Data Security Strategies and Technologies for Robust Cloud Computing

Data Security Strategies and Technologies for Robust Cloud Computing | Research Square window.SnipcartSettings = { analytics: { enabled: false } }; (function() { var accessVector = localStorage.getItem('access_vector') || ''; window.dataLayer = window.dataLayer || []; if (accessVector) { window.dataLayer.push({ user: { profile: { profileInfo: { snid: accessVector } } } }); } })(); (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src='https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);})(window,document,'script','dataLayer','GTM-K279D39R'); Browse Preprints In Review Journals COVID-19 Preprints AJE Video Bytes Research Tools Research Promotion AJE Professional Editing AJE Rubriq About Preprint Platform In Review Editorial Policies Our Team Advisory Board Help Center Sign In Submit a Preprint Cite Share Download PDF Research Article Data Security Strategies and Technologies for Robust Cloud Computing Hongyi Hao This is a preprint; it has not been peer reviewed by a journal. https://doi.org/ 10.21203/rs.3.rs-7404796/v1 This work is licensed under a CC BY 4.0 License Status: Under Review Version 1 posted 16 You are reading this latest preprint version Abstract With the widespread application of cloud computing in various fields, data security issues have become prominent. This study systematically reviews key data security technologies such as encryption, access control, and privacy computing in cloud computing environments, and analyzes their application scenarios and limitations. Quantitative evaluation of technical performance, security, and scalability through empirical analysis in industries such as finance and government. Research has found that cloud computing data security requires the construction of a dynamic collaborative technology ecosystem, and users and service providers have different security responsibilities under different cloud service models. The research results provide theoretical support for enterprises to formulate cloud security strategies and promote technological innovation, which helps to solve the contradiction between data security and business development, and promote the high-quality development of the cloud computing industry. Cloud computing Data security Encryption technology Access control Privacy Computing Figures Figure 1 Figure 2 1 Introduce With the acceleration of digital transformation, cloud computing has become the core infrastructure for enterprise data processing and storage. According to the latest data from IDC, the global cloud computing market will exceed 600 billion US dollars in 2024, and over 80% of enterprises in fields such as finance, healthcare, and government have achieved cloud based core business[ 1 ]. However, the distributed architecture, multi tenancy characteristics, and cross-border data flow requirements of cloud environments have brought unprecedented security challenges[ 2 – 4 ]. The 2023 Cloud Security Alliance (CSA) report states that data breaches, privilege abuse, and compliance risks rank among the top three cloud security threats, with over 60% of data breach incidents stemming from improper cloud service configuration[ 5 – 8 ]. Against the backdrop of increasingly stringent regulations such as the EU GDPR and China's Data Security Law, ensuring the confidentiality, integrity, and availability of data in the cloud has become a key bottleneck for the sustainable development of the cloud computing industry. To this end, this study systematically reviews core data security technologies such as encryption, access control, and privacy computing, and deeply analyzes their application scenarios and technical limitations in cloud environments. At the same time, by combining typical industry cases such as finance and government affairs, we will empirically evaluate the effectiveness of key technology combinations and explore security challenges and response strategies in emerging scenarios such as multi cloud collaboration and quantum computing. The research results aim to provide theoretical support for enterprises to formulate cloud security strategies, promote technological innovation, help solve the contradiction between data security and business development, and promote the high-quality development of the cloud computing industry. 2 Literature review Wang Jihong's article laid the foundation for the research in this article, providing the basic theory and early research ideas of cloud computing data security technology. Wang Jihong's exploration of key technologies for data security in cloud computing environments allows the author of this article to further clarify and deepen their understanding of encryption, access control, and other technologies based on this foundation, thereby conducting more in-depth performance evaluations of various encryption algorithms in the empirical analysis of this article. At the same time, its research results also provide reference for the application scenarios and limitations of the technology analyzed in this article, helping the author of this article to more comprehensively demonstrate the current status of cloud computing data security technology.Zhu Jianmei's research helps broaden the research perspective of this article, and her analysis of data security technology in cloud computing environments provides diverse research perspectives for this article. Zhu Jianmei's analysis may involve some technical details or application scenarios that were not thoroughly explored in this article, providing supplementary information for the author of this article. In terms of data integrity protection technology, Zhu Jianmei's research may provide different practical cases or technical optimization directions, allowing the author of this article to elaborate on relevant content more comprehensively and deeply. It also provides more ideas and materials for empirical analysis combined with industry cases such as finance and government affairs, enhancing the practicality and persuasiveness of the research. The significance of Wang Qingfeng's research for this article lies in providing multidimensional references for the study of key technologies for cloud computing data security protection. Wang Qingfeng's research results on key technologies for data security protection can help the author of this article more accurately grasp the key and difficult points of the technology. When studying access control and identity authentication technologies, their viewpoints provide the author with ideas for optimizing models and reducing costs, which is consistent with the analysis of the operating costs of access control models in this article. This further provides theoretical and practical support for the research in this field, and also provides reference for exploring security challenges and response strategies in emerging scenarios, promoting the in-depth development of this study. 3 Material and method 3.1 Basic technical system of data security In the current booming development of cloud computing, data security risks are closely related. To ensure the security of data storage, transmission, and access in the cloud, a series of basic technologies have become key defense lines. Next, a detailed analysis will be conducted from the two core levels shown in Fig. 1 . Data encryption, as the cornerstone of ensuring cloud computing data security, can be divided into static encryption and dynamic encryption. Static encryption is used for storing data, with disk encryption and database encryption being common methods[ 9 – 11 ]. Encryption algorithms such as AES and RSA are widely used. Key management systems represented by AWS KMS and Alibaba Cloud KMS have achieved full lifecycle management of keys, ensuring data storage security. Transparent encryption technology (TDE) further enhances static data security by automatically encrypting database data and logs. Dynamic encryption focuses on the data transmission process, and Transport Layer Security Protocol (TLS/SSL) is the core technology that ensures the secure transmission of data in the network[ 12 – 14 ]. It uses handshake protocols and encryption algorithms to ensure that data is not stolen or tampered with during transmission between clients and cloud servers. The HTTPS protocol, based on TLS/SSL, has become the standard for data transmission in web services. Although end-to-end encryption (E2EE) can achieve full data encryption, there are issues such as complex key distribution and poor compatibility in cloud service API calls. However, encryption technology is not perfect. Once the key is leaked, encryption becomes meaningless, and the encryption process consumes computing resources, affecting system performance. The development of quantum computing also poses a potential threat to traditional encryption algorithms[ 15 – 18 ].​ Access control and identity authentication are key to ensuring the security of cloud computing data access. In traditional access control models, ACL and RBAC are widely used for cloud tenant permission management. ACL achieves access control to resources by setting permission lists for users or user groups; RBAC simplifies permission management by assigning permissions based on roles. In the context of cloud computing, ABAC models are widely used, combining user attributes (such as department and position) and environmental attributes (such as device security status and geographic location) to achieve fine-grained permission control[ 19 – 20 ]. The zero trust architecture adheres to the principle of "never trust, always verify", and Continuous Identity Authentication (CIBA) technology further enhances access security. In terms of identity authentication, Multi Factor Authentication (MFA) integrates multiple methods such as SMS verification codes, biometric recognition, hardware tokens, etc. to enhance authentication strength; Federated Identity Management (FIM) utilizes protocols such as OAuth and OpenID Connect to achieve single sign on across cloud services, optimizing user experience while ensuring identity authentication security. 3.2 Data integrity, availability, and anti attack technology 1. Data integrity protection Data integrity is the key to ensuring that data is not illegally tampered with or destroyed during storage and transmission. Hash and digital signature technology are the most commonly used protection methods, which generate fixed length digests of data through hash algorithms such as SHA-256 and MD5. If the data is tampered with, the digest will change, thus quickly identifying data anomalies; Combined with digital signature technology, the authenticity of the data source can also be verified[ 21 – 25 ]. In the cloud storage audit scenario, the application of blockchain technology provides a higher level of protection for data integrity. Its tamper proof distributed ledger feature can record data operations in real time and trace them. For example, the full process flow of medical data can be verified and audited through smart contracts. In addition, in distributed systems, consensus algorithms such as Paxos and Raft ensure the consistency of data replicas in multi node environments through voting and negotiation between nodes, avoiding data inconsistency problems caused by network delays or failures.​ 2. Data availability and disaster recovery technology 3. Anti attack and intrusion detection Faced with increasingly complex network attacks, anti attack and intrusion detection technologies are the last line of defense to ensure cloud computing security. DDoS attack protection uses distributed traffic cleaning and intelligent recognition technology to filter malicious traffic in real time. Common cloud service providers' protection solutions such as AWS Shield and DDoS high protection IP can resist large-scale traffic attacks. Intrusion Detection and Response (IDPS) systems monitor network and host behavior in real-time through sensors deployed at critical nodes. Traditional rule-based detection methods are gradually being combined with machine learning, utilizing algorithms such as isolated forests and neural networks to achieve intelligent recognition of abnormal behavior. At the same time, the real-time threat intelligence sharing mechanism can quickly synchronize newly emerging attack characteristics to the protection system, enhancing overall defense capabilities. 3.3 Data privacy enhancement technology In the cloud computing data security system, data privacy enhancement technology is the core means of balancing data value mining and privacy protection. With the increasing demand for cross-border data flow and multi-party collaboration, traditional data protection methods are unable to meet the security requirements of "data available but invisible". Technologies such as federated learning, secure multi-party computing, and data anonymization have emerged.​ 1. Federated Learning Federated learning breaks the traditional centralized training model of data and achieves multi-party data collaborative modeling through the principle of "data doesn't move, model moves". In the medical field, patient data from different hospitals cannot be directly shared due to privacy protection requirements. Federated learning allows each hospital to train machine learning models locally, only uploading model parameter update results to the central server for aggregation, and ultimately generating a global model. This mechanism avoids the risk of raw data leakage while enhancing the model's generalization ability.​ 2. Secure multiparty computation (MPC) Secure multi-party computation is based on cryptographic protocols to achieve privacy protection in multi-party data collaborative computation. In the scenario of joint statistics, multiple enterprises need to calculate the average value of data, but do not want to expose their own data. MPC uses techniques such as obfuscation circuits and secret sharing to divide the data into encrypted fragments and distribute them to all parties involved. Each participant completes the calculation without obtaining complete data, and the final result is integrated by a trusted third party or distributed protocol. For example, when financial institutions jointly control risks, MPC can be used to achieve collaborative calculation of credit scoring models, ensuring data privacy. However, MPC has high computational complexity and limited efficiency in large-scale data processing. Currently, hardware acceleration (such as FPGA) and algorithm optimization are commonly used to improve performance. 3. Data desensitization technology Static desensitization intervenes in the data storage stage, using techniques such as anonymization and de identification to convert raw data that can identify personal identity or sensitive information into irreversible anonymous data, achieving the elimination of the association between data subjects and sensitive information; Dynamic desensitization focuses on data access scenarios, adjusting desensitization rules in real-time based on user permission attributes and operational scenarios. Differentiated processing is implemented for sensitive data of different levels, ensuring normal data usage while minimizing the risk of sensitive information leakage. Taking the medical data sharing scenario as an example, dynamic desensitization can hide the ID number number and contact information in the patient's medical record, and retain the diagnosis and treatment information for scientific research analysis to avoid the loss of value of data due to excessive desensitization. It is necessary to develop refined strategies through data value assessment and risk analysis. 4. The trend of emerging technology integration With the increasing demand for privacy computing, federated learning, secure multi-party computing, and blockchain technology are gradually integrating. With the decentralized ledger feature, blockchain can fully record the data usage trajectory and model iteration process, form tamper proof operation logs, and achieve transparent traceability of the entire data lifecycle. Smart contracts serve as automated execution engines, encoding pre-set privacy protection rules into executable code to ensure strict compliance in data processing, sharing, and other aspects. This technology integration has demonstrated significant advantages in the construction of smart cities. By building a blockchain based federated learning platform, it can not only ensure the security of citizens' privacy data, but also achieve efficient cross departmental collaborative utilization of urban traffic flow analysis and environmental monitoring data, promoting the dual enhancement of data value and security protection. 4 Result 4.1 Empirical analysis In order to verify the actual effectiveness of key data security technologies in cloud computing environments, this study selected typical application scenarios in industries such as finance, healthcare, and government. Through comparative experiments, stress testing, and long-term tracking, the performance, security, and scalability of core technologies such as encryption, access control, and privacy computing were quantitatively evaluated. Based on multidimensional datasets, we will conduct in-depth analysis from the dimensions of algorithm efficiency, permission management, privacy protection, and multi-party collaboration. 1. Comprehensive evaluation of encryption algorithm performance and security To comprehensively evaluate the performance of different encryption technologies in cloud environments, this study designed cross platform testing, covering AES-256, RSA-4096, TDE, and emerging quantum resistant algorithms. The test dataset size ranges from 1GB to 10TB, recording encryption and decryption time, CPU usage, and attack resistance (based on NIST SP 800-175B standard). The results are shown in Table 1 . Table 1 Comprehensive Performance Comparison of Encryption Algorithms (10TB Dataset) Algorithm Type Encryption Time (s) Decryption Time (s) CPU Peak Usage (%) Resistance to Brute Force Attack (Years) Key Management Complexity (1–5) AES-256-GCM 142.3 138.7 78% 1.2×10²⁶ 2.1 RSA-4096 2104.8 2189.5 92% 1.5×10³⁰ 4.7 TDE (AES Underlying) 98.6 95.2 65% 1.2×10²⁶ 3.8 Lattice-based 387.5 401.2 84% Theoretical Unbreakable 4.9 As shown in Table 1 , TDE performs the best in efficiency, but its key management complexity is relatively high due to its reliance on the key rotation mechanism of the database engine. AES-256 achieves the best balance between performance and security, making it suitable for real-time business scenarios, but its ability to resist quantum computing is insufficient. Although RSA-4096 has extremely high security, its encryption and decryption time is 15 times that of AES, making it only suitable for low-frequency key exchange. It is worth noting that although Lattice based algorithms have quantum resistance, their current computational efficiency is only 1/4 of AES, and the key management complexity is close to the perfect score (4.9), reflecting the technical bottleneck of post quantum cryptography. Further analysis (Fig. 2 ) shows that when the data size exceeds 5TB, the CPU usage of traditional algorithms increases nonlinearly, while the memory usage of Lattice based algorithms skyrockets, indicating that the existing hardware architecture still needs to be optimized to support new algorithms. 2. Operational Cost Analysis of Fine grained Access Control Model To quantify the actual benefits of the access control model, this study deployed RBAC, ABAC, and Zero Trust Architecture (ZTA) in the enterprise cloud platform, and continuously monitored the operation and maintenance costs and security events for 6 months. The key data are shown in Table 2 . Table 2 Comprehensive Cost Comparison of Access Control Models (Unit: 10000 USD) Metric RBAC ABAC ZTA Initial Deployment Cost 12.5 28.7 53.2 Monthly Maintenance Cost 1.2 3.8 6.5 Loss Due to Permission Errors 47.3 8.6 2.1 Security Incident Response Cost 15.9 6.2 1.4 Total TCO (6 Months) 88.3 68.1 96.7 Table 2 reveals a counterintuitive conclusion: although ZTA has the highest initial deployment cost, it reduces the security incident response cost to 14000 through continuous authentication and micro isolation technology, far lower than RBAC. ABAC performs the best in total cost of ownership (TCO) as it strikes a balance between control privilege errors and operational costs. Deep data analysis found that 73% of ZTA's maintenance costs are used for the computing power consumption of the AI behavior analysis engine, while ABAC's attribute rule library updates account for 62% of its costs. 3. The Combination Effect of Security Technologies in Multi Cloud Architecture To verify the collaborative value of technology, this study deployed seven security technology combinations on three types of cloud platforms (AWS/Azure/Alibaba Cloud) and tested their effectiveness in resisting Advanced Persistent Threat (APT) attacks. The data was collected from 315 simulated attacks, and the key indicators are shown in Table 3 . Table 3 Effectiveness of Multi Cloud Security Technology Combination Technology Combination Attack Interception Rate (%) False Positive Rate (%) Average Response Time (ms) Cross-Cloud Policy Consistency (1–5) Encryption + Basic ACL 68.3 12.7 483 2.1 Encryption + ABAC + IDS 89.5 8.3 217 3.8 Full Stack (including FL + TDE + ZTA) 97.6 4.1 159 4.9 Full Stack + Threat Intelligence Federation 99.2 2.7 112 5.0 Table 3 demonstrates that the interception rate relying solely on encryption and basic access control (ACL) is only 68.3%, and the cross cloud policy consistency score is as low as 2.1. After introducing ABAC and intrusion detection system (IDS), the interception rate increased to 89.5%, but the false positive rate still reached 8.3%. The full stack solution (including federated learning and zero trust) pushes performance to the extreme, while the additional integration of threat intelligence federation achieves an interception rate of 99.2% and a response speed of 112ms - thanks to the real-time shared APT feature library that shortens the detection window by 72%. This empirical study reveals through a large-scale dataset and long-term operational data that cloud computing data security is not something that can be solved by a single technology, and requires the construction of a dynamic collaborative technology ecosystem. The field of encryption requires a balance between quantum security and performance loss, and the Lattice algorithm is currently only suitable for key exchange scenarios; ABAC demonstrates the best cost-effectiveness ratio in access control, but ZTA is irreplaceable in combating internal threats. Ultimately, multi cloud security defense proves that the combination of full stack technology and threat intelligence federation can achieve an attack interception rate of over 99%, but requires an additional computing cost of about 30%. These findings provide a quantitative basis for enterprises to find the optimal solution between budget, compliance, and risk, and also point out the development direction of "intelligent collaboration and deep defense" for the next generation of cloud security architecture. 5 Discussion In the field of cloud computing, there are significant differences in data security management among IaaS, PaaS, and SaaS service models, which directly affect the formulation and implementation of data security strategies. Under the IaaS (Infrastructure as a Service) model, users have a high degree of control over virtual resources and are responsible for the security configuration of operating systems, middleware, and applications, including key security measures such as data encryption and access control. This mode gives users great flexibility, but also requires them to have strong security technology capabilities. If not configured properly, it can easily lead to security vulnerabilities. PaaS (Platform as a Service) provides a platform for developing, testing, and deploying applications. Service providers are responsible for the security of underlying infrastructure and platform software, while users primarily focus on application layer data security. Compared to IaaS, PaaS reduces the burden on users in basic security management, but users still need to ensure application code security and data privacy protection. In the SaaS (Software as a Service) model, service providers are fully responsible for application, infrastructure, and data security, and users only access services through browsers or clients. Although users do not need to configure underlying security, they lack direct control over data security policies and rely on the security capabilities and compliance of service providers. Overall, the differences in cloud service models determine the security responsibility boundary between users and service providers. When users choose cloud services, they need to weigh the pros and cons of different models based on their own security needs and technical capabilities, and develop suitable data security strategies. 6 Conclusion This study conducts an in-depth exploration of key data security technologies in cloud computing environments, clarifying the characteristics, advantages, and disadvantages of various technologies. Empirical analysis shows that a single technology is difficult to meet the security requirements of cloud computing data and requires the collaboration of multiple technologies. There are significant differences in data security management among different cloud service models, and users should choose the appropriate model and develop strategies based on their own situation. The research results provide decision-making basis for enterprises in cloud computing data security management, helping them balance data security and business development. In the future, cloud computing data security technology should develop towards intelligent collaboration and deep defense. In terms of encryption technology, it is necessary to break through the performance bottleneck of post quantum cryptography, improve security while also considering efficiency. In terms of access control, continuously optimize the model to reduce costs and improve security. With the increasing demand for cross-border data flow and multi-party collaboration, it is necessary to strengthen the integration and innovation of privacy computing technology. In addition, attention should also be paid to the impact of emerging technologies on cloud computing data security, such as the application of artificial intelligence in security detection and defense, continuously improving the cloud computing data security system, and ensuring the sustainable and healthy development of the cloud computing industry. Declarations Clinical trial registration Not applicable. Consent to Publish declaration Not applicable. Ethics declaration Not applicable. Consent to Participate declaration Not applicable. Conflicts of interest The authors declare that they have no conflicts of interest. Funding statement This work was not supported by any funds. Author Contribution The author independently completed all the work of this research, including: proposing the research topic and overall framework, systematically sorting out key technologies such as encryption, access control, and privacy computing, designing and implementing empirical analysis plans for industries such as finance and government affairs, conducting data collection, performance evaluation and results discussion, and writing, revising and finalizing the paper. Acknowledgements The authors would like to show sincere thanks to those techniques who have contributed to this research. Data availability emphasizes that data can be accessed and used by legitimate users at any time. The backup and recovery mechanism is the foundation for ensuring data availability, and strategies such as full backup, incremental backup, and differential backup provide users with flexible choices. Cloud service providers such as Azure Backup typically provide professional backup services, supporting automatic backup plans and multi version recovery to reduce the risk of data loss. Cross regional disaster recovery (DR) further enhances system reliability. Through a remote multi active architecture, when the primary data center encounters natural disasters, network attacks, and other failures, it can quickly switch to the backup data center to achieve continuous business operation. RTO (Recovery Time Objective) and RPO (Recovery Point Objective) have become key indicators for measuring disaster recovery effectiveness. In addition, elastic scaling and load balancing technology can dynamically adjust computing resources through Auto Scaling, automatically adding or removing server instances according to changes in business traffic, avoiding service unavailability caused by resource depletion, and ensuring that cloud services are always running efficiently.​ Data availability The data used to support the findings of this study are included in the article. References Zulifqar I, Anayat S, Khara I. A review of data security challenges and their solutions in cloud computing. Int J Inform Eng Electron Bus. 2021;12(3):30. Hajare R, Hodage R, Wangwad O, Mali Y, Bagwan F. Data security in cloud. Int J Sci Res Comput Sci Eng Inform Technol (IJSRCSEIT). 2021;8(3):240–5. Namasudra S, Devi D, Kadry S, Sundarasekar R, Shanthini A. Towards DNA based data security in the cloud computing environment. Comput Commun. 2020;151:539–47. Wang Z, Wang N, Su X, Ge S. An empirical study on business analytics affordances enhancing the management of cloud computing data security. Int J Inf Manag. 2020;50:387–94. Thabit F, Alhomdy S, Al-Ahdal AH, Jagtap S. (2021). A new lightweight cryptographic algorithm for enhancing data security in cloud computing. Global Transitions Proceedings, 2(1), 91–99. Joshi M, Budhani S, Tewari N, Prakash S. (2021, April). Analytical review of data security in cloud computing. In 2021 2nd International conference on intelligent engineering and management (ICIEM) (pp. 362–366). IEEE. Mohammed S, Nanthini S, Krishna NB, Srinivas IV, Rajagopal M, Kumar MA. A new lightweight data security system for data security in the cloud computing. Volume 29. Measurement: Sensors; 2023. p. 100856. Thabit F, Alhomdy S, Jagtap S. A new data security algorithm for the cloud computing based on genetics techniques and logical-mathematical functions. Int J Intell Networks. 2021;2:18–33. Farsi M, Ali M, Shah RA, Wagan AA, Kharabsheh R. Cloud computing and data security threats taxonomy: A review. J Intell Fuzzy Syst. 2020;38(3):2517–27. Yang P, Xiong N, Ren J. Data security and privacy protection for cloud storage: A survey. Ieee Access. 2020;8:131723–40. Chinnasamy P, Padmavathi S, Swathy R, Rakesh S. (2021). Efficient data security using hybrid cryptography on cloud computing. In Inventive Communication and Computational Technologies: Proceedings of ICICCT 2020 (pp. 537–547). Springer Singapore. Gupta R, Saxena D, Singh AK. (2021). Data security and privacy in cloud computing: concepts and emerging trends. arXiv preprint arXiv:2108.09508. Ogiela U. Cognitive cryptography for data security in cloud computing. Concurrency Computation: Pract Experience. 2020;32(18):e5557. Adee R, Mouratidis H. A dynamic four-step data security model for data in cloud computing based on cryptography and steganography. Sensors. 2022;22(3):1109. Mo Y. A data security storage method for IoT under Hadoop cloud computing platform. Int J Wireless Inf Networks. 2019;26(3):152–7. Tang Z. (2020, October). A preliminary study on data security technology in big data cloud computing environment. In 2020 International Conference on Big Data & Artificial Intelligence & Software Engineering (ICBASE) (pp. 27–30). IEEE. Ogiela L, Ogiela MR, Ko H. Intelligent data management and security in cloud computing. Sensors. 2020;20(12):3458. Pawar AB, Ghumbre SU, Jogdand RM. Privacy preserving model-based authentication and data security in cloud computing. Int J Pervasive Comput Commun. 2023;19(2):173–90. Gupta K, Gupta D, Prasad SK, Johri P. (2021, March). A Review on Cryptography based Data Security Techniques for the Cloud Computing. In 2021 International Conference on Advance Computing and Innovative Technologies in Engineering (ICACITE) (pp. 1039–1044). IEEE. Lo'ai AT, Saldamli G. Reconsidering big data security and privacy in cloud and mobile cloud systems. J King Saud University-Computer Inform Sci. 2021;33(7):810–9. Jones KI, Suchithra R. Information security: A coordinated strategy to guarantee data security in cloud computing. Int J Data Inf Intell Comput. 2023;2(1):11–31. Wang F, Wang H, Xue L. (2021, March). Research on data security in big data cloud computing environment. In 2021 IEEE 5th Advanced Information Technology, Electronic and Automation Control Conference (IAEAC) (pp. 1446–1450). IEEE. Tahir M, Sardaraz M, Mehmood Z, Muhammad S. CryptoGA: a cryptosystem based on genetic algorithm for cloud data security. Cluster Comput. 2021;24(2):739–52. Xiaoyu W, Zhengming G. (2020, September). Research and development of data security multidimensional protection system in cloud computing environment. In 2020 International Conference on Advance in Ambient Computing and Intelligence (ICAACI) (pp. 67–70). IEEE. Nalajala S, Moukthika B, Kaivalya M, Samyuktha K, Pratap NL. (2020). Data security in cloud computing using three-factor authentication. In International Conference on Communication, Computing and Electronics Systems: Proceedings of ICCCES 2019 (pp. 343–354). Springer Singapore. Additional Declarations No competing interests reported. Cite Share Download PDF Status: Under Review Version 1 posted Editorial decision: Revision requested 19 Oct, 2025 Reviews received at journal 08 Oct, 2025 Reviews received at journal 02 Oct, 2025 Reviewers agreed at journal 30 Sep, 2025 Reviews received at journal 29 Sep, 2025 Reviewers agreed at journal 29 Sep, 2025 Reviews received at journal 28 Sep, 2025 Reviewers agreed at journal 24 Sep, 2025 Reviewers agreed at journal 24 Sep, 2025 Reviewers agreed at journal 20 Sep, 2025 Reviewers agreed at journal 08 Sep, 2025 Reviewers invited by journal 08 Sep, 2025 Editor invited by journal 08 Sep, 2025 Editor assigned by journal 22 Aug, 2025 Submission checks completed at journal 22 Aug, 2025 First submitted to journal 19 Aug, 2025 You are reading this latest preprint version Research Square lets you share your work early, gain feedback from the community, and start making changes to your manuscript prior to peer review in a journal. As a division of Research Square Company, we’re committed to making research communication faster, fairer, and more useful. We do this by developing innovative software and high quality services for the global research community. Our growing team is made up of researchers and industry professionals working together to solve the most critical problems facing scientific publishing. Also discoverable on Platform About Our Team In Review Editorial Policies Advisory Board Help Center Resources Author Services Accessibility API Access RSS feed Manage Cookie Preferences © Research Square 2026 | ISSN 2693-5015 (online) Privacy Policy Terms of Service Do Not Sell My Personal Information {"props":{"pageProps":{"initialData":{"identity":"rs-7404796","acceptedTermsAndConditions":true,"allowDirectSubmit":false,"archivedVersions":[],"articleType":"Research Article","associatedPublications":[],"authors":[{"id":512023997,"identity":"284eedf9-b242-4773-9c43-529ae9a904f9","order_by":0,"name":"Hongyi Hao","email":"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAZAAAAAyAQMAAABI0h/eAAAABlBMVEX///8AAABVwtN+AAAACXBIWXMAAA7EAAAOxAGVKw4bAAAAwUlEQVRIiWNgGAWjYNCCChs5fmbmww9I0HImzViynS3NgHgdjG2HEzec51GQIEq1/IzkY9K8bWnGxod5GAwYamyiCWoxuJGWJs1zzkbO7DDvgQcMx9JyGwhqkcgxk+YpSzM2O8yXYMDYcJiwFvkZIC1shxM3N/MYSBClheEGSAvI+8zEajE48yzZcg4wkCUOAwM5gRi/yLcnH7zxBhSV/YcPP/hQY0OEwxgYWBDRkUCEchBg/kCkwlEwCkbBKBipAABzZTyPOd4H5gAAAABJRU5ErkJggg==","orcid":"","institution":"Shanxi Institute of Technology","correspondingAuthor":true,"prefix":"","firstName":"Hongyi","middleName":"","lastName":"Hao","suffix":""}],"badges":[],"createdAt":"2025-08-19 05:53:09","currentVersionCode":1,"declarations":"","doi":"10.21203/rs.3.rs-7404796/v1","doiUrl":"https://doi.org/10.21203/rs.3.rs-7404796/v1","draftVersion":[],"editorialEvents":[],"editorialNote":"","failedWorkflow":false,"files":[{"id":91360498,"identity":"fecb5a6b-6799-41d6-96f3-615425be0f6f","added_by":"auto","created_at":"2025-09-15 16:19:33","extension":"png","order_by":1,"title":"Figure 1","display":"","copyAsset":false,"role":"figure","size":39727,"visible":true,"origin":"","legend":"\u003cp\u003eThe Two Core Levels of Data Security\u003c/p\u003e","description":"","filename":"floatimage1.png","url":"https://assets-eu.researchsquare.com/files/rs-7404796/v1/4579d1d431674bef28ffbca6.png"},{"id":91360502,"identity":"e06b1306-4aee-4f95-846a-f8971ecb23ad","added_by":"auto","created_at":"2025-09-15 16:19:33","extension":"png","order_by":2,"title":"Figure 2","display":"","copyAsset":false,"role":"figure","size":41932,"visible":true,"origin":"","legend":"\u003cp\u003eComparison of Resource Utilization of Encryption Algorithms with Different Data Sizes\u003c/p\u003e","description":"","filename":"floatimage2.png","url":"https://assets-eu.researchsquare.com/files/rs-7404796/v1/fecebdebcb9f7731b3f1ebf9.png"},{"id":91361720,"identity":"6f5f5541-e667-4364-b22a-d0a602da3e26","added_by":"auto","created_at":"2025-09-15 16:35:38","extension":"pdf","order_by":0,"title":"","display":"","copyAsset":false,"role":"manuscript-pdf","size":883598,"visible":true,"origin":"","legend":"","description":"","filename":"manuscript.pdf","url":"https://assets-eu.researchsquare.com/files/rs-7404796/v1/199ce943-8826-4cef-8201-09c25b281294.pdf"}],"financialInterests":"No competing interests reported.","formattedTitle":"Data Security Strategies and Technologies for Robust Cloud Computing","fulltext":[{"header":"1 Introduce","content":"\u003cp\u003eWith the acceleration of digital transformation, cloud computing has become the core infrastructure for enterprise data processing and storage. According to the latest data from IDC, the global cloud computing market will exceed 600\u0026nbsp;billion US dollars in 2024, and over 80% of enterprises in fields such as finance, healthcare, and government have achieved cloud based core business[\u003cspan citationid=\"CR1\" class=\"CitationRef\"\u003e1\u003c/span\u003e]. However, the distributed architecture, multi tenancy characteristics, and cross-border data flow requirements of cloud environments have brought unprecedented security challenges[\u003cspan additionalcitationids=\"CR3\" citationid=\"CR2\" class=\"CitationRef\"\u003e2\u003c/span\u003e\u0026ndash;\u003cspan citationid=\"CR4\" class=\"CitationRef\"\u003e4\u003c/span\u003e]. The 2023 Cloud Security Alliance (CSA) report states that data breaches, privilege abuse, and compliance risks rank among the top three cloud security threats, with over 60% of data breach incidents stemming from improper cloud service configuration[\u003cspan additionalcitationids=\"CR6 CR7\" citationid=\"CR5\" class=\"CitationRef\"\u003e5\u003c/span\u003e\u0026ndash;\u003cspan citationid=\"CR8\" class=\"CitationRef\"\u003e8\u003c/span\u003e]. Against the backdrop of increasingly stringent regulations such as the EU GDPR and China's Data Security Law, ensuring the confidentiality, integrity, and availability of data in the cloud has become a key bottleneck for the sustainable development of the cloud computing industry.\u003c/p\u003e\u003cp\u003eTo this end, this study systematically reviews core data security technologies such as encryption, access control, and privacy computing, and deeply analyzes their application scenarios and technical limitations in cloud environments. At the same time, by combining typical industry cases such as finance and government affairs, we will empirically evaluate the effectiveness of key technology combinations and explore security challenges and response strategies in emerging scenarios such as multi cloud collaboration and quantum computing. The research results aim to provide theoretical support for enterprises to formulate cloud security strategies, promote technological innovation, help solve the contradiction between data security and business development, and promote the high-quality development of the cloud computing industry.\u003c/p\u003e"},{"header":"2 Literature review","content":"\u003cp\u003eWang Jihong's article laid the foundation for the research in this article, providing the basic theory and early research ideas of cloud computing data security technology. Wang Jihong's exploration of key technologies for data security in cloud computing environments allows the author of this article to further clarify and deepen their understanding of encryption, access control, and other technologies based on this foundation, thereby conducting more in-depth performance evaluations of various encryption algorithms in the empirical analysis of this article. At the same time, its research results also provide reference for the application scenarios and limitations of the technology analyzed in this article, helping the author of this article to more comprehensively demonstrate the current status of cloud computing data security technology.Zhu Jianmei's research helps broaden the research perspective of this article, and her analysis of data security technology in cloud computing environments provides diverse research perspectives for this article. Zhu Jianmei's analysis may involve some technical details or application scenarios that were not thoroughly explored in this article, providing supplementary information for the author of this article. In terms of data integrity protection technology, Zhu Jianmei's research may provide different practical cases or technical optimization directions, allowing the author of this article to elaborate on relevant content more comprehensively and deeply. It also provides more ideas and materials for empirical analysis combined with industry cases such as finance and government affairs, enhancing the practicality and persuasiveness of the research.\u003c/p\u003e\u003cp\u003eThe significance of Wang Qingfeng's research for this article lies in providing multidimensional references for the study of key technologies for cloud computing data security protection. Wang Qingfeng's research results on key technologies for data security protection can help the author of this article more accurately grasp the key and difficult points of the technology. When studying access control and identity authentication technologies, their viewpoints provide the author with ideas for optimizing models and reducing costs, which is consistent with the analysis of the operating costs of access control models in this article. This further provides theoretical and practical support for the research in this field, and also provides reference for exploring security challenges and response strategies in emerging scenarios, promoting the in-depth development of this study.\u003c/p\u003e"},{"header":"3 Material and method","content":"\u003cdiv id=\"Sec4\" class=\"Section2\"\u003e\u003ch2\u003e3.1 Basic technical system of data security\u003c/h2\u003e\u003cp\u003eIn the current booming development of cloud computing, data security risks are closely related. To ensure the security of data storage, transmission, and access in the cloud, a series of basic technologies have become key defense lines. Next, a detailed analysis will be conducted from the two core levels shown in Fig.\u0026nbsp;\u003cspan refid=\"Fig1\" class=\"InternalRef\"\u003e1\u003c/span\u003e.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eData encryption, as the cornerstone of ensuring cloud computing data security, can be divided into static encryption and dynamic encryption. Static encryption is used for storing data, with disk encryption and database encryption being common methods[\u003cspan additionalcitationids=\"CR10\" citationid=\"CR9\" class=\"CitationRef\"\u003e9\u003c/span\u003e\u0026ndash;\u003cspan citationid=\"CR11\" class=\"CitationRef\"\u003e11\u003c/span\u003e]. Encryption algorithms such as AES and RSA are widely used. Key management systems represented by AWS KMS and Alibaba Cloud KMS have achieved full lifecycle management of keys, ensuring data storage security. Transparent encryption technology (TDE) further enhances static data security by automatically encrypting database data and logs. Dynamic encryption focuses on the data transmission process, and Transport Layer Security Protocol (TLS/SSL) is the core technology that ensures the secure transmission of data in the network[\u003cspan additionalcitationids=\"CR13\" citationid=\"CR12\" class=\"CitationRef\"\u003e12\u003c/span\u003e\u0026ndash;\u003cspan citationid=\"CR14\" class=\"CitationRef\"\u003e14\u003c/span\u003e]. It uses handshake protocols and encryption algorithms to ensure that data is not stolen or tampered with during transmission between clients and cloud servers. The HTTPS protocol, based on TLS/SSL, has become the standard for data transmission in web services. Although end-to-end encryption (E2EE) can achieve full data encryption, there are issues such as complex key distribution and poor compatibility in cloud service API calls. However, encryption technology is not perfect. Once the key is leaked, encryption becomes meaningless, and the encryption process consumes computing resources, affecting system performance. The development of quantum computing also poses a potential threat to traditional encryption algorithms[\u003cspan additionalcitationids=\"CR16 CR17\" citationid=\"CR15\" class=\"CitationRef\"\u003e15\u003c/span\u003e\u0026ndash;\u003cspan citationid=\"CR18\" class=\"CitationRef\"\u003e18\u003c/span\u003e].​\u003c/p\u003e\u003cp\u003eAccess control and identity authentication are key to ensuring the security of cloud computing data access. In traditional access control models, ACL and RBAC are widely used for cloud tenant permission management. ACL achieves access control to resources by setting permission lists for users or user groups; RBAC simplifies permission management by assigning permissions based on roles. In the context of cloud computing, ABAC models are widely used, combining user attributes (such as department and position) and environmental attributes (such as device security status and geographic location) to achieve fine-grained permission control[\u003cspan citationid=\"CR19\" class=\"CitationRef\"\u003e19\u003c/span\u003e\u0026ndash;\u003cspan citationid=\"CR20\" class=\"CitationRef\"\u003e20\u003c/span\u003e]. The zero trust architecture adheres to the principle of \"never trust, always verify\", and Continuous Identity Authentication (CIBA) technology further enhances access security. In terms of identity authentication, Multi Factor Authentication (MFA) integrates multiple methods such as SMS verification codes, biometric recognition, hardware tokens, etc. to enhance authentication strength; Federated Identity Management (FIM) utilizes protocols such as OAuth and OpenID Connect to achieve single sign on across cloud services, optimizing user experience while ensuring identity authentication security.\u003c/p\u003e\u003cp\u003e\u003cb\u003e3.2 Data integrity, availability, and anti attack technology\u003c/b\u003e\u003c/p\u003e\u003c/div\u003e\n\u003ch3\u003e1. Data integrity protection\u003c/h3\u003e\n\u003cp\u003eData integrity is the key to ensuring that data is not illegally tampered with or destroyed during storage and transmission. Hash and digital signature technology are the most commonly used protection methods, which generate fixed length digests of data through hash algorithms such as SHA-256 and MD5. If the data is tampered with, the digest will change, thus quickly identifying data anomalies; Combined with digital signature technology, the authenticity of the data source can also be verified[\u003cspan additionalcitationids=\"CR22 CR23 CR24\" citationid=\"CR21\" class=\"CitationRef\"\u003e21\u003c/span\u003e\u0026ndash;\u003cspan citationid=\"CR25\" class=\"CitationRef\"\u003e25\u003c/span\u003e]. In the cloud storage audit scenario, the application of blockchain technology provides a higher level of protection for data integrity. Its tamper proof distributed ledger feature can record data operations in real time and trace them. For example, the full process flow of medical data can be verified and audited through smart contracts. In addition, in distributed systems, consensus algorithms such as Paxos and Raft ensure the consistency of data replicas in multi node environments through voting and negotiation between nodes, avoiding data inconsistency problems caused by network delays or failures.​\u003c/p\u003e\n\u003ch3\u003e2. Data availability and disaster recovery technology\u003c/h3\u003e\n\n\u003ch3\u003e3. Anti attack and intrusion detection\u003c/h3\u003e\n\u003cp\u003eFaced with increasingly complex network attacks, anti attack and intrusion detection technologies are the last line of defense to ensure cloud computing security. DDoS attack protection uses distributed traffic cleaning and intelligent recognition technology to filter malicious traffic in real time. Common cloud service providers' protection solutions such as AWS Shield and DDoS high protection IP can resist large-scale traffic attacks. Intrusion Detection and Response (IDPS) systems monitor network and host behavior in real-time through sensors deployed at critical nodes. Traditional rule-based detection methods are gradually being combined with machine learning, utilizing algorithms such as isolated forests and neural networks to achieve intelligent recognition of abnormal behavior. At the same time, the real-time threat intelligence sharing mechanism can quickly synchronize newly emerging attack characteristics to the protection system, enhancing overall defense capabilities.\u003c/p\u003e\u003cdiv id=\"Sec8\" class=\"Section2\"\u003e\u003ch2\u003e3.3 Data privacy enhancement technology\u003c/h2\u003e\u003cp\u003eIn the cloud computing data security system, data privacy enhancement technology is the core means of balancing data value mining and privacy protection. With the increasing demand for cross-border data flow and multi-party collaboration, traditional data protection methods are unable to meet the security requirements of \"data available but invisible\". Technologies such as federated learning, secure multi-party computing, and data anonymization have emerged.​\u003c/p\u003e\u003c/div\u003e\n\u003ch3\u003e1. Federated Learning\u003c/h3\u003e\n\u003cp\u003eFederated learning breaks the traditional centralized training model of data and achieves multi-party data collaborative modeling through the principle of \"data doesn't move, model moves\". In the medical field, patient data from different hospitals cannot be directly shared due to privacy protection requirements. Federated learning allows each hospital to train machine learning models locally, only uploading model parameter update results to the central server for aggregation, and ultimately generating a global model. This mechanism avoids the risk of raw data leakage while enhancing the model's generalization ability.​\u003c/p\u003e\n\u003ch3\u003e2. Secure multiparty computation (MPC)\u003c/h3\u003e\n\u003cp\u003eSecure multi-party computation is based on cryptographic protocols to achieve privacy protection in multi-party data collaborative computation. In the scenario of joint statistics, multiple enterprises need to calculate the average value of data, but do not want to expose their own data. MPC uses techniques such as obfuscation circuits and secret sharing to divide the data into encrypted fragments and distribute them to all parties involved. Each participant completes the calculation without obtaining complete data, and the final result is integrated by a trusted third party or distributed protocol. For example, when financial institutions jointly control risks, MPC can be used to achieve collaborative calculation of credit scoring models, ensuring data privacy. However, MPC has high computational complexity and limited efficiency in large-scale data processing. Currently, hardware acceleration (such as FPGA) and algorithm optimization are commonly used to improve performance.\u003c/p\u003e\n\u003ch3\u003e3. Data desensitization technology\u003c/h3\u003e\n\u003cp\u003eStatic desensitization intervenes in the data storage stage, using techniques such as anonymization and de identification to convert raw data that can identify personal identity or sensitive information into irreversible anonymous data, achieving the elimination of the association between data subjects and sensitive information; Dynamic desensitization focuses on data access scenarios, adjusting desensitization rules in real-time based on user permission attributes and operational scenarios. Differentiated processing is implemented for sensitive data of different levels, ensuring normal data usage while minimizing the risk of sensitive information leakage. Taking the medical data sharing scenario as an example, dynamic desensitization can hide the ID number number and contact information in the patient's medical record, and retain the diagnosis and treatment information for scientific research analysis to avoid the loss of value of data due to excessive desensitization. It is necessary to develop refined strategies through data value assessment and risk analysis.\u003c/p\u003e\n\u003ch3\u003e4. The trend of emerging technology integration\u003c/h3\u003e\n\u003cp\u003eWith the increasing demand for privacy computing, federated learning, secure multi-party computing, and blockchain technology are gradually integrating. With the decentralized ledger feature, blockchain can fully record the data usage trajectory and model iteration process, form tamper proof operation logs, and achieve transparent traceability of the entire data lifecycle. Smart contracts serve as automated execution engines, encoding pre-set privacy protection rules into executable code to ensure strict compliance in data processing, sharing, and other aspects. This technology integration has demonstrated significant advantages in the construction of smart cities. By building a blockchain based federated learning platform, it can not only ensure the security of citizens' privacy data, but also achieve efficient cross departmental collaborative utilization of urban traffic flow analysis and environmental monitoring data, promoting the dual enhancement of data value and security protection.\u003c/p\u003e"},{"header":"4 Result","content":"\u003cdiv id=\"Sec14\" class=\"Section2\"\u003e\u003ch2\u003e4.1 Empirical analysis\u003c/h2\u003e\u003cp\u003eIn order to verify the actual effectiveness of key data security technologies in cloud computing environments, this study selected typical application scenarios in industries such as finance, healthcare, and government. Through comparative experiments, stress testing, and long-term tracking, the performance, security, and scalability of core technologies such as encryption, access control, and privacy computing were quantitatively evaluated. Based on multidimensional datasets, we will conduct in-depth analysis from the dimensions of algorithm efficiency, permission management, privacy protection, and multi-party collaboration.\u003c/p\u003e\u003c/div\u003e\n\u003ch3\u003e1. Comprehensive evaluation of encryption algorithm performance and security\u003c/h3\u003e\n\u003cp\u003eTo comprehensively evaluate the performance of different encryption technologies in cloud environments, this study designed cross platform testing, covering AES-256, RSA-4096, TDE, and emerging quantum resistant algorithms. The test dataset size ranges from 1GB to 10TB, recording encryption and decryption time, CPU usage, and attack resistance (based on NIST SP 800-175B standard). The results are shown in Table\u0026nbsp;\u003cspan refid=\"Tab1\" class=\"InternalRef\"\u003e1\u003c/span\u003e.\u003c/p\u003e\u003cp\u003e\u003cdiv class=\"gridtable\"\u003e\u003ctable float=\"Yes\" id=\"Tab1\" border=\"1\"\u003e\u003ccaption language=\"En\"\u003e\u003cdiv class=\"CaptionNumber\"\u003eTable 1\u003c/div\u003e\u003cdiv class=\"CaptionContent\"\u003e\u003cp\u003eComprehensive Performance Comparison of Encryption Algorithms (10TB Dataset)\u003c/p\u003e\u003c/div\u003e\u003c/caption\u003e\u003ccolgroup cols=\"6\"\u003e\u003cdiv align=\"left\" class=\"colspec\" colname=\"c1\" colnum=\"1\"\u003e\u003c/div\u003e\u003cdiv align=\"char\" char=\".\" class=\"colspec\" colname=\"c2\" colnum=\"2\"\u003e\u003c/div\u003e\u003cdiv align=\"char\" char=\".\" class=\"colspec\" colname=\"c3\" colnum=\"3\"\u003e\u003c/div\u003e\u003cdiv align=\"left\" class=\"colspec\" colname=\"c4\" colnum=\"4\"\u003e\u003c/div\u003e\u003cdiv align=\"left\" class=\"colspec\" colname=\"c5\" colnum=\"5\"\u003e\u003c/div\u003e\u003cdiv align=\"char\" char=\".\" class=\"colspec\" colname=\"c6\" colnum=\"6\"\u003e\u003c/div\u003e\u003cthead\u003e\u003ctr\u003e\u003cth align=\"left\" colname=\"c1\"\u003e\u003cp\u003eAlgorithm Type\u003c/p\u003e\u003c/th\u003e\u003cth align=\"left\" colname=\"c2\"\u003e\u003cp\u003eEncryption Time (s)\u003c/p\u003e\u003c/th\u003e\u003cth align=\"left\" colname=\"c3\"\u003e\u003cp\u003eDecryption Time (s)\u003c/p\u003e\u003c/th\u003e\u003cth align=\"left\" colname=\"c4\"\u003e\u003cp\u003eCPU Peak Usage (%)\u003c/p\u003e\u003c/th\u003e\u003cth align=\"left\" colname=\"c5\"\u003e\u003cp\u003eResistance to Brute Force Attack (Years)\u003c/p\u003e\u003c/th\u003e\u003cth align=\"left\" colname=\"c6\"\u003e\u003cp\u003eKey Management Complexity (1\u0026ndash;5)\u003c/p\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd align=\"left\" colname=\"c1\"\u003e\u003cp\u003eAES-256-GCM\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c2\"\u003e\u003cp\u003e142.3\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c3\"\u003e\u003cp\u003e138.7\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c4\"\u003e\u003cp\u003e78%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c5\"\u003e\u003cp\u003e1.2\u0026times;10\u0026sup2;⁶\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c6\"\u003e\u003cp\u003e2.1\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd align=\"left\" colname=\"c1\"\u003e\u003cp\u003eRSA-4096\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c2\"\u003e\u003cp\u003e2104.8\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c3\"\u003e\u003cp\u003e2189.5\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c4\"\u003e\u003cp\u003e92%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c5\"\u003e\u003cp\u003e1.5\u0026times;10\u0026sup3;⁰\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c6\"\u003e\u003cp\u003e4.7\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd align=\"left\" colname=\"c1\"\u003e\u003cp\u003eTDE (AES Underlying)\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c2\"\u003e\u003cp\u003e98.6\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c3\"\u003e\u003cp\u003e95.2\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c4\"\u003e\u003cp\u003e65%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c5\"\u003e\u003cp\u003e1.2\u0026times;10\u0026sup2;⁶\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c6\"\u003e\u003cp\u003e3.8\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd align=\"left\" colname=\"c1\"\u003e\u003cp\u003eLattice-based\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c2\"\u003e\u003cp\u003e387.5\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c3\"\u003e\u003cp\u003e401.2\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c4\"\u003e\u003cp\u003e84%\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"left\" colname=\"c5\"\u003e\u003cp\u003eTheoretical Unbreakable\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c6\"\u003e\u003cp\u003e4.9\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/colgroup\u003e\u003c/table\u003e\u003c/div\u003e\u003c/p\u003e\u003cp\u003eAs shown in Table\u0026nbsp;\u003cspan refid=\"Tab1\" class=\"InternalRef\"\u003e1\u003c/span\u003e, TDE performs the best in efficiency, but its key management complexity is relatively high due to its reliance on the key rotation mechanism of the database engine. AES-256 achieves the best balance between performance and security, making it suitable for real-time business scenarios, but its ability to resist quantum computing is insufficient. Although RSA-4096 has extremely high security, its encryption and decryption time is 15 times that of AES, making it only suitable for low-frequency key exchange. It is worth noting that although Lattice based algorithms have quantum resistance, their current computational efficiency is only 1/4 of AES, and the key management complexity is close to the perfect score (4.9), reflecting the technical bottleneck of post quantum cryptography.\u003c/p\u003e\u003cp\u003eFurther analysis (Fig.\u0026nbsp;\u003cspan refid=\"Fig2\" class=\"InternalRef\"\u003e2\u003c/span\u003e) shows that when the data size exceeds 5TB, the CPU usage of traditional algorithms increases nonlinearly, while the memory usage of Lattice based algorithms skyrockets, indicating that the existing hardware architecture still needs to be optimized to support new algorithms.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\n\u003ch3\u003e2. Operational Cost Analysis of Fine grained Access Control Model\u003c/h3\u003e\n\u003cp\u003eTo quantify the actual benefits of the access control model, this study deployed RBAC, ABAC, and Zero Trust Architecture (ZTA) in the enterprise cloud platform, and continuously monitored the operation and maintenance costs and security events for 6 months. The key data are shown in Table\u0026nbsp;\u003cspan refid=\"Tab2\" class=\"InternalRef\"\u003e2\u003c/span\u003e.\u003c/p\u003e\u003cp\u003e\u003cdiv class=\"gridtable\"\u003e\u003ctable float=\"Yes\" id=\"Tab2\" border=\"1\"\u003e\u003ccaption language=\"En\"\u003e\u003cdiv class=\"CaptionNumber\"\u003eTable 2\u003c/div\u003e\u003cdiv class=\"CaptionContent\"\u003e\u003cp\u003eComprehensive Cost Comparison of Access Control Models (Unit: 10000 USD)\u003c/p\u003e\u003c/div\u003e\u003c/caption\u003e\u003ccolgroup cols=\"4\"\u003e\u003cdiv align=\"left\" class=\"colspec\" colname=\"c1\" colnum=\"1\"\u003e\u003c/div\u003e\u003cdiv align=\"char\" char=\".\" class=\"colspec\" colname=\"c2\" colnum=\"2\"\u003e\u003c/div\u003e\u003cdiv align=\"char\" char=\".\" class=\"colspec\" colname=\"c3\" colnum=\"3\"\u003e\u003c/div\u003e\u003cdiv align=\"char\" char=\".\" class=\"colspec\" colname=\"c4\" colnum=\"4\"\u003e\u003c/div\u003e\u003cthead\u003e\u003ctr\u003e\u003cth align=\"left\" colname=\"c1\"\u003e\u003cp\u003eMetric\u003c/p\u003e\u003c/th\u003e\u003cth align=\"left\" colname=\"c2\"\u003e\u003cp\u003eRBAC\u003c/p\u003e\u003c/th\u003e\u003cth align=\"left\" colname=\"c3\"\u003e\u003cp\u003eABAC\u003c/p\u003e\u003c/th\u003e\u003cth align=\"left\" colname=\"c4\"\u003e\u003cp\u003eZTA\u003c/p\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd align=\"left\" colname=\"c1\"\u003e\u003cp\u003eInitial Deployment Cost\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c2\"\u003e\u003cp\u003e12.5\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c3\"\u003e\u003cp\u003e28.7\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c4\"\u003e\u003cp\u003e53.2\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd align=\"left\" colname=\"c1\"\u003e\u003cp\u003eMonthly Maintenance Cost\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c2\"\u003e\u003cp\u003e1.2\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c3\"\u003e\u003cp\u003e3.8\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c4\"\u003e\u003cp\u003e6.5\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd align=\"left\" colname=\"c1\"\u003e\u003cp\u003eLoss Due to Permission Errors\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c2\"\u003e\u003cp\u003e47.3\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c3\"\u003e\u003cp\u003e8.6\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c4\"\u003e\u003cp\u003e2.1\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd align=\"left\" colname=\"c1\"\u003e\u003cp\u003eSecurity Incident Response Cost\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c2\"\u003e\u003cp\u003e15.9\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c3\"\u003e\u003cp\u003e6.2\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c4\"\u003e\u003cp\u003e1.4\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd align=\"left\" colname=\"c1\"\u003e\u003cp\u003eTotal TCO (6 Months)\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c2\"\u003e\u003cp\u003e88.3\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c3\"\u003e\u003cp\u003e68.1\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c4\"\u003e\u003cp\u003e96.7\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/colgroup\u003e\u003c/table\u003e\u003c/div\u003e\u003c/p\u003e\u003cp\u003eTable\u0026nbsp;\u003cspan refid=\"Tab2\" class=\"InternalRef\"\u003e2\u003c/span\u003e reveals a counterintuitive conclusion: although ZTA has the highest initial deployment cost, it reduces the security incident response cost to 14000 through continuous authentication and micro isolation technology, far lower than RBAC. ABAC performs the best in total cost of ownership (TCO) as it strikes a balance between control privilege errors and operational costs. Deep data analysis found that 73% of ZTA's maintenance costs are used for the computing power consumption of the AI behavior analysis engine, while ABAC's attribute rule library updates account for 62% of its costs.\u003c/p\u003e\n\u003ch3\u003e3. The Combination Effect of Security Technologies in Multi Cloud Architecture\u003c/h3\u003e\n\u003cp\u003eTo verify the collaborative value of technology, this study deployed seven security technology combinations on three types of cloud platforms (AWS/Azure/Alibaba Cloud) and tested their effectiveness in resisting Advanced Persistent Threat (APT) attacks. The data was collected from 315 simulated attacks, and the key indicators are shown in Table\u0026nbsp;\u003cspan refid=\"Tab3\" class=\"InternalRef\"\u003e3\u003c/span\u003e.\u003c/p\u003e\u003cp\u003e\u003cdiv class=\"gridtable\"\u003e\u003ctable float=\"Yes\" id=\"Tab3\" border=\"1\"\u003e\u003ccaption language=\"En\"\u003e\u003cdiv class=\"CaptionNumber\"\u003eTable 3\u003c/div\u003e\u003cdiv class=\"CaptionContent\"\u003e\u003cp\u003eEffectiveness of Multi Cloud Security Technology Combination\u003c/p\u003e\u003c/div\u003e\u003c/caption\u003e\u003ccolgroup cols=\"5\"\u003e\u003cdiv align=\"left\" class=\"colspec\" colname=\"c1\" colnum=\"1\"\u003e\u003c/div\u003e\u003cdiv align=\"char\" char=\".\" class=\"colspec\" colname=\"c2\" colnum=\"2\"\u003e\u003c/div\u003e\u003cdiv align=\"char\" char=\".\" class=\"colspec\" colname=\"c3\" colnum=\"3\"\u003e\u003c/div\u003e\u003cdiv align=\"char\" char=\".\" class=\"colspec\" colname=\"c4\" colnum=\"4\"\u003e\u003c/div\u003e\u003cdiv align=\"char\" char=\".\" class=\"colspec\" colname=\"c5\" colnum=\"5\"\u003e\u003c/div\u003e\u003cthead\u003e\u003ctr\u003e\u003cth align=\"left\" colname=\"c1\"\u003e\u003cp\u003eTechnology Combination\u003c/p\u003e\u003c/th\u003e\u003cth align=\"left\" colname=\"c2\"\u003e\u003cp\u003eAttack Interception Rate (%)\u003c/p\u003e\u003c/th\u003e\u003cth align=\"left\" colname=\"c3\"\u003e\u003cp\u003eFalse Positive Rate (%)\u003c/p\u003e\u003c/th\u003e\u003cth align=\"left\" colname=\"c4\"\u003e\u003cp\u003eAverage Response Time (ms)\u003c/p\u003e\u003c/th\u003e\u003cth align=\"left\" colname=\"c5\"\u003e\u003cp\u003eCross-Cloud Policy Consistency (1\u0026ndash;5)\u003c/p\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd align=\"left\" colname=\"c1\"\u003e\u003cp\u003eEncryption\u0026thinsp;+\u0026thinsp;Basic ACL\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c2\"\u003e\u003cp\u003e68.3\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c3\"\u003e\u003cp\u003e12.7\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c4\"\u003e\u003cp\u003e483\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c5\"\u003e\u003cp\u003e2.1\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd align=\"left\" colname=\"c1\"\u003e\u003cp\u003eEncryption\u0026thinsp;+\u0026thinsp;ABAC\u0026thinsp;+\u0026thinsp;IDS\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c2\"\u003e\u003cp\u003e89.5\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c3\"\u003e\u003cp\u003e8.3\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c4\"\u003e\u003cp\u003e217\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c5\"\u003e\u003cp\u003e3.8\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd align=\"left\" colname=\"c1\"\u003e\u003cp\u003eFull Stack (including FL\u0026thinsp;+\u0026thinsp;TDE\u0026thinsp;+\u0026thinsp;ZTA)\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c2\"\u003e\u003cp\u003e97.6\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c3\"\u003e\u003cp\u003e4.1\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c4\"\u003e\u003cp\u003e159\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c5\"\u003e\u003cp\u003e4.9\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd align=\"left\" colname=\"c1\"\u003e\u003cp\u003eFull Stack\u0026thinsp;+\u0026thinsp;Threat Intelligence Federation\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c2\"\u003e\u003cp\u003e99.2\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c3\"\u003e\u003cp\u003e2.7\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c4\"\u003e\u003cp\u003e112\u003c/p\u003e\u003c/td\u003e\u003ctd align=\"char\" char=\".\" colname=\"c5\"\u003e\u003cp\u003e5.0\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/colgroup\u003e\u003c/table\u003e\u003c/div\u003e\u003c/p\u003e\u003cp\u003eTable\u0026nbsp;\u003cspan refid=\"Tab3\" class=\"InternalRef\"\u003e3\u003c/span\u003e demonstrates that the interception rate relying solely on encryption and basic access control (ACL) is only 68.3%, and the cross cloud policy consistency score is as low as 2.1. After introducing ABAC and intrusion detection system (IDS), the interception rate increased to 89.5%, but the false positive rate still reached 8.3%. The full stack solution (including federated learning and zero trust) pushes performance to the extreme, while the additional integration of threat intelligence federation achieves an interception rate of 99.2% and a response speed of 112ms - thanks to the real-time shared APT feature library that shortens the detection window by 72%.\u003c/p\u003e\u003cp\u003eThis empirical study reveals through a large-scale dataset and long-term operational data that cloud computing data security is not something that can be solved by a single technology, and requires the construction of a dynamic collaborative technology ecosystem. The field of encryption requires a balance between quantum security and performance loss, and the Lattice algorithm is currently only suitable for key exchange scenarios; ABAC demonstrates the best cost-effectiveness ratio in access control, but ZTA is irreplaceable in combating internal threats. Ultimately, multi cloud security defense proves that the combination of full stack technology and threat intelligence federation can achieve an attack interception rate of over 99%, but requires an additional computing cost of about 30%. These findings provide a quantitative basis for enterprises to find the optimal solution between budget, compliance, and risk, and also point out the development direction of \"intelligent collaboration and deep defense\" for the next generation of cloud security architecture.\u003c/p\u003e"},{"header":"5 Discussion","content":"\u003cp\u003eIn the field of cloud computing, there are significant differences in data security management among IaaS, PaaS, and SaaS service models, which directly affect the formulation and implementation of data security strategies.\u003c/p\u003e\u003cp\u003eUnder the IaaS (Infrastructure as a Service) model, users have a high degree of control over virtual resources and are responsible for the security configuration of operating systems, middleware, and applications, including key security measures such as data encryption and access control. This mode gives users great flexibility, but also requires them to have strong security technology capabilities. If not configured properly, it can easily lead to security vulnerabilities.\u003c/p\u003e\u003cp\u003ePaaS (Platform as a Service) provides a platform for developing, testing, and deploying applications. Service providers are responsible for the security of underlying infrastructure and platform software, while users primarily focus on application layer data security. Compared to IaaS, PaaS reduces the burden on users in basic security management, but users still need to ensure application code security and data privacy protection.\u003c/p\u003e\u003cp\u003eIn the SaaS (Software as a Service) model, service providers are fully responsible for application, infrastructure, and data security, and users only access services through browsers or clients. Although users do not need to configure underlying security, they lack direct control over data security policies and rely on the security capabilities and compliance of service providers.\u003c/p\u003e\u003cp\u003eOverall, the differences in cloud service models determine the security responsibility boundary between users and service providers. When users choose cloud services, they need to weigh the pros and cons of different models based on their own security needs and technical capabilities, and develop suitable data security strategies.\u003c/p\u003e"},{"header":"6 Conclusion","content":"\u003cp\u003eThis study conducts an in-depth exploration of key data security technologies in cloud computing environments, clarifying the characteristics, advantages, and disadvantages of various technologies. Empirical analysis shows that a single technology is difficult to meet the security requirements of cloud computing data and requires the collaboration of multiple technologies. There are significant differences in data security management among different cloud service models, and users should choose the appropriate model and develop strategies based on their own situation. The research results provide decision-making basis for enterprises in cloud computing data security management, helping them balance data security and business development.\u003c/p\u003e\u003cp\u003eIn the future, cloud computing data security technology should develop towards intelligent collaboration and deep defense. In terms of encryption technology, it is necessary to break through the performance bottleneck of post quantum cryptography, improve security while also considering efficiency. In terms of access control, continuously optimize the model to reduce costs and improve security. With the increasing demand for cross-border data flow and multi-party collaboration, it is necessary to strengthen the integration and innovation of privacy computing technology. In addition, attention should also be paid to the impact of emerging technologies on cloud computing data security, such as the application of artificial intelligence in security detection and defense, continuously improving the cloud computing data security system, and ensuring the sustainable and healthy development of the cloud computing industry.\u003c/p\u003e"},{"header":"Declarations","content":"\u003cp\u003e\u003cstrong\u003eClinical trial registration\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNot applicable.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eConsent to Publish declaration\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNot applicable.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eEthics declaration\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNot applicable.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eConsent to Participate declaration\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNot applicable.\u003c/p\u003e\u003ch2\u003eConflicts of interest\u003c/h2\u003e\u003cp\u003eThe authors declare that they have no conflicts of interest.\u003c/p\u003e\u003c/p\u003e\u003ch2\u003eFunding statement\u003c/h2\u003e\u003cp\u003eThis work was not supported by any funds.\u003c/p\u003e\u003ch2\u003eAuthor Contribution\u003c/h2\u003e\u003cp\u003eThe author independently completed all the work of this research, including: proposing the research topic and overall framework, systematically sorting out key technologies such as encryption, access control, and privacy computing, designing and implementing empirical analysis plans for industries such as finance and government affairs, conducting data collection, performance evaluation and results discussion, and writing, revising and finalizing the paper.\u003c/p\u003e\u003ch2\u003eAcknowledgements\u003c/h2\u003e\u003cp\u003eThe authors would like to show sincere thanks to those techniques who have contributed to this research.\u003c/p\u003e\u003ch2\u003eData availability\u003c/h2\u003e\u003cp\u003eemphasizes that data can be accessed and used by legitimate users at any time. The backup and recovery mechanism is the foundation for ensuring data availability, and strategies such as full backup, incremental backup, and differential backup provide users with flexible choices. Cloud service providers such as Azure Backup typically provide professional backup services, supporting automatic backup plans and multi version recovery to reduce the risk of data loss. Cross regional disaster recovery (DR) further enhances system reliability. Through a remote multi active architecture, when the primary data center encounters natural disasters, network attacks, and other failures, it can quickly switch to the backup data center to achieve continuous business operation. RTO (Recovery Time Objective) and RPO (Recovery Point Objective) have become key indicators for measuring disaster recovery effectiveness. In addition, elastic scaling and load balancing technology can dynamically adjust computing resources through Auto Scaling, automatically adding or removing server instances according to changes in business traffic, avoiding service unavailability caused by resource depletion, and ensuring that cloud services are always running efficiently.​\u003c/p\u003e\u003ch2\u003eData availability\u003c/h2\u003e\u003cp\u003eThe data used to support the findings of this study are included in the article.\u003c/p\u003e"},{"header":"References","content":"\u003col\u003e\u003cli\u003e\u003cspan\u003eZulifqar I, Anayat S, Khara I. A review of data security challenges and their solutions in cloud computing. Int J Inform Eng Electron Bus. 2021;12(3):30.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan\u003eHajare R, Hodage R, Wangwad O, Mali Y, Bagwan F. Data security in cloud. Int J Sci Res Comput Sci Eng Inform Technol (IJSRCSEIT). 2021;8(3):240\u0026ndash;5.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan\u003eNamasudra S, Devi D, Kadry S, Sundarasekar R, Shanthini A. Towards DNA based data security in the cloud computing environment. Comput Commun. 2020;151:539\u0026ndash;47.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan\u003eWang Z, Wang N, Su X, Ge S. An empirical study on business analytics affordances enhancing the management of cloud computing data security. Int J Inf Manag. 2020;50:387\u0026ndash;94.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan\u003eThabit F, Alhomdy S, Al-Ahdal AH, Jagtap S. (2021). A new lightweight cryptographic algorithm for enhancing data security in cloud computing. Global Transitions Proceedings, 2(1), 91\u0026ndash;99.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan\u003eJoshi M, Budhani S, Tewari N, Prakash S. (2021, April). Analytical review of data security in cloud computing. In 2021 2nd International conference on intelligent engineering and management (ICIEM) (pp. 362\u0026ndash;366). IEEE.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan\u003eMohammed S, Nanthini S, Krishna NB, Srinivas IV, Rajagopal M, Kumar MA. A new lightweight data security system for data security in the cloud computing. Volume 29. Measurement: Sensors; 2023. p. 100856.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan\u003eThabit F, Alhomdy S, Jagtap S. A new data security algorithm for the cloud computing based on genetics techniques and logical-mathematical functions. Int J Intell Networks. 2021;2:18\u0026ndash;33.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan\u003eFarsi M, Ali M, Shah RA, Wagan AA, Kharabsheh R. Cloud computing and data security threats taxonomy: A review. J Intell Fuzzy Syst. 2020;38(3):2517\u0026ndash;27.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan\u003eYang P, Xiong N, Ren J. Data security and privacy protection for cloud storage: A survey. Ieee Access. 2020;8:131723\u0026ndash;40.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan\u003eChinnasamy P, Padmavathi S, Swathy R, Rakesh S. (2021). Efficient data security using hybrid cryptography on cloud computing. In Inventive Communication and Computational Technologies: Proceedings of ICICCT 2020 (pp. 537\u0026ndash;547). Springer Singapore.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan\u003eGupta R, Saxena D, Singh AK. (2021). Data security and privacy in cloud computing: concepts and emerging trends. arXiv preprint arXiv:2108.09508.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan\u003eOgiela U. Cognitive cryptography for data security in cloud computing. Concurrency Computation: Pract Experience. 2020;32(18):e5557.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan\u003eAdee R, Mouratidis H. A dynamic four-step data security model for data in cloud computing based on cryptography and steganography. Sensors. 2022;22(3):1109.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan\u003eMo Y. A data security storage method for IoT under Hadoop cloud computing platform. Int J Wireless Inf Networks. 2019;26(3):152\u0026ndash;7.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan\u003eTang Z. (2020, October). A preliminary study on data security technology in big data cloud computing environment. In 2020 International Conference on Big Data \u0026amp; Artificial Intelligence \u0026amp; Software Engineering (ICBASE) (pp. 27\u0026ndash;30). IEEE.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan\u003eOgiela L, Ogiela MR, Ko H. Intelligent data management and security in cloud computing. Sensors. 2020;20(12):3458.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan\u003ePawar AB, Ghumbre SU, Jogdand RM. Privacy preserving model-based authentication and data security in cloud computing. Int J Pervasive Comput Commun. 2023;19(2):173\u0026ndash;90.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan\u003eGupta K, Gupta D, Prasad SK, Johri P. (2021, March). A Review on Cryptography based Data Security Techniques for the Cloud Computing. In 2021 International Conference on Advance Computing and Innovative Technologies in Engineering (ICACITE) (pp. 1039\u0026ndash;1044). IEEE.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan\u003eLo'ai AT, Saldamli G. Reconsidering big data security and privacy in cloud and mobile cloud systems. J King Saud University-Computer Inform Sci. 2021;33(7):810\u0026ndash;9.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan\u003eJones KI, Suchithra R. Information security: A coordinated strategy to guarantee data security in cloud computing. Int J Data Inf Intell Comput. 2023;2(1):11\u0026ndash;31.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan\u003eWang F, Wang H, Xue L. (2021, March). Research on data security in big data cloud computing environment. In 2021 IEEE 5th Advanced Information Technology, Electronic and Automation Control Conference (IAEAC) (pp. 1446\u0026ndash;1450). IEEE.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan\u003eTahir M, Sardaraz M, Mehmood Z, Muhammad S. CryptoGA: a cryptosystem based on genetic algorithm for cloud data security. Cluster Comput. 2021;24(2):739\u0026ndash;52.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan\u003eXiaoyu W, Zhengming G. (2020, September). Research and development of data security multidimensional protection system in cloud computing environment. In 2020 International Conference on Advance in Ambient Computing and Intelligence (ICAACI) (pp. 67\u0026ndash;70). IEEE.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan\u003eNalajala S, Moukthika B, Kaivalya M, Samyuktha K, Pratap NL. (2020). Data security in cloud computing using three-factor authentication. In International Conference on Communication, Computing and Electronics Systems: Proceedings of ICCCES 2019 (pp. 343\u0026ndash;354). Springer Singapore.\u003c/span\u003e\u003c/li\u003e\u003c/ol\u003e"}],"fulltextSource":"","fullText":"","funders":[],"hasAdminPriorityOnWorkflow":false,"hasManuscriptDocX":true,"hasOptedInToPreprint":true,"hasPassedJournalQc":"","hasAnyPriority":false,"hideJournal":false,"highlight":"","institution":"","isAcceptedByJournal":true,"isAuthorSuppliedPdf":false,"isDeskRejected":"","isHiddenFromSearch":false,"isInQc":false,"isInWorkflow":false,"isPdf":false,"isPdfUpToDate":true,"isWithdrawnOrRetracted":false,"journal":{"display":true,"email":"[email protected]","identity":"discover-applied-sciences","isNatureJournal":false,"hasQc":true,"allowDirectSubmit":false,"externalIdentity":"","sideBox":"Learn more about [Discover Applied Sciences](https://link.springer.com/journal/42452)","snPcode":"42452","submissionUrl":"https://submission.springernature.com/new-submission/42452/3","title":"Discover Applied Sciences","twitterHandle":"","acdcEnabled":true,"dfaEnabled":true,"editorialSystem":"stoa","reportingPortfolio":"Discover Series","inReviewEnabled":true,"inReviewRevisionsEnabled":true},"keywords":"Cloud computing, Data security, Encryption technology, Access control, Privacy Computing","lastPublishedDoi":"10.21203/rs.3.rs-7404796/v1","lastPublishedDoiUrl":"https://doi.org/10.21203/rs.3.rs-7404796/v1","license":{"name":"CC BY 4.0","url":"https://creativecommons.org/licenses/by/4.0/"},"manuscriptAbstract":"\u003cp\u003eWith the widespread application of cloud computing in various fields, data security issues have become prominent. This study systematically reviews key data security technologies such as encryption, access control, and privacy computing in cloud computing environments, and analyzes their application scenarios and limitations. Quantitative evaluation of technical performance, security, and scalability through empirical analysis in industries such as finance and government. Research has found that cloud computing data security requires the construction of a dynamic collaborative technology ecosystem, and users and service providers have different security responsibilities under different cloud service models. The research results provide theoretical support for enterprises to formulate cloud security strategies and promote technological innovation, which helps to solve the contradiction between data security and business development, and promote the high-quality development of the cloud computing industry.\u003c/p\u003e","manuscriptTitle":"Data Security Strategies and Technologies for Robust Cloud Computing","msid":"","msnumber":"","nonDraftVersions":[{"code":1,"date":"2025-09-15 16:19:28","doi":"10.21203/rs.3.rs-7404796/v1","editorialEvents":[{"type":"communityComments","content":0},{"type":"decision","content":"Revision requested","date":"2025-10-19T04:56:51+00:00","index":"","fulltext":""},{"type":"editorInvitedReview","content":"","date":"2025-10-08T14:20:54+00:00","index":"hide","fulltext":""},{"type":"editorInvitedReview","content":"","date":"2025-10-02T19:29:38+00:00","index":"hide","fulltext":""},{"type":"reviewerAgreed","content":"149512583176666679329733136348769190108","date":"2025-09-30T07:06:11+00:00","index":"hide","fulltext":""},{"type":"editorInvitedReview","content":"","date":"2025-09-30T00:32:22+00:00","index":"hide","fulltext":""},{"type":"reviewerAgreed","content":"270165034632448875758747351906716870531","date":"2025-09-29T15:05:03+00:00","index":"hide","fulltext":""},{"type":"editorInvitedReview","content":"","date":"2025-09-28T11:34:29+00:00","index":"hide","fulltext":""},{"type":"reviewerAgreed","content":"330484650562748363423481539394238121460","date":"2025-09-24T17:58:31+00:00","index":"hide","fulltext":""},{"type":"reviewerAgreed","content":"234341883154773616526264185630370989395","date":"2025-09-24T14:10:39+00:00","index":"hide","fulltext":""},{"type":"reviewerAgreed","content":"109981510313823158390631510131209373847","date":"2025-09-20T13:10:00+00:00","index":"hide","fulltext":""},{"type":"reviewerAgreed","content":"147766271136053885595537130139454578932","date":"2025-09-08T15:23:25+00:00","index":"hide","fulltext":""},{"type":"reviewersInvited","content":"","date":"2025-09-08T13:42:10+00:00","index":"","fulltext":""},{"type":"editorInvited","content":"","date":"2025-09-08T10:54:04+00:00","index":"","fulltext":""},{"type":"editorAssigned","content":"","date":"2025-08-22T06:47:01+00:00","index":"","fulltext":""},{"type":"checksComplete","content":"","date":"2025-08-22T06:44:53+00:00","index":"","fulltext":""},{"type":"submitted","content":"Discover Applied Sciences","date":"2025-08-19T05:38:21+00:00","index":"","fulltext":""}],"status":"published","journal":{"display":true,"email":"[email protected]","identity":"discover-applied-sciences","isNatureJournal":false,"hasQc":true,"allowDirectSubmit":false,"externalIdentity":"","sideBox":"Learn more about [Discover Applied Sciences](https://link.springer.com/journal/42452)","snPcode":"42452","submissionUrl":"https://submission.springernature.com/new-submission/42452/3","title":"Discover Applied Sciences","twitterHandle":"","acdcEnabled":true,"dfaEnabled":true,"editorialSystem":"stoa","reportingPortfolio":"Discover Series","inReviewEnabled":true,"inReviewRevisionsEnabled":true}}],"origin":"","ownerIdentity":"d1e35f30-71fe-43e6-8489-d42ec5d7d29c","owner":[],"postedDate":"September 15th, 2025","published":true,"recentEditorialEvents":[],"rejectedJournal":[],"revision":"","amendment":"","status":"under-review","subjectAreas":[],"tags":[],"updatedAt":"2025-12-02T10:53:21+00:00","versionOfRecord":[],"versionCreatedAt":"2025-09-15 16:19:28","video":"","vorDoi":"","vorDoiUrl":"","workflowStages":[]},"version":"v1","identity":"rs-7404796","journalConfig":"researchsquare"},"__N_SSP":true},"page":"/article/[identity]/[[...version]]","query":{"redirect":"/article/rs-7404796","identity":"rs-7404796","version":["v1"]},"buildId":"8U1c8b4HqxoKbykW_rLl7","isFallback":false,"isExperimentalCompile":false,"dynamicIds":[84888],"gssp":true,"scriptLoader":[]}