not address issues such as insider threats or data leakage. ADCu’s active data management and automated threat detection capabilities position it as a highly effective solution for securing data in modern cloud environments where complex security threats are ever-evolving. Despite its many strengths, the ADCu framework is not without limitations. One of the main challenges identified during the experiments is the complexity of implementation. The integration of ADCu into existing cloud infrastructures may require significant customization and configuration. For organizations with large, legacy cloud systems, adopting ADCu could involve substantial restructuring and investment in resources. Additionally, the integration of advanced security features such as dynamic access control and real-time threat monitoring may require specialized expertise. While ADCu was efficient in terms of resource consumption, scaling the framework to accommodate extremely large datasets or multi-cloud environments could present challenges. The potential for increased resource demands as the framework scales suggests that further optimization could be needed to ensure its applicability in highly complex cloud systems. Another limitation of the ADCu framework is its reliance on continuous monitoring and active security policies. While these features make ADCu highly effective in real-time threat mitigation, they can also lead to increased operational costs in the form of monitoring overhead. Real-time security operations often require ongoing updates and fine-tuning to stay ahead of emerging threats, which may involve additional manpower or automated tools. Therefore, it is important for organizations to evaluate whether the benefits of ADCu’s advanced security capabilities outweigh the potential costs in terms of operational complexity and maintenance. Moreover, while the ADCu framework excels at mitigating traditional cyber-attacks, it may need to be further developed to tackle more sophisticated threats, such as advanced persistent threats (APTs) or zero-day vulnerabilities, which require highly specialized detection and response mechanisms. In terms of opportunities for improvement, the ADCu framework could benefit from integrating machine learning or artificial intelligence (AI) capabilities to enhance its adaptive threat detection capabilities. AI could allow the framework to self-learn and evolve its security protocols based on emerging attack patterns and new vulnerabilities, making it even more effective at detecting and responding to threats in real-time. The integration of blockchain technology could also enhance the transparency and auditability of ADCu’s access control and data protection features, especially in environments where data provenance and integrity are of paramount importance, such as in the financial or healthcare sectors. Additionally, AI-driven predictive analytics could be employed to identify potential threats before they occur, further strengthening the proactive nature of ADCu’s defense mechanisms. When compared to industry standards and best practices in cloud security, the ADCu framework aligns closely with leading security paradigms but introduces unique advantages that set it apart. Zero Trust models and RBAC are widely used in cloud security due to their ability to enforce strict access controls. However, these models struggle with dynamic user access and real-time threat response, which are key challenges in modern cloud systems. ADCu’s flexible and dynamic security policies allow it to offer more robust protection against insider threats, unauthorized access, and data breaches. Furthermore, its automated threat detection and data protection mechanisms make it a more scalable solution compared to traditional models, which are often resource-intensive and less adaptable to changing cloud environments. In conclusion, while the ADCu framework demonstrates clear advantages over traditional security models, there are areas where it could be further optimized to address emerging challenges in cloud security. By incorporating advanced technologies such as machine learning and blockchain, ADCu could evolve into a more intelligent and secure framework capable of addressing the most sophisticated threats. As cloud environments continue to grow in complexity and scale, frameworks like ADCu that combine real-time monitoring, dynamic access control, and active data protection will be crucial in ensuring the security, privacy, and integrity of cloud-based data. 7. Conclusion and Future Work 7.1 Summary of Key Results The evaluation of the Active Data Cube (ADCu) framework demonstrated its significant advantages in cloud security compared to traditional models like encryption-based systems, Role-Based Access Control (RBAC), and the Zero Trust Model. Key findings from this study indicate that ADCu excels in several crucial areas, such as attack mitigation, response time, and resource efficiency. The ADCu framework achieved an impressive attack mitigation rate of 88.67%, outperforming traditional systems in blocking unauthorized access and insider threats. Additionally, ADCu displayed the lowest response time, averaging just 150 milliseconds, making it significantly faster than the other security models. This rapid detection and response time are vital for maintaining the integrity of cloud systems in real-time. Finally, ADCu demonstrated resource efficiency with minimal CPU and memory consumption, even under attack scenarios, making it ideal for large-scale, multi-tenant cloud environments where performance and scalability are critical. 7.2 Conclusion on the Effectiveness of ADCu in Enhancing Cloud Security The results of this study highlight that the ADCu framework is highly effective in enhancing the security of cloud environments. By integrating dynamic access control, real-time threat monitoring, and active data protection, ADCu provides a comprehensive security solution capable of mitigating a wide range of threats, including insider threats, unauthorized access, and data breaches. Unlike traditional models that rely on static security policies, ADCu’s active security layers offer a more flexible and adaptive approach, which is essential in today’s dynamic and rapidly changing cloud environments. The real-time threat detection capabilities of ADCu allow for immediate responses to security incidents, significantly reducing the window of vulnerability and minimizing potential damage from cyber-attacks. In comparison with conventional methods, ADCu’s combination of high attack mitigation rates, low resource consumption, and fast response times makes it a superior choice for modern cloud security. 7.3 Future Research Directions Although the ADCu framework demonstrated excellent performance in this study, there are several avenues for future research that could further enhance its capabilities and applicability in a broader range of cloud environments. 7.3.1 Integration of Artificial Intelligence and Machine Learning with ADCu One promising direction for future work is the integration of Artificial Intelligence (AI) and Machine Learning (ML) techniques into the ADCu framework. By incorporating AI-based threat detection, ADCu could improve its ability to identify new and evolving threats that may not be captured by traditional security methods. Machine learning algorithms could be used to analyze patterns in user behavior and system activity, allowing ADCu to identify anomalies and potential threats faster and more accurately. AI could also enable the system to automatically adjust security policies in response to new vulnerabilities, making the system more adaptive and intelligent in real-time. 7.3.2 Exploration of Blockchain for Enhanced Cloud Security Another promising area of research is the integration of blockchain technology with ADCu to further enhance cloud security, particularly in terms of data integrity, transparency, and auditability. Blockchain could be used to create an immutable record of all data transactions and access events, ensuring that all actions within the cloud environment are verifiable and tamper-proof. This would provide an additional layer of security for sensitive data, such as healthcare records, financial transactions, and personal identification information, which are highly vulnerable to tampering. Additionally, blockchain’s decentralized nature could help mitigate the risks associated with a single point of failure, further strengthening the resilience of cloud-based systems. Future research could explore how blockchain can be seamlessly integrated with the ADCu framework to improve data security and trust in cloud services. 7.3.3 Expanding ADCu to Other Sensitive Domains (Banking, Education) In addition to the healthcare sector, where ADCu has demonstrated strong security capabilities, further research could investigate the framework’s applicability in other highly sensitive domains, such as banking and education. Both of these sectors require stringent security measures to protect financial transactions, student data, and research information. The banking sector faces numerous security challenges, including preventing fraud, protecting customer data, and complying with regulatory standards. Similarly, the education sector must safeguard student records, academic research, and intellectual property. Research into the customization of the ADCu framework for these sectors could reveal its potential to address the unique security challenges they face. By adapting the framework to meet the specific needs of industries like banking and education, ADCu could become an even more versatile and widely applicable security solution. In conclusion, while the ADCu framework has shown great promise in enhancing cloud security, there are significant opportunities for future research and improvement. The integration of AI and machine learning, the exploration of blockchain technology, and the adaptation of the framework to other sensitive domains will further extend its capabilities and solidify its place as a leading solution in cloud security. These advancements will help ensure that ADCu remains adaptable, scalable, and resilient to the evolving security challenges that cloud environments face today and in the future. Declarations 8. Conflict of Interest No conflicts of interest to declare. 9. Ethics Approval This study did not involve human participants or animals; therefore, ethical approval was not required. 10. Funding This research received no specific funding from any agency in the public, commercial, or not-for-profit sectors. 11. Data Availability The data supporting the findings of this study are available from the corresponding author upon reasonable request. 12. Authors Contribution All authors contributed to the conception, design, and execution of the study. 13. Acknowledgement No additional acknowledgements. 14. Human Participants and/or Animals This study did not involve human participants or animals. References Abdulsalam, Y. S., & Hedabou, M. (2021). Decentralized data integrity scheme for preserving privacy in cloud computing. Proceedings of the 2021 International Conference on Security, Pattern Analysis, and Cybernetics (SPAC) , 607-612. IEEE. https://doi.org/10.1109/SPAC53836.2021.9539966 Ahmadi, S. (2024). Systematic literature review on cloud computing security: Threats and mitigation strategies. Journal of Information Security, 15 , 148-167. https://doi.org/10.4236/jis.2024.152010 Armbrust, M., Fox, A., Griffith, R., Joseph, A. D., Katz, R. H., Konwinski, A., ... & Zaharia, M. (2010). A view of cloud computing. Communications of the ACM, 53 (4), 50-58. https://doi.org/10.1145/1721654.1721672 Akinade, A. O., & Adepoju, P. A. (2025). Cloud security challenges and solutions: A review of current best practices. International Journal of Multidisciplinary Research, 24 (249). Basu, S., Bardhan, A., Gupta, K., Saha, P., Pal, M., Bose, M., Basu, K., Chaudhury, S., & Sarkar, P. (2018). Cloud computing security challenges & solutions-A survey. Proceedings of the 2018 IEEE 8th Annual Computing and Communication Workshop and Conference (CCWC) , 347-356. IEEE. https://doi.org/10.1109/CCWC.2018.8301700 Bentajer, A., Hedabou, M., Abouelmehdi, K., & Elfezazi, S. (2018). CS-IBE: A data confidentiality system in public cloud storage system. Procedia Computer Science, 141 , 559-564. https://doi.org/10.1016/j.procs.2018.10.136 Chen, D., & Zhao, H. (2012). Data security and privacy protection issues in cloud computing. Proceedings of the 2012 International Conference on Computer Science and Electronics Engineering, 1 , 647-651. IEEE. https://doi.org/10.1109/ICCSEE.2012.193 Chauhan, M., & Shiaeles, S. (2023). An analysis of cloud security frameworks, problems and proposed solutions. Network, 3 (3), 1-18. https://doi.org/10.3390/network3030018 Di Giulio, C., Sprabery, R., Kamhoua, C., Kwiat, K., Campbell, R. H., & Bashir, M. N. (2017). Cloud standards in comparison: Are new security frameworks improving cloud security? Proceedings of the 2017 IEEE 10th International Conference on Cloud Computing (CLOUD) , 50-57. IEEE. https://doi.org/10.1109/CLOUD.2017.16 Fernandes, D.A., et al. (2014). Security issues in cloud environments: A survey. International Journal of Information Security, 13 , 113-170. Gonzalez, N., Miers, C., Redígolo, F., Simplício, M., Carvalho, T., Näslund, M., & Pourzandi, M. (2012). A quantitative analysis of current security concerns and solutions for cloud computing. Journal of Cloud Computing: Advances, Systems and Applications, 1 , Article 11. https://doi.org/10.1186/2192-113X-1-11 Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An analysis of security issues for cloud computing. Journal of Internet Services and Applications, 4 , Article 5. https://doi.org/10.1186/1869-0238-4-5 Jensen, M., Schwenk, J., Gruschka, N., & Iacono, L. L. (2009). On technical security issues in cloud computing. Proceedings of the 2009 IEEE International Conference on Cloud Computing , 109-116. IEEE. https://doi.org/10.1109/CLOUD.2009.60 Kasse, J. P., Xu, L., de Vrieze, P., & Bai, Y. (2019). Process driven access control and authorization approach. In Proceedings of the Fourth International Congress on Information and Communication Technology (pp. 313–322). Springer. Khan, M. A., Gupta, P., Sultan, A. A., Singh, P., Shivam, S., & Lourens, M. (2024). Security in cloud computing: Issues and challenges. International Journal of Intelligent Systems and Applications in Engineering, 12 (17s), 674-681. Khodaarast, F. K., Sindhav, C., Nikam, S., Yekta, H. I., Kent, K. B., & Hakak, S. (2022). Cloud computing security: A survey of service-based models. Computers & Security, 114 , Article 102580. https://doi.org/10.1016/j.cose.2021.102580 Kumar, R., & Goyal, R. (2019). On cloud security requirements, threats, vulnerabilities and countermeasures: A survey. Computer Science Review, 33 , 1-48. https://doi.org/10.1016/j.cosrev.2019.05.002 Mather, T., Kumaraswamy, S., & Latif, S. (2009). Cloud security and privacy: An enterprise perspective on risks and compliance . O'Reilly Media. Nafea, R. A., & Almaiah, M. A. (2021). Cyber security threats in cloud: Literature review. Proceedings of the 2021 International Conference on Information Technology (ICIT) , 779-786. IEEE. https://doi.org/10.1109/ICIT52682.2021.9491114 Patell, N. S., & Rekha, B. S. (2014). Software as a service (SaaS): Security issues and solutions. International Journal of Computational Engineering Research, 4 (6), 50-58. Pearson, S. (2013). Privacy, security and trust in cloud computing . Springer. Rayaprolu, A., Kumar, R., & Singh, A. (2023). An analysis of cloud security frameworks, problems and proposed solutions. Future Internet, 15 (3), Article 104. https://doi.org/10.3390/fi15030104 Rasal, P. (2021). Cloud computing security issues and challenges: A survey. Journal of Emerging Technologies and Innovative Research (JETIR), 8 (6), e681. Subashini, S., & Kavitha, V. (2011). A survey of security issues in service delivery models of cloud computing. Journal of Network and Computer Applications, 34 (1), 1-11. https://doi.org/10.1016/j.jnca.2010.05.003 Tari, Z. (2014). Security and privacy in cloud computing. IEEE Cloud Computing, 1 (1), 54-57. Zissis, D., & Lekkas, D. (2012). Addressing cloud computing security issues. Future Generation Computer Systems, 28 (3), 583-592. https://doi.org/10.1016/j.future.2011.06.007 Cite Share Download PDF Status: Posted Version 1 posted You are reading this latest preprint version Research Square lets you share your work early, gain feedback from the community, and start making changes to your manuscript prior to peer review in a journal. As a division of Research Square Company, we’re committed to making research communication faster, fairer, and more useful. We do this by developing innovative software and high quality services for the global research community. Our growing team is made up of researchers and industry professionals working together to solve the most critical problems facing scientific publishing. Also discoverable on Platform About Our Team In Review Editorial Policies Advisory Board Help Center Resources Author Services Accessibility API Access RSS feed Manage Cookie Preferences © Research Square 2026 | ISSN 2693-5015 (online) Privacy Policy Terms of Service Do Not Sell My Personal Information {"props":{"pageProps":{"initialData":{"identity":"rs-7028024","acceptedTermsAndConditions":true,"allowDirectSubmit":true,"archivedVersions":[],"articleType":"Research Article","associatedPublications":[],"authors":[{"id":494986131,"identity":"2609c922-5217-40f9-be85-ceaa301c204f","order_by":0,"name":"Aliakbar Rouholahi","email":"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAZAAAAAyAQMAAABI0h/eAAAABlBMVEX///8AAABVwtN+AAAACXBIWXMAAA7EAAAOxAGVKw4bAAABGklEQVRIiWNgGAWjYDACZgST8UGCwT85EOvAA2K08ACZBh8qDhiDtSQQYxtQC5vkjDMHEhtAPHxa+Nt5H3/48cvG3p797ANp3rY76fPDDj8E2mInp9uAXYvEYXYzyd6+tMQennQDY962Z7kbb6cZALUkG5sdwGHNYTY2Bt6ewwk8DGkMybxtzLkbZyeAtBxI3IZDi/xhNuaPf3sO2/PwP2M4DNSSbjg7/QNeLQaH2RikeX4cZuyRSGNsnHHmcIK8dA5+WwyBDpOWbQD65cYzZoYPFWmGG6RzCg4kGOD2i9z5Y8wf3/yxsWfvT2P/kWBgIy8/O33zhw8VdnI4vQ8CjG3ITgWrNMCjHAz+ILHlGwipHgWjYBSMgpEGAB8UYqJvibjuAAAAAElFTkSuQmCC","orcid":"https://orcid.org/0009-0003-4945-6447","institution":"Islamic Azad University Yasooj Branch","correspondingAuthor":true,"prefix":"","firstName":"Aliakbar","middleName":"","lastName":"Rouholahi","suffix":""},{"id":494986132,"identity":"e3027019-8ebd-44b9-947a-a7b83450da06","order_by":1,"name":"Karamollah Bagherifard","email":"","orcid":"","institution":"Islamic Azad University Yasooj Branch","correspondingAuthor":false,"prefix":"","firstName":"Karamollah","middleName":"","lastName":"Bagherifard","suffix":""},{"id":494986133,"identity":"efc6280f-aa31-428d-9b58-b952f4ad7b7d","order_by":2,"name":"Razieh Malekhosseini","email":"","orcid":"","institution":"Islamic Azad University Yasooj Branch","correspondingAuthor":false,"prefix":"","firstName":"Razieh","middleName":"","lastName":"Malekhosseini","suffix":""}],"badges":[],"createdAt":"2025-07-02 10:05:37","currentVersionCode":1,"declarations":"","doi":"10.21203/rs.3.rs-7028024/v1","doiUrl":"https://doi.org/10.21203/rs.3.rs-7028024/v1","draftVersion":[],"editorialEvents":[],"editorialNote":"","failedWorkflow":false,"files":[{"id":88413186,"identity":"d9e44325-b968-4588-97bb-58cfc7a9967c","added_by":"auto","created_at":"2025-08-06 08:39:58","extension":"jpg","order_by":1,"title":"Figure 1","display":"","copyAsset":false,"role":"figure","size":45600,"visible":true,"origin":"","legend":"\u003cp\u003e\u003cstrong\u003eFigure 5.1: Comparative Analysis of Attack Mitigation Rates Across Security Frameworks\u003c/strong\u003e\u003c/p\u003e","description":"","filename":"5.1.jpg","url":"https://assets-eu.researchsquare.com/files/rs-7028024/v1/db7dba67d474c1ec8ef52836.jpg"},{"id":88412105,"identity":"f803be68-b387-4dae-b2a0-9df6063e6268","added_by":"auto","created_at":"2025-08-06 08:31:58","extension":"jpg","order_by":2,"title":"Figure 2","display":"","copyAsset":false,"role":"figure","size":53483,"visible":true,"origin":"","legend":"\u003cp\u003e\u003cstrong\u003eFigure 5.2: Average Response Time Comparison Across Security Frameworks.\u003c/strong\u003e\u003c/p\u003e","description":"","filename":"5.2.jpg","url":"https://assets-eu.researchsquare.com/files/rs-7028024/v1/f6f2f839a1c09c76be22ce7e.jpg"},{"id":88412110,"identity":"6c8a0c2c-bf76-4378-a943-d831775fec88","added_by":"auto","created_at":"2025-08-06 08:31:58","extension":"jpg","order_by":3,"title":"Figure 3","display":"","copyAsset":false,"role":"figure","size":88599,"visible":true,"origin":"","legend":"\u003cp\u003e\u003cstrong\u003eFigure 5.3: Resource Consumption Comparison Under Normal and Attack Conditions\u003c/strong\u003e\u003c/p\u003e","description":"","filename":"5.3.jpg","url":"https://assets-eu.researchsquare.com/files/rs-7028024/v1/892cfcf8915165b0aa0a2ad0.jpg"},{"id":88412108,"identity":"d7e4d5bb-99e3-4628-b3af-69c136de0061","added_by":"auto","created_at":"2025-08-06 08:31:58","extension":"jpg","order_by":4,"title":"Figure 4","display":"","copyAsset":false,"role":"figure","size":75591,"visible":true,"origin":"","legend":"\u003cp\u003e\u003cstrong\u003eFigure 5.4: Comprehensive Performance Comparison of Security Frameworks Across Key Cloud Security Dimensions\u003c/strong\u003e\u003c/p\u003e","description":"","filename":"5.4.jpg","url":"https://assets-eu.researchsquare.com/files/rs-7028024/v1/78f70a3f9ab783103921572c.jpg"},{"id":88412112,"identity":"7c278c58-d960-4227-8bac-788dd0218957","added_by":"auto","created_at":"2025-08-06 08:31:58","extension":"jpg","order_by":5,"title":"Figure 5","display":"","copyAsset":false,"role":"figure","size":75706,"visible":true,"origin":"","legend":"\u003cp\u003e\u003cstrong\u003eFigure 5.5: Experimental Findings on ADCu Framework Performance Under Various Attack Scenarios\u003c/strong\u003e\u003c/p\u003e","description":"","filename":"5.5.jpg","url":"https://assets-eu.researchsquare.com/files/rs-7028024/v1/49a999c0bfa02fc862f9d965.jpg"},{"id":91097572,"identity":"e8be0af3-6cc0-4280-ba51-e4e4d9f7c892","added_by":"auto","created_at":"2025-09-11 14:21:52","extension":"pdf","order_by":0,"title":"","display":"","copyAsset":false,"role":"manuscript-pdf","size":1705122,"visible":true,"origin":"","legend":"","description":"","filename":"manuscript.pdf","url":"https://assets-eu.researchsquare.com/files/rs-7028024/v1/d4734d27-1b8d-4720-8f8c-b2f4520beb19.pdf"}],"financialInterests":"","formattedTitle":"\u003cp\u003eEnhancing Data Security and Access Control in Cloud Computing: A Comparative Study of Active Data Cube Framework (ADCu) and Traditional Approaches\u003c/p\u003e","fulltext":[{"header":"1. Introduction","content":"\u003cdiv id=\"Sec2\" class=\"Section2\"\u003e\u003ch2\u003e1.1 Overview of Cloud Computing\u003c/h2\u003e\u003cp\u003eCloud computing refers to the delivery of a wide range of services over the internet, including data storage, networking, processing power, and software applications. This model allows users to access computing resources without owning or maintaining physical infrastructure, making it more cost-effective and flexible than traditional computing models (Mell \u0026amp; Grance, 2011). By leveraging shared resources, cloud computing offers the ability to scale infrastructure according to demand, allowing for efficient resource allocation. This scalability and flexibility are essential for organizations seeking to optimize their IT infrastructure (Armbrust et al., \u003cspan citationid=\"CR3\" class=\"CitationRef\"\u003e2010\u003c/span\u003e). Cloud services are typically categorized into three service models: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). IaaS provides virtualized computing resources over the internet, allowing businesses to rent IT infrastructure instead of investing in physical hardware (Akinade \u0026amp; Adepoju, \u003cspan citationid=\"CR4\" class=\"CitationRef\"\u003e2025\u003c/span\u003e, p. 3). PaaS, on the other hand, offers a platform for developers to build and deploy applications without managing the underlying infrastructure, significantly reducing development time and costs (Buyya et al., 2011). SaaS delivers software applications over the internet, such as email and customer relationship management tools, eliminating the need for local installations and maintenance (Patell \u0026amp; Rekha, \u003cspan citationid=\"CR20\" class=\"CitationRef\"\u003e2014\u003c/span\u003e). The cloud computing model has become a game-changer in the IT industry, offering substantial benefits, including cost reduction, scalability, and accessibility. These advantages have led to widespread adoption across various sectors, including healthcare, finance, and education. However, despite its many benefits, cloud computing also presents significant challenges, especially in terms of data security and privacy. Addressing these concerns is crucial for ensuring the trust and adoption of cloud technologies in sensitive sectors (Zissis \u0026amp; Lekkas, \u003cspan citationid=\"CR26\" class=\"CitationRef\"\u003e2012\u003c/span\u003e).\u003c/p\u003e\u003c/div\u003e\u003cdiv id=\"Sec3\" class=\"Section2\"\u003e\u003ch2\u003e1.2 Data Security Challenges in Cloud Environments\u003c/h2\u003e\u003cp\u003eCloud computing has transformed the way organizations store and process data, offering numerous advantages such as scalability, cost efficiency, and accessibility. However, it also introduces several data security challenges that must be addressed to ensure the confidentiality, integrity, and availability of sensitive information. The primary security concerns in cloud environments revolve around data privacy, data access control, and data integrity.\u003c/p\u003e\u003cp\u003eOne of the most significant challenges in cloud computing is ensuring data privacy. Since data in the cloud is stored and processed remotely by third-party service providers, users often lose direct control over their information, leading to concerns about unauthorized access and potential breaches. This risk is heightened in multi-tenant cloud environments, where data from different clients is stored on the same physical infrastructure (Subashini \u0026amp; Kavitha, \u003cspan citationid=\"CR24\" class=\"CitationRef\"\u003e2011\u003c/span\u003e). To address this, cloud service providers must implement robust encryption techniques to ensure that data remains private and protected from unauthorized access (Pearson, \u003cspan citationid=\"CR21\" class=\"CitationRef\"\u003e2013\u003c/span\u003e). Another major issue is access control. In cloud environments, where users often access services from various devices and locations, it becomes challenging to maintain secure and efficient access controls. Traditional access control mechanisms, such as Role-Based Access Control (RBAC), may not be sufficient in a cloud environment due to the dynamic and distributed nature of cloud systems. More advanced techniques, such as attribute-based access control (ABAC), are being explored to provide fine-grained and context-aware security (Rasal, \u003cspan citationid=\"CR23\" class=\"CitationRef\"\u003e2021\u003c/span\u003e). Additionally, Single Sign-On (SSO) systems, while convenient for users, can create vulnerabilities if not properly secured, as a breach of a single user account can potentially grant access to multiple cloud services (Fernandes et al., \u003cspan citationid=\"CR10\" class=\"CitationRef\"\u003e2014\u003c/span\u003e). Data integrity is another critical challenge. The integrity of data refers to ensuring that data is accurate, consistent, and unaltered during storage or transmission. Cloud computing systems, particularly in distributed environments, are susceptible to data corruption or unauthorized modification. Implementing cryptographic techniques, such as digital signatures and hashing algorithms, can help verify the integrity of data stored in the cloud (Akinade \u0026amp; Adepoju, \u003cspan citationid=\"CR4\" class=\"CitationRef\"\u003e2025\u003c/span\u003e, p. 3). However, these mechanisms must be carefully managed to avoid performance degradation. Furthermore, cloud providers often rely on third-party vendors for critical security tasks, creating a dependency that can introduce risks if the third parties do not follow the same stringent security practices. Regulatory and compliance issues also play a role in data security challenges, as organizations must ensure that their data storage and processing comply with regional laws such as the General Data Protection Regulation (GDPR) in Europe (Zissis \u0026amp; Lekkas, \u003cspan citationid=\"CR26\" class=\"CitationRef\"\u003e2012\u003c/span\u003e). In conclusion, while cloud computing offers substantial benefits, it also requires robust data security strategies to mitigate the risks associated with privacy, access control, and data integrity. Addressing these challenges is essential for organizations to confidently adopt cloud technologies without compromising the security of their sensitive data.\u003c/p\u003e\u003c/div\u003e\u003cdiv id=\"Sec4\" class=\"Section2\"\u003e\u003ch2\u003e1.3 Importance of Enhancing Data Security and Access Control\u003c/h2\u003e\u003cp\u003eEnhancing data security and access control in cloud computing environments is of paramount importance due to the increasing reliance on cloud services for storing sensitive data. The cloud offers immense benefits such as cost reduction, scalability, and flexibility; however, these advantages come with the inherent risk of exposing sensitive information to unauthorized access and cyberattacks. As organizations increasingly adopt cloud computing for critical functions such as data storage, healthcare management, and financial transactions, securing this data becomes vital for maintaining the integrity, privacy, and trust of users and organizations alike (Armbrust et al., \u003cspan citationid=\"CR3\" class=\"CitationRef\"\u003e2010\u003c/span\u003e). Data security is essential because cloud environments host massive amounts of sensitive data, including personal information, financial records, and intellectual property. Without robust data security mechanisms, this information is vulnerable to breaches, unauthorized access, and tampering, which can result in significant financial and reputational damage to organizations (Patell \u0026amp; Rekha, \u003cspan citationid=\"CR20\" class=\"CitationRef\"\u003e2014\u003c/span\u003e). As such, cloud service providers must implement strong encryption methods, secure storage solutions, and comprehensive security protocols to ensure that data remains protected from potential attacks, such as man-in-the-middle (MitM) and denial of service (DoS) attacks (Akinade \u0026amp; Adepoju, \u003cspan citationid=\"CR4\" class=\"CitationRef\"\u003e2025\u003c/span\u003e).\u003c/p\u003e\u003cp\u003eAccess control is equally crucial in cloud computing, especially as cloud systems typically involve numerous users with varying levels of access. Efficient access control mechanisms ensure that only authorized users are permitted to access sensitive information, minimizing the risk of data leaks. Traditional models, such as Role-Based Access Control (RBAC), may not be sufficient in cloud environments where dynamic and flexible access control is needed. More advanced models like Attribute-Based Access Control (ABAC) and Context-Aware Access Control (CAAC) offer the flexibility required to adapt to the continuously evolving nature of cloud systems (Zissis \u0026amp; Lekkas, \u003cspan citationid=\"CR26\" class=\"CitationRef\"\u003e2012\u003c/span\u003e). These mechanisms help organizations manage user identities, control permissions, and track access requests in real-time, thus providing an additional layer of security. The importance of enhancing data security and access control extends beyond protecting individual organizations. As cloud computing enables collaboration and data sharing across industries and borders, it becomes crucial to establish universal standards for security and privacy to promote trust and compliance. For example, regulatory frameworks such as the General Data Protection Regulation (GDPR) in the European Union and the Health Insurance Portability and Accountability Act (HIPAA) in the United States impose strict guidelines on data protection, requiring organizations to adopt secure cloud storage solutions that comply with legal and ethical standards (Pearson, \u003cspan citationid=\"CR21\" class=\"CitationRef\"\u003e2013\u003c/span\u003e).\u003c/p\u003e\u003cp\u003eIn conclusion, enhancing data security and access control is critical to the ongoing success and widespread adoption of cloud computing. With the proper safeguards in place, organizations can mitigate risks, ensure compliance with regulations, and maintain the confidentiality and integrity of their data, ultimately fostering greater trust among users and stakeholders (Rasal, \u003cspan citationid=\"CR23\" class=\"CitationRef\"\u003e2021\u003c/span\u003e).\u003c/p\u003e\u003c/div\u003e\u003cdiv id=\"Sec5\" class=\"Section2\"\u003e\u003ch2\u003e1.4 Objective of the Study and Article Overview\u003c/h2\u003e\u003cp\u003eThe primary objective of this study is to explore and enhance the security of cloud computing environments, specifically focusing on data security and access control mechanisms. With cloud computing becoming an integral part of various industries, particularly in sectors such as healthcare, finance, and e-commerce, the need to ensure secure data storage, processing, and access is paramount. This article aims to provide a comprehensive examination of how the Active Data Cube (ADCu) framework can be employed to address common security challenges, such as unauthorized access, data breaches, and malicious cyber-attacks, in cloud environments. This study investigates the potential of ADCu as a novel approach for securing cloud-based data by incorporating both active and passive security measures. The focus will be on evaluating the effectiveness of ADCu in mitigating security risks, enhancing data privacy, and providing a robust framework for access control. By analyzing existing research on cloud security and traditional data protection methods, this article aims to identify the gaps in current cloud security practices and propose ADCu as an innovative solution for improving cloud data security (Akinade \u0026amp; Adepoju, \u003cspan citationid=\"CR4\" class=\"CitationRef\"\u003e2025\u003c/span\u003e, Rasal, \u003cspan citationid=\"CR23\" class=\"CitationRef\"\u003e2021\u003c/span\u003e). The article will begin with a detailed overview of cloud computing and its security challenges, followed by an introduction to the ADCu framework. The study will then compare ADCu with traditional cloud security models, such as Role-Based Access Control (RBAC) and data encryption techniques. Through a series of experimental evaluations, the study will assess ADCu's performance in addressing common security concerns, including unauthorized data access, integrity verification, and the efficient management of large-scale cloud data. The research will also provide practical insights into the implementation of ADCu in real-world cloud environments, particularly in healthcare and financial sectors, where data protection is critical. By the end of the article, the study aims to demonstrate that the ADCu framework offers a highly effective solution for enhancing data security and access control in cloud computing, making it an essential tool for organizations that are looking to secure sensitive data in an increasingly digital and cloud-based world.\u003c/p\u003e\u003c/div\u003e"},{"header":"2. Literature Review","content":"\u003cdiv id=\"Sec7\" class=\"Section2\"\u003e\u003ch2\u003e2.1 Cloud Computing Security Landscape\u003c/h2\u003e\u003cp\u003eCloud computing has emerged as a transformative technology that fundamentally reshapes how organizations manage their IT infrastructure and deliver services. According to Armbrust et al. (\u003cspan citationid=\"CR3\" class=\"CitationRef\"\u003e2010\u003c/span\u003e), cloud computing represents a paradigm shift in the delivery of computing resources, offering advantages such as elasticity, pay-as-you-go pricing, and reduced capital expenditure. However, this technological evolution has introduced significant security challenges that continue to evolve with the rapid adoption of cloud services. Mather et al., (\u003cspan citationid=\"CR18\" class=\"CitationRef\"\u003e2009\u003c/span\u003e) in their seminal work \"Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance\" identify that while cloud computing offers ideal solutions for controlling IT costs, many organizations lack understanding of the privacy and security implications of these services. The authors emphasize that the shared responsibility model inherent in cloud computing creates unique security challenges, as organizations must navigate the delineation between provider and customer security obligations.\u003c/p\u003e\u003cp\u003eRecent systematic literature reviews provide comprehensive insights into the current security landscape. Ahmadi (\u003cspan citationid=\"CR2\" class=\"CitationRef\"\u003e2024\u003c/span\u003e) conducted an extensive analysis revealing that distributed denial-of-service (DDoS) attacks, account hijacking, malware attacks, and data breaches remain the most prevalent threats in cloud environments. This finding is supported by Khodaparast et al. (2022), who note that cloud computing security challenges are exacerbated by the service-based models (IaaS, PaaS, SaaS) that each present unique vulnerabilities and require tailored security approaches. The quantitative analysis by Gonzalez et al. (\u003cspan citationid=\"CR11\" class=\"CitationRef\"\u003e2012\u003c/span\u003e) demonstrates that while migrating to the cloud remains financially attractive, organizations must carefully evaluate security aspects before adoption. Their research identifies that security concerns are inherited not only from the underlying technologies used to create cloud services but also from the unique characteristics of cloud architectures, including multi-tenancy, virtualization, and distributed data storage.\u003c/p\u003e\u003c/div\u003e\u003cdiv id=\"Sec8\" class=\"Section2\"\u003e\u003ch2\u003e2.2 Active Data Cube (ADCu) Framework Overview\u003c/h2\u003e\u003cp\u003eWhile the Active Data Cube (ADCu) framework represents an emerging approach to cloud security, its conceptual foundation aligns with modern security architectures that integrate real-time analytics with adaptive security measures. The framework's approach reflects the evolution described by Subramanian and Jeyaraj (2018), who emphasize the need for security mechanisms that can adapt to the dynamic nature of cloud environments. The integration of real-time data analytics in security frameworks has become increasingly critical. As noted by Khan et al. (\u003cspan citationid=\"CR15\" class=\"CitationRef\"\u003e2024\u003c/span\u003e), modern cloud security frameworks must move beyond static security policies to implement dynamic, context-aware security measures that can respond to evolving threats in real-time. This approach aligns with the ADCu framework's philosophy of integrating continuous monitoring and adaptive security controls. The framework's emphasis on secure query processing and data management corresponds with the challenges identified by Chen and Zhao (\u003cspan citationid=\"CR7\" class=\"CitationRef\"\u003e2012\u003c/span\u003e), who highlight that data security and privacy protection remain fundamental concerns in cloud computing. The ability to process sensitive data while maintaining confidentiality represents a critical capability for modern cloud security frameworks.\u003c/p\u003e\u003c/div\u003e\u003cdiv id=\"Sec9\" class=\"Section2\"\u003e\u003ch2\u003e2.3 Traditional Approaches to Data Security in Cloud Environments\u003c/h2\u003e\u003cp\u003eTraditional security approaches in cloud computing have primarily relied on adaptations of conventional IT security measures. Hashizume et al. (\u003cspan citationid=\"CR12\" class=\"CitationRef\"\u003e2013\u003c/span\u003e) provide a comprehensive analysis of traditional security mechanisms, including encryption, firewalls, and access control systems. Their research reveals that while these mechanisms provide baseline protection, they often prove insufficient when confronted with cloud-specific threats. Encryption remains a cornerstone of cloud security, as detailed by Bentajer et al. (\u003cspan citationid=\"CR6\" class=\"CitationRef\"\u003e2018\u003c/span\u003e), who propose advanced cryptographic systems for ensuring data confidentiality in public cloud storage. However, traditional encryption approaches face limitations when dealing with the dynamic nature of cloud environments and the need for data processing in encrypted form. The limitations of traditional security approaches are further elaborated by Jensen et al. (\u003cspan citationid=\"CR13\" class=\"CitationRef\"\u003e2009\u003c/span\u003e), who identify technical security issues specific to cloud computing that cannot be adequately addressed by conventional security measures. These include vulnerabilities in virtualization layers, challenges in securing multi-tenant environments, and the complexity of managing security across distributed cloud resources. Basu et al. (\u003cspan citationid=\"CR5\" class=\"CitationRef\"\u003e2018\u003c/span\u003e) conducted a survey revealing that traditional security solutions often fail to address the unique characteristics of cloud environments, particularly in areas such as data location transparency, resource pooling, and rapid elasticity. Their research emphasizes that organizations must adopt cloud-specific security strategies rather than simply extending traditional IT security practices.\u003c/p\u003e\u003c/div\u003e\u003cdiv id=\"Sec10\" class=\"Section2\"\u003e\u003ch2\u003e2.4 Previous Research and Developments in Cloud Security\u003c/h2\u003e\u003cp\u003eThe evolution of cloud security research has been marked by significant advances in both theoretical understanding and practical implementations. Tari (\u003cspan citationid=\"CR25\" class=\"CitationRef\"\u003e2014\u003c/span\u003e) provides a foundational overview of security and privacy challenges in cloud computing, establishing a framework for understanding the multifaceted nature of cloud security concerns. Recent developments have focused on addressing specific cloud security challenges through innovative approaches. Abdulsalam and Hedabou (\u003cspan citationid=\"CR1\" class=\"CitationRef\"\u003e2021\u003c/span\u003e) propose decentralized data integrity schemes that preserve privacy while ensuring data authenticity in cloud environments. This work represents a shift toward distributed security mechanisms that align with the distributed nature of cloud architectures.\u003c/p\u003e\u003cp\u003eThe research by Nafea and Almaiah (\u003cspan citationid=\"CR19\" class=\"CitationRef\"\u003e2021\u003c/span\u003e) presents a comprehensive review of cyber security threats in cloud environments, categorizing threats based on their impact and likelihood. Their literature review reveals an evolution from reactive security measures to proactive threat detection and prevention strategies, emphasizing the importance of continuous monitoring and threat intelligence. Kumar and Goyal (\u003cspan citationid=\"CR17\" class=\"CitationRef\"\u003e2019\u003c/span\u003e) explore on-cloud security requirements, threats, vulnerabilities, and countermeasures through a detailed survey. Their work identifies emerging trends in cloud security research, including the integration of machine learning for threat detection, the development of cloud-native security tools, and the adoption of zero-trust architectures for cloud environments.\u003c/p\u003e\u003c/div\u003e\u003cdiv id=\"Sec11\" class=\"Section2\"\u003e\u003ch2\u003e2.5 Security Frameworks in Cloud Computing: A Comparative Review\u003c/h2\u003e\u003cp\u003eThe landscape of cloud security frameworks has evolved significantly to address the unique challenges posed by cloud computing. Di Giulio et al. (\u003cspan citationid=\"CR9\" class=\"CitationRef\"\u003e2017\u003c/span\u003e) conduct a comparative analysis of cloud security standards, examining whether new frameworks are effectively improving cloud security. Their research evaluates frameworks including NIST guidelines, ISO/IEC standards, and industry-specific frameworks. The analysis by Kasse et al., (\u003cspan citationid=\"CR14\" class=\"CitationRef\"\u003e2019\u003c/span\u003e) provides a comparative evaluation of various cloud security frameworks, including COBIT5, NIST Cybersecurity Framework, ISO/IEC 27017, CSA STAR, and AWS Well-Architected Framework. Each framework offers distinct approaches to addressing cloud security challenges, with varying focus on governance, technical controls, and compliance requirements. Kasse et al., (\u003cspan citationid=\"CR14\" class=\"CitationRef\"\u003e2019\u003c/span\u003e) present an analysis of cloud security frameworks, examining their strengths, limitations, and implementation requirements. Their research reveals that while traditional compliance-focused frameworks provide clear implementation guidelines, they often lack the flexibility needed to address rapidly evolving cloud threats. In contrast, modern adaptive frameworks offer enhanced protection but require more sophisticated implementation strategies.\u003c/p\u003e\u003cp\u003eThe emergence of zero-trust architectures represents a paradigm shift in cloud security frameworks. As documented in multiple recent studies, zero-trust principles challenge the traditional perimeter-based security model by implementing continuous verification and least-privilege access controls. This approach is particularly relevant for cloud environments where traditional network boundaries are increasingly meaningless. Recent research has also focused on the practical implementation of security frameworks in cloud environments. The comparative analysis reveals that successful framework implementation requires not only technical controls but also organizational changes, including security awareness training, updated governance structures, and continuous monitoring capabilities. The evolution toward integrated, automated security frameworks represents the future direction of cloud security, promising more effective protection against sophisticated threats while maintaining operational efficiency.\u003c/p\u003e\u003c/div\u003e"},{"header":"3. Conceptual Framework and Research Design","content":"\u003cp\u003eThis study explores the Active Data Cube (ADCu) framework as an innovative approach to enhancing data security and access control in cloud computing environments. The conceptual framework is designed to address critical security concerns such as data integrity, confidentiality, and access management in dynamic cloud systems. The ADCu framework incorporates both active and passive security measures, ensuring robust protection of sensitive data across multiple layers. This multi-layered approach offers a comprehensive solution by safeguarding data both during storage and transmission, enforcing secure access policies, and managing data operations across cloud environments. At its core, the ADCu framework is structured into three key layers: Core Data Protection, Data Security and Control, and Data Operations and Management. The Core Data Protection Layer primarily focuses on safeguarding sensitive data through encryption techniques such as homomorphic encryption and secure multi-party computation. These methods protect data from unauthorized access or tampering, ensuring that only authenticated users with the correct permissions can access the data. This foundational layer is crucial for maintaining data confidentiality and security across cloud services.\u003c/p\u003e\u003cp\u003eThe Data Security and Control Layer plays a central role in managing access control by employing models like Attribute-Based Access Control (ABAC), which allows fine-grained control over who can access specific data based on user attributes or environmental conditions. Additionally, this layer integrates continuous monitoring and auditing mechanisms to detect potential violations or unauthorized access attempts in real time. These active monitoring and policy enforcement tools ensure that only authorized actions are carried out on the protected data, further strengthening the security of cloud systems. Lastly, the Data Operations and Management Layer is responsible for overseeing the movement, backup, and synchronization of data across the cloud. It ensures that data is properly replicated, backed up, and remains accessible to users in a secure manner. This layer also manages data mobility and replication, ensuring data integrity and availability during cloud transitions or in the event of system failures or attacks. By ensuring seamless data operations, this layer plays a vital role in maintaining data continuity and availability across distributed cloud systems.\u003c/p\u003e\u003cp\u003eTraditional security approaches, such as encryption-based methods, Role-Based Access Control (RBAC), and the Zero Trust Model, continue to be widely used in cloud computing. These conventional models offer valuable security measures but are often limited in their ability to handle the evolving and dynamic needs of cloud environments. Encryption-based methods, while essential for ensuring data confidentiality, can result in significant performance overheads and do not fully address concerns like access control or data integrity (Buyya et al., 2011). RBAC, although effective for static access control, struggles in environments with dynamic user roles or frequent changes in access needs, making it less adaptable than newer models like ABAC (Akinade \u0026amp; Adepoju, \u003cspan citationid=\"CR4\" class=\"CitationRef\"\u003e2025\u003c/span\u003e). The Zero Trust Model, which assumes no trust by default and mandates continuous authentication, offers robust security but can be resource-intensive and complex to implement, particularly in distributed cloud systems (Patell \u0026amp; Rekha, \u003cspan citationid=\"CR20\" class=\"CitationRef\"\u003e2014\u003c/span\u003e). These limitations underscore the importance of more flexible and efficient frameworks like ADCu, which can dynamically address the security challenges posed by modern cloud environments.\u003c/p\u003e"},{"header":"4. Research Methodology","content":"\u003cp\u003eThe objective of this research is to evaluate the effectiveness of the \u003cb\u003eActive Data Cube (ADCu)\u003c/b\u003e framework in enhancing \u003cb\u003edata security\u003c/b\u003e and \u003cb\u003eaccess control\u003c/b\u003e in cloud environments. To achieve this, an experimental methodology was designed, including the simulation of various cyber-attacks, the evaluation of key security metrics, and the implementation of the ADCu framework in a controlled cloud environment.\u003c/p\u003e\u003cdiv id=\"Sec14\" class=\"Section2\"\u003e\u003ch2\u003e4.1 Experiment Setup and Cyber-Attack Simulation\u003c/h2\u003e\u003cp\u003eThe experimental setup involves creating a cloud-based testbed using OpenStack, a flexible, scalable platform for simulating cloud environments. The testbed allows us to deploy both ADCu and traditional security mechanisms, such as encryption-based systems and Role-Based Access Control (RBAC). Various cyber-attacks, such as unauthorized access attempts, Denial of Service (DoS) attacks, and insider threats, will be simulated to assess how well each security model can mitigate and handle these common threats. The cyber-attacks simulated in this experiment are representative of real-world security challenges. For example, in the unauthorized access simulation, different attack scenarios like brute force and credential stuffing will be used to test the ADCu framework\u0026rsquo;s ability to block unauthorized access. The Data Security and Control Layer of ADCu, utilizing Attribute-Based Access Control (ABAC), will be evaluated against traditional RBAC, which is commonly used in cloud environments for access management. Additionally, Distributed Denial of Service (DDoS) attacks will be simulated to evaluate ADCu\u0026rsquo;s ability to protect cloud services from traffic floods. The Core Data Protection Layer will be responsible for preventing data corruption, while the Data Operations and Management Layer will ensure that data is restored and available following such attacks. Finally, insider threats, which are particularly challenging due to the trusted nature of insiders, will also be simulated. ADCu\u0026rsquo;s continuous monitoring, anomaly detection, and Active Auditing Services (AAS) will be tested to determine how well it detects and mitigates insider attacks, where traditional security models may fail.\u003c/p\u003e\u003c/div\u003e\u003cdiv id=\"Sec15\" class=\"Section2\"\u003e\u003ch2\u003e4.2 Evaluation Metrics\u003c/h2\u003e\u003cp\u003eThe performance of the ADCu framework and traditional security models will be evaluated based on three critical metrics: attack mitigation rate, response time, and resource consumption.\u003c/p\u003e\u003cp\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003eAttack Mitigation Rate measures the effectiveness of each model in preventing successful attacks. This will be calculated by comparing the number of attacks blocked by each model against the total number of attacks attempted.\u003c/p\u003e\u003c/li\u003e\u003cli\u003e\u003cp\u003eResponse Time measures the time taken by each security model to detect and neutralize a threat. Faster response times are crucial in minimizing the damage caused by an attack, and ADCu\u0026rsquo;s ability to handle threats in real-time will be compared to more traditional models that may rely on slower, manual intervention.\u003c/p\u003e\u003c/li\u003e\u003cli\u003e\u003cp\u003eResource Consumption will evaluate the computational overhead introduced by each security model, including CPU usage, memory consumption, and network bandwidth. This metric helps to assess the efficiency of ADCu, which must balance security with the performance needs of cloud environments.\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/p\u003e\u003cp\u003eThese metrics will provide a comprehensive understanding of how ADCu performs in comparison to traditional security systems under various attack scenarios.\u003c/p\u003e\u003c/div\u003e\u003cdiv id=\"Sec16\" class=\"Section2\"\u003e\u003ch2\u003e4.3 Implementation of ADCu Prototype\u003c/h2\u003e\u003cp\u003eIn the final phase of the research methodology, the \u003cb\u003eADCu prototype\u003c/b\u003e will be implemented in a real-world cloud environment using \u003cb\u003eOpenStack\u003c/b\u003e. This cloud environment will simulate various cloud services such as computing, storage, and networking, providing a controlled platform for testing the effectiveness of ADCu in a realistic setting. To ensure comprehensive testing, various security tools will be integrated into the setup. \u003cb\u003eMetasploit\u003c/b\u003e will simulate various attack vectors, such as exploits and payloads, while \u003cb\u003eWireshark\u003c/b\u003e will be used to monitor network traffic and analyze potential security issues, like data interception. Additionally, \u003cb\u003eOWASP ZAP\u003c/b\u003e, an open-source web application security scanner, will be used to test cloud application security, addressing vulnerabilities such as \u003cb\u003ecross-site scripting (XSS)\u003c/b\u003e and \u003cb\u003eSQL injection\u003c/b\u003e. By combining these cyber-attack simulations, evaluation metrics, and a real-world implementation of the ADCu prototype, this methodology will provide a thorough assessment of the framework's effectiveness in enhancing cloud security compared to traditional models.\u003c/p\u003e\u003c/div\u003e"},{"header":"5. Results and Analysis","content":"\u003cp\u003eThis section presents an in-depth analysis of the experimental evaluation of the Active Data Cube (ADCu) framework in comparison to traditional security models. The evaluation focuses on the framework\u0026rsquo;s performance across several key metrics: attack mitigation, response time, and resource consumption. Additionally, a case study in healthcare cloud systems is explored to demonstrate the practical applications of ADCu in real-world scenarios.\u003c/p\u003e\u003cdiv id=\"Sec18\" class=\"Section2\"\u003e\u003ch2\u003e5.1 Performance of Active Data Cube (ADCu)\u003c/h2\u003e\u003cp\u003eThe effectiveness of the ADCu framework was evaluated based on three key performance metrics: attack mitigation, response time, and resource consumption. These metrics are essential to understanding how well ADCu can perform in cloud environments without compromising security or system performance.\u003c/p\u003e\u003cdiv id=\"Sec19\" class=\"Section3\"\u003e\u003ch2\u003e5.1.1 Attack Mitigation Rate\u003c/h2\u003e\u003cp\u003eThe attack mitigation rate is a crucial metric for assessing the framework's ability to prevent and mitigate various types of cyber-attacks. In the experiments, the ADCu framework demonstrated a significantly higher attack mitigation rate across different types of simulated attacks. These attacks included unauthorized access attempts, Denial of Service (DoS) attacks, and insider threats. The following table presents a summary of the attack mitigation rates for ADCu and other traditional security models.\u003c/p\u003e\u003cp\u003e\u003cdiv class=\"gridtable\"\u003e\u003ctable float=\"Yes\" id=\"Tab1\" border=\"1\"\u003e\u003ccaption language=\"En\"\u003e\u003cdiv class=\"CaptionNumber\"\u003eTable 5.1\u003c/div\u003e\u003cdiv class=\"CaptionContent\"\u003e\u003cp\u003eAttack Mitigation Rate Comparison\u003c/p\u003e\u003c/div\u003e\u003c/caption\u003e\u003ccolgroup cols=\"5\"\u003e\u003cdiv align=\"left\" class=\"colspec\" colname=\"c1\" colnum=\"1\"\u003e\u003c/div\u003e\u003cdiv align=\"left\" class=\"colspec\" colname=\"c2\" colnum=\"2\"\u003e\u003c/div\u003e\u003cdiv align=\"left\" class=\"colspec\" colname=\"c3\" colnum=\"3\"\u003e\u003c/div\u003e\u003cdiv align=\"left\" class=\"colspec\" colname=\"c4\" colnum=\"4\"\u003e\u003c/div\u003e\u003cdiv align=\"left\" class=\"colspec\" colname=\"c5\" colnum=\"5\"\u003e\u003c/div\u003e\u003cthead\u003e\u003ctr\u003e\u003cth align=\"left\" colname=\"c1\"\u003e\u003cp\u003eAttack Type\u003c/p\u003e\u003c/th\u003e\u003cth align=\"left\" colname=\"c2\"\u003e\u003cp\u003eADCu Mitigation Rate\u003c/p\u003e\u003c/th\u003e\u003cth align=\"left\" colname=\"c3\"\u003e\u003cp\u003eEncryption-Based System\u003c/p\u003e\u003c/th\u003e\u003cth align=\"left\" colname=\"c4\"\u003e\u003cp\u003eRBAC\u003c/p\u003e\u003c/th\u003e\u003cth align=\"left\" colname=\"c5\"\u003e\u003cp\u003eZero Trust Model\u003c/p\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd align=\"left\" colname=\"c1\"\u003e\u003cp\u003eUnauthorized Access\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c2\"\u003e\u003cp\u003e90%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c3\"\u003e\u003cp\u003e72%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c4\"\u003e\u003cp\u003e75%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c5\"\u003e\u003cp\u003e85%\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd align=\"left\" colname=\"c1\"\u003e\u003cp\u003eDenial of Service (DoS)\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c2\"\u003e\u003cp\u003e85%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c3\"\u003e\u003cp\u003e60%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c4\"\u003e\u003cp\u003e58%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c5\"\u003e\u003cp\u003e80%\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd align=\"left\" colname=\"c1\"\u003e\u003cp\u003eInsider Threats\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c2\"\u003e\u003cp\u003e91%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c3\"\u003e\u003cp\u003e68%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c4\"\u003e\u003cp\u003e62%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c5\"\u003e\u003cp\u003e78%\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd align=\"left\" colname=\"c1\"\u003e\u003cp\u003eAverage Mitigation Rate\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c2\"\u003e\u003cp\u003e88.67%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c3\"\u003e\u003cp\u003e66.67%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c4\"\u003e\u003cp\u003e65%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c5\"\u003e\u003cp\u003e81%\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/colgroup\u003e\u003c/table\u003e\u003c/div\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003c/div\u003e\u003cdiv id=\"Sec20\" class=\"Section3\"\u003e\u003ch2\u003e5.1.2 Response Time Comparison\u003c/h2\u003e\u003cp\u003eResponse time measures the speed with which the security framework can detect, respond to, and neutralize security threats. Faster response times are critical in minimizing damage caused by attacks. The following table compares the average response times of ADCu and traditional security models under simulated attack conditions.\u003c/p\u003e\u003cp\u003e\u003cdiv class=\"gridtable\"\u003e\u003ctable float=\"Yes\" id=\"Tab2\" border=\"1\"\u003e\u003ccaption language=\"En\"\u003e\u003cdiv class=\"CaptionNumber\"\u003eTable 5.2\u003c/div\u003e\u003cdiv class=\"CaptionContent\"\u003e\u003cp\u003eAverage Response Time Comparison\u003c/p\u003e\u003c/div\u003e\u003c/caption\u003e\u003ccolgroup cols=\"2\"\u003e\u003cdiv align=\"left\" class=\"colspec\" colname=\"c1\" colnum=\"1\"\u003e\u003c/div\u003e\u003cdiv align=\"char\" char=\".\" class=\"colspec\" colname=\"c2\" colnum=\"2\"\u003e\u003c/div\u003e\u003cthead\u003e\u003ctr\u003e\u003cth align=\"left\" colname=\"c1\"\u003e\u003cp\u003eSecurity Model\u003c/p\u003e\u003c/th\u003e\u003cth align=\"left\" colname=\"c2\"\u003e\u003cp\u003eAverage Response Time (ms)\u003c/p\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd align=\"left\" colname=\"c1\"\u003e\u003cp\u003eADCu\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c2\"\u003e\u003cp\u003e150\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd align=\"left\" colname=\"c1\"\u003e\u003cp\u003eEncryption-Based System\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c2\"\u003e\u003cp\u003e320\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd align=\"left\" colname=\"c1\"\u003e\u003cp\u003eRBAC\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c2\"\u003e\u003cp\u003e350\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd align=\"left\" colname=\"c1\"\u003e\u003cp\u003eZero Trust Model\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c2\"\u003e\u003cp\u003e250\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/colgroup\u003e\u003c/table\u003e\u003c/div\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003c/div\u003e\u003cdiv id=\"Sec21\" class=\"Section3\"\u003e\u003ch2\u003e5.1.3 Resource Consumption\u003c/h2\u003e\u003cp\u003eResource consumption is a critical metric for evaluating the efficiency of a security framework. It assesses the CPU usage and memory consumption during both normal operation and under attack conditions. The table below presents the resource consumption for ADCu and traditional models.\u003c/p\u003e\u003cp\u003e\u003cdiv class=\"gridtable\"\u003e\u003ctable float=\"Yes\" id=\"Tab3\" border=\"1\"\u003e\u003ccaption language=\"En\"\u003e\u003cdiv class=\"CaptionNumber\"\u003eTable 5.3\u003c/div\u003e\u003cdiv class=\"CaptionContent\"\u003e\u003cp\u003eResource Consumption Comparison\u003c/p\u003e\u003c/div\u003e\u003c/caption\u003e\u003ccolgroup cols=\"5\"\u003e\u003cdiv align=\"left\" class=\"colspec\" colname=\"c1\" colnum=\"1\"\u003e\u003c/div\u003e\u003cdiv align=\"left\" class=\"colspec\" colname=\"c2\" colnum=\"2\"\u003e\u003c/div\u003e\u003cdiv align=\"left\" class=\"colspec\" colname=\"c3\" colnum=\"3\"\u003e\u003c/div\u003e\u003cdiv align=\"left\" class=\"colspec\" colname=\"c4\" colnum=\"4\"\u003e\u003c/div\u003e\u003cdiv align=\"left\" class=\"colspec\" colname=\"c5\" colnum=\"5\"\u003e\u003c/div\u003e\u003cthead\u003e\u003ctr\u003e\u003cth align=\"left\" colname=\"c1\"\u003e\u003cp\u003eSecurity Model\u003c/p\u003e\u003c/th\u003e\u003cth align=\"left\" colname=\"c2\"\u003e\u003cp\u003eCPU Usage (Normal)\u003c/p\u003e\u003c/th\u003e\u003cth align=\"left\" colname=\"c3\"\u003e\u003cp\u003eMemory Usage (Normal)\u003c/p\u003e\u003c/th\u003e\u003cth align=\"left\" colname=\"c4\"\u003e\u003cp\u003eCPU Usage (Under Attack)\u003c/p\u003e\u003c/th\u003e\u003cth align=\"left\" colname=\"c5\"\u003e\u003cp\u003eMemory Usage (Under Attack)\u003c/p\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd align=\"left\" colname=\"c1\"\u003e\u003cp\u003eADCu\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c2\"\u003e\u003cp\u003e25%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c3\"\u003e\u003cp\u003e15%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c4\"\u003e\u003cp\u003e42%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c5\"\u003e\u003cp\u003e20%\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd align=\"left\" colname=\"c1\"\u003e\u003cp\u003eEncryption-Based System\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c2\"\u003e\u003cp\u003e38%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c3\"\u003e\u003cp\u003e28%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c4\"\u003e\u003cp\u003e55%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c5\"\u003e\u003cp\u003e32%\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd align=\"left\" colname=\"c1\"\u003e\u003cp\u003eRBAC\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c2\"\u003e\u003cp\u003e40%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c3\"\u003e\u003cp\u003e32%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c4\"\u003e\u003cp\u003e58%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c5\"\u003e\u003cp\u003e34%\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd align=\"left\" colname=\"c1\"\u003e\u003cp\u003eZero Trust Model\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c2\"\u003e\u003cp\u003e32%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c3\"\u003e\u003cp\u003e22%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c4\"\u003e\u003cp\u003e52%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c5\"\u003e\u003cp\u003e28%\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/colgroup\u003e\u003c/table\u003e\u003c/div\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv id=\"Sec22\" class=\"Section2\"\u003e\u003ch2\u003e5.2 Comparison with Traditional Security Approaches\u003c/h2\u003e\u003cp\u003eIn this section, we compare the ADCu framework with traditional security models, such as encryption-based systems, RBAC, and the Zero Trust Model. The comparison focuses on their effectiveness in addressing key cloud security challenges, particularly in terms of dynamic access control, data protection, and response times. Encryption-based systems provide robust data confidentiality by encrypting information both in transit and at rest. However, they are limited when it comes to managing dynamic access control or detecting and responding to emerging threats. While encryption ensures that data remains confidential, it does not protect against unauthorized access if the decryption keys are compromised. Moreover, encryption often introduces substantial computational overhead, especially in cloud environments where large datasets and high-volume attack scenarios are common. This limitation makes encryption-based systems less ideal for real-time security needs. In contrast, the ADCu framework offers a more comprehensive approach by combining real-time access control, automated threat detection, and active data protection. This makes ADCu not only more effective in protecting data but also more efficient in mitigating risks in dynamic cloud environments (Patell \u0026amp; Rekha, \u003cspan citationid=\"CR20\" class=\"CitationRef\"\u003e2014\u003c/span\u003e).\u003c/p\u003e\u003cp\u003eSimilarly, RBAC and Zero Trust are commonly used traditional security models, but each has its drawbacks in cloud environments. RBAC is useful for managing user access based on predefined roles, but it lacks flexibility. It struggles to adapt to dynamic cloud systems where users' roles and access needs constantly evolve. Zero Trust, while strengthening security by continuously verifying every access request, introduces performance issues due to the constant re-authentication process. This leads to higher latency and increased resource consumption, making Zero Trust less optimal in large-scale cloud environments (Patell \u0026amp; Rekha, \u003cspan citationid=\"CR20\" class=\"CitationRef\"\u003e2014\u003c/span\u003e). On the other hand, ADCu uses Attribute-Based Access Control (ABAC), which is more dynamic and flexible, allowing for real-time adjustments to access requirements as they change. Moreover, ADCu\u0026rsquo;s capability to automate threat detection and respond rapidly to incidents enhances its efficiency compared to Zero Trust, particularly in the context of cloud computing. Overall, the ADCu framework surpasses these traditional models by offering a more adaptable, scalable, and efficient approach to cloud security, especially in handling real-time security challenges and ensuring data protection.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003c/div\u003e\u003cdiv id=\"Sec23\" class=\"Section2\"\u003e\u003ch2\u003e5.3 Experimental Observations\u003c/h2\u003e\u003cp\u003eIn this section, we summarize the key observations from the experimental trials, particularly focusing on the performance of the ADCu framework in simulating a variety of cyber-attacks and evaluating its overall impact on cloud performance and scalability. The results provide insights into how effectively ADCu mitigates threats without significantly affecting system resources.\u003c/p\u003e\u003cp\u003eThe ADCu framework demonstrated exceptional effectiveness in handling cyber-attacks. It was particularly efficient at detecting and neutralizing unauthorized access attempts and insider threats. The framework's ability to continuously monitor for potential threats and to automatically respond in real time played a significant role in its success. By utilizing real-time monitoring and continuous threat detection, ADCu swiftly identified and neutralized attacks as they occurred, often preventing breaches before they could escalate. In contrast, traditional security models like RBAC and encryption-based systems struggled with detecting and mitigating insider threats, largely because these models are based on static policies that do not adapt to evolving threats. Since RBAC typically relies on predefined user roles and lacks dynamic response mechanisms, it cannot handle unexpected or rapidly changing security events, making it more vulnerable in complex and evolving cloud environments. Similarly, encryption-based systems, while strong in data protection, fail to provide adequate mechanisms for continuous monitoring or adaptive threat detection, leaving systems exposed to real-time attacks (Akinade \u0026amp; Adepoju, \u003cspan citationid=\"CR4\" class=\"CitationRef\"\u003e2025\u003c/span\u003e). This highlights ADCu\u0026rsquo;s advantage in dynamically managing security risks in cloud systems.\u003c/p\u003e\u003cp\u003eRegarding the impact on cloud performance and scalability, the ADCu framework exhibited minimal impact on resource consumption during both normal operations and under heavy attack conditions. Despite the advanced security measures in place, such as real-time monitoring and threat detection, the system maintained low CPU usage and memory consumption, even when subjected to multiple simultaneous attacks. This efficient use of resources indicates that ADCu is not only secure but also highly scalable, capable of handling large volumes of data and managing high loads without sacrificing performance. In fact, ADCu demonstrated that it could maintain a high level of performance while ensuring that security measures were continuously enforced.\u003c/p\u003e\u003cp\u003eOn the other hand, traditional security models like RBAC and Zero Trust showed significant resource consumption and performance degradation under similar attack conditions. RBAC struggled particularly with scalability, as its rigid structure could not easily adapt to the demands of dynamic, high-traffic cloud environments. Similarly, the Zero Trust Model, while strong in continuous verification of user identities, led to higher latency and increased resource overhead due to the continuous re-authentication process. This resulted in a performance drop, particularly in large-scale systems where low latency and high throughput are crucial. In contrast, ADCu's ability to maintain low resource usage while providing robust security defenses makes it a much more efficient choice for large-scale cloud environments, where performance and scalability are critical to ensuring smooth operations. This underscores ADCu\u0026rsquo;s edge over traditional security models, which often sacrifice performance for enhanced security.\u003c/p\u003e\u003cp\u003eIn summary, the ADCu framework not only excelled in cyber-attack mitigation but also demonstrated significant resource efficiency and scalability, making it an ideal choice for large and dynamic cloud environments. Its ability to handle high-performance demands while maintaining strong security measures gives it a distinct advantage over traditional models, especially in complex and evolving cloud infrastructures.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003c/div\u003e"},{"header":"6. Discussion","content":"\u003cp\u003eThe Active Data Cube (ADCu) framework represents a significant advancement in cloud security, offering a comprehensive solution to the growing concerns of data protection and access control in cloud environments. The findings from this study suggest that ADCu outperforms traditional security models, such as encryption-based systems, Role-Based Access Control (RBAC), and the Zero Trust Model, across multiple key metrics, including attack mitigation rate, response time, and resource consumption. Notably, the ADCu framework demonstrated an 88.67% attack mitigation rate, which was significantly higher than traditional models, which averaged around 65\u0026ndash;80%. This is particularly important in environments where sensitive data, such as personal health records, financial transactions, and intellectual property, needs to be secured against unauthorized access or malicious cyber-attacks. The real-time monitoring and continuous auditing provided by ADCu are pivotal in preventing unauthorized access and detecting insider threats\u0026mdash;issues that have become increasingly prevalent in modern cloud infrastructures.\u003c/p\u003e\u003cp\u003eIn addition to its strong security capabilities, the ADCu framework stands out for its resource efficiency. Cloud environments often face a delicate balance between maintaining high security and ensuring system performance, scalability, and availability. The results of the experiment indicate that ADCu excels in minimizing the performance overhead typically associated with security measures. With an average CPU usage of 25% and memory consumption of just 15% during normal operations, ADCu proved to be more resource-efficient compared to traditional systems, which exhibited much higher resource usage, especially under attack conditions. RBAC and Zero Trust, for example, demonstrated CPU usages of 40% and 55% during high-traffic conditions, indicating that while these models provide security, they do so at a significant cost to cloud resources. This efficiency is crucial for large-scale, multi-tenant cloud systems where performance must remain optimal to ensure uninterrupted service delivery and scalability. ADCu\u0026rsquo;s low resource consumption ensures that cloud service providers can maintain security without sacrificing the ability to scale dynamically, which is an inherent challenge with traditional security models. These findings suggest that ADCu could be highly beneficial in environments with high data throughput and varying workloads, where other security models may slow down performance.\u003c/p\u003e\u003cp\u003eThe strengths of the ADCu framework lie primarily in its multi-layered security architecture, which integrates real-time threat detection, dynamic access control, and active data protection. By combining these elements, ADCu offers an innovative approach to cloud security that provides fine-grained access control and continuous monitoring, ensuring that data is protected throughout its lifecycle. The Data Security and Control Layer and the Core Data Protection Layer of ADCu play critical roles in blocking unauthorized access and preventing data tampering. This flexibility allows ADCu to adapt to dynamic cloud environments where user roles and access needs frequently change. Traditional models such as RBAC struggle to provide this level of flexibility, often relying on predefined user roles that are not dynamic enough to keep up with changing security requirements. Similarly, while encryption-based systems offer strong protection for data in transit and at rest, they do not address issues such as insider threats or data leakage. ADCu\u0026rsquo;s active data management and automated threat detection capabilities position it as a highly effective solution for securing data in modern cloud environments where complex security threats are ever-evolving.\u003c/p\u003e\u003cp\u003eDespite its many strengths, the ADCu framework is not without limitations. One of the main challenges identified during the experiments is the complexity of implementation. The integration of ADCu into existing cloud infrastructures may require significant customization and configuration. For organizations with large, legacy cloud systems, adopting ADCu could involve substantial restructuring and investment in resources. Additionally, the integration of advanced security features such as dynamic access control and real-time threat monitoring may require specialized expertise. While ADCu was efficient in terms of resource consumption, scaling the framework to accommodate extremely large datasets or multi-cloud environments could present challenges. The potential for increased resource demands as the framework scales suggests that further optimization could be needed to ensure its applicability in highly complex cloud systems.\u003c/p\u003e\u003cp\u003eAnother limitation of the ADCu framework is its reliance on continuous monitoring and active security policies. While these features make ADCu highly effective in real-time threat mitigation, they can also lead to increased operational costs in the form of monitoring overhead. Real-time security operations often require ongoing updates and fine-tuning to stay ahead of emerging threats, which may involve additional manpower or automated tools. Therefore, it is important for organizations to evaluate whether the benefits of ADCu\u0026rsquo;s advanced security capabilities outweigh the potential costs in terms of operational complexity and maintenance. Moreover, while the ADCu framework excels at mitigating traditional cyber-attacks, it may need to be further developed to tackle more sophisticated threats, such as advanced persistent threats (APTs) or zero-day vulnerabilities, which require highly specialized detection and response mechanisms.\u003c/p\u003e\u003cp\u003eIn terms of opportunities for improvement, the ADCu framework could benefit from integrating machine learning or artificial intelligence (AI) capabilities to enhance its adaptive threat detection capabilities. AI could allow the framework to self-learn and evolve its security protocols based on emerging attack patterns and new vulnerabilities, making it even more effective at detecting and responding to threats in real-time. The integration of blockchain technology could also enhance the transparency and auditability of ADCu\u0026rsquo;s access control and data protection features, especially in environments where data provenance and integrity are of paramount importance, such as in the financial or healthcare sectors. Additionally, AI-driven predictive analytics could be employed to identify potential threats before they occur, further strengthening the proactive nature of ADCu\u0026rsquo;s defense mechanisms.\u003c/p\u003e\u003cp\u003eWhen compared to industry standards and best practices in cloud security, the ADCu framework aligns closely with leading security paradigms but introduces unique advantages that set it apart. Zero Trust models and RBAC are widely used in cloud security due to their ability to enforce strict access controls. However, these models struggle with dynamic user access and real-time threat response, which are key challenges in modern cloud systems. ADCu\u0026rsquo;s flexible and dynamic security policies allow it to offer more robust protection against insider threats, unauthorized access, and data breaches. Furthermore, its automated threat detection and data protection mechanisms make it a more scalable solution compared to traditional models, which are often resource-intensive and less adaptable to changing cloud environments.\u003c/p\u003e\u003cp\u003eIn conclusion, while the ADCu framework demonstrates clear advantages over traditional security models, there are areas where it could be further optimized to address emerging challenges in cloud security. By incorporating advanced technologies such as machine learning and blockchain, ADCu could evolve into a more intelligent and secure framework capable of addressing the most sophisticated threats. As cloud environments continue to grow in complexity and scale, frameworks like ADCu that combine real-time monitoring, dynamic access control, and active data protection will be crucial in ensuring the security, privacy, and integrity of cloud-based data.\u003c/p\u003e"},{"header":"7. Conclusion and Future Work","content":"\u003cdiv id=\"Sec26\" class=\"Section2\"\u003e\u003ch2\u003e7.1 Summary of Key Results\u003c/h2\u003e\u003cp\u003eThe evaluation of the Active Data Cube (ADCu) framework demonstrated its significant advantages in cloud security compared to traditional models like encryption-based systems, Role-Based Access Control (RBAC), and the Zero Trust Model. Key findings from this study indicate that ADCu excels in several crucial areas, such as attack mitigation, response time, and resource efficiency. The ADCu framework achieved an impressive attack mitigation rate of 88.67%, outperforming traditional systems in blocking unauthorized access and insider threats. Additionally, ADCu displayed the lowest response time, averaging just 150 milliseconds, making it significantly faster than the other security models. This rapid detection and response time are vital for maintaining the integrity of cloud systems in real-time. Finally, ADCu demonstrated resource efficiency with minimal CPU and memory consumption, even under attack scenarios, making it ideal for large-scale, multi-tenant cloud environments where performance and scalability are critical.\u003c/p\u003e\u003c/div\u003e\u003cdiv id=\"Sec27\" class=\"Section2\"\u003e\u003ch2\u003e7.2 Conclusion on the Effectiveness of ADCu in Enhancing Cloud Security\u003c/h2\u003e\u003cp\u003eThe results of this study highlight that the ADCu framework is highly effective in enhancing the security of cloud environments. By integrating dynamic access control, real-time threat monitoring, and active data protection, ADCu provides a comprehensive security solution capable of mitigating a wide range of threats, including insider threats, unauthorized access, and data breaches. Unlike traditional models that rely on static security policies, ADCu\u0026rsquo;s active security layers offer a more flexible and adaptive approach, which is essential in today\u0026rsquo;s dynamic and rapidly changing cloud environments. The real-time threat detection capabilities of ADCu allow for immediate responses to security incidents, significantly reducing the window of vulnerability and minimizing potential damage from cyber-attacks. In comparison with conventional methods, ADCu\u0026rsquo;s combination of high attack mitigation rates, low resource consumption, and fast response times makes it a superior choice for modern cloud security.\u003c/p\u003e\u003c/div\u003e\u003cdiv id=\"Sec28\" class=\"Section2\"\u003e\u003ch2\u003e7.3 Future Research Directions\u003c/h2\u003e\u003cp\u003eAlthough the ADCu framework demonstrated excellent performance in this study, there are several avenues for future research that could further enhance its capabilities and applicability in a broader range of cloud environments.\u003c/p\u003e\u003cdiv id=\"Sec29\" class=\"Section3\"\u003e\u003ch2\u003e7.3.1 Integration of Artificial Intelligence and Machine Learning with ADCu\u003c/h2\u003e\u003cp\u003eOne promising direction for future work is the integration of Artificial Intelligence (AI) and Machine Learning (ML) techniques into the ADCu framework. By incorporating AI-based threat detection, ADCu could improve its ability to identify new and evolving threats that may not be captured by traditional security methods. Machine learning algorithms could be used to analyze patterns in user behavior and system activity, allowing ADCu to identify anomalies and potential threats faster and more accurately. AI could also enable the system to automatically adjust security policies in response to new vulnerabilities, making the system more adaptive and intelligent in real-time.\u003c/p\u003e\u003c/div\u003e\u003cdiv id=\"Sec30\" class=\"Section3\"\u003e\u003ch2\u003e7.3.2 Exploration of Blockchain for Enhanced Cloud Security\u003c/h2\u003e\u003cp\u003eAnother promising area of research is the integration of blockchain technology with ADCu to further enhance cloud security, particularly in terms of data integrity, transparency, and auditability. Blockchain could be used to create an immutable record of all data transactions and access events, ensuring that all actions within the cloud environment are verifiable and tamper-proof. This would provide an additional layer of security for sensitive data, such as healthcare records, financial transactions, and personal identification information, which are highly vulnerable to tampering. Additionally, blockchain\u0026rsquo;s decentralized nature could help mitigate the risks associated with a single point of failure, further strengthening the resilience of cloud-based systems. Future research could explore how blockchain can be seamlessly integrated with the ADCu framework to improve data security and trust in cloud services.\u003c/p\u003e\u003c/div\u003e\u003cdiv id=\"Sec31\" class=\"Section3\"\u003e\u003ch2\u003e7.3.3 Expanding ADCu to Other Sensitive Domains (Banking, Education)\u003c/h2\u003e\u003cp\u003eIn addition to the healthcare sector, where ADCu has demonstrated strong security capabilities, further research could investigate the framework\u0026rsquo;s applicability in other highly sensitive domains, such as banking and education. Both of these sectors require stringent security measures to protect financial transactions, student data, and research information. The banking sector faces numerous security challenges, including preventing fraud, protecting customer data, and complying with regulatory standards. Similarly, the education sector must safeguard student records, academic research, and intellectual property. Research into the customization of the ADCu framework for these sectors could reveal its potential to address the unique security challenges they face. By adapting the framework to meet the specific needs of industries like banking and education, ADCu could become an even more versatile and widely applicable security solution.\u003c/p\u003e\u003cp\u003eIn conclusion, while the ADCu framework has shown great promise in enhancing cloud security, there are significant opportunities for future research and improvement. The integration of AI and machine learning, the exploration of blockchain technology, and the adaptation of the framework to other sensitive domains will further extend its capabilities and solidify its place as a leading solution in cloud security. These advancements will help ensure that ADCu remains adaptable, scalable, and resilient to the evolving security challenges that cloud environments face today and in the future.\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e"},{"header":"Declarations","content":"\u003cp\u003e\u003cstrong\u003e8. Conflict of Interest\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNo conflicts of interest to declare.\u0026nbsp;\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e9. Ethics Approval\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThis study did not involve human participants or animals; therefore, ethical approval was not required.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e10. Funding\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThis research received no specific funding from any agency in the public, commercial, or not-for-profit sectors.\u0026nbsp;\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e11. Data Availability\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe data supporting the findings of this study are available from the corresponding author upon reasonable request.\u0026nbsp;\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e12. Authors Contribution\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eAll authors contributed to the conception, design, and execution of the study.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e13. Acknowledgement\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNo additional acknowledgements.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e14. Human Participants and/or Animals\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThis study did not involve human participants or animals.\u0026nbsp;\u003c/p\u003e"},{"header":"References","content":"\u003col\u003e\n\u003cli\u003eAbdulsalam, Y. S., \u0026amp; Hedabou, M. (2021). Decentralized data integrity scheme for preserving privacy in cloud computing. \u003cem\u003eProceedings of the 2021 International Conference on Security, Pattern Analysis, and Cybernetics (SPAC)\u003c/em\u003e, 607-612. IEEE. https://doi.org/10.1109/SPAC53836.2021.9539966\u003c/li\u003e\n\u003cli\u003eAhmadi, S. (2024). Systematic literature review on cloud computing security: Threats and mitigation strategies. \u003cem\u003eJournal of Information Security, 15\u003c/em\u003e, 148-167. https://doi.org/10.4236/jis.2024.152010\u003c/li\u003e\n\u003cli\u003eArmbrust, M., Fox, A., Griffith, R., Joseph, A. D., Katz, R. H., Konwinski, A., ... \u0026amp; Zaharia, M. (2010). A view of cloud computing. \u003cem\u003eCommunications of the ACM, 53\u003c/em\u003e(4), 50-58. https://doi.org/10.1145/1721654.1721672\u003c/li\u003e\n\u003cli\u003eAkinade, A. O., \u0026amp; Adepoju, P. A. (2025). Cloud security challenges and solutions: A review of current best practices. \u003cem\u003eInternational Journal of Multidisciplinary Research, 24\u003c/em\u003e(249).\u003c/li\u003e\n\u003cli\u003eBasu, S., Bardhan, A., Gupta, K., Saha, P., Pal, M., Bose, M., Basu, K., Chaudhury, S., \u0026amp; Sarkar, P. (2018). Cloud computing security challenges \u0026amp; solutions-A survey. \u003cem\u003eProceedings of the 2018 IEEE 8th Annual Computing and Communication Workshop and Conference (CCWC)\u003c/em\u003e, 347-356. IEEE. https://doi.org/10.1109/CCWC.2018.8301700\u003c/li\u003e\n\u003cli\u003eBentajer, A., Hedabou, M., Abouelmehdi, K., \u0026amp; Elfezazi, S. (2018). CS-IBE: A data confidentiality system in public cloud storage system. \u003cem\u003eProcedia Computer Science, 141\u003c/em\u003e, 559-564. https://doi.org/10.1016/j.procs.2018.10.136\u003c/li\u003e\n\u003cli\u003eChen, D., \u0026amp; Zhao, H. (2012). Data security and privacy protection issues in cloud computing. \u003cem\u003eProceedings of the 2012 International Conference on Computer Science and Electronics Engineering, 1\u003c/em\u003e, 647-651. IEEE. https://doi.org/10.1109/ICCSEE.2012.193\u003c/li\u003e\n\u003cli\u003eChauhan, M., \u0026amp; Shiaeles, S. (2023). An analysis of cloud security frameworks, problems and proposed solutions. \u003cem\u003eNetwork, 3\u003c/em\u003e(3), 1-18. https://doi.org/10.3390/network3030018\u003c/li\u003e\n\u003cli\u003eDi Giulio, C., Sprabery, R., Kamhoua, C., Kwiat, K., Campbell, R. H., \u0026amp; Bashir, M. N. (2017). Cloud standards in comparison: Are new security frameworks improving cloud security? \u003cem\u003eProceedings of the 2017 IEEE 10th International Conference on Cloud Computing (CLOUD)\u003c/em\u003e, 50-57. IEEE. https://doi.org/10.1109/CLOUD.2017.16\u003c/li\u003e\n\u003cli\u003eFernandes, D.A., et al. (2014). Security issues in cloud environments: A survey. \u003cem\u003eInternational Journal of Information Security, 13\u003c/em\u003e, 113-170.\u003c/li\u003e\n\u003cli\u003eGonzalez, N., Miers, C., Red\u0026iacute;golo, F., Simpl\u0026iacute;cio, M., Carvalho, T., N\u0026auml;slund, M., \u0026amp; Pourzandi, M. (2012). A quantitative analysis of current security concerns and solutions for cloud computing. \u003cem\u003eJournal of Cloud Computing: Advances, Systems and Applications, 1\u003c/em\u003e, Article 11. https://doi.org/10.1186/2192-113X-1-11\u003c/li\u003e\n\u003cli\u003eHashizume, K., Rosado, D. G., Fern\u0026aacute;ndez-Medina, E., \u0026amp; Fernandez, E. B. (2013). An analysis of security issues for cloud computing. \u003cem\u003eJournal of Internet Services and Applications, 4\u003c/em\u003e, Article 5. https://doi.org/10.1186/1869-0238-4-5\u003c/li\u003e\n\u003cli\u003eJensen, M., Schwenk, J., Gruschka, N., \u0026amp; Iacono, L. L. (2009). On technical security issues in cloud computing. \u003cem\u003eProceedings of the 2009 IEEE International Conference on Cloud Computing\u003c/em\u003e, 109-116. IEEE. https://doi.org/10.1109/CLOUD.2009.60\u003c/li\u003e\n\u003cli\u003eKasse, J. P., Xu, L., de Vrieze, P., \u0026amp; Bai, Y. (2019). Process driven access control and authorization approach. In \u003cem\u003eProceedings of the Fourth International Congress on Information and Communication Technology\u003c/em\u003e (pp. 313\u0026ndash;322). Springer.\u003c/li\u003e\n\u003cli\u003eKhan, M. A., Gupta, P., Sultan, A. A., Singh, P., Shivam, S., \u0026amp; Lourens, M. (2024). Security in cloud computing: Issues and challenges. \u003cem\u003eInternational Journal of Intelligent Systems and Applications in Engineering, 12\u003c/em\u003e(17s), 674-681.\u003c/li\u003e\n\u003cli\u003eKhodaarast, F. K., Sindhav, C., Nikam, S., Yekta, H. I., Kent, K. B., \u0026amp; Hakak, S. (2022). Cloud computing security: A survey of service-based models. \u003cem\u003eComputers \u0026amp; Security, 114\u003c/em\u003e, Article 102580. https://doi.org/10.1016/j.cose.2021.102580\u003c/li\u003e\n\u003cli\u003eKumar, R., \u0026amp; Goyal, R. (2019). On cloud security requirements, threats, vulnerabilities and countermeasures: A survey. \u003cem\u003eComputer Science Review, 33\u003c/em\u003e, 1-48. https://doi.org/10.1016/j.cosrev.2019.05.002\u003c/li\u003e\n\u003cli\u003eMather, T., Kumaraswamy, S., \u0026amp; Latif, S. (2009). \u003cem\u003eCloud security and privacy: An enterprise perspective on risks and compliance\u003c/em\u003e. O\u0026apos;Reilly Media.\u003c/li\u003e\n\u003cli\u003eNafea, R. A., \u0026amp; Almaiah, M. A. (2021). Cyber security threats in cloud: Literature review. \u003cem\u003eProceedings of the 2021 International Conference on Information Technology (ICIT)\u003c/em\u003e, 779-786. IEEE. https://doi.org/10.1109/ICIT52682.2021.9491114\u003c/li\u003e\n\u003cli\u003ePatell, N. S., \u0026amp; Rekha, B. S. (2014). Software as a service (SaaS): Security issues and solutions. \u003cem\u003eInternational Journal of Computational Engineering Research, 4\u003c/em\u003e(6), 50-58.\u003c/li\u003e\n\u003cli\u003ePearson, S. (2013). \u003cem\u003ePrivacy, security and trust in cloud computing\u003c/em\u003e. Springer.\u003c/li\u003e\n\u003cli\u003eRayaprolu, A., Kumar, R., \u0026amp; Singh, A. (2023). An analysis of cloud security frameworks, problems and proposed solutions. \u003cem\u003eFuture Internet, 15\u003c/em\u003e(3), Article 104. https://doi.org/10.3390/fi15030104\u003c/li\u003e\n\u003cli\u003eRasal, P. (2021). Cloud computing security issues and challenges: A survey. \u003cem\u003eJournal of Emerging Technologies and Innovative Research (JETIR), 8\u003c/em\u003e(6), e681.\u003c/li\u003e\n\u003cli\u003eSubashini, S., \u0026amp; Kavitha, V. (2011). A survey of security issues in service delivery models of cloud computing. \u003cem\u003eJournal of Network and Computer Applications, 34\u003c/em\u003e(1), 1-11. https://doi.org/10.1016/j.jnca.2010.05.003\u003c/li\u003e\n\u003cli\u003eTari, Z. (2014). Security and privacy in cloud computing. \u003cem\u003eIEEE Cloud Computing, 1\u003c/em\u003e(1), 54-57.\u003c/li\u003e\n\u003cli\u003eZissis, D., \u0026amp; Lekkas, D. (2012). Addressing cloud computing security issues. \u003cem\u003eFuture Generation Computer Systems, 28\u003c/em\u003e(3), 583-592. https://doi.org/10.1016/j.future.2011.06.007\u003c/li\u003e\n\u003c/ol\u003e"}],"fulltextSource":"","fullText":"","funders":[],"hasAdminPriorityOnWorkflow":false,"hasManuscriptDocX":true,"hasOptedInToPreprint":true,"hasPassedJournalQc":"","hasAnyPriority":false,"hideJournal":true,"highlight":"","institution":"","isAcceptedByJournal":false,"isAuthorSuppliedPdf":false,"isDeskRejected":"","isHiddenFromSearch":false,"isInQc":false,"isInWorkflow":false,"isPdf":false,"isPdfUpToDate":true,"isWithdrawnOrRetracted":false,"journal":{"display":true,"email":"[email protected]","identity":"researchsquare","isNatureJournal":false,"hasQc":true,"allowDirectSubmit":true,"externalIdentity":"","sideBox":"","snPcode":"","submissionUrl":"/submission","title":"Research Square","twitterHandle":"researchsquare","acdcEnabled":true,"dfaEnabled":false,"editorialSystem":"","reportingPortfolio":"","inReviewEnabled":false,"inReviewRevisionsEnabled":true},"keywords":"Active Data Cube, Cloud Security, Attack Mitigation, Access Control, Resource Efficiency","lastPublishedDoi":"10.21203/rs.3.rs-7028024/v1","lastPublishedDoiUrl":"https://doi.org/10.21203/rs.3.rs-7028024/v1","license":{"name":"CC BY 4.0","url":"https://creativecommons.org/licenses/by/4.0/"},"manuscriptAbstract":"\u003cp\u003eThis article presents the Active Data Cube (ADCu) framework as an innovative approach to enhancing data security and access control in cloud computing environments. The research evaluates ADCu's effectiveness in mitigating various types of cyber-attacks, including unauthorized access, insider threats, and Denial of Service (DoS) attacks. Through a comprehensive experimental setup, ADCu was compared with traditional security models such as encryption-based systems, Role-Based Access Control (RBAC), and the Zero Trust Model. The results indicate that ADCu outperforms these models in terms of attack mitigation rates, response time, and resource efficiency, making it an ideal solution for scalable and high-performance cloud environments. The study also highlights the potential for further integration with artificial intelligence and blockchain technologies to enhance its capabilities. Finally, a case study in healthcare cloud systems illustrates the practical application and benefits of ADCu in securing sensitive data. This research concludes with suggestions for future work, including expanding ADCu to other domains such as banking and education, and enhancing its adaptability to emerging security threats.\u003c/p\u003e","manuscriptTitle":"Enhancing Data Security and Access Control in Cloud Computing: A Comparative Study of Active Data Cube Framework (ADCu) and Traditional Approaches","msid":"","msnumber":"","nonDraftVersions":[{"code":1,"date":"2025-08-06 08:31:53","doi":"10.21203/rs.3.rs-7028024/v1","editorialEvents":[{"type":"communityComments","content":0}],"status":"published","journal":{"display":true,"email":"[email protected]","identity":"researchsquare","isNatureJournal":false,"hasQc":true,"allowDirectSubmit":true,"externalIdentity":"","sideBox":"","snPcode":"","submissionUrl":"/submission","title":"Research Square","twitterHandle":"researchsquare","acdcEnabled":true,"dfaEnabled":false,"editorialSystem":"","reportingPortfolio":"","inReviewEnabled":false,"inReviewRevisionsEnabled":true}}],"origin":"","ownerIdentity":"58160d87-b2f9-47ab-9844-9eccd139af79","owner":[],"postedDate":"August 6th, 2025","published":true,"recentEditorialEvents":[],"rejectedJournal":[],"revision":"","amendment":"","status":"posted","subjectAreas":[],"tags":[],"updatedAt":"2025-09-11T14:13:45+00:00","versionOfRecord":[],"versionCreatedAt":"2025-08-06 08:31:53","video":"","vorDoi":"","vorDoiUrl":"","workflowStages":[]},"version":"v1","identity":"rs-7028024","journalConfig":"researchsquare"},"__N_SSP":true},"page":"/article/[identity]/[[...version]]","query":{"redirect":"/article/rs-7028024","identity":"rs-7028024","version":["v1"]},"buildId":"XKTyCvWXoU3ODBz1xrDgd","isFallback":false,"isExperimentalCompile":false,"dynamicIds":[84888],"gssp":true,"scriptLoader":[]}

Text is read by the "Ask this paper" AI Q&A widget below. Extraction quality varies by source — PMC NXML preserves structure cleanly, OA-HTML may include some navigation residue, and OA-PDF can have broken hyphenation. The publisher copy (via DOI) is the canonical version.

My notes (saved in your browser only)

Ask this paper AI returns verbatim quotes from the full text · source: preprint-html

Answers must be backed by verbatim quotes from this paper's full text. Hallucinated quotes are dropped automatically; if no verbatim passage answers the question, we say so. How this works

Citation neighborhood (no data yet)

We don't have any in-corpus citations linked to this paper yet. This is a recent paper (2025) — citers typically take a year or two to land, and the OpenAlex reference graph may still be filling in.

Source provenance

europepmc
last seen: 2026-05-20T01:45:00.602351+00:00