research article for cloud computing

IEEE Account

• Change Username/Password
• Update Address

Purchase Details

• Payment Options
• Order History
• View Purchased Documents

Profile Information

• Communications Preferences
• Profession and Education
• Technical Interests
• US & Canada: +1 800 678 4333
• Worldwide: +1 732 981 0060
• Contact & Support
• About IEEE Xplore
• Accessibility
• Terms of Use
• Nondiscrimination Policy
• Privacy & Opting Out of Cookies

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity. © Copyright 2024 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.

Advances, Systems and Applications

• Open access
• Published: 18 October 2016

High availability in clouds: systematic review and research challenges

• Patricia T. Endo 1 , 2 ,
• Moisés Rodrigues 2 ,
• Glauco E. Gonçalves 2 , 3 ,
• Judith Kelner 2 ,
• Djamel H. Sadok 2 &
• Calin Curescu 4  

Journal of Cloud Computing volume  5 , Article number:  16 ( 2016 ) Cite this article

27k Accesses

56 Citations

11 Altmetric

Metrics details

Cloud Computing has been used by different types of clients because it has many advantages, including the minimization of infrastructure resources costs, and its elasticity property, which allows services to be scaled up or down according to the current demand. From the Cloud provider point-of-view, there are many challenges to be overcome in order to deliver Cloud services that meet all requirements defined in Service Level Agreements (SLAs). High availability has been one of the biggest challenges for providers, and many services can be used to improve the availability of a service, such as checkpointing, load balancing, and redundancy. Beyond services, we can also find infrastructure and middleware solutions. This systematic review has as its main goal to present and discuss high available (HA) solutions for Cloud Computing, and to introduce some research challenges in this area. We hope this work can be used as a starting point to understanding and coping with HA problems in Cloud.

Introduction

Cloud Computing emerged as a novel technology at the end of the last decade, and it has been a trending topic ever since. The Cloud can be seen as a conceptual layer on the Internet, which makes all available software and hardware resources transparent, rendering them accessible through a well-defined interface. Concepts like on-demand self-service, broad network access, resource pooling [ 1 ] and other trademarks of Cloud Computing services are the key components of its current popularity. Cloud Computing attracts users by minimizing infrastructure investments and resource management costs while presenting a flexible and elastic service. Managing such infrastructure remains a great challenge, considering clients’ requirements for zero outage [ 2 , 3 ].

Service downtime not only negatively effects in user experience but directly translates into revenue loss. A report [ 4 ] from the International Working Group on Cloud Computing Resiliency (IWGCR) 1 gathers information regarding services downtime and associated revenue losses. It points out that Cloud Foundry 2 downtime results in $336,000 less revenue per hour. Paypal, the online payment system, experiences in a revenue loss of $225,000 per hour. To mitigate the outages, Cloud providers have been focusing on ways to enhance their infrastructure and management strategies to achieve high available (HA) services.

According to [ 5 ] availability is calculated as the percentage of time an application and its services are available, given a specific time interval. One achieves high availability (HA) when the service in question is unavailable less than 5.25 minutes per year, meaning at least 99.999 % availability ("five nines"). In [ 5 ], authors define that HA systems are fault tolerant systems with no single point of failure; in other words, when a system component fails, it does not necessarily cause the termination of the service provided by that component.

Delivering a higher level of availability has been one of the biggest challenges for Cloud providers. The primary goal of this work is to present a systematic review and discuss the state-of-the-art HA solutions for Cloud Computing. The authors hope that the observation of such solutions could be used as a good starting point to addressing with some of the problems present in the HA Cloud Computing area.

This work is structured as follows: “ Cloud outages ” section describes some Cloud outages that occurred in 2014 and 2015, and how administrators overcame these problems; “ Systematic review ” section presents the methodology used to guide our systematic review; “ Overview of high availability in Clouds ” section presents an overview regarding HA Cloud solutions; “ Results description ” section describes works about HA services based on our systematic review result; “ Discussions ” section discusses some research challenges in this area; and “ Final considerations ” section delineates final considerations.

Cloud outages

Cloud Computing has become increasingly essential to the live services offered and maintained by many companies. Its infrastructure should attend to unpredictable demand and should always be available (as long as possible) to end-clients. However, assuring high availability has been a major challenge for Cloud providers. To illustrate this issue, we describe four (certainly among many) examples of Cloud services outages that occurred in 2014 and 2015:

Dropbox’s Head of Infrastructure, Akhil Gupta, explained that their databases have one master and two replica machines for redundancy, and full and incremental data backups are performed regularly. However, on January 10th, 2014 3 , during a planned maintenance scheduled intended to upgrade the Operating System on some machines, a bug in the script caused the command to reinstall a small number of active machines. Unfortunately, some master-replica pairs were impacted which resulted in the service going down.

To restore it, they performed the recovery from backups within three hours, but the large size of some databases delayed the recovery. The lesson learned from this episode was the need to add a layer to perform distributed state verification and speed up data recovery.

Google services

Some Google services, such as Gmail, Google Calendar, Google Docs, and Google+, were unavailable on January 24th, 2014, for about 1 hour. According to Google Engineer, Ben Treynor, “ an internal system that generates configurations - essentially, information that tells other systems how to behave - encountered a software bug and generated an incorrect configuration. The incorrect configuration was sent to live services over the next 15 minutes, caused users’ requests for their data to be ignored, and those services, in turn, generated errors ”.

Consequently, they decided to add validation checks for configurations, improve detection, and diagnose service failure.

Google Apps

The Google Apps Team schedules maintenance on data center systems regularly and some procedures involve upgrading groups of servers and redirecting the traffic to other available servers. Typically, these maintenance procedures occur in the background with no impact on users. However, due to a miscalculation of memory usage, on March 17th, 2014 the new set of backend servers lacked of sufficient capacity to process the redirected traffic. These backend servers could not process the volume of incoming requests and returned errors for about three hours.

The Google Engineering team said that they will “ continue work in progress to improve the resilience of Hangouts service during high load conditions ”.

Verizon Cloud

Verizon Cloud 4 is a Cloud provider that offers backup and synchronization data to its clients. On January 10th, 2015 Verizon provider suffered a long outage of approximately 40 hours over a weekend. The outage occurred due to a system maintenance procedure which, ironically, had been planned to prevent future outages.

So, as we can see, Cloud outages can occur from different causes and can be fixed using different strategies. However, in most cases, in addition to the loss of revenue, such service disruptions pushed Cloud providers to rethink their management strategies and sometimes to re-design their Cloud infrastructure design altogether.

Financial losses due to Cloud outages foment studies about HA solutions, in order to minimize outages for Cloud providers. In the next Section, we describe the systematic review approach that we used to undertake research about HA solutions.

• Systematic review

In this work, we adapted the systematic review proposed by [ 6 ], in order to find strategies that address HA Clouds. Next, we describe each activity (see Fig. 1 ) in detail and describe how we address it.

Systematic review process

Activity 1: identify the need for the review

As stated previously, high availability in Clouds remains a big challenge for providers since Cloud infrastructure systems are very complex and must address different services with different requirements. In order to reach a certain level of high availability, a Cloud provider should monitor its resources and deployed services continuously. With information about resources and service behaviors available, a Cloud provider could make good management decisions in order to avoid outages or failures.

Activity 2: define research questions

In this activity, we need to define which questions we want to answer. The main goal of this work is to answer the following research questions (RQ):

RQ.1: What is the current state-of-the-art in HA Clouds?

RQ.2: What is the most common definition of HA?

RQ.3: What are the HA services implemented by HA Cloud solutions?

RQ.4: What are the most common approaches used to evaluate HA Cloud solutions?

RQ.5: What are the research challenges in HA Clouds?

Activity 3: define search string

In this activity, we need to define which keywords we will use in selected search tools. For this work, we used the following expressions: “cloud computing” AND “high availability” AND “middleware”.

Activity 4: define sources of research

For this work, we chose the following databases: IEEE Xplore 5 , Science Direct 6 , and ACM Digital Library 7 .

Activity 5: define criteria for inclusion and exclusion

In order to limit the scope of this analysis, we considered only journals and conferences articles published between 2010 and 2015. The keywords “cloud computing” and “middleware” or “framework” were required to be in the article.

Activity 6: define data extraction procedure

Data extraction is based on a set of items to be filled for each article: keywords, proposal, and future works.

Activity 7: identify primary studies

The search returned 9, 63, and 145 articles in IEEE Xplore, Science Direct, and ACM Digital Library, respectively, totaling 217 works.

By reading all abstracts and using the criteria for inclusion or exclusion, we selected 19 papers for data extraction and quality evaluation. This number is justified because the keyword “high availability” is very common in Cloud Computing, especially in its own definition, and so most of articles had this keyword in them. However, in most cases high availability was not their research focus.

Activity 8: evaluate quality of studies

The quality evaluation was based on checking if the paper is related to some HA Cloud proposal for middleware or framework.

Activity 9: extract relevant information

This activity involves applying the data extraction procedure defined in Activity 6 to the primary studies selected in Activity 7.

Activity 10: present an overview of the studies

In this activity, we present an overview of all articles we selected in Activity 8, in order to classify and clarify them according to the research questions presented in Activity 2. The result of this activity is presented in “ Overview of high availability in Clouds ” section.

Activity 11: present the results of the research questions

After an overview about studies in HA Clouds, we had a discussion in order to answer the research questions stated in Activity 2. The results of this activity are presented in “ Overview of high availability in Clouds ” section.

Overview of high availability in Clouds

In this Section, we present an overview about Activity 10, presenting some characteristics of the selected articles in HA Cloud. Figure 2 shows the number of articles published per year from 2010 to 2015.

Number of articles per year

Concerning research source (Fig. 3 ), we can see that ACM has more articles published in HA Cloud area.

Number of articles per research source

Some articles define the term "high availability". For instance, authors in [ 7 ] say “the services provided by the applications are considered highly available if they are accessible 99.999 % of the time (also known as five 9’s)”. The Table 1 outlines the various definitions of “high availability” we identified through our research, as well as the source of each definition.

We also observed that many services are implemented in conjunction in order to offer a HA Cloud. Figure 4 shows monitoring, replication, and failure detection are the most implemented services, identified in 50 % of studies in the research. Please, note that there are more services than published works because it is common to implement more than one service in a proposal.

HA services implemented by solutions

Figure 5 shows how solutions were evaluated in the studies we analyzed. We can see experimentation is the most popular technique used. These results indicate that research about this topic is working to derive proposals with fast application to the cloud computing industry.

Approaches used to evaluate HA solutions

The analysis should be performed based on comparison metrics. Work presented in [ 8 ] defines some metrics used to evaluate HA solutions, as shown in Table 2 .

Results description

As we found in this systematic review, Cloud providers can make use of several technologies and mechanisms to offer HA services. Authors in [ 9 ] classify HA solutions into two categories: middleware approaches and virtualization-based approaches. They propose a framework to evaluate VM availability against three types of failures: a) application failure, b) VM failure, and c) host failure. Authors use OpenStack, Pacemaker, OpenSAF, and VMware to apply their framework, which considers stateful and stateless-HA applications.

However, in our research, we organize solutions into three layers (underlying technologies, services, and middlewares), and keep in mind that layers can be composed of (one or many) solutions from bottom layers to perform their goals (Fig. 6 ).

3-layer classification for HA Cloud solutions

Our classification is a simplified view of the framework proposed by Service Availability Forum (SAForum) (Fig. 7 ). SAForum is focused on producing open specifications to address the requirements of availability, reliability and dependability for a broad range of applications (not only Clouds).

Overview of SAF framework [ 10 ]

There are three types of services in its Application Interface Specification (AIS): Management Services, Platform Services, and Utility Services. According to [ 10 ], Management Services provide the basic standard management interfaces that should be used for the implementation of all services and applications. Platform Services provide a higher-level abstraction of the hardware platform and operating systems to the other services and applications. Utility Services provide some of the common interfaces required in highly available distributed systems, such as checkpoint and message.

SAF also proposes two frameworks: Software Management Framework (SMF), which is used for managing middleware and application software during upgrades while taking service availability into account; and Availability Management Framework (AMF), which provides functions (e.g. a set of APIs) for availability management of applications and middleware [ 10 ], such as component registration and life cycle management, error reporting and health monitoring.

We understand our 3-layer classification covers the SAF framework, because SAF specifications can be allocated between our layers. The next sub-sections will present solutions found in our systematic review focusing on services layer.

Underlying technologies

The bottom layer is a set of underlying technologies that enable a Cloud provider offering a plethora of possibilities to provide high availability using commodity systems.

Virtualization is not a new concept but Cloud providers use it as key technology for enabling infrastructure operation and easy management. According to [ 11 ], the main factor that increased the adoption of server virtualization within Cloud Computing is the flexibility regarding reallocation of workloads across the physical resources offered by virtualization. Such flexibility allows, for instance, for Cloud providers to execute maintenance without stopping developers’ applications (that are running on VMs) and to implement strategies for better resource usage through the migration of VMs. Also, server virtualization is adapted for the fast provisioning of new VMs through the use of templates, which enables providers to offer elasticity services for application developers [ 12 ].

Virtualization can also be used to implement HA mechanisms at the VM level, such as failure and attack isolation, checkpoint and rollback as recovery mechanisms. Beyond that, virtualization can also be used at the network level with the same objectives by virtualizing network functions (see about Network Function Virtualization (NFV) in [ 13 ]).

There are several hypervisor options, such as from the open-source community, Xen 8 and Kernel-based Virtual Machine (KVM) 9 . As well, there are those from proprietary solutions, including VMWare 10 and Microsoft’s HyperV 11 .

The second layer is composed of many services that can be implemented and configured according to Cloud provider requirements or management decisions. For instance, if a provider has a checkpoint mechanism implemented in its infrastructure, it should configure the checkpoint service, which could mean setting it as an active or a passive checkpoint, and configuring the update frequency, for instance. The next subsections describe the main services and report how related studies used them.

The redundancy service can offer different levels of availability depending on the redundancy model, the redundancy strategy, and the redundancy scope (Fig. 8 ).

Redundancy classification

The redundancy model refers to the many different ways HA systems can combine active and standby replicas of hosted applications. AMF describes four models: 2N, N+M, Nway, and Nway active [ 14 ]. The 2N ensures one standby replica for each active application.

The N+M model is an extension of the 2N model and ensures that more than two system units (meaning a virtual machine, for instance) can handle taking active or standby assignments from an application. N represents the number of units able to handle active assignments and M represents those with standby assignments. It is important to notice that, considering the N+M model, a unit that handles active assignments will never handle standby assignments.

Furthermore, the N-way is similar to the N+M model with the difference that it allows in the N-way model unit to handle both active and standby assignments from diverse applications instances.

Lastly, the N-way Active redundancy model comprehends only active assignments from unit applications; it does not allow standby assignments, but permits an application instance to be allocated as active into various units. Due to its simplicity, the 2N model is preferred in terms of implementation [ 15 , 16 ].

The redundancy strategy is divided in two classes: active and passive redundancy [ 17 ]. In active strategy, there are no standby replicas and all application replicas work in parallel. When one node fails, tasks executing at the failed node can be resumed in any remaining node. In passive redundancy, there is one working replica whereas remaining replicas are standby. When the main node fails, any standby replica can resume failed node tasks. Please note that this active strategy helps to provide load balancing to applications. However, maintaining consistency in the passive model is simpler, and so this strategy is used in different proposals [ 15 ].

In respect to scope, one can replicate the application itself, the VM that hosts the application, or the complete physical server hosting the application. Authors in [ 15 ] propose to use all these approaches in a model-based framework to select and configure High Availability mechanisms for a cloud application. The framework constructs a model of the running system and selects the proper HA services according to the benefits and costs of each service, as well as the required availability level. In contrast, the proposal described in [ 16 ] focuses on the VM scope only.

Data replication

Data replication is used to maintain state consistency between replicas. The main problem associated with this service is the question of how to govern the trade-off between consistency and resource usage [ 18 ]. In Clouds, the replication may be achieved either by copying the state of a system (checkpoint) or by replaying input to all replicas (lock-step based) [ 16 ] (see Fig. 9 ).

Data replication classification

The lock-step strategy is also called “State Machine Replication” and its main goal is to send the same operations to be executed by all replicas of an application in a coordinated way, thus guaranteeing message order and state. This strategy can be found in the TClouds plataform [ 19 ], which is applied to the state maintenance of application replicas and is also applied to maintain the consistency of objects stored in a set of cloud storage services. The same strategy is applied in the Cloud-Niagara middleware [ 20 ] in order to offer a monitoring service to check resource usage and send failure notifications with minimal delay. Following this same strategy, Perez-Sorrosal et al. [ 21 ] propose a multi-version database cache framework to support elastic replication of multi-tier stateless and statefull applications. In this framework, application and database tiers are installed at each replica and a multicast protocol maintains data consistency between replicas. The main focus of this proposal is elasticity, but the solution can also cope with failures since the replication protocol uses virtual synchrony to guarantee the reliable execution of the replicas.

Checkpoint-based replication involves propagating frequent updates of an active application to its standby replicas. It is desirable that an application have some checkpoint replicas distributed over different entities to increase reliability, guarding it against failures [ 10 ]. Checkpoint service can be implemented in a centralized fashion, when all checkpoint replicas are allocated to the same entity, and in a distributed one, where replicas are located in different entities of a cluster.

Remus is a production level solution implemented at Xen to offer High Availability following this strategy [ 22 ]. Authors of that solution point out that lock-step replication results in an unacceptable resource usage overhead because communication between applications must be accurately tracked and propagated to all replicas. In contrast, checkpoints between active and standby replicas occurs periodically, in intervals of milliseconds, providing better tradeoff between resource usage overhead and updates. Taking a similar approach, Chan and Chieu [ 23 ] introduce a cost effective solution which utilizes VM snapshots coupled with a smart, on-demand snapshot collection mechanism to provide an HA in the virtualization environment. The main idea behind this proposal is to extend the snapshot service (a common service offered by virtualized infrastructures) to include checkpoint data of a VM.

While Remus and similar approaches fit well to IaaS Clouds because they provide an application-agnostic VM-based checkpoint, Kanso and Lemieux [ 7 ] argue that in a PaaS Cloud the checkpoint service must be performed at the application level in order to cope with internal application failures that may remain unnoticed in a VM-based HA system. Therefore, the authors propose that each application send its current state to the HA system through a well-defined checkpoint interface.

In [ 24 ], authors propose BlobCR, a checkpoint framework for High Performance Computing (HPC) applications on IaaS. Their approach is directed at both application and process checkpoint levels through a distributed checkpoint repository.

In [ 16 ] authors present a solution focusing on HA for real-time applications. The middleware proposed is derived from others technologies, such as Remus, Xen and OpenNebula. For instance, continuous-checkpoint, in which asynchronous checkpoints are made in a security VM to provide HA in case of failures, was inherited from Remus.

Monitoring is a crucial service in an HA Cloud. Through this service, applications’ health is continuously observed to support others services. The primary goal of this service is to detect when a replica is down, but robust implementations can also follow the health indicators of an application (CPU and memory utilization, disk, and network I/O, time to respond requests) which will help to detect when a replica is malfunctioning [ 17 ]. It can also be done at virtual and physical machine level (Fig. 10 ).

Monitoring classification

Papers surveyed showed there are two basic types of monitoring: push-based monitoring and polling-based monitoring. The latter is the most common type of monitoring and involves a set of measuring controllers periodically sending an echo-signal to the hosted applications. This check can be sent to the operating system that hosts the application (through standard network protocols like ICMP or SNMP) or directly to the application through a communication protocol, e.g., HTTP in the case of web applications [ 17 ].

Polling-based monitoring can also be sent from a backup replica to an active replica in order to check its status and to automatically convert it from backup to active when necessary [ 15 ] and [ 20 ]. This type of monitoring can be made by a monitoring agent that is external to the application or an agent can be implemented directly in the application by a standardized API that handles messages sent by the Cloud. Through this intrusive approach the internal state of the applications can be monitored, enabling the earlier detection of adverse conditions and making it possible to offer services such as checkpointing [ 7 ].

Push-based monitoring consists of the application (or a cloud monitoring agent deployed with the application) being the one responsible for sending messages to the measuring controller, when necessary. In this case, the controller is informed when a meaningful change occurs in the monitored application [ 25 ]. Push-based monitoring can also be implemented following a publish/subscribe communication model. This type of monitoring is employed by Behl et al. [ 26 ] to provide fault-tolerance to web service workflows. The fault monitoring is implemented through ZooKeeper’s Watches, which are registered to check if a Zookeper’s ephemeral node (an application in this case) is active. In the case of failure, the monitoring controller is notified about the crash. An et al. [ 16 ] point out that the highly dynamic environment of cloud computing requires timely decisions that can be achieved by publish/subscribe monitoring. In this case, the monitoring controllers are subscribers and the monitoring agents are publishers.

One important aspect to observe is that both approaches (push and poll) can be implemented in a Cloud environment. The high availability platform proposed by Chan and Chieu [ 23 ] uses polling to check periodically for host failures, and monitoring agents running in the hosts push notifications to the monitoring controller. An et al. [ 16 ] propose a hierarchical monitoring strategy combining the publish/subscribe communication model for global-level monitoring with polling at the local level.

Failure detection

Failure detection is an important service contained in most HA solutions, which aims to identify systems’ faults (application, virtual or physical machine level) and provide needed information for services capable of treating problems to maintain service continuity (Fig. 11 ).

Failure detection classification

In [ 17 ] the authors list some mechanisms used to detect faults like ping, heartbeat and exceptions. From this perspective, failure detection can be classified in two categories according to detection mechanisms: reactive [ 23 , 26 ]) and proactive [ 20 ]. The first approach waits for KEEP ALIVE messages, but it identifies a failure after a period of time waiting without any KEEP ALIVE message. The second approach is more robust and is capable of identifying abnormal behaviors in the environment, checking the monitoring service and interpreting collected data to verify whether there are failures or not.

For simplicity, the reactive type is implemented more often. The work presented in [ 26 ] proposes a fault-tolerant service through replication processes with BPEL implementation, which means that Zookeeper is responsible for detecting crashed replicas using a callback mechanism called watches. As well [ 23 ], authors treat failure detection through heartbeats hosted in each node, and so the absence of heartbeats after a period of time has passed indicates a failure and hence the recovery process begins.

Authors in [ 20 ] propose an intelligent system that depends on a proactive mechanism of monitoring and notification, as well as a mathematical model which is responsible for identifying the system faults.

Others studies lack many details about the failure detection process. For instance, in [ 27 ], failure detection is implemented together with failure mitigation (recovery) in a process called Fault Injection. This process aims to evaluate the framework capacity to handle failover possibilities. Also, in [ 7 ], authors proposed a HA middleware inside VMs for monitoring and restarting in case of failures.

In [ 16 ], authors proposed an architecture with an entity called LFM (Local Fault Manager), located in all physical host. It is responsible for collecting resource information such as memory, processes, etc. and transferring it to the next layer, which is responsible for decision making, similar to a monitoring service. Moreover, LFM also runs HAS (High-Availability Service) that keeps synchronization between primary and backup VMs, and is responsible for making backup VM active when a failure is detected in the primary VM.

The recovery service is responsible for ensuring fault-tolerant performance through some services like redundancy [ 17 ], which means preserving HA even during crashes at application, virtual or physical machine level. It can be classified into smart [ 15 , 16 , 20 ] and simple [ 23 , 28 ] (Fig. 12 ). The smart recovery uses other services and mechanisms (such as monitoring and checkpoint) to provide an efficient restoration with minimum losses for the application. Meanwhile, considering simple recovery, the broken application is just rebooted in a healthy node, so that the service continues to be provided, but all state data are lost.

Recovery classification

The smart recovery proposed in [ 15 ] is guaranteed through a fault tolerant mechanism that keeps an application backup synchronized with active applications but deployed in a different VM. Authors in [ 16 ] work in a similar way, starting with the Remus project as base and applying a technique for VM failover using two VMs (primary and backup) that periodically synchronize states and are able to change from primary VM to backup, when needed. In [ 20 ], recovery is reached using an active replication technique, where a controller manages a priority list through Backup-ID from resources. Therefore, after a failure, broadcast communication is made and other nodes at the top of the list must assume the execution.

Furthermore, authors in [ 23 ] decided to use the simple recovery after a failure by using merged snapshots, in which faulty agent requires the manager any of snapshot available. In addition, work in [ 28 ] also uses simple recovery, in which the VMS are monitored by a VM wrapper that identifies unavailability and makes reboots.

At the upper layer, we have middleware that uses services to provide HA to applications. The main goal is to manage how these services will operate, configure them, and take decisions according to information acquired.

OpenSAF [ 10 ] is an open source project that offers some services that implement the SAForum Application Interface Specification (AIS). For instance, OpenSAF implements the Availability Management Framework (AMF), which is the middleware responsible for maintaining service availability. Is also implements the checkpoint service (CPSv) that provides a means for processes to store checkpoint data incrementally, which can be used to protect applications against failures. For a detailed description of all SAF services implemented by OpenSAF, please see [ 10 ].

Since OpenSAF is used for general purpose, some studies use it to implement their Cloud solutions. For instance, authors in [ 7 ] propose an HA middleware for achieving HA at application level by using an SAF redundancy strategy. The middleware is responsible for monitoring physical and virtual resources, and repairing them or restarting VMs in case of failure. They also propose an HA integration. Basically, there is an integration-agent, which a Cloud user interacts with in order to provide information about its application and its availability requirements (such as number of replicas and redundancy model); and there is an HA-agent, which is responsible for managing the state of state-aware applications, and abstracting the complexity of APIs needed to execute the checkpoint service.

OpenStack 12 is an open source platform for public and private Clouds used to control large pools of computation, storage and networking resources. OpenStack has several components, and each component is responsible for a specific aspect of the Cloud environment. For instance, the component named Nova is responsible for handling VMs, and providing different flavors and images that describe details about the CPU, memory and storage of a VM. Another component is Neutron, which responsible for network management functions, such as the creation of networks, ports, routers and VMs connections. Considering the HA scope, we highlight the component called Heat that is OpenStack’s orchestration tool. Using Heat, one can deploy multiple composite Cloud applications into OpenStack’s infrastructure, using both the AWS CloudFormation template and the Heat Orchestration Template (HOT). In terms of HA, with Heat it is possible to monitor resources and applications from three basic levels 13 : 1) application level; 2) instance level; and 3) stack level (group of VMs). In case of failure, Heat tries to solve the problem in the current level. If the problem persists, it will try to solve it in a higher level. However, restarting resources can take up to a minute. Heat can also automatically increase or decrease the number of VMs, in conjunction with Celiometer (which is another OpenStack service) [ 25 ].

The paper [ 28 ] presents an OS-like virtualization cloud platform. They offers a dual stack API in the shell. One is called "Kumoi" and is used to manipulate data centers directly, while the other is called "Kali" and is used to build up the stack of cloud computing. With this cloud platform authors provide several HA services, such as checkpoint, monitoring, failure detection, recovery and elasticity. One should notice that services are provided at the VM level. They also present a qualitative evaluation between their tool and several others, such as Openstack, Nimbus, and OpenNebula.

The proposed solution in [ 20 ] is a high availability and fault tolerance middleware through the checkpoint, watchdog and log services for applications in a cloud environment. The authors claim that two issues are responsible for reaching middleware objectives: notifications without delay and monitoring of resources, which is achieved through an analytic model that identifies the fault nature. The Cloud-Niagara algorithm is shown and performs adjustments at nodes through resources calculation. The mean time to recover of the proposed solution is compared to other systems and evaluated on OpenStack, where Cloud-Niagara operates, by executing processes from real applications (PostgreSQL Database (DB), File Transfer Protocol (FTP), etc). This evaluation shows the CPU usage variation through different loads from the execution of applications processes execution, presenting the importance of monitoring the effective replica instantiation.

Discussions

In the previous sections, we presented a 3-layer classification for HA Cloud solutions that use many techniques to apply HA requirements at the infrastructure level. Since these technologies are key-enablers for Cloud operation and management, it is crucial that we go beyond the advantages to understand their specific challenges.

Regarding the underlying technologies, despite the fact that we presented virtualization as a good alternative for providing HA, some authors do not completely agree that this technology is a good solution for this purpose. In [ 7 ], the authors state that virtualization can hide some failures at the software level and that failures at the operating system level can affect both active and standby VMs if running in a lock-step way. Beyond that, virtualization introduces additional software layers imposing additional delays to network datagrams [ 29 ]. Consequently, performance measurements can also be affected by virtualization; authors in [ 29 ] show that clock-related measurements are affected by CPU load in the host as well as in the network load.

Regarding the offered services - the main focus of this work -, we can find several proposals in the literature for improving them, such as ([ 5 , 30 , 31 ]). Here, we highlight the issues surrounding automatic configuration and test of these services. As it was observed in “ Cloud outages ” section, Cloud outages can occur due to the misconfiguration of management services. Commonly, enterprises add validation checks for automatic configurations and improve mechanisms for detection and recovery of service failures.

Another important aspect is the feasibility of the service implementation. For instance, authors in [ 7 ] implemented their proposal; their algorithms run in polynomial time and the middleware consumes approximately 15MB of RAM and a moderated amount of CPU. On the other hand, Always On solution [ 32 ] proposes an HA architecture but does not provides insights on the feasibility of its implementation, nor does it treats how to deploy it. Beyond that, in this solution, applications need to implement their own HA mechanisms because they do not use a modular approach.

In terms of the middleware layer, its main shortcomings are its lack of compatibility to a standard specification and its dependency on a specific technology platform. These characteristics make these solutions inflexible, since once an application is developed to comply with such a middleware, the application cannot be migrated to other alternative solutions without major modifications. In this way, these solutions do not represent the desired interoperability (portability) requirement. The middleware presented in [ 7 ] overcomes this problem by offering HA at the application level by using an open-source and standardized implementation, named OpenSAF, which is a flexible and platform-independent solution.

Security is also an essential aspect for HA Clouds; however, none of the presented solutions deals with security mechanisms, such as those protecting against malicious attacks at the VM or application level. This occurs because detection and treatment of security breaches depends on different mechanisms. Even when an attack leads to a failure condition, dealing with this issue can propagate the consequences of the attack to the standby units. For example, in the case of a Denial-of-Service (DoS) attack, the middleware can proactively detect the active unit is out of service, failover to the standby unit, and transfer all requests to the standby unit. This strategy would propagate the denial of service to the standby unit. Therefore, the integration of HA and security services is an essential requirement when implementing a cloud middleware.

The advancement of standardization and improvement of HA strategies in a cloud computing system leads to the concept of HA-on-demand. Authors in [ 7 ] discuss this idea. They point out that not all applications need HA requirements during all the time. Thus, users can request HA services for their applications according to their current real needs. An online store can, for example, program different HA levels according to the chronogram of an announced promotion (e.g. Black Friday), changing the robustness of the system in respect to its calendar, clients demand, and allocated budget. In this way, authors state that it is feasible to have HA-as-a-service per applications in the Cloud.

NoPaas: proposal of a high available cloud for PaaS provisioning

Considering all of this related work, we have defined a set of requirements for implementing a high available framework to provide PaaS, which we named NoPaaS (Novel PaaS).

We grouped these requirements into two categories: a) application requirements, and b) framework requirements. Application requirements represent mandatory characteristics that all applications require in order to work properly within the NoPaaS framework (Table 3 ). In turn, framework requirements are a set of services and characteristics that the NoPaaS framework itself must provide for applications and/or developers (Table 4 ).

The application requirements are necessary to provide a unique interface to developers. In this way, the proposal provides strategies to allow developers to handle some HA resources provided by the NoPaaS. At the same time, applications need to be adapted in order to comply with all these requirements, as stated in REQ A.1, in which developers should use NoPaaS API to implement their applications. Despite application requirements making application development a little bit hard, this is a very common requirement in PaaS environments, such as Google App Engine 14 . Those PaaS cloud environments provide user APIs for building scalable web applications and mobile backends. Furthermore, REQ A.2 was defined in order to guarantee the multi-tier and stateful applications handling by the NoPaaS, and REQ A.3 was stated to facilitate and standardize the communication between application’ tiers.

The framework requirements were defined in order to achieve high availability focused on provisioning multi-tier stateful applications. REQ F.1 allows an unique form of communication with different types of applications, making this process simple for the developer. REQ F.2 and F.3 are related to profile configurations (economy, business, and custom) in order to incoporate different available budgets and requirements into response time and availability levels. These requirements facilitate the resource management from the PaaS provider perspective. From REQ F.4 to F.6, we have determined that the framework must deal with a specific type of application: multi-tier and stateful. It is our big distinction, since we did not find other studies considering such an application type. From REQ F.7 to F.9, we state the main services in order to ensure high availability. These are the big challenges for us, since we are considering multi-tier and stateful applications. The REQ F.10 guarantees compatibility with existing Cloud IaaS providers.

Considering all of these requirements, we propose our NoPaaS framework for high available clouds, shown in Fig. 13 . The NoPaaS was designed to support the deployment of multi-tier and stateful applications deployment, providing services that include checkpoint, session migration, and failure recovery.

NoPaaS framework

App deployment module

The App Deployment module is responsible for the interface between the application developer and our NoPaaS framework. NoPaaS proposes a set of modules, in which each module must act as a gateway between the PaaS service and NoPaaS internal services. Applications which will be deployed within NoPaaS must accomplish REQs A.1, A.2, and A.3 regarding the application requirements, and REQ F.1 regarding the framework requirements.

For the developers, it is mandatory to provide a configuration file specifying all information needed to deploy their applications in NoPaaS. Such a configuration file is very similar to what is usually provided to traditional PaaS in order to deploy a new application (e.g., git repository address and multi-tier architecture).

Profiles module

NoPaas makes use of profiles to represent and map the available budget provided by the developer and application requirements into response time and availability levels. The NoPaaS defines and provides, but it is not limited to, three different profiles: a) economy; b) business; and c) custom. For each profile, there is a specific configuration of load balance, scaling, checkpoint mechanism, and redundancy model based on the Service Availability Forum (SAForum or just SAF) model. REQs F.2 and F.3 are obeyed by this module.

NoPaaS uses the SAF reference because it produces open specifications to address the requirements of availability, reliability and dependability for a broad range of applications. In the SAF specification, there are five redundancy models: no redundancy, 2N, N+M, Nway, and Nway active. These redundancy models differ from each other in the number of active and standby assignments each service has [ 33 ], and consequently in terms of the availability level that each model is able to reach.

Planning module

The set of information provided by the developers regarding their applications’ configurations and profiles is sent to the App + Services Configurations Translation in the Planning module, which is responsible for translating this information so it can be used by the Planner. The Planner analyses all requirements and available resources on the Cloud infrastructure and plans the resource allocation, choosing the SAF redundancy model in order to satisfy REQs F.4, F.5, and F.6 . The Planner also communicates with the Resource Management (in the Operation module) in order to ensure information about resource availability is always updated.

The Planner is responsible for executing two main activities: calculating the availability estimation based on SAF redundancy models, and defining the application allocation by trying to minimize the total cost while reaching a minimum availability level defined by the developer.

Each tier of an application is named as Service Instance (SI), and each SI is assigned into a Service Unit (SU). We modeled the solution for mapping SI into SU as an integer program and solved it using algorithms to find the best SAF model (with minimum cost). The Planner uses an analytic worst-case models to estimate the availability of each SAF redundancy model. For a detailed explanation about the analytic models and some simulation results and analysis, please see [ 34 ].

Operation module

The Operation module provides many services to deal with the Cloud infrastructure. Resource Management is responsible for supervising the infrastructure, reporting on application failures and generating scaling in/out triggers. The Checkpoint stores backups of deployed applications, recovering their states in case of failure, and also deals with session migrations. The Allocation enforces the reservation of resources designed by the Planner. The Monitoring keeps track of applications and physical resources, maintaining a map of resource usage. The Load Balance is used to distribute the load among multiple tiers of an application, dealing with session stickiness, server failure, and session migration. We define the Message Bus entity for communication purposes, and it is responsible for receiving and delivering messages for all entities. REQs F.7, F.8, and F.9 should be attended by services of this module.

For instance, we have the resource management that handles application failures and is also responsible for issuing alerts regarding scaling needs. Monitoring is a basic service responsible for monitoring all applications and (virtual and/or physical) resources. Data generated by the monitor entity is stored and used a posteriori to measure which resources are available and to calculate the ideal configuration needed to deploy a new application (or if scaling is needed).

Cloud infrastructure module

The Cloud Infrastructure services comprise the IaaS services that NoPaaS uses to allocate the developers’ applications. The main idea is to use Cloud facilities in order to avoid unnecessary work. For that, NoPaaS needs to contract some IaaS provider or configure our own private IaaS. With this, we comply with REQ F.10 .

Final considerations

Cloud outages, no matter how long, are responsible for large financial losses. Cloud providers look for solutions that provide high availability even in failure cases. In this paper, we proposed a classification for HA Cloud solutions based on 3 layers. We also described and discussed some existing commercial and non-commercial solutions focused on middlewares.

High availability is a great challenge for Cloud providers due to its complexity (from the infrastructure to the application level). There are many issues to study in order to minimize Clouds outages, such as portability, feasibility, and security. A next step could be the implementation of HA-as-a-service, highlighting even more the importance of this research area for Cloud providers.

1 http://iwgcr.org/

2 https://www.cloudfoundry.org

3 https://blogs.dropbox.com/tech/2014/01/outage-post-mortem/

4 http://www.verizonwireless.com/solutions-and-services/verizon-cloud/

5 http://ieeexplore.ieee.org/Xplore/home.jsp

6 http://www.sciencedirect.com/

7 http://dl.acm.org/

8 https://www.xenproject.org/

9 http://www.linux-kvm.org/page/Main_Page

10 http://www.vmware.com/

11 https://www.microsoft.com/en-us/cloud-platform/virtualization

12 http://docs.openstack.org/developer/heat/

13 https://wiki.openstack.org/wiki/Heat/HA

14 https://cloud.google.com/appengine/

Dillon T, Wu C, Chang E (2010) Cloud computing: issues and challenges In: Advanced Information Networking and Applications (AINA), 2010 24th IEEE International Conference On, 27–33. IEEE. http://ieeexplore.ieee.org/document/5474674/?arnumber=5474674&tag=1 .

Puthal D, Sahoo B, Mishra S, Swain S (2015) Cloud computing features, issues, and challenges: a big picture In: Computational Intelligence and Networks (CINE), 2015 International Conference On, 116–123. IEEE. http://ieeexplore.ieee.org/document/7053814/?arnumber=7053814 .

da Fonseca NL, Boutaba R (2015) Cloud Architectures, Networks, Services, and Management In: Cloud Services, Networking, and Management. Wiley-IEEE Press. http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=7090261 .

Cérin C, Coti C, Delort P, Diaz F, Gagnaire M, Gaumer Q, Guillaume N, Lous J, Lubiarz S, Raffaelli J, et al. (2013) Downtime statistics of current cloud solutions. International Working Group on Cloud Computing Resiliency, Tech. Rep. http://iwgcr.org/wp-content/uploads/2013/06/IWGCR-Paris.Ranking-003.2-en.pdf . Accessed Oct 2016.

Toeroe M, Tam F (2012) Service Availability: Principles and Practice. John Wiley & Sons. http://www.wiley.com/WileyCDA/WileyTitle/productCd-1119954088.html .

Coutinho EF, de Carvalho Sousa FR, Rego PAL, Gomes DG, de Souza JN (2015) Elasticity in cloud computing: a survey. Ann. Telecommunications-annales des télécommunications 70(7–8): 289–309.

Article   Google Scholar  

Kanso A, Lemieux Y (2013) Achieving high availability at the application level in the cloud In: Cloud Computing (CLOUD), 2013 IEEE Sixth International Conference On, 778–785. IEEE. http://ieeexplore.ieee.org/document/6740222/?arnumber=6740222 .

Heidari P, Hormati M, Toeroe M, Al Ahmad Y, Khendek F (2015) Integrating open saf high availability solution with open stack In: Services (SERVICES), 2015 IEEE World Congress On, 229–236. IEEE. http://ieeexplore.ieee.org/document/7196529/?arnumber=7196529 .

Hormati M, Khendek F, Toeroe M (2014) Towards an evaluation framework for availability solutions in the cloud In: Software Reliability Engineering Workshops (ISSREW), 2014 IEEE International Symposium On, 43–46. IEEE. http://ieeexplore.ieee.org/document/6983798/?arnumber=6983798 .

OpenSAF Overview Release 4.4 Programmer’s Reference. http://sourceforge.net/projects/opensaf/files/docs/opensaf-documentation-4.4.1.tar.gz/download . Accessed Oct 2016.

Gonçalves GE, Endo PT, Cordeiro T, Palhares A, Sadok D, Kelner J, Melander B, Mangs J (2011) Resource allocation in clouds: concepts, tools and research challenges. XXIX SBRC-Gramado-RS. http://sbrc2011.facom.ufms.br/files/anais/shortcourses-12.html . http://sbrc2011.facom.ufms.br/files/anais/files/mc/mc5.pdf .

Marshall P, Keahey K, Freeman T (2010) Elastic site: Using clouds to elastically extend site resources In: Proceedings of the 2010 10th IEEE/ACM International Conference on Cluster, Cloud and Grid Computing, 43–52. IEEE Computer Society. http://dl.acm.org/citation.cfm?id=1845214 .

Cui C, Xie Y, Gao G, Telekom D, Martiny K, Carapinha J, Telecom S, Lee D, Argela TT, Ergen MNetwork functions virtualisation (nfv). White paper, available at: https://portal.etsi.org/Portals/0/TBpages/NFV/Docs/NFV_White_Paper3.pdf . Accessed Oct 2016.

Availability Management Framework. http://devel.opensaf.org/SAI-AIS-AMF-B.04.01.AL.pdf . Accessed Oct 2016.

Wu Y, Huang G (2013) Model-based high availability configuration framework for cloud In: Proceedings of the 2013 Middleware Doctoral Symposium, 6. ACM. http://dl.acm.org/citation.cfm?id=2541595 .

An K, Shekhar S, Caglar F, Gokhale A, Sastry S (2014) A cloud middleware for assuring performance and high availability of soft real-time applications. J Syst Arch 60(9): 757–769.

Alexandrov T, Dimov A (2013) Software availability in the cloud In: Proceedings of the 14th International Conference on Computer Systems and Technologies, 193–200. ACM. http://dl.acm.org/citation.cfm?id=2516814 .

Chen T, Bahsoon R, Tawil A-RH (2014) Scalable service-oriented replication with flexible consistency guarantee in the cloud. Inform Sci 264: 349–370.

Article   MathSciNet   Google Scholar  

Bessani A, Cutillo LA, Ramunno G, Schirmer N, Smiraglia P (2013) The tclouds platform: concept, architecture and instantiations In: Proceedings of the 2nd International Workshop on Dependability Issues in Cloud Computing, 1. ACM. http://dl.acm.org/citation.cfm?id=2506156 .

Imran A, Ul Gias A, Rahman R, Seal A, Rahman T, Ishraque F, Sakib K (2014) Cloud-niagara: A high availability and low overhead fault tolerance middleware for the cloud In: Computer and Information Technology (ICCIT), 2013 16th International Conference On, 271–276. IEEE. http://ieeexplore.ieee.org/document/6997344/?arnumber=6997344 .

Perez-Sorrosal F, Patiño-Martinez M, Jimenez-Peris R, Kemme B (2011) Elastic si-cache: consistent and scalable caching in multi-tier architectures. VLDB J Int J Very Large Data Bases 20(6): 841–865.

Cully B, Lefebvre G, Meyer D, Feeley M, Hutchinson N, Warfield A (2008) Remus: High availability via asynchronous virtual machine replication In: Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation, 161–174, San Francisco.

Chan H, Chieu T (2012) An approach to high availability for cloud servers with snapshot mechanism In: Proceedings of the Industrial Track of the 13th ACM/IFIP/USENIX International Middleware Conference, 6. ACM. http://dl.acm.org/citation.cfm?id=2405152 .

Nicolae B, Cappello F (2013) Blobcr: Virtual disk based checkpoint-restart for hpc applications on iaas clouds. J Parallel Distrib Comput 73(5): 698–711.

Toeroe M, Pawar N, Khendek F (2014) Managing application level elasticity and availability In: Network and Service Management (CNSM), 2014 10th International Conference On, 348–351. IEEE. http://ieeexplore.ieee.org/document/7014191/?arnumber=7014191 .

Behl J, Distler T, Heisig F, Kapitza R, Schunter M (2012) Providing fault-tolerant execution of web-service-based workflows within clouds In: Proceedings of the 2nd International Workshop on Cloud Computing Platforms, 7. ACM. http://dl.acm.org/citation.cfm?id=2168704 .

Ooi BY, Chan HY, Cheah YN (2012) Dynamic service placement and replication framework to enhance service availability using team formation algorithm. J Syst Softw 85(9): 2048–2062.

Sugiki A, Kato K (2011) An extensible cloud platform inspired by operating systems In: Utility and Cloud Computing (UCC), 2011 Fourth IEEE International Conference On, 306–311. IEEE. http://ieeexplore.ieee.org/document/6123513/?arnumber=6123513 .

Dantas R, Sadok D, Flinta C, Johnsson A (2015) Kvm virtualization impact on active round-trip time measurements In: Integrated Network Management (IM), 2015 IFIP/IEEE International Symposium On, 810–813. IEEE. http://ieeexplore.ieee.org/document/7140382/?arnumber=7140382 .

Patel P, Bansal D, Yuan L, Murthy A, Greenberg A, Maltz DA, Kern R, Kumar H, Zikos M, Wu H, et al. (2013) Ananta: cloud scale load balancing. ACM SIGCOMM Comput Commun Rev 43(4): 207–218.

Singh D, Singh J, Chhabra A (2012) High availability of clouds: Failover strategies for cloud computing using integrated checkpointing algorithms In: Communication Systems and Network Technologies (CSNT), 2012 International Conference On, 698–703. IEEE. http://ieeexplore.ieee.org/document/6200714/?arnumber=6200714 .

Anand M (2012) Always on: Architecture for high availability cloud applications In: Cloud Computing in Emerging Markets (CCEM), 2012 IEEE International Conference On, 1–5. IEEE. http://ieeexplore.ieee.org/document/6354593/?arnumber=6354593 .

Availability Management Framework - Application Interface Specification SAI-AIS-AMF-B.04.01. Available at: http://devel.opensaf.org/SAI-AIS-AMF-B.04.01.AL.pdf . Accessed Oct 2016.

Gonçalves G, Endo P, Rodrigues M, Sadok D, Curesco CRisk-based model for availability estimation of saf redundancy models. http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7543848 .

Frîncu ME (2014) Scheduling highly available applications on cloud environments. Future Generation Comput Syst 32: 138–153.

Sripanidkulchai K, Sahu S, Ruan Y, Shaikh A, Dorai C (2010) Are clouds ready for large distributed applications?ACM SIGOPS Oper Syst Rev 44(2): 18–23.

Araujo J, Matos R, Alves V, Maciel P, Souza F, Trivedi KS, et al. (2014) Software aging in the eucalyptus cloud computing infrastructure: characterization and rejuvenation. ACM J Emerg Technol Comput Syst (JETC) 10(1): 11.

Google Scholar  

Download references

Acknowledgements

This work was supported by the RLAM Innovation Center, Ericsson Telecomunicaçõs S.A., Brazil.

Authors’ contributions

Our contribution is a systematic review regarding existing high availability solutions for Cloud Computing. We considered studies done from 2010 to 2016; and we provided an overview and description about them based on 3-layer classification. Furthermore, we proposed a framework for providing high availability services, and also presented requirements to deal with multi-tier and stateful applications. All authors read and approved the final manuscript.

Competing interests

Cloud computing, high availability, resource management.

Author information

Authors and affiliations.

University of Pernambuco (UPE), Caruaru, BR 104 S/N, Brazil

Patricia T. Endo

Federal University of Pernambuco, GPRT, Recife, Brazil

Patricia T. Endo, Moisés Rodrigues, Glauco E. Gonçalves, Judith Kelner & Djamel H. Sadok

Rural Federal University of Pernambuco, Recife, Brazil

Glauco E. Gonçalves

Ericsson Research, Kista, Sweden

Calin Curescu

You can also search for this author in PubMed   Google Scholar

Corresponding author

Correspondence to Patricia T. Endo .

Rights and permissions

Open Access This article is distributed under the terms of the Creative Commons Attribution 4.0 International License ( http://creativecommons.org/licenses/by/4.0/ ), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.

Reprints and permissions

About this article

Cite this article.

Endo, P.T., Rodrigues, M., Gonçalves, G.E. et al. High availability in clouds: systematic review and research challenges. J Cloud Comp 5 , 16 (2016). https://doi.org/10.1186/s13677-016-0066-8

Download citation

Received : 01 June 2016

Accepted : 04 October 2016

Published : 18 October 2016

DOI : https://doi.org/10.1186/s13677-016-0066-8

Share this article

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

• Cloud computing
• High availability
• Research challenges

Future of cloud computing: 5 insights from new global research

Carol Carpenter

VP of Cloud Product Marketing

Research shows that cloud computing will transform every aspect of business, from logistics to customer relationships to the way teams work together, and today’s organizations are preparing for this seismic shift. A new report from Google on the future of cloud computing combines an in-depth look at how the cloud is shaping the enterprise of tomorrow with actionable advice to help today’s leaders unlock its benefits. Along with insights from Google luminaries and leading companies, the report includes key findings from a research study that surveyed 1,100 business and IT decision-makers from around the world. Their responses shed light on the rapidly evolving technology landscape at a global level, as well as variations in cloud maturity and adoption trends across individual countries. Here are five themes that stood out to us from this brand-new research.

1. Cloud computing will move to the forefront of enterprise technology over the next decade, backed by strong executive support.

Globally, 47 percent of survey participants said that the majority of their companies’ IT infrastructures already use public or private cloud computing. When we asked about predictions for 2029, that number jumped 30 percentage points. C-suite respondents were especially confident that the cloud will reign supreme within a decade: More than half anticipate that it will meet at least three-quarters of their IT needs, while only 40 percent of their non-C-suite peers share that view. What’s the takeaway? The cloud already plays a key role in enterprise technology, but the next 10 years will see it move to the forefront—with plenty of executive support. Here’s how that data breaks down around the world.

2. The cloud is becoming a significant driver of revenue growth.

Cloud computing helps businesses focus on improving efficiency and fostering innovation, not simply maintaining systems and status quos. So it’s not surprising that 79 percent of survey respondents already consider the cloud an important driver of revenue growth, while 87 percent expect it to become one within a decade. C-suite respondents were just as likely as their non-C-suite peers to anticipate that the cloud will play an important role in driving revenue growth in 2029. This tells us that decision-makers across global organizations believe their future success will hinge on their ability to effectively apply cloud technology.

3. Businesses are combining cloud capabilities with edge computing to analyze data at its source.

Over the next decade, the cloud will continue to evolve as part of a technology stack that increasingly includes IoT devices and edge computing, in which processing occurs at or near the data’s source. Thirty-three percent of global respondents said they use edge computing for a majority of their cloud operations, while 55 percent expect to do so by 2029. The United States lags behind in this area, with only 18 percent of survey participants currently using edge computing for a majority of their cloud operations, but that figure grew by a factor of 2.5 when respondents looked ahead to 2029. As more and more businesses extend the power and intelligence of the cloud to the edge, we can expect to see better real-time predictions, faster responses, and more seamless customer experiences.

4. Tomorrow’s businesses will prioritize openness and interoperability.

In the best cases, cloud adoption is part of a larger transformation in which new tools and systems positively affect company culture. Our research suggests that businesses will continue to place more value on openness over the next decade. By 2029, 41 percent of global respondents expect to use open-source software (OSS) for a majority of their software platform, up 14 percentage points from today. Predicted OSS use was nearly identical between IT decision-makers and their business-oriented peers, implying that technology and business leaders alike recognize the value of interoperability, standardization, freedom from vendor lock-in, and continuous innovation.

5. On their journey to the cloud, companies are using new techniques to balance speed and quality.

To stay competitive in today’s streaming world, businesses face growing pressure to innovate faster—and the cloud is helping them keep pace. Sixty percent of respondents said their companies will update code weekly or daily by 2029, while 37 percent said they’ve already adopted this approach. This tells us that over the next 10 years, we’ll see an uptick in the use of continuous integration and delivery techniques, resulting in more frequent releases and higher developer productivity.

As organizations prepare for the future, they will need to balance the need for speed with maintaining high quality. Our research suggests that they’ll do so by addressing security early in the development process and assuming constant vulnerability so they’re never surprised. More than half of respondents said they already implement security pre-development, and 72 percent plan to do so by 2029.

Cloud-based enterprises will also rely on automation to maintain quality and security as their operations become faster and more continuous. Seventy percent of respondents expect a majority of their security operations to be automated by 2029, compared to 33 percent today.

Our Future of Cloud Computing report contains even more insights from our original research, as well as a thorough analysis of the cloud’s impact on businesses and recommended steps for unlocking its full potential. You can download it here .

• Google Cloud
• Inside Google Cloud

Related articles

Google Cloud Research Innovators launch fourth cohort to drive innovation

By Keith Binder • 3-minute read

UC Davis, VALID AI and Google Cloud collaborate to overcome SDOH Challenges with generative AI

By Brent Mitchell • 4-minute read

Announcing Google Cloud AI and Research Days to help accelerate scientific discovery

By Nicole DeSantis • 2-minute read

In a pioneering agreement, Google Public Sector and UC Riverside launch new model for research access

By Karen Dahut • 3-minute read

• Original Papers
• Open access
• Published: 20 April 2010

Cloud computing: state-of-the-art and research challenges

• Qi Zhang 1 ,
• Lu Cheng 1 &
• Raouf Boutaba 1  

Journal of Internet Services and Applications volume  1 ,  pages 7–18 ( 2010 ) Cite this article

92k Accesses

2077 Citations

28 Altmetric

Metrics details

Cloud computing has recently emerged as a new paradigm for hosting and delivering services over the Internet. Cloud computing is attractive to business owners as it eliminates the requirement for users to plan ahead for provisioning, and allows enterprises to start from the small and increase resources only when there is a rise in service demand. However, despite the fact that cloud computing offers huge opportunities to the IT industry, the development of cloud computing technology is currently at its infancy, with many issues still to be addressed. In this paper, we present a survey of cloud computing, highlighting its key concepts, architectural principles, state-of-the-art implementation as well as research challenges. The aim of this paper is to provide a better understanding of the design challenges of cloud computing and identify important research directions in this increasingly important area.

Al-Fares M et al (2008) A scalable, commodity data center network architecture. In: Proc SIGCOMM

Amazon Elastic Computing Cloud, aws.amazon.com/ec2

Amazon Web Services, aws.amazon.com

Ananthanarayanan R, Gupta K et al (2009) Cloud analytics: do we really need to reinvent the storage stack? In: Proc of HotCloud

Armbrust M et al (2009) Above the clouds: a Berkeley view of cloud computing. UC Berkeley Technical Report

Berners-Lee T, Fielding R, Masinter L (2005) RFC 3986: uniform resource identifier (URI): generic syntax, January 2005

Bodik P et al (2009) Statistical machine learning makes automatic control practical for Internet datacenters. In: Proc HotCloud

Brooks D et al (2000) Power-aware microarchitecture: design and modeling challenges for the next-generation microprocessors, IEEE Micro

Chandra A et al (2009) Nebulas: using distributed voluntary resources to build clouds. In: Proc of HotCloud

Chang F, Dean J et al (2006) Bigtable: a distributed storage system for structured data. In: Proc of OSDI

Chekuri C, Khanna S (2004) On multi-dimensional packing problems. SIAM J Comput 33(4):837–851

Article   MATH   MathSciNet   Google Scholar  

Church K et al (2008) On delivering embarrassingly distributed cloud services. In: Proc of HotNets

Clark C, Fraser K, Hand S, Hansen JG, Jul E, Limpach C, Pratt I, Warfield A (2005) Live migration of virtual machines. In: Proc of NSDI

Cloud Computing on Wikipedia, en.wikipedia.org/wiki/Cloudcomputing , 20 Dec 2009

Cloud Hosting, CLoud Computing and Hybrid Infrastructure from GoGrid, http://www.gogrid.com

Dean J, Ghemawat S (2004) MapReduce: simplified data processing on large clusters. In: Proc of OSDI

Dedicated Server, Managed Hosting, Web Hosting by Rackspace Hosting, http://www.rackspace.com

FlexiScale Cloud Comp and Hosting, www.flexiscale.com

Ghemawat S, Gobioff H, Leung S-T (2003) The Google file system. In: Proc of SOSP, October 2003

Google App Engine, URL http://code.google.com/appengine

Greenberg A, Jain N et al (2009) VL2: a scalable and flexible data center network. In: Proc SIGCOMM

Guo C et al (2008) DCell: a scalable and fault-tolerant network structure for data centers. In: Proc SIGCOMM

Guo C, Lu G, Li D et al (2009) BCube: a high performance, server-centric network architecture for modular data centers. In: Proc SIGCOMM

Hadoop Distributed File System, hadoop.apache.org/hdfs

Hadoop MapReduce, hadoop.apache.org/mapreduce

Hamilton J (2009) Cooperative expendable micro-slice servers (CEMS): low cost, low power servers for Internet-scale services In: Proc of CIDR

IEEE P802.3az Energy Efficient Ethernet Task Force, www.ieee802.org/3/az

Kalyvianaki E et al (2009) Self-adaptive and self-configured CPU resource provisioning for virtualized servers using Kalman filters. In: Proc of international conference on autonomic computing

Kambatla K et al (2009) Towards optimizing Hadoop provisioning in the cloud. In: Proc of HotCloud

Kernal Based Virtual Machine, www.linux-kvm.org/page/MainPage

Krautheim FJ (2009) Private virtual infrastructure for cloud computing. In: Proc of HotCloud

Kumar S et al (2009) vManage: loosely coupled platform and virtualization management in data centers. In: Proc of international conference on cloud computing

Li B et al (2009) EnaCloud: an energy-saving application live placement approach for cloud computing environments. In: Proc of international conf on cloud computing

Meng X et al (2010) Improving the scalability of data center networks with traffic-aware virtual machine placement. In: Proc INFOCOM

Mysore R et al (2009) PortLand: a scalable fault-tolerant layer 2 data center network fabric. In: Proc SIGCOMM

NIST Definition of Cloud Computing v15, csrc.nist.gov/groups/SNS/cloud-computing/cloud-def-v15.doc

Osman S, Subhraveti D et al (2002) The design and implementation of zap: a system for migrating computing environments. In: Proc of OSDI

Padala P, Hou K-Y et al (2009) Automated control of multiple virtualized resources. In: Proc of EuroSys

Parkhill D (1966) The challenge of the computer utility. Addison-Wesley, Reading

Google Scholar  

Patil S et al (2009) In search of an API for scalable file systems: under the table or above it? HotCloud

Salesforce CRM, http://www.salesforce.com/platform

Sandholm T, Lai K (2009) MapReduce optimization using regulated dynamic prioritization. In: Proc of SIGMETRICS/Performance

Santos N, Gummadi K, Rodrigues R (2009) Towards trusted cloud computing. In: Proc of HotCloud

SAP Business ByDesign, www.sap.com/sme/solutions/businessmanagement/businessbydesign/index.epx

Sonnek J et al (2009) Virtual putty: reshaping the physical footprint of virtual machines. In: Proc of HotCloud

Srikantaiah S et al (2008) Energy aware consolidation for cloud computing. In: Proc of HotPower

Urgaonkar B et al (2005) Dynamic provisioning of multi-tier Internet applications. In: Proc of ICAC

Valancius V, Laoutaris N et al (2009) Greening the Internet with nano data centers. In: Proc of CoNext

Vaquero L, Rodero-Merino L, Caceres J, Lindner M (2009) A break in the clouds: towards a cloud definition. ACM SIGCOMM computer communications review

Vasic N et al (2009) Making cluster applications energy-aware. In: Proc of automated ctrl for datacenters and clouds

Virtualization Resource Chargeback, www.vkernel.com/products/EnterpriseChargebackVirtualAppliance

VMWare ESX Server, www.vmware.com/products/esx

Windows Azure, www.microsoft.com/azure

Wood T et al (2007) Black-box and gray-box strategies for virtual machine migration. In: Proc of NSDI

XenSource Inc, Xen, www.xensource.com

Zaharia M et al (2009) Improving MapReduce performance in heterogeneous environments. In: Proc of HotCloud

Zhang Q et al (2007) A regression-based analytic model for dynamic resource provisioning of multi-tier applications. In: Proc ICAC

Download references

Author information

Authors and affiliations.

University of Waterloo, Waterloo, Ontario, Canada, N2L 3G1

Qi Zhang, Lu Cheng & Raouf Boutaba

You can also search for this author in PubMed   Google Scholar

Corresponding author

Correspondence to Raouf Boutaba .

Rights and permissions

Open Access This article is distributed under the terms of the Creative Commons Attribution 2.0 International License ( https://creativecommons.org/licenses/by/2.0 ), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Reprints and permissions

About this article

Cite this article.

Zhang, Q., Cheng, L. & Boutaba, R. Cloud computing: state-of-the-art and research challenges. J Internet Serv Appl 1 , 7–18 (2010). https://doi.org/10.1007/s13174-010-0007-6

Download citation

Received : 08 January 2010

Accepted : 25 February 2010

Published : 20 April 2010

Issue Date : May 2010

DOI : https://doi.org/10.1007/s13174-010-0007-6

Share this article

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

• Cloud computing
• Data centers
• Virtualization

• SUGGESTED TOPICS
• The Magazine
• Newsletters
• Managing Yourself
• Managing Teams
• Work-life Balance
• The Big Idea
• Data & Visuals
• Reading Lists
• Case Selections
• HBR Learning
• Topic Feeds
• Account Settings
• Email Preferences

How Cloud Computing Is Changing Management

• Quentin Hardy

It’s speeding up product life cycles and fostering more customer interaction.

Cloud computing is changing how products are designed; enabling closer collaboration between the corporate IT department and other business units, including sales, finance and forecasting; and fostering more customer interaction, even to a point of jointly developing products with their consumers. In particular, new ways of writing and deploying software will encourage new types of faster-acting organizational designs. “Cloud native” software approaches stresses ease of use and low-impact alteration of components of any given software application. Massive applications are subdivided into a series of “microservices” that can be tweaked with little effect on a running piece of software.

Theories and practices of management often spring from the opportunities created by new technologies. Interchangeable parts spurred ideas about structuring assembly lines and logistics. The complex calculations of the field known as  Operations Research were enabled by mainframe computing . Client-server technology begat enterprise resource planning systems, and the consequent system-wide visibility that was required for what we call business process management (BPM).

• QH Quentin Hardy is Head of Editorial at Google Cloud.

Partner Center

An official website of the United States government

The .gov means it’s official. Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

The site is secure. The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

• Publications
• Account settings

Preview improvements coming to the PMC website in October 2024. Learn More or Try it out now .

• Advanced Search
• Journal List
• Comput Intell Neurosci
• v.2022; 2022

This article has been retracted.

The rise of cloud computing: data protection, privacy, and open research challenges—a systematic literature review (slr), junaid hassan.

1 Department of Computer Science, National University of Computer and Emerging Sciences, Islamabad, Chiniot-Faisalabad Campus, Chiniot 35400, Pakistan

Danish Shehzad

2 Department of Computer Science, Superior University, Lahore 54000, Pakistan

Usman Habib

3 Faculty of Computer Sciences and Engineering, GIK Institute of Engineering Sciences and Technology, Topi, Swabi 23640, Khyber Pakhtunkhwa, Pakistan

Muhammad Umar Aftab

Muhammad ahmad, ramil kuleev.

4 Institute of Software Development and Engineering, Innopolis University, Innopolis 420500, Russia

Manuel Mazzara

Associated data.

The data used to support the findings of this study are provided in this article.

Cloud computing is a long-standing dream of computing as a utility, where users can store their data remotely in the cloud to enjoy on-demand services and high-quality applications from a shared pool of configurable computing resources. Thus, the privacy and security of data are of utmost importance to all of its users regardless of the nature of the data being stored. In cloud computing environments, it is especially critical because data is stored in various locations, even around the world, and users do not have any physical access to their sensitive data. Therefore, we need certain data protection techniques to protect the sensitive data that is outsourced over the cloud. In this paper, we conduct a systematic literature review (SLR) to illustrate all the data protection techniques that protect sensitive data outsourced over cloud storage. Therefore, the main objective of this research is to synthesize, classify, and identify important studies in the field of study. Accordingly, an evidence-based approach is used in this study. Preliminary results are based on answers to four research questions. Out of 493 research articles, 52 studies were selected. 52 papers use different data protection techniques, which can be divided into two main categories, namely noncryptographic techniques and cryptographic techniques. Noncryptographic techniques consist of data splitting, data anonymization, and steganographic techniques, whereas cryptographic techniques consist of encryption, searchable encryption, homomorphic encryption, and signcryption. In this work, we compare all of these techniques in terms of data protection accuracy, overhead, and operations on masked data. Finally, we discuss the future research challenges facing the implementation of these techniques.

1. Introduction

Recent advances have given rise to the popularity and success of cloud computing. It is a new computing and business model that provides on-demand storage and computing resources. The main objective of cloud computing is to gain financial benefits as cloud computing offers an effective way to reduce operational and capital costs. Cloud storage is a basic service of cloud computing architecture that allows users to store and share data over the internet. Some of the advantages of cloud storage are offsite backup, efficient and secure file access, unlimited data storage space, and low cost of use. Generally, cloud storage is divided into five categories: (1) private cloud storage, (2) personal cloud storage, (3) public cloud storage, (4) community cloud storage, and (5) hybrid cloud storage.

However, when we outsource data and business applications to a third party, security and privacy issues become a major concern [ 1 ]. Before outsourcing private data to the cloud, there is a need to protect private data by applying different data protection techniques, which we will discuss later in this SLR. After outsourcing the private data to the cloud, sometimes the user wants to perform certain operations on their data, such as secure search. Therefore, while performing such operations on private data, the data needs to be protected from intruders so that intruders cannot hack or steal their sensitive information.

Cloud computing has many advantages because of many other technical resources. For example, it has made it possible to store large amounts of data, perform computation on data, and many other various services. In addition, the cloud computing platform reduces the cost of services and also solves the problem of limited resources by sharing important resources among different users. Performance and resource reliability requires that the platform should be able to tackle the security threats [ 2 ]. In recent years, cloud computing has become one of the most important topics in security research. These pieces of research include software security, network security, and data storage security.

The National Institute of Standards and Technology (NIST) defines cloud computing as [ 3 ] “a model for easy access, ubiquitous, resource integration, and on-demand access that can be easily delivered through various types of service providers. The Pay as You Go (PAYG) mechanism is followed by cloud computing, in which users pay only for the services they use. The PAYG model gives users the ability to develop platforms, storage, and customize the software according to the needs of the end-user or client. These advantages are the reason that the research community has put so much effort into this modern concept [ 4 ].

Security is gained by achieving confidentiality, integrity, and data availability. Cloud users want assurance that their data must be saved while using cloud services. There are various types of attacks that launch on a user's private data, such as intrusion attacks, hacking, stealing the user's private data, and denial of service attacks. 57% of companies report security breaches using cloud services [ 5 ]. Data privacy is more important than data security because cloud service providers (CSPs) have full access to all cloud user's data and can monitor their activities, because of which the cloud user privacy is compromised. For example, a user is a diabetic, and the CSP is analyzing their activities, such as what he is searching for more and what kind of medicine he is using the most. Because of this access, CSP can get all the sensitive information about an individual user and can also share this information with a medicine company or an insurance company [ 6 ]. Another problem is that the user cannot fully trust CSP. Because of this reason, there are many legal issues. Users cannot store their sensitive data on unreliable cloud services because of this mistrust. As a result, many users cannot use cloud services to store their personal or sensitive data in the cloud. There are two ways to solve this problem. One is that the user installs a proxy on his side, and this proxy takes the user's data, encrypts and saves their data using some data protection techniques, and then sends it to the untrusted CSP [ 7 ].

The recent Google privacy policy is that any user can use any Google service free of cost; however, Google monitors their activity by monitoring their data to improve their services [ 8 ]. In this paper, we compare different types of data protection techniques that provide privacy and security over the data stored on the cloud. Many papers discuss outsourcing data storage on the cloud [ 9 , 10 ], however, we also discuss how we can secure the outsourced data on the cloud. Most of the paper describes the data security on the cloud vs the external intruder attacks [ 11 , 12 ]. This paper not only discusses the security attacks from outside intruders and securing mechanisms but also inner attacks from the CSP itself. Many surveys cover data privacy by applying cryptographic techniques [ 13 , 14 ]. These cryptographic techniques are very powerful for the protection of data and also provide a very significant result. However, there is a problem as these cryptographic techniques require key management, and some of the cloud functionalities are not working on these cryptographic techniques. In this paper, we also discuss some steganographic techniques. To the best of our knowledge, no study discusses all the conventional and nonconventional security techniques. Therefore, all the data protection techniques need to be combined in one paper.

The rest of this paper is organized as follows: Section 3 of the paper describes the research methodology that consists of inclusion, exclusion criteria, quality assessment criteria, study selection process, research questions, and data extraction process. Also, we discuss assumptions and requirements for data protection in the cloud. Section 4 presents all the cryptographic and also noncryptographic techniques that are used for data protection over the cloud. Also, we discuss the demographic characteristics of the relevant studies by considering the following four aspects: (i) publication trend, (ii) publication venues (proceeding and journals), (iii) number of citations, and (iv) author information. Section 4 also compares all these data protection techniques. Lastly, in Section 5 , we discuss results and present conclusion and future work.

2. Related Work

The first access control mechanism and data integrity in the provable data possession (PDP) model is proposed in the paper [ 15 ], and it provides two mobile applications based on the RSA algorithm. Like the PDP, the author in the paper [ 16 ] proposed a proof of retrievability (PoR) scheme that is used to ensure the integrity of remote data. PoR scheme efficiency is improved using a shorter authentication tag that is integrated with the PoR system [ 17 ]. A more flexible PDP scheme is proposed by the author of the paper [ 18 ] that uses symmetric key encryption techniques to support dynamic operations. A PDP protocol with some flexible functionality is developed, in which, we can add some blocks at run time [ 19 ]. A new PDP system with a different data structure is introduced, and it improves flexibility performance [ 20 ]. Similarly, another PDP model with a different data structure is designed to handle its data functionality [ 21 ]. To improve the accuracy of the data, the author of the paper [ 22 ] designed a multireplicas data verification scheme that fully supports dynamic data updates.

A unique data integration protocol [ 23 ] for multicloud servers is developed. The author of the paper [ 24 ] also considers the complex area where multiple copies are stored in multiple CSPs and builds a solid system to ensure the integrity of all copies at once. A proxy PDP scheme [ 25 ] is proposed, which supports the delegation of data checking that uses concessions to verify auditor consent. In addition, the restrictions of the verifier are removed that strengthened the scheme, and it proposes a separate PDP certification system [ 26 ]. To maintain the security of information, a concept for information security is proposed and a PDP protocol for public research is developed [ 27 ]. To resolve the certification management issue, the PDP system with data protection is introduced [ 28 ].

Identity-based cryptography is developed, in which a user's unique identity is used as input to generate a secret key [ 29 ]. Another PDP protocol is recommended to ensure confidentiality [ 30 ]. The author of the paper [ 31 ] proposed a scheme, in which tags are generated through the ring signature technique for group-based data sharing that supports public auditing and maintains user privacy. A new PDP system is introduced for data sharing over the cloud while maintaining user privacy [ 32 ]. Additionally, it supports the dynamic group system and allows users to exit or join the group at any time. Another PDP system [ 33 ] that is based on broadcast encryption and supports dynamic groups [ 34 ] is introduced. The issue of user revocation has been raised [ 35 ], and to address this issue, a PDP scheme has been proposed, which removes the user from the CSP using the proxy signature method. A PDP-based group data protocol was developed to track user privacy and identity [ 36 ]. A PDP system [ 37 ] is proposed for data sharing between multiple senders. The author of the paper [ 38 ] provides SEPDP systems while maintaining data protection. However, the author of the paper [ 39 ] proved that the scheme proposed in [ 38 ] is vulnerable to malicious counterfeiting by the CSP. A collision-resistant user revocable public auditing (CRUPA) system [ 40 ] is introduced for managing the data that is shared in groups. Another scheme [ 41 ] is introduced as a way to ensure the integrity of mobile data terminals in cloud computing.

To address the PKI issue, identity-based encryption [ 42 ] is designed to enhance the PDP protocol and maintain user privacy in a dynamic community. Before sharing user-sensitive data with third parties or researchers, data owners ensure that the privacy of user-sensitive data is protected. We can do this using data anonymization techniques [ 43 ]. In recent years, the research community has focused on the PPDP search area and developed several approaches for tabular data and SN [ 44 – 49 ]. There are two popular settings in PPDP: one is interactive, and the other is noninteractive [ 50 ]. The K-anonymity model [ 51 ] and its effects are most commonly used in the noninteractive setting of PPDP [ 52 – 56 ]. Differential privacy (DP) [ 57 ] and an interactive configuration of PPDP make extensive use of DP-based methods [ 58 – 60 ]. Meanwhile, several studies for a noninteractive setting reported a PD-dependent approach [ 61 ]. Researchers have expanded the concepts used to anonymize tabular data to protect the privacy of SN users [ 62 – 64 ].

Most images on the internet are in a compressed form. Hence, various studies design some techniques for AMBTC-compressed images. Data concealment has become an active research area. We can hide the data by adding confidential information to the cover image, and as a result, we get the stego image. There are two types of data hiding schemes: one is irreversible [ 65 – 68 ], and the other is a reversible data hiding scheme [ 69 – 71 ]. A cipher text designated for data collection can be re-encrypted as designated for another by a semitrusted proxy without decryption [ 72 ]. The first concrete construction of collusion-resistant unidirectional identity-based proxy re-encryption scheme, for both selective and adaptive identity, is proposed in the paper [ 73 ]. One of the data hiding schemes is the histogram shifting scheme [ 74 – 76 ], and it is the most widely used. A histogram-shifting data hiding scheme [ 77 ] that detects pixel histograms in the cover image is introduced. When big and diverse data are distributed everywhere, we cannot control the vicious attacks. Therefore, we need a cryptosystem to protect our data [ 78 – 80 ].

Some identity-based signature (IBS) schemes [ 81 – 84 ] are introduced that are based on bilinear pairing. However, the authentication schemes based on bilinear pairing over elliptic curve are more efficient and safer than traditional public key infrastructure [ 85 , 86 ]. The paper [ 87 ] proposed a preserving proxy re-encryption scheme for public cloud access control. A differential attack is performed on one-to-many order preserving encryption OPE by exploiting the differences of the ordered ciphertexts in [ 88 ]. Another scheme is proposed, which consists of a cancelable biometric template protection scheme that is based on the format-preserving encryption and Bloom filters [ 89 ]. Some of the researchers also use the concept of paring free identity-based signature schemes [ 90 – 93 ]. A lightweight proxy re-encryption scheme with certificate-based and incremental cryptography for fog-enabled e-healthcare is proposed in [ 94 ].

3. Research Methodology

The objective of this SLR is to evaluate, investigate, and identify the existing research in the context of data storage security in cloud computing to find and evaluate all the existing techniques. SLR is a fair and unbiased way of evaluating all the existing techniques. This way provides a complete and evidence-based search related to a specific topic. At this time, there is no SLR conducted on data storage security techniques that explains all the cryptographic and noncryptographic techniques. Hence, this SLR fulfills the gap by conducting itself. This SLR aims to provide a systematic method using the guidelines of an SLR provided by Kitchenham [ 95 ]. Furthermore, to increase the intensity of our evidence, we follow another study that is provided by [ 96 ]. Our SLR consists of three phases, namely planning, conducting, and reporting. By following these three phases, we conduct our SLR, as shown in Figure 1 .

Review procedure.

3.1. Research Questions

The primary research question of this systematic literature review is “What types of data protection techniques have been proposed in cloud computing?” This primary research question is further divided into four RQs. All these four questions are enlisted below.

•   RQ1: what types of data protection techniques have been proposed in cloud computing?
•   RQ2: what are the demographic characteristics of the relevant studies?
•   RQ3: which data protection technique provides more data protection among all the techniques?
•   RQ4: what are the primary findings, research challenges, and directions for future research in the field of data privacy in cloud computing?

3.2. Electronic Databases

Six electronic databases were selected to collect primary search articles. All these six electronic databases are well-reputed in the domain of cloud computing. Most of the relevant articles are taken from two electronic databases, namely IEEE and Elsevier. All the electronic databases that we use in this research process are given in Table 1 .

Databases sources.

3.3. Research Terms

First of all, the title base search is done on the different electronic databases, which are given in Table 1 . After that, most related studies/articles are taken. Search is done using the string (p1 OR p2. . . . . .OR pn.) AND (t1 OR t2. . . . . . OR tn.). This string/query is constructed using a population, intervention, control, and outcomes (PICO) structure that consists of population, intervention, and outcome. Database search queries are given in Table 2 .

•   Population : “cloud computing”
•   Intervention : “data security,” “data privacy,” “data integrity”
•   Using the PICO structure, we construct a general query for the electronic database. Generic: ((“Document Title”: cloud∗) AND (“Document Title”: data AND (privacy OR protect∗ OR secure∗ OR integrity∗))).

Databases search query.

3.4. Procedure of Study Selection

The procedure of study selection is described in Figure 2 . This procedure has three phases: the first one is exclusion based on the title, in which articles are excluded based on the title, and the relevant titles are included. The second is exclusion based on the abstract in which articles are excluded. By reading the abstract of the articles, the most relevant abstract is included, and the last one is exclusion based on a full text that also includes quality assessment criteria.

Study selection procedure.

3.5. Eligibility Control

In this phase, all the selected papers are fully readied, and relevant papers are selected to process our SLR further. Table 3 shows the final selected papers from each database based on inclusion and exclusion criteria. The related papers are selected based on inclusion and exclusion criteria, which are given in Table 4 .

Results from electronic databases.

Inclusion and exclusion criteria.

3.6. Inclusion and Exclusion Criteria

We can use the inclusion and exclusion criteria to define eligibility for basic study selection. We apply the inclusion and exclusion criteria to those studies that are selected after reading the abstract of the papers. The criteria for inclusion and exclusion are set out in Table 4. Table 4 outlines some of the conditions that we have applied to the articles. After applying the inclusion and exclusion criteria, we get relevant articles, which we finally added to our SLR. The search period is from 2010 to 2021, and most of the papers included in our SLR are from 2015 to onward.

We apply inclusion and exclusion criteria in the third phase of the study selection process, and we get 139 results. After that, we also apply quality criteria, and finally, we get 52 articles, which are included in this SLR. Most of the articles are taken from Elsevier and IEEE electronic databases. IEEE is the largest Venus for data storage security in cloud computing. The ratio of the selected articles from different electronic databases is shown in Figure 3 .

Percentage of selected studies.

3.7. Quality Assessment Criteria

Quality checking/assessment is done in the 3 rd phase of the study selection process. A scale of 0-1 is used for the quality assessment (QA) of the articles.

Poor-quality articles get 0 points on the scale, and good-quality articles get 1 point on the scale. The articles with 1 point on the scale are included in this SLR. Hence, by applying the quality checking/assessment criteria on all the articles, we finally get 52 articles. All the selected papers have validity and novelty for different data protection techniques, and also, we find the relevance of the articles in the quality assessment criteria, which ensures that all the articles are related to the SLR (data storage protection and privacy in cloud computing). The quality checking (QC) criteria are given in Table 5 .

Quality checking criteria.

3.8. Taxonomy of the Data Protection Techniques

In this section, all the data protection techniques are depicted in Figure 4 . All the data protection techniques are arranged and classified in their related categories. The purpose of the taxonomy is to give a presentational view of all the data protection techniques. The data protection techniques are mainly divided into two categories, namely (1) noncryptographic techniques and (2) cryptographic techniques.

Taxonomy of the data protection techniques.

4. Results and Discussions

Data protection on the cloud is done by developing a third-party proxy that is trusted by the user. The trusted proxy is not a physical entity. It is a logical entity that can be developed on the user end (like on the user's personal computer) or at that location on which the user can trust. Mostly, all the local proxies are used as an additional service or as an additional module (like browser plugins). To fulfill the objective of data protection by proxies, some requirements are needed to fulfill necessarily. The requirements are given below:

• User privilege. There are several objectives of user privilege or user empowerment, however, the main objective is to increase the trust of the users in data protection proxies used by the cloud.
• Transparency. Another important objective is that when users outsource their sensitive data to trusted proxies, their data should remain the same and should not be altered.
• Cloud computing provides large computing power and cost saving resources. However, one concern is that if we increase data security, computation overhead should not increase. We want to minimize the computation overhead over the proxies.
• Cloud functionalities preservation. Cloud functionalities preservation is the most important objective. The users encrypt their sensitive data on their personal computers by applying different encryption techniques to increase the protection of their data, however, by applying these different encryption techniques, they are not able to avail some of the cloud functionalities because of compatibility issues [ 97 ]. Hence, it is the main issue.

Figure 5 provides a data workflow for protecting sensitive data on the cloud using a local proxy. There are different types of the assumption that are made for data protection, and some of them are discussed below.

• Curious CSPs, the most commonly used model in cloud computing, is given in the literature [ 98 ]. The cloud service provider honestly fulfills the responsibilities, i.e., they do not interfere in the user activities, and they only follow the stander protocols. The CSP is honest, however, sometimes, it is curious to analyze the users' queries and analyze their sensitive data, which is not good because it is against the protocol. Also, by this, the privacy of the user is compromised. Hence, we can avoid these things by applying some data protection techniques on the user end to protect the users' sensitive data from the CSPs.
• In some cases, CSPs may collaborate with data protection proxies that are present on the users' sides to increase the level of trust between the users and CSPs because better trust can motivate more users to move to the cloud. This collaboration can be done if CSPs provide some services to the users with a stable interface for storing, searching, and computing their data.
• A multicloud approach to cloud computing infrastructure has also been proposed to improve their performance. In this regard, multiple cloud computing services are provided in the same heterogeneous architecture [ 19 ]. A multicloud gives the user multiple different places to store their data at their desired location. There are several benefits to use a multicloud, e.g., it reduces reliance on a single CSP, which increases flexibility.

Data workflow on cloud using local proxy.

4.1. RQ1: What Type of Data Protection Techniques has Been Proposed in Cloud Computing?

In this session, we will discuss all the techniques for data storage security over the cloud. All these techniques are divided into two main categories, namely (i) cryptographic techniques and (ii) noncryptographic techniques. The local proxy uses different techniques to protect data that are stored on the cloud. Because of this reason, we cannot gain all the advantages of cloud services. Therefore, we analyze and compare all these techniques based on different criteria. These different criteria are as follows: (i) the data accuracy of all the techniques, (ii) the data protection level of all the techniques, (iii) all the functionalities these schemes allow on masked and unmasked data, and (iv) the overhead to encrypt and decrypt data over the cloud.

4.1.1. Noncryptographic Techniques

There are some noncryptographic techniques, and we discuss them in this paper as follows:

(1) Data Anonymization . Data anonymization is a data privacy technique used to protect a user's personal information. This technique hides the person's personal information by hiding the person's identifier or attributes that could reveal a person's identity. Data anonymization can be done by applying various mechanisms, for example, by removing or hiding identifiers or attributes. It can also be done by encrypting the user's personal information. The main purpose of performing data anonymization is that we can hide the identity of the person in any way. Data anonymity can be defined as the user's personal data being altered in such a way that we cannot directly or indirectly identify that person, and the CSP cannot retrieve any person's personal information. Data anonymization techniques have been developed in the field of statistical control disclosure. These techniques are most often used when we want to outsource sensitive data for testing purposes. Data anonymization is graphically represented in Figure 6 .

Data anonymization flow diagram.

Data anonymization techniques are most often used when we want to outsource sensitive data for testing purposes. For example, if some doctors want to diagnose certain diseases, some details of these diseases are required for this purpose. This information is obtained from the patients that suffer from these diseases, but it is illegal to share or disclose anyone's personal information. However, for this purpose, we use data anonymization technique to hide or conceal the person's personal information before outsourcing the data. In some cases, however, the CSP wants to analyze the user's masked data. In the data anonymization technique, attributes are the most important part. Attributes can include name, age, gender, address, salary, etc. Table 6 shows the identifiers classification.

Identifiers classification.

Data anonymization can be performed horizontally or vertically on this table and also on the record or group of records. The attributes are further classified into the following categories.

• Sensitive Attributes: sensitive attributes possess sensitive information of the person, such as salary, disease information, phone number, etc. These attributes are strongly protected by applying some protection techniques.
• Nonsensitive Attributes: these types of attributes do not belong to any type of category. Hence, they do not disclose the identity of a person.
• Identifiers: identifier belongs to the identity of a person, such as Id card, name, social security number, etc. Because of the presence of these identifiers, the relationship between different attributes can be detected. Hence, these identifiers must be replaced or anonymized.
• Quasi-Identifiers: quasi-identifiers are the group of identifiers that are available publicly, such as zip-code, designation, gender, etc. Separately, these identifiers cannot reveal the personal identity, however, by combining them, they may reveal the identity of the person. Hence, we want to separate these quasi-identifiers to avoid the discloser.

There are two main categories of data masking: (1) perturbative masking and (2) nonperturbative masking.

• (1) Perturbative Masking
• In perturbation, masking data is altered or masked with dummy datasets. Original data is replaced with dummy data, however, this data looks like the original data with some noise addition. The statistical properties of the original data are present in the masked data, however, nonperturbative masking does not contain the statistical properties of original data, because in perturbation masking, data is altered or masked with physically same but dummy data.
• Data swapping
• In data swapping, the data is randomly changed with the same but dummy data between different records [ 99 ]. However, if the numerical values are present in the dataset, then in certain limits, the values can be changed. Otherwise, the meaning of the data is changed. The masked data cannot look like the original data. For those attributes that can be ranked, the attribute is replaced with the nearby ranked attributes, and a very large difference between ranks is not suitable [ 100 ]. In data swapping, higher-level attributes are swapped [ 101 ] and individual values are not changed.
• Noise Addition
• In this mechanism, some noise is added to the original dataset to alter the original data. Noise is only added to the data that is continuous and divided into categories [ 102 ]. The noise is added into all the attributes that are present in the original dataset, such as sensitive attributes and also quasi-attributes.
• Microaggregation
• In this technique, all the relevant data is stored into different groups, and these different groups release average values from each record [ 103 ]. If a large number of similar records is present in different groups, then more data utility is done. We can cluster the data in many ways, e.g., in categorical versions [ 104 ]. Microaggregation is done on a quasi-attribute to protect these attributes from reidentification, and the quasi-attributes protect all the other attributes from reidentification. We can also minimize reidentification by data clustering [ 105 ].
• Pseudonymization
• In this method, the original data is replaced with artificial datasets [ 106 ]. In this technique, each attribute present in the original data is a pseudonym, and by doing this, data is less identifiable.
• (2) Nonperturbative Masking
• Nonperturbative masking does not change or alter the original data, however, it changes the statistical properties of the original data. Mask data is created by the reduction of the original data or suppressions of the original data [ 107 ].
• Bucketization
• In this method, original data is stored in different buckets, and these buckets are protected through encryption [ 108 ]. We can protect the sensitive attributes through bucketization.
• Data slicing is a method in which a larger group of data is divided into smaller slices or segments [ 109 ]. Hence, we can slice the data, and in this way, the sensitive attribute and the quasi-attributes are divided into different slices. By identifying the individual slice, the identity of the person cannot be disclosed.
• Sampling is a technique in which the population and sample concept is present. The entire data is called population, and the masked data is called a sample. In this technique, we make different samples of the original data. A smaller data sample provides more protection [ 110 ].
• Generalization
• It is a technique in which some additional attributes are added to the record. If the number of quasi-attributes is less rare, then some dummy attributes are added into the record, which look like the quasi-attributes. Hence, by doing this, reidentification becomes more difficult [ 111 ]. By applying generalization on data, we can protect the identity of a person because it hides the relationship between the quasi-attributes.

The summary of data anonymization techniques is given in Table 7 .

The summary of data anonymization techniques.

(2) Data Splitting . Data splitting is a technique in which sensitive data is divided into different fragments [ 112 ] to protect it from unauthorized access. In this technique, we first split the data into different fragments, then these fragments are randomly stored on different clouds. Even if the intruder gains access to a single fragment in any way, still the intruder will not be able to identify the person. For example, if an intruder gets a fragment from the cloud that contains the salary information of an organization, it is useless until he knows which salary belongs to which person. Hence, data splitting is a very useful technique for protecting data stored on the cloud.

Local proxies outsource data to the cloud without splitting the data, and they can also split the data first and then outsource to the same cloud using different accounts in the same CSP. It can also store data on different cloud platforms that run through different CSPs but provide some of the same services. Data is split before storing in different locations because even if some part or piece of data is known to an intruder, they will not be able to identify anyone.

Firstly, the local proxy retrieves sensitive data from the user and then calculates the risk factor for disclosure. In this method, the user can define the privacy level, and this privacy level provides information about all the sensitive attributes that can reveal someone's identity. These sensitive attributes are called quasi-attributes or quasi-identifiers. Next, the local proxy decides the number of pieces into which the sensitive data will be split and the number of locations that will be needed to store those pieces. Therefore, no one can reveal a person's identity, and all this information about the data splitting mechanism is stored at the local proxy. However, the system must be able to function properly and respond to the queries on time. After that, the local proxy stores these different data fragments in different cloud databases, and now, they are free from disclosure. The data-splitting mechanism supports almost all the functions of the cloud. Hence, we can use almost all the services provided by CSP using the data-splitting mechanism for storing data in the cloud.

When the users want to retrieve the original data, they process a query on a local proxy. The query is processed, and the data storage locations are retrieved from the local database. After that, the query is replicated as many times as the data is split into fragments, and these queries are forwarded to the relevant CSPs. As a result, each CSP provides a set of results that represent a partial view of the complete result. Finally, the proxy collects partial results according to the criteria used to split the data and provides the complete result to the user. Mostly, all these fragments are stored on different cloud databases in their original structure. Therefore, computation on these fragments can be performed easily. However, there is a problem if we want to perform computation separately on the individual fragment. Then, there is no algorithm that exists for this computation. Therefore, some algorithms are required to perform these types of computation as this computation requires communication between different CSPs. The redundancy of proxy metadata and backup policies must be essential to ensure the robustness of the mechanism. The data-splitting is graphically represented in Figure 7 .

Data-splitting flow diagram.

The summary of the data-splitting is given in Table 8 . Different data-splitting techniques are used for the protection of data stored on the cloud. Some of these are given below.

• Byte level splitting
• In this type, all the sensitive data is converted into bytes [ 113 ]. Then, these bytes are randomly shuffled with each other. After that, all the bytes are recombined. Fixed length fragments are made, and then, these fragments are stored on a different cloud.
• Privacy level splitting
• In this mechanism, the user chose the privacy level of each file [ 114 ] that is to be stored on a cloud database. Hence, a privacy level is attached with the file that is to be stored on the cloud. Using this privacy level, the user can decide that the higher privacy level files should be stored on the trusted cloud.
• Byte level splitting with replication
• Byte-level data splitting is combined with data replication to improve both performance and security. The author of the paper [ 115 ] proposed an algorithm to store the data fragments on different clouds, so that they are at a certain distance and by doing this; we can avoid confabulation attacks where the intruder can aggregate the split fragments.
• Byte level splitting with encryption
• Firstly, byte-level data splitting [ 116 , 117 ] is proposed. In this scheme, every fragment of data is encrypted to enhance the security of sensitive data. In this mechanism, the data is split into bytes, and these bytes are randomly shuffled and finally recombined. This type of data splitting is suitable for binary or multimedia files that are not processed through the cloud.
• Another problem is the length of a fragment in which we can say that the data cannot be reidentified or the identity of a person cannot be revealed. If the length is too short, then the probability of disclosure increases, and if the length is too long, then it is difficult to handle these fragments. Hence, it should have a certain length so that we can also protect the identity of a person.
• There is another type of data splitting in which we split data into attributes. The attribute level splitting is performed in two ways: one is horizontal splitting and the second is vertical splitting. These types of splitting are mostly done on structural databases, and they provide strong privacy.
• Vertical splitting
• In vertical data splitting [ 118 , 119 ], we divide quasi-identifiers or quasi-attributes in such a way that all the risky attributes are divided into different fragments to secure the reidentification. Some of the sensitive fragments required encryption on it. Hence, we can encrypt these fragments by applying some encryption algorithms or by applying some other privacy methods to increase the security level.

The summary of the data-splitting techniques.

A solution for sensitive data splitting without performing encryption on fragments is proposed [ 120 ]. This mechanism is suitable for data on which we want to perform some computation, because on encrypted data, we cannot perform computation directly. Another technique has been proposed [ 121 ], which demonstrates the redaction and sanitization of a document that identifies all sensitive attributes and protects the data in most documents.

The schemes that use vertical splitting to protect data are faster than other splitting techniques because data fragments consist of a single attribute or multiple attributes. It does not involve data masking or encryption. Hence, the computation is easy. There is another type of encryption in which we do not encrypt and decrypt every time to perform computation. It is called homomorphic encryption. In this case, all data modification is done on encrypted data, and actual data is not changed, however, the final result is preserved [ 122 ].

(3) Steganography . Steganography is the practice of concealing a message within another message or a physical object. In computing contexts, video, audio, image, message, or computer file is concealed within another image, message, or file. The steganography flow diagram is depicted in Figure 8 . There are two main types of steganography, namely (1) linguistic steganography and (2) technical steganography. These techniques are given as follows:

• (1) Linguistic Steganography
• It uses images and symbols alone to cover the data. There are two types of Semagrams [ 123 ]. The first is a visual Semagram. In this type, we can visualize the massage. The second type is a text Semagram. In this type, we change the font, color, or symbols of the text message.
• In this case, we hide the real message from the intruder by installing the original massage in an authorized carrier [ 124 ]. Open code technique is further divided into two types: one is jargon code, and the second is covered ciphers.
• (2) Technical Steganography
• Text steganography
• In this type, we change some textual characteristics of text, such as the font, color, or symbols of the text message [ 127 ]. Three coding techniques are used to change these textual features, which are as follows: (1) line-shift coding, (2) word-shift coding, and (3) feature coding.
• Image steganography
• It is the most popular type of steganography. Image steganography refers to the process of hiding sensitive data inside an image file [ 128 ]. The transformed image is expected to look very similar to the original image because the visible features of the stego image remain the same. The image steganography is divided into three parts, namely (1) least significant bits coding, (2) masking and filtering, and (3) transformations.
• Audio steganography
• Audio steganography is a technique that is used to transmit secret data by modifying a digitalized audio signal in an imperceptible manner [ 129 ]. Following types of audio steganography are given: (1) least significant bits coding, (2) phase coding, (3) spread spectrum, and (4) echo hiding.
• Video steganography
• In video steganography, both image and audio steganography are used [ 130 ]. A video consists of many frames. Hence, video steganography hides a large amount of data in carrier images. In this type of steganography, we select the specific frame in which we want to hide the sensitive data.
• (ii) Methods
• Frequency Domain
• A frequency-domain steganography technique is used for hiding a large amount of data with no loss of secret message, good invisibility, and high security [ 131 ]. In the frequency domain, we change the magnitude of all of the DCT coefficients of the cover image. There are two types of frequency domain: (1) discrete cosine transformation and (2) discrete wavelet transformation.
• Spatial Domain
• The spatial domain is based on the physical location of pixels in an image [ 132 ]. A spatial domain technique gives the idea of pixel regulation, which minimizes the progressions of a stego image created from the spread image. Some methods of the spatial domain are given as follows: (1) least significant bit, (2) pixel value differencing, (3) pixel indicator, (4) gray level modification, and (5) quantized indexed modulation.

Steganography flow diagram.

The summary of the steganographic techniques is given in Table 9 .

The summary of the steganographic techniques.

4.1.2. Cryptographic Techniques

Cryptography is the most important and most widely used technique for security purposes. In cryptography, the plain text is converted into ciphertext using a key and some encryption algorithms. Cryptographic techniques are the most secure techniques among all the other security techniques. Hence, these cryptography techniques are widely used in data storage security over the cloud. The present day's cryptography techniques are more realistic. We can achieve different objectives by applying these cryptographic techniques, for example, data confidentiality and data integrity. Because of an increase in the number of data breaches in the last few years, some cloud service provider companies are shifting toward cryptographic techniques to achieve more security. The most commonly used cryptographic technique is AES [ 133 ]. Key management is an important issue in cryptographic techniques because if the key is hacked by an intruder, then all the data will be hacked or stolen by this intruder. Hence, key protection or key management is a very important issue. Therefore, it is mostly the responsibility of CSP to manage the key and also provide the protection of key. Cryptographic techniques also protect the user from an untrusted CSP because sometimes the CSP outsources sensitive data without taking the permission of users, and it is an illegal activity. Hence, to avoid these things and protect our sensitive data from untrusted CSPs, we use cryptographic techniques, and it is the best option for users. However, there are some difficulties the user has to face while using cryptographic techniques, i.e., if a user wants to update a small amount of data, the user needs to decrypt the data and then perform this minor update. Hence, this work is very costly. Over time, implementing cryptographic techniques gives us a higher level of security, however, we compromise on performance or speed. It all depends on the user, the standard, the performance, or the high level of security the user wants to achieve. In this paper, we are focusing on the four main functionalities that are required or needed on cloud computing when using cryptographic techniques. Figure 9 shows the flow diagram of encryption.

Encryption flow diagram.

Some of the main functionalities of cryptographic functions are given below.

• Search on encrypted data
• If a user wants to retrieve their data stored in a cloud database, they generate a query and run the query on a local proxy server and search for the data they want. Searching for encrypted data is a very important part of cryptography because every user who stores their sensitive data in a cloud database wants to retrieve it, and it is done by searching their sensitive data through queries. Therefore, the procedure of retrieving their data is very difficult.
• Storage control
• Sometimes the user wants to store data in a desired location or trusted database. Hence, the user must have full control over the storage of data.
• Access control
• It is a very important control and is referred to as data access restriction. Sometimes, the user does not want to share a private file publicly. Hence, access control is an important functionality.
• Computation on data
• Data computation is the main functionality of cloud computing. Sometimes, the user wants to perform some computation on data that are stored on a cloud database. For example, if a user wants to perform computation on encrypted data that is stored on cloud databases, then there are two ways. One is that the user, firstly, decrypts the entire data, performs computation on the data, and finally, the user encrypts the entire data and stores on the cloud database. This process is very expensive in terms of computation.

Some of the cryptographic techniques are as follows:

(1) Homomorphic Encryption . Homomorphic encryption is a form of encryption that permits users to perform computations on encrypted data without decrypting it. These resulting computations are left in an encrypted form, which, when decrypted, result in an identical output to that produced had the operations been performed on the unencrypted data. There are some types of homomorphic encryption that are described below.

• Partial Homomorphic Encryption
• In partial homomorphic encryption, only one arithmetic function addition or multiplication is performed at one time. If the resultant ciphertext is the addition of the plain text, then it is called an additive homomorphic scheme, and if the resultant ciphertext is the multiplication of the plaintext, then it is called the multiplicative homomorphic scheme. Two multiplicative homomorphic schemes are given as in [ 134 , 135 ]. There is one additive homomorphic scheme that is called Paillier [ 136 ].
• Somewhat Homomorphic Encryption
• This technique allows the user to perform the multiplication and subtraction mathematical operations. However, this scheme allows a limited number of arithmetic operations, because if it allows a large number of arithmetic operations, then it produces noise. This noise changes the structure of the original data. Hence, limited numerical math operations are allowed. There is a somewhat homomorphic encryption scheme that is presented by the authors of the papers [ 137 , 138 ]. In this scheme, the time of encryption and decryption is increased when multiplication operations are increased. To avoid this increase in time, we allow only a limited number of mathematical operations.
• Fully Homomorphic Encryption
• This technique allows a large number of arithmetic operations, namely multiplication and subtraction. Multiplication and addition in this technique are performed in the form of XOR and AND gates [ 139 ]. Completely homomorphic encryption techniques require a higher computation time to encrypt and decrypt data. Therefore, this technique is not applicable in real-life applications for implementation. This technique uses a bootstrapping algorithm when a large number of multiplication operations is performed on data and also for the decryption of the data it is used. Homomorphic encryption, on the other hand, represents the trade-off between operations and speed performance. Only a limited number of arithmetic operations are allowed if someone wants low computation, and a large number of arithmetic operations are allowed if someone wants high security. It depends on the needs of the user.

(2) Searchable Encryption . A searchable encryption technique is proposed by the author of the paper [ 140 ]. In this technique, before storing data on a cloud database, encryption is performed, and after that, it is stored on the cloud. The advantage of this technique is that when we search for some data over the cloud database, this technique provides a secure search over the cloud database.

• Searchable Asymmetric Encryption
• Over the past two decades, we have focused on searchable encryption. Much of the work is related to the multiwriter and single-reader cases. Searchable encryption is also called public keyword search encryption along with keyword search (PEKS) [ 141 ].
• Searchable Symmetric Encryption
• Symmetric-key algorithms use the same key for massage encryption and ciphertext decryption. The keys can be the same, or there can be a simple transformation to go between the two keys. Verifiable searchable symmetric encryption, as a key cloud security technique, allows users to retrieve encrypted data from the cloud with keywords and verify the accuracy of the returned results. Another scheme is proposed for keyword search over dynamic encrypted cloud data with a symmetric-key-based verification scheme [ 142 ].

(3) Encryption . In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can decipher a ciphertext back to plaintext and access the original information.

• Symmetric Key Encryption
• Only one key is used in symmetric encryption to encrypt and decrypt the message. Two parties that communicate through symmetric encryption should exchange the key so that it can be used in the decryption process. This method of encryption differs from asymmetric encryption, where a pair of keys is used to encrypt and decrypt messages. A secure transmission method of network communication data based on symmetric key encryption algorithm is proposed in [ 143 ].
• Public Key Encryption
• The public-key encryption scheme is proposed by the author of the paper [ 144 ]. In this scheme, a public key pair is created by the receiver. This public key pair consists of two keys. One is called a public key, which is known publicly to everyone, and the second is the private key, which is kept a secret. Hence, in this scheme, the sender performs encryption on the data using the public key of the receiver and then sends this encrypted data to the receiver. After receiving this encrypted data, the receiver can decrypt this data using the private key. Hence, in this way, we can perform secure communication between two parties.
• Identity-Based Encryption
• Identity-based encryption is proposed by the author of the paper [ 145 ]. In this technique, a set of users is registered on the database and a unique identity is assigned to all the registered users by an admin that controls this scheme. The identity of the users can be represented by their name or their e-mail address. Just like in a public-key encryption, there is a public key pair that consists of one public key, which is the identity of the user, and one private key, which is a secret key. Just like in public-key encryption, the receiver cannot generate their public key in identity-based encryption. The identity cannot be generated by the user. There is a central authority that generates and manage the user's identity. The identity-based encryption is improved by the author [ 146 ]. The main advantage of identity-based encryption is that anyone can generate the public key of a given identity with the help of the central main authority.
• Attribute-Based Encryption
• The authors of the papers [ 147 , 148 ] propose a technique called attribute-based encryption. Similar to identity-based encryption, attribute-based encryption also depends on the central main authority. The central main authority generates the private key and distributes it to all the registered users. It can be encrypting the messages, however, if it does not have this designation, then it cannot be generating the messages. Attribute-based encryption is used when the number of registered users is very large. Then, the attribute-based encryption is useful. The attribute-based encryption consists of two schemes, which are key policy and ciphertext policy.
• Functional Encryption
• A functional encryption technique [ 149 , 150 ] consists of identity-based encryption, attribute-based encryption, and public-key encryption. All the functionalities of these three techniques combinedly make function encryption. In this technique, all the private keys are generated by the central main authority, which is associated with a specific function. Functional encryption is a very powerful encryption technique that holds all the functionalities of three encryption techniques. A functional encryption technique is used in many applications.

(4) Signcryption . Cryptography is publicly open-source, and it functions simultaneously as a digital signature and cipher. Cryptography and digital signatures are two basic encryption tools that can ensure confidentiality, integrity, and immutability. In [ 151 ], a new scheme called signature, encryption and encryption is proposed, based on effectively verifiable credentials. The system not only performs encryption and encryption but also provides an encryption or signature form only when needed [ 152 ]. The paper proposes lightweight certificate-based encryption using a proxy cipher scheme (CSS) for smart devices connected to an IoT network to reduce computing and communications costs. To ensure the security and efficiency of the proposed CBSS project, we used a cipher system encoded with 80 bit subparameters. Reference [ 153 ] proposes an input control scheme for the IoT environment using a cryptographic scheme corresponding to the efficiency and robustness of the UK security system. The proposed scheme shows that besides security services, such as protection against attacks, confidentiality, integrity, nonblocking, nondisclosure, and confidentiality, accounting and communication costs are low compared to the current scheme. Document [ 154 ] gives the informal and formal security proof of the proposed scheme. Automated Validation of Internet Security Protocols and Applications (AVISPA) tool is used for formal security analysis, which confirms that the proposed CB-PS scheme can potentially be implemented for resource-constrained low-computing electronic devices in E-prescription systems. The proposed scheme [ 155 ] introduced a new concept that does not require a reliable channel. The main production center sends a part of the private key to the public consumers. The summary of the cryptographic schemes is given in Table 10 .

The summary of the cryptographic techniques.

All data storage protection on cloud computing is discussed in session 3. There are a lot of data protection techniques, however, all these techniques are only divided into three main categories, namely (i) data splitting, (ii) data anonymization, and (iii) cryptography. From different points views, we discuss all these techniques, e.g., overhead on the local proxy, computation cost, search on encrypted data, data accuracy all these techniques retained, and data protection level all these techniques have, and all the masked data techniques have the functionalities. These are some different views, and by considering them, we can analyze all the data protection techniques. Cryptography provides high-level security but limited cloud functionalities and a high cost of performing computation on cloud data. Data splitting provide low computation cost but a low level of security. Data anonymization is of two types: one is perturbative masking, and the second is nonperturbative masking. Hence, in perturbative masking, data is altered with dummy data. Hence, security is high, however, we cannot perform some functionalities.

4.2. RQ2: What are the Demographic Characteristics of the Relevant Studies?

We answer this question by considering the four following aspects: (i) publication trend, (ii) publication venues (proceeding and journals), (iii) number of citations, and (iv) author information.

4.2.1. Publication Trend

From 2010 to 2021, we found 52 papers that were of top ranked journals and conferences. From 2010 to 2017, there is linear work in cloud computing, however, after 2017, a lot of work is done in cloud computing data security. From 2018 to 2021, 37 papers are published. After 2018, the trend about data security in cloud computing increased very vastly. Most of the work is done in 2021. High-ranked studies are published in 2021. Figure 10 shows all trends of all the publications from 2010. Most of the articles are published in journals venue, and the highest number of papers have been published in IEEE Access journal. 6 papers were published in this journal.

Number of publications per year.

4.2.2. Publication Venues

There are different types of publication venues, and some of them are book articles, conference proceedings, journals, workshop proceedings, and symposium proceedings. Hence, in our SLR, the number of publications in a different venue is given in Figure 11 . We have a total of 52 papers after applying the inclusion and exclusion criteria in Section 2 .

Publication venues.

Out of 52 papers, 0 papers are published in book chapters. 1 paper is published in workshop proceedings. 0 papers are published in symposium proceedings. 43 papers are published in journals. 8 papers are published in conference proceedings. There are some most active journals in cloud data security, which are enlisted in Table 11 .

Top 5 most active journals.

The most active journal is the IEEE Access. In this journal, 6 papers are published. Journal of Cryptology is the second most active journal in the field of data storage, security, and privacy in cloud computing. In this journal, 3 papers are published. In the third journal, i.e., in the Journal of Information Fusion, 3 papers are published. The fourth journal is the Information Science. In this journal, 2 papers are published. The fifth journal is IEEE Transactions on Knowledge and Data Engineering, and in this journal, 2 papers are published. Most active conferences are given in Table 12 .

Top 5 most active conferences.

4.2.3. Number of Citations

The number of citations of a paper also tells the quality of the paper. The more the number of citations, the higher the quality, and the fewer the number of citations of the paper, the lower the paper quality. Table 13 shows the most influential authors, and Figure 12 shows the number of citations of all the papers that we have used in this SLR. Few papers have citations of more than 100. Hence, it shows that papers have a very high quality, and hence, the citation of those papers is very high. These papers are [ 105 , 118 , 124 , 139 ].

Number of citations of the papers.

Top 10 most influential authors in data protection in cloud computing.

4.2.4. Author Information

Some authors are most active in their publication. To identify these authors, we enlist the names of the top 10 authors that are more active in the field of data protection and privacy in cloud computing. Hence, we enlist the names of the top 10 authors and also their numbers of publications in Table 13 .

4.3. RQ3: Which Data Protection Technique Provides More Data Protection among all the Techniques?

We answer this question by considering the following four aspects: (i) publication trend, (ii) publication venues (proceeding and journals), (iii) number of citations, and (iv) author information.

4.3.1. Comparison of Data Protection Techniques

In this section, we compare all the data protection techniques that are discussed in this SLR, and finally, we review which technique is better and provides more protection among all these data protection techniques. We compare these techniques based on different functionalities, which are given as (i) local proxy overhead, (ii) data accuracy retain, (iii) level of data protection, (iv) transparency, and (v) operation supported, and finally, we discuss RQ2. Table 14 depicts a comparison of all the data protection techniques and provides a brief comparison of all the data protection techniques discussed in this SLR. Now, we discuss all these five functionalities one by one in more detail.

• The overhead on the local proxy for encryption is very high because the data is encrypted. If the user wants to update the data, firstly, the user decrypts the data and then updates the data. After that, the user encrypts the data again. Hence, this operation requires a lot of time, and all this work is performed by the local proxy. It is the reason the overhead on the local proxy for encryption is very high for encryption.
• Data Splitting
• The overhead on a local proxy for data splitting is very low. The local proxy overhead remains constant while splitting data into fragments.
• Anonymization
• The overhead on a local proxy for anonymization is average because most of the anonymization methods require quasilinear computation in the number of records to generate the anonymized data set. Whenever the anonymized data is generated and stored in the cloud database, then there is no overhead on the local proxy.
• Homomorphic Encryption
• The overhead on local proxies for homomorphic encryption is very high because homomorphic encryption involves a large number of mathematical operations. Therefore, there is a lot of overhead on local proxies for homomorphic encryption.
• Steganography
• The overhead on the local proxy for steganography is not too much as the data is concealed inside the cover for secure communication. However, based on the complexity of the operation in the transformed domain technique, the local proxy overhead is more than the spatial domain technique.
• Signcryption
• The overhead on the local proxy for signcryption is high compared to the simple encryption because in signcryption, hashing and encryption are performed in a single logical step. Because of an extra operation in signcryption, the overhead on the local proxy is higher than the simple encryption.
• The data accuracy level for encryption is very high because data is encrypted by applying some algorithms. The sensitive data is encrypted by the sender, and this data is decrypted by the receiver using a key. This data cannot be read by anyone who does not have the secret key. Therefore, data accuracy is very high for encryption.
• The data accuracy level for data splitting is average because data-splitting data is present in the form of fragments. Therefore, CSP can easily access the fragments of data. Both encryption and data splitting are irreversible methods. Hence, we can retrieve the original data easily.
• The data accuracy level for data anonymization is very low because anonymization is not irreversible. In anonymization, data is replaced with dummy data, and it cannot be retrieved back. Therefore, anonymization has a very low level of data accuracy.
• The data accuracy level for homomorphic encryption is very high because data is encrypted by applying some algorithms.
• The data accuracy level for steganography is very low as compared to the other cryptographic techniques because data is embedded inside the cover of another medium. Any change in the cover during transmission results in the change of the concealed data. Therefore, it is hard to ensure a high accuracy level in steganography. The stego image contains the secrete data that is transmitted over the communication channel. Data concealed by the sender is extracted from the cover by the receiver. Therefore, the concealment of data results in accurate data transmission.
• The data accuracy level for signcryption is also very high, because in signcryption, confidentiality and authentication are achieved. Therefore, we can also verify the identity of the sender.
• The level of data protection is very high for encryption techniques, because in encryption, data is changed into ciphertext, which cannot be understood. Therefore, we can say that the identification of data is impossible without decryption using a secret key because encryption is a one-way function that is easy to execute in one direction, however, it is impossible to execute in the opposite direction.
• The level of data protection for data splitting is less high as compared to cryptographic techniques because data is split into different fragments, and these fragments contain original forms of data. Hence, if an intruder hacks or steal these fragments, then the untired data can be easily read. Hence, the data protection level is not high as compared to encrypted methods.
• The level of data protection for data anonymization is less high as compared to cryptographic techniques, because in anonymization techniques, quasi-identifiers are protected if the quasi-identifiers are not protected strongly. Then, there is a change in the reidentification of person-sensitive data.
• The level of data protection is very high for homomorphic encryption techniques because encryption data is changed into ciphertext, which cannot be understood.
• The data protection level for steganography is medium because data is embedded inside the cover of another medium. The stego image contains the secrete data that is transmitted over the communication channel. Data concealed by the sender is extracted from the cover by the receiver. Therefore, the concealment of data results in secure data transmission.
• The data protection level for signcryption is also very high, because in signcryption, both confidentiality and authentication are achieved. Therefore, we can also verify the identity of the sender.
• There is no transparency for the encrypted data, because in encryption, there is a need for key management. Hence, the local proxy needs to keep the records of all the keys and manage all these keys. Therefore, there is no transparency for the encrypted data.
• There is no transparency for the data-splitting mechanism, because in the data-splitting mechanism, data is split into different fragments, and the local proxy stores these fragments in different locations. Hence, there is a need to keep the record of the location of all the fragments that are stored on different locations.
• Anonymization is fully transparent, because in anonymization, there is no need to keep the record of data storage by the local proxy. In anonymization, data is statistically similar to the original data. Hence, CSP also performs computation and some analysis on the anonymized data.
• There is no transparency for the homomorphically encrypted data, because in encryption, there is a need for key management. Hence, the local proxy needs to keep the records of all the keys.
• In steganography, as compared to other data protection techniques, the main aim is to transmit data without letting the attacker know about the data transmission as it is concealed inside the cover of another medium. The data transmission in steganography is fully transparent. No key management is required, and there is no need to keep track of data storage.
• There is no transparency for the signcrypted data, because in signcryption, there is a need for key management. Hence, the local proxy needs to keep the records of all the keys and also manage all these keys.
• Only the data storage operation is supported on the encrypted data, because if the user wants to update some encrypted data that are stored on a cloud database, firstly, the user needs to decrypt this data, and then the user performs an update on this data. We cannot perform any modification operation on encrypted data.
• All the operations cloud be performed on data splitting, because in data splitting, the data is present in their original structure. Hence, we can perform data storage, search, data update, and also data computation.
• In anonymization, there are two types of data anonymization: one is data masking, and the second is data nonmasking. If data is nonmasked, then we can perform data storage and search on this data. Otherwise, we can only perform data storage.
• Only the data storage operation is supported on the encrypted data, because if the user wants to update some encrypted data that are stored on the cloud database, firstly, the user needs to decrypt this data, and then the user performs some updates on this data.
• A stego image only supports data storage operations because if the user wants to update the data hidden in a stego image, the user, firstly, retrieves that data from the stego image, and the user can perform any modification on this data.
• Only the data storage operation is supported on the signcrypted data, because if the user wants to update signcrypted data that are stored on the cloud database, firstly, the user needs to unsign this data, and then the user can perform any update on this data.

Comparison of data protection techniques.

5. Conclusion and Future Work

5.1. rq4: what are the primary findings, research challenges, and direction for future work in the field of data privacy in cloud computing, 5.1.1. conclusion and research challenges.

In this SLR, we have presented all the data privacy techniques related to data storage on cloud computing systematically, and we also present a comparison among all the protection techniques concerning the five finalities, which are the (i) local proxy overhead, (ii) data accuracy retains, (iii) level of data protection, (iv) transparency, and (v) operation supported. There are some research gaps we found in all these techniques of data splitting, anonymization, steganography, encryption, homomorphic encryption, and signcryption.

• There is a very strong need to develop some ad hoc protocols for the communication of data splitting fragments that are stored on different CSPs, and also, there is a strong need to develop some protocol for the communication between different CSPs. Noncryptographic techniques are faster on different CSPs but do not provide enough security. Hence, we can improve security by developing some methods for data-splitting techniques.
• Anonymity techniques work very effectively on a small amount of data but not for big data. Hence, there is a search gap in which we can develop some anonymity techniques to achieve more efficient performance. Therefore, some anonymous schemes need to be developed, which provide stronger protection to the quasi-identifier. Current anonymity techniques are very immature.
• One of the limitations of steganography is that one can only use it to defend against a third party who does not know steganography. If the third party knows steganography, it can extract the data in the same way that the recipient extracts it. Therefore, we always use encryption with steganography. Therefore, there is a need to develop such steganography techniques that can protect sensitive data from third parties.
• There is a need to develop some cryptographic techniques that can take less time than the existing cryptographic techniques to perform search and computation operation on encrypted data. Cryptographic techniques provide high security but low computational utility. Therefore, it is a search gap to develop some techniques that provide both high security with more efficiency.
• The complexity of homomorphic encryption and decryption is far greater than that of normal encryption and decryption, and it is not applicable to many applications, such as healthcare and time-sensitive applications. Therefore, there is an urgent need to develop such homomorphic encryption schemes that have low complexity and computation cost.
• Signcryption is used to verify and authenticate users. We can obtain confidentiality and authentication using signcryption, however, the main limitation of signcryption is that the calculation costs of the encryption algorithm used in signcryption are very high. Therefore, there is a need to develop such signcryption schemes that use such encryption algorithms, which have low computation cost.

Acknowledgments

This research was financially supported by The Analytical Center for the Government of the Russian Federation (Agreement nos. 70-2021- 00143 dd. 01.11.2021, IGK 000000D730321P5Q0002).

Data Availability

Conflicts of interest.

The authors declare that there are no conflicts of interest regarding the publication of this paper.

A Critical Review and Analysis of Load Balancing Methods in Cloud Computing Environment

• Published: 06 August 2024

Cite this article

• Anjali Choudhary 1 ,
• Ranjit Rajak   ORCID: orcid.org/0000-0003-2746-3278 1 &
• Shiv Prakash 2  

17 Accesses

Explore all metrics

In the present times, the concept of cloud computing has played a significant role at the global level. With this approach, users can able to customize their services as per their needs. By having the connection of internet users can get able to serve various kinds of services like on-demand access, storage space, software building platforms, data recovery, etc., and pay only for that service that they have consumed. Enormous challenges in the cloud domain such as fault tolerance, energy efficiency, scheduling, resource provisioning, load balancing, etc. This paper is focused on load balancing domain. This can be defined as a redistribution of the workload among various available virtual machines in such an identical manner that would lead to a balanced state. This paper presents the evaluative and inclusive review of numerous load balancing (LB) methods. Quality of services(QoS) is vital role that contain various parameters to evaluate the load balancing methods in respect of makespan, speedup, cost, throughput, etc. This paper is highlighted numerous of load balancing methods with their brief explaination, platform used, different simulator and tools used by these methods and based on QoS parameters.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Subscribe and save.

• Get 10 units per month
• Download Article/Chapter or eBook
• 1 Unit = 1 Article or 1 Chapter
• Cancel anytime

Price includes VAT (Russian Federation)

Instant access to the full article PDF.

Rent this article via DeepDyve

Institutional subscriptions

Similar content being viewed by others

Analysis of Load Balancing Algorithms Used in the Cloud Computing Environment: Advantages and Limitations

Survey of Different Load Balancing Approach-Based Algorithms in Cloud Computing: A Comprehensive Review

A Systematic Review on Load Balancing Tools and Techniques in Cloud Computing

Data availability.

Availability at [ 14 , 15 , 16 , 17 , 18 , 19 , 20 , 21 , 22 , 23 ].

Code Availability

http://www.cloudbus.org/gridsim/ .

Ekanayake, J., & Fox G. (2009). High performance parallel computing with clouds and cloud technologies. International Conference on Cloud Computing . Springer, Heidelberg.

Rajak, N., & Shukla, D. (2019). Comparative study of cloud computing and mobile cloud computing. International Journal Of Engineering Sciences & Research Technology , 7 (3).

Mell, P., & Grance, T. (2011). The NIST Definition of Cloud Computing . NIST Special Publication 800– 145.

Pachghare, V. K. (2016) Cloud computing . PHI.

De, D. (2016). Mobile Cloud Computing: Architecture, Algorithms and Applications . CRC Press, Taylor and Francis Group.

Darji, V., Shah, J., & Mehta, R. (2014). Survey paper on various load balancing algorithms in cloud computing. International Journal of Scientific & Engineering Research , 5 (5), 583–588.

Google Scholar  

He, J. (2022). Cloud computing load balancing mechanism taking into account load balancing ant colony optimization algorithm. Computational Intelligence and Neuroscience 2022.

Alkhatib, Ahmad, A. A., et al. (2021). Load balancing techniques in cloud computing: Extensive review. Advances in Science Technology and Engineering Systems Journal , 6 (2), 860–870.

Article   Google Scholar  

Calheiros, R. N., Ranjan, R., Beloglazov, A., De Rose, C. A., & Buyya, R. (2011). CloudSim: A toolkit for modeling and simulation of cloud computing environments and evaluation of resource provisioning algorithms. SoftwPractExp , 41 (1), 23–50.

Sankeerthi, S., & Sudha, K. (2018). Effective analysis of load balancing algorithms in cloud. International Journal of Scientific Research in Computer Science, Engineering and Information Technology , 3 (1), 1436–1442.

Simaiya, D., & Paul, R. K. (2018). Review of various performcae evaluation issues and efficient load balancing for cloud computing. International Journal of Scientific Research in Computer Science, Engineering and Information Technology , 3 (3), 943–951.

Choudhary, A., & Rajak, R. (2024). A novel strategy for deterministic workflow scheduling with load balancing using modified min-min heuristic in cloud computing environment. Cluster Computing . https://doi.org/10.1007/s10586-024-04307-8

Mishra, S. K., et al. (2018). Load balancing in cloud computing: A big picture. Journal of King Saud University Computer and Information Sciences . https://doi.org/10.1016/j.jksuci.2018.01.003 .

Haidri, R. A., Katti, C. P., Saxena, P. C. (2021). Capacity based deadline aware dynamic load balancing (CPDALB) model in cloud computing environment. International Journal of Computers and Applications , 43 (10), 987–1001.

Haidri, R. A., et al. (2022). A deadline aware load balancing strategy for cloud computing. Concurrency and Computation: Practice and Experience , 34 (1), e6496.

Rajak, N., Rajak, R., & Prakash, S. (2022). A workflow scheduling method for cloud computing platform. Wireless Personal Communication , 126 , 3625–3647. https://doi.org/10.1007/s11277-022-09882-w

Braun, T. D., Siegel, H. J., Beck, N., et al. (2001). A comparison of eleven static heuristics for mapping a class of independent tasks onto heterogeneous distributed computing systems. J Parallel DistribComput , 61 , 810–837.

Pop, F., Dobre, C., & Cristea, V. (2009). Genetic algorithm for DAG scheduling in grid environments. In: 2009 IEEE 5th International Conference on Intelligent Computer Communication and Processing . pp 299–305.

Canon, L. C., & Jeannot, E. (2009). Evaluation and optimization of the robustness of DAG schedules in heterogeneous environments. IEEE Transactions on Parallel and Distributed Systems , 21 (4), 532–546.

Article   MathSciNet   Google Scholar  

Darbha, S., Dharma, P., & Agrawal (1994). SDBS: A task duplication based optimal scheduling algorithm. Proceedings of IEEE Scalable High-Performance Computing Conference . IEEE.

Sinnen, O. (2007). Task scheduling for parallel systems . Wiley.

Kumar, M. S., Gupta, I., & Jana, P. K. (2017). Delay-based workflow scheduling for cost optimization in heterogeneous cloud system. 2017 Tenth International Conference on Contemporary Computing (IC3) . IEEE.

Gupta, I., Kumar, M. S., & Jana P. K. (2018). Efficient workflow scheduling algorithm for cloud computing system: A dynamic priority-based approach. Arabian Journal for Science and Engineering , 43 (12), 7945–7960.

Rajak, R., Kumar, S., Prakash, S., Rajak, N., & Dixit, P. (2023). A novel technique to optimize quality of service for directed acyclic graph (DAG) scheduling in cloud computing environment using heuristic approach. The Journal of Supercomputing , 79 , 1956–1979. https://doi.org/10.1007/s11227-022-04729-4

Babbar, H., Rani, S., Masud, M., Verma, S., Anand, D., & Jhanjhi, N. (2021). Load balancing algorithm for migrating switches in software-defined vehicular networks. CMC-Comput Mater Continua , 67 (1), 1301–1316.

Lu, Y., Xie, Q., Kliot, G., Geller, A., Larus, J. R., & Greenberg, A. (2011). Join-Idle-Queue: A novel load balancing algorithm for dynamically scalable web services. Perform Eval , 68 (11), 1056–1071.

Hwang, K. (2005). Advanced Computer Architecture: Parallelism, Scalability, Programmability . 5th reprint. New Delhi:TMH Publishing Company, pp. 51–104.

Ramezani, F., Lu, J., & Hussain, F. K. (2014). Task-based system load balancing in cloud computing using particle swarm optimization. International Journal of Parallel Programming , 42 (5), 739–754.

Dam, S., Mandal, G., Dasgupta, K., & Dutta, P. (2015). Genetic algorithm and gravitational emulation based hybrid load balancing strategy in cloud computing. Proceedings of the 2015 Third International Conference on Computer Communication Control and Information Technology (C3IT) , 1–7. https://doi.org/10.1109/C3IT.2015.7060176 .

Pan, K., & Chen, J. (2015). Load balancing in cloud computing environment based on an improved particle swarm optimization. In: 6th IEEE International Conference on Software Engineering and Service Science (ICSESS) , IEEE, pp 595–598.

Yakhchi, M., Ghafari, S. M., Yakhchi, S., Fazeli, M., & Patooghi, A. (2015). Proposing a load balancing method based on Cuckoo Optimization Algorithm for energy management in cloud computing infrastructures. In 2015 6th International Conference on Modeling, Simulation, and Applied Optimization (ICMSAO) . pp. 1–5, IEEE, May.

Zhu, Y., Zhao, D., Wang, W., & He, H. (2016). A novel load balancing algorithm based on improved particle swarm optimization in cloud computing environment. In: International Conference on Human-Centered Computing . Springer, pp. 634–645.

Mittal, S., & Katal, A. (2016). An optimized task scheduling algorithm in cloud computing. In IEEE 6th International Conference on Advanced Computing (IACC) . (pp. 197–202). IEEE. https://doi.org/10.1109/IACC.2016.45 .

Khan, Z., Alam, M., & Haidri, R. A. (2017). Effective Load balancing in cloud computing. International Journal of Electrical & Computer Engineering 7 (5), 2757–2765.

Kaur, G., & Kaur, K. (2017). An adaptive firefly algorithm for load balancing in cloud computing. In Proceedings of Sixth International Conference on Soft Computing for Problem Solving. Advances in Intelligent Systems and Computing , vol 546. Springer. https://doi.org/10.1007/978-981-10-3322-3_7 .

Ebadifard, F., & Babamir, S. M. (2018). A PSO-based task scheduling algorithm improved using a load‐balancing technique for the cloud computing environment. Concurrency and Computation: Practice and Experience , 30(12), e4368.

Gupta, A., & Garg, R. (2017). Load balancing based task scheduling with ACO in cloud computing. In 2017 International Conference on Computer and Applications (ICCA) , pp. 174–179, IEEE.

Mishra, S. K., Sahoo, B., Parida, P. P. (2020). Load balancing in cloud computing: A big picture. Journal of King Saud University - Computer and Information Sciences , 32 (2), 149–158.

Kulkarni, S. V., & Kodli, S. B. (2018). Improved effective load balancing technique for cloud. International Journal of Scientific Research in Science and Technology , 4 (9), 368–375.

Ritu, G., & Shukla, N. (2018). Energy efficient scheduling for multiple workflows in Cloud Environment. International Journal of Information Technology and Web Engineering , 13 , 14–34. https://doi.org/10.4018/IJITWE.2018070102 .

Mohanty, S., et al. (2019). An approach for load balancing in cloud computing using JAYA algorithm. International Journal of Information Technology and Web Engineering (IJITWE) , 14 (1), 27–41.

Joshi, N., & Gupta, D. (2019). A comparative study on load balancing algorithms in software defined networking. In N. Kumar & R. Venkatesha Prasad (Eds.), Ubiquitous communications and network computing. UBICNET 2019 . Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering (Vol. 276). Cham: Springer. https://doi.org/10.1007/978-3-030-20615-4_11

Jamali, S., Badirzadeh, A., Siapoush, M. S. (2019). On the use of the genetic programming for balanced load distribution in software-defined networks. Digital Communications and Networks , 5 (4), 288–296. https://doi.org/10.1016/j.dcan.2019.10.002 .

Sharma, S.C.M., Rath, A.K. & Parida, B.R. (2022). Efficient load balancing techniques for multi-datacenter cloud milieu. International Journal of Information Technology , 14 , 979–989.

Mishra, K., & Majhi, S. K. (2021). A binary bird swarm optimization based load balancing algorithm for cloud computing environment. Open Computer Science , 11 (1), 146–160.

Babbar, H., Parthiban, S., Radhakrishnan, G., & Rani, S. (2022). A genetic load balancing algorithm to improve the QoS metrics for software defined networking for multimedia applications. Multimedia Tools and Applications , 81 , 9111–9129. https://doi.org/10.1007/s11042-021-11467-x .

Calheiros, R. N. (2009). Cloudsim: A novel framework for modeling and simulation of cloud computing infrastructures and services. arXiv preprint arXiv:0903.2525.

Wickremasinghe, B., Calheiros, R. N., & Buyya, R. (2010). CloudAnalyst: A cloudsim-based visual modeller for analysing cloud computing environments and applications. In 433-659 Distributed Computing Project . University of Melbourne.

Patel, H., & Patel, R. (2015). Cloud analyst: An insight of service broker policy. International Journal of Advanced Research in Computer and Communication Engineering , 4 (1), 122–127.

Simatos, C. (2002). Making simjava count. MSc. Project report . The University of Edinburgh.

Yazdi, N. T., & Yong, C. H. (2015). Simulation of Multi-agent Approach in Multi-cloud Environment using Matlab. 2015 Seventh International Conference on Computational Intelligence Modelling and Simulation (CIMSim) , 77–79. https://doi.org/10.1109/CIMSim.2015.22 .

Team, M. (2012). Mininet: An instant virtual network on your laptop (or other pc).

Alshammari, D., Singer, J., & Storer, T. (2018). Performance evaluation of cloud computing simulation tools. IEEE 3rd International Conference on Cloud Computing and Big Data Analysis (ICCCBDA) , pp. 522–526, https://doi.org/10.1109/ICCCBDA.2018.8386571 .

Fox, G., & Furmanski, W. (1997). Java and Web Technologies for Simulation and Modelling in Computational Science and Engineering.

Esquembre, F. (2004). Easy Java simulations: A software tool to create scientific simulations in Java. Computer Physics Communications , 156 , 199–204. https://doi.org/10.1016/S0010-4655(03)00440-5 .

Mittal, S., & Suri, P. K. (2012). A comparative study of various Computing Processing environments: A review. International Journal of Computer Science and Information Technologies (IJCSIT) , 3 , 5215–5218.

Download references

Not Applicable.

Author information

Authors and affiliations.

Department of Computer Science and Applications, Dr. HarisinghGour Central University, Sagar, India

Anjali Choudhary & Ranjit Rajak

Allahabad University, Prayagraj, India

Shiv Prakash

You can also search for this author in PubMed   Google Scholar

Corresponding author

Correspondence to Ranjit Rajak .

Ethics declarations

Competing interests.

The authors declare no competing interests.

Additional information

Publisher’s note.

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Choudhary, A., Rajak, R. & Prakash, S. A Critical Review and Analysis of Load Balancing Methods in Cloud Computing Environment. Wireless Pers Commun (2024). https://doi.org/10.1007/s11277-024-11479-4

Download citation

Accepted : 15 July 2024

Published : 06 August 2024

DOI : https://doi.org/10.1007/s11277-024-11479-4

Share this article

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

• Cloud computing
• Load balancing
• QoS parameters
• Find a journal
• Publish with us
• Track your research

• Cloud Computing

Top 10 Cloud Computing Research Topics of 2024

Home Blog Cloud Computing Top 10 Cloud Computing Research Topics of 2024

Cloud computing is a fast-growing area in the technical landscape due to its recent developments. If we look ahead to 2024, there are new research topics in cloud computing that are getting more traction among researchers and practitioners. Cloud computing has ranged from new evolutions on security and privacy with the use of AI & ML usage in the Cloud computing for the new cloud-based applications for specific domains or industries. In this article, we will investigate some of the top cloud computing research topics for 2024 and explore what we get most out of it for researchers or cloud practitioners. To master a cloud computing field, we need to check these Cloud Computing online courses .

Why Cloud Computing is Important for Data-driven Business?

The Cloud computing is crucial for data-driven businesses because it provides scalable and cost-effective ways to store and process huge amounts of data. Cloud-based storage and analytical platform helps business to easily access their data whenever required irrespective of where it is located physically. This helps businesses to take good decisions about their products and marketing plans. 

Cloud computing could help businesses to improve their security in terms of data, Cloud providers offer various features such as data encryption and access control to their customers so that they can protect the data as well as from unauthorized access. 

Few benefits of Cloud computing are listed below: 

• Scalability: With Cloud computing we get scalable applications which suits for large scale production systems for Businesses which store and process large sets of data.
• Cost-effectiveness : It is evident that Cloud computing is cost effective solution compared to the traditional on-premises data storage and analytical solutions due to its scaling capacity which leads to saving more IT costs. 
• Security : Cloud providers offer various security features which includes data encryption and access control, that can help businesses to protect their data from unauthorized access.
• Reliability : Cloud providers ensure high reliability to their customers based on their SLA which is useful for the data-driven business to operate 24X7. 

Top 10 Cloud Computing Research Topics

1. neural network based multi-objective evolutionary algorithm for dynamic workflow scheduling in cloud computing.

Cloud computing research topics are getting wider traction in the Cloud Computing field. These topics in the paper suggest a multi-objective evolutionary algorithm (NN-MOEA) based on neural networks for dynamic workflow scheduling in cloud computing. Due to the dynamic nature of cloud resources and the numerous competing objectives that need to be optimized, scheduling workflows in cloud computing is difficult. The NN-MOEA algorithm utilizes neural networks to optimize multiple objectives, such as planning, cost, and resource utilization. This research focuses on cloud computing and its potential to enhance the efficiency and effectiveness of businesses' cloud-based workflows.

The algorithm predicts workflow completion time using a feedforward neural network based on input and output data sizes and cloud resources. It generates a balanced schedule by taking into account conflicting objectives and projected execution time. It also includes an evolutionary algorithm for future improvement.

The proposed NN-MOEA algorithm has several benefits, such as the capacity to manage dynamic changes in cloud resources and the capacity to simultaneously optimize multiple objectives. The algorithm is also capable of handling a variety of workflows and is easily expandable to include additional goals. The algorithm's use of neural networks to forecast task execution times is a crucial component because it enables the algorithm to generate better schedules and more accurate predictions.

The paper concludes by presenting a novel multi-objective evolutionary algorithm-based neural network-based approach to dynamic workflow scheduling in cloud computing. In terms of optimizing multiple objectives, such as make span and cost, and achieving a better balance between them, these cloud computing dissertation topics on the proposed NN-MOEA algorithm exhibit encouraging results.

Key insights and Research Ideas:

Investigate the use of different neural network architectures for predicting the future positions of optimal solutions. Explore the use of different multi-objective evolutionary algorithms for solving dynamic workflow scheduling problems. Develop a cloud-based workflow scheduling platform that implements the proposed algorithm and makes it available to researchers and practitioners.

2. A systematic literature review on cloud computing security: threats and mitigation strategies 

This is one of cloud computing security research topics in the cloud computing paradigm. The authors then provide a systematic literature review of studies that address security threats to cloud computing and mitigation techniques and were published between 2010 and 2020. They list and classify the risks and defense mechanisms covered in the literature, as well as the frequency and distribution of these subjects over time.

The paper suggests the data breaches, Insider threats and DDoS attack are most discussed threats to the security of cloud computing. Identity and access management, encryption, and intrusion detection and prevention systems are the mitigation techniques that are most frequently discussed. Authors depict the future trends of machine learning and artificial intelligence might help cloud computing to mitigate its risks. 

The paper offers a thorough overview of security risks and mitigation techniques in cloud computing, and it emphasizes the need for more research and development in this field to address the constantly changing security issues with cloud computing. This research could help businesses to reduce the amount of spam that they receive in their cloud-based email systems.

Explore the use of blockchain technology to improve the security of cloud computing systems. Investigate the use of machine learning and artificial intelligence to detect and prevent cloud computing attacks. Develop new security tools and technologies for cloud computing environments. 

3. Spam Identification in Cloud Computing Based on Text Filtering System

A text filtering system is suggested in the paper "Spam Identification in Cloud Computing Based on Text Filtering System" to help identify spam emails in cloud computing environments. Spam emails are a significant issue in cloud computing because they can use up computing resources and jeopardize the system's security. 

To detect spam emails, the suggested system combines text filtering methods with machine learning algorithms. The email content is first pre-processed by the system, which eliminates stop words and stems the remaining words. The preprocessed text is then subjected to several filters, including a blacklist filter and a Bayesian filter, to identify spam emails.

In order to categorize emails as spam or non-spam based on their content, the system also employs machine learning algorithms like decision trees and random forests. The authors use a dataset of emails gathered from a cloud computing environment to train and test the system. They then assess its performance using metrics like precision, recall, and F1 score.

The findings demonstrate the effectiveness of the proposed system in detecting spam emails, achieving high precision and recall rates. By contrasting their system with other spam identification systems, the authors also show how accurate and effective it is. 

The method presented in the paper for locating spam emails in cloud computing environments has the potential to improve the overall security and performance of cloud computing systems. This is one of the interesting clouds computing current research topics to explore and innovate. This is one of the good Cloud computing research topics to protect the Mail threats. 

Create a stronger spam filtering system that can recognize spam emails even when they are made to avoid detection by more common spam filters. examine the application of artificial intelligence and machine learning to the evaluation of spam filtering system accuracy. Create a more effective spam filtering system that can handle a lot of emails quickly and accurately.

4. Blockchain data-based cloud data integrity protection mechanism 

The "Blockchain data-based cloud data integrity protection mechanism" paper suggests a method for safeguarding the integrity of cloud data and which is one of the Cloud computing research topics. In order to store and process massive amounts of data, cloud computing has grown in popularity, but issues with data security and integrity still exist. For the proposed mechanism to guarantee the availability and integrity of cloud data, data redundancy and blockchain technology are combined.

A data redundancy layer, a blockchain layer, and a verification and recovery layer make up the mechanism. For availability in the event of server failure, the data redundancy layer replicates the cloud data across multiple cloud servers. The blockchain layer stores the metadata (such as access rights) and hash values of the cloud data and access control information

Using a dataset of cloud data, the authors assess the performance of the suggested mechanism and compare it to other cloud data protection mechanisms. The findings demonstrate that the suggested mechanism offers high levels of data availability and integrity and is superior to other mechanisms in terms of processing speed and storage space.

Overall, the paper offers a promising strategy for using blockchain technology to guarantee the availability and integrity of cloud data. The suggested mechanism may assist in addressing cloud computing's security issues and enhancing the dependability of cloud data processing and storage. This research could help businesses to protect the integrity of their cloud-based data from unauthorized access and manipulation.

Create a data integrity protection system based on blockchain that is capable of detecting and preventing data tampering in cloud computing environments. For enhancing the functionality and scalability of blockchain-based data integrity protection mechanisms, look into the use of various blockchain consensus algorithms. Create a data integrity protection system based on blockchain that is compatible with current cloud computing platforms. Create a safe and private data integrity protection system based on blockchain technology.

5. A survey on internet of things and cloud computing for healthcare

This article suggests how recent tech trends like the Internet of Things (IoT) and cloud computing could transform the healthcare industry. It is one of the Cloud computing research topics. These emerging technologies open exciting possibilities by enabling remote patient monitoring, personalized care, and efficient data management. This topic is one of the IoT and cloud computing research papers which aims to share a wider range of information. 

The authors categorize the research into IoT-based systems, cloud-based systems, and integrated systems using both IoT and the cloud. They discussed the pros of real-time data collection, improved care coordination, automated diagnosis and treatment.

However, the authors also acknowledge concerns around data security, privacy, and the need for standardized protocols and platforms. Widespread adoption of these technologies faces challenges in ensuring they are implemented responsibly and ethically. To begin the journey KnowledgeHut’s Cloud Computing online course s are good starter for beginners so that they can cope with Cloud computing with IOT. 

Overall, the paper provides a comprehensive overview of this rapidly developing field, highlighting opportunities to revolutionize how healthcare is delivered. New devices, systems and data analytics powered by IoT, and cloud computing could enable more proactive, preventative and affordable care in the future. But careful planning and governance will be crucial to maximize the value of these technologies while mitigating risks to patient safety, trust and autonomy. This research could help businesses to explore the potential of IoT and cloud computing to improve healthcare delivery.

Examine how IoT and cloud computing are affecting patient outcomes in various healthcare settings, including hospitals, clinics, and home care. Analyze how well various IoT devices and cloud computing platforms perform in-the-moment patient data collection, archival, and analysis. assessing the security and privacy risks connected to IoT devices and cloud computing in the healthcare industry and developing mitigation strategies.

6. Targeted influence maximization based on cloud computing over big data in social networks

Big data in cloud computing research papers are having huge visibility in the industry. The paper "Targeted Influence Maximization based on Cloud Computing over Big Data in Social Networks" proposes a targeted influence maximization algorithm to identify the most influential users in a social network. Influence maximization is the process of identifying a group of users in a social network who can have a significant impact or spread information. 

A targeted influence maximization algorithm is suggested in the paper "Targeted Influence maximization based on Cloud Computing over Big Data in Social Networks" to find the most influential users in a social network. The process of finding a group of users in a social network who can make a significant impact or spread information is known as influence maximization.

Four steps make up the suggested algorithm: feature extraction, classification, influence maximization, and data preprocessing. The authors gather and preprocess social network data, such as user profiles and interaction data, during the data preprocessing stage. Using machine learning methods like text mining and sentiment analysis, they extract features from the data during the feature extraction stage. Overall, the paper offers a promising strategy for maximizing targeted influence using big data and Cloud computing research topics to look into. The suggested algorithm could assist companies and organizations in pinpointing their marketing or communication strategies to reach the most influential members of a social network.

Key insights and Research Ideas: 

Develop a cloud-based targeted influence maximization algorithm that can effectively identify and influence a small number of users in a social network to achieve a desired outcome. Investigate the use of different cloud computing platforms to improve the performance and scalability of cloud-based targeted influence maximization algorithms. Develop a cloud-based targeted influence maximization algorithm that is compatible with existing social network platforms. Design a cloud-based targeted influence maximization algorithm that is secure and privacy-preserving.

7. Security and privacy protection in cloud computing: Discussions and challenges

Cloud computing current research topics are getting traction, this is of such topic which provides an overview of the challenges and discussions surrounding security and privacy protection in cloud computing. The authors highlight the importance of protecting sensitive data in the cloud, with the potential risks and threats to data privacy and security. The article explores various security and privacy issues that arise in cloud computing, including data breaches, insider threats, and regulatory compliance.

The article explores challenges associated with implementing these security measures and highlights the need for effective risk management strategies. Azure Solution Architect Certification course is suitable for a person who needs to work on Azure cloud as an architect who will do system design with keep security in mind. 

Final take away of cloud computing thesis paper by an author points out by discussing some of the emerging trends in cloud security and privacy, including the use of artificial intelligence and machine learning to enhance security, and the emergence of new regulatory frameworks designed to protect data in the cloud and is one of the Cloud computing research topics to keep an eye in the security domain. 

Develop a more comprehensive security and privacy framework for cloud computing. Explore the options with machine learning and artificial intelligence to enhance the security and privacy of cloud computing. Develop more robust security and privacy mechanisms for cloud computing. Design security and privacy policies for cloud computing that are fair and transparent. Educate cloud users about security and privacy risks and best practices.

8. Intelligent task prediction and computation offloading based on mobile-edge cloud computing

This Cloud Computing thesis paper "Intelligent Task Prediction and Computation Offloading Based on Mobile-Edge Cloud Computing" proposes a task prediction and computation offloading mechanism to improve the performance of mobile applications under the umbrella of cloud computing research ideas.

An algorithm for offloading computations and a task prediction model makes up the two main parts of the suggested mechanism. Based on the mobile application's usage patterns, the task prediction model employs machine learning techniques to forecast its upcoming tasks. This prediction is to decide whether to execute a specific task locally on the mobile device or offload the computation of it to the cloud.

Using a dataset of mobile application usage patterns, the authors assess the performance of the suggested mechanism and compare it to other computation offloading mechanisms. The findings demonstrate that the suggested mechanism performs better in terms of energy usage, response time, and network usage.

The authors also go over the difficulties in putting the suggested mechanism into practice, including the need for real-time task prediction and the trade-off between offloading computation and network usage. Additionally, they outline future research directions for mobile-edge cloud computing applications, including the use of edge caching and the integration of blockchain technology for security and privacy. 

Overall, the paper offers a promising strategy for enhancing mobile application performance through mobile-edge cloud computing. The suggested mechanism might improve the user experience for mobile users while lowering the energy consumption and response time of mobile applications. These Cloud computing dissertation topic leads to many innovation ideas. 

Develop an accurate task prediction model considering mobile device and cloud dynamics. Explore machine learning and AI for efficient computation offloading. Create a robust framework for diverse tasks and scenarios. Design a secure, privacy-preserving computation offloading mechanism. Assess computation offloading effectiveness in real-world mobile apps.

9. Cloud Computing and Security: The Security Mechanism and Pillars of ERPs on Cloud Technology

Enterprise resource planning (ERP) systems are one of the Cloud computing research topics in particular face security challenges with cloud computing, and the paper "Cloud Computing and Security: The Security Mechanism and Pillars of ERPs on Cloud Technology" discusses these challenges and suggests a security mechanism and pillars for protecting ERP systems on cloud technology.

The authors begin by going over the benefits of ERP systems and cloud computing as well as the security issues with cloud computing, like data breaches and insider threats. They then go on to present a security framework for cloud-based ERP systems that is built around four pillars: access control, data encryption, data backup and recovery, and security monitoring. The access control pillar restricts user access, while the data encryption pillar secures sensitive data. Data backup and recovery involve backing up lost or failed data. Security monitoring continuously monitors the ERP system for threats. The authors also discuss interoperability challenges and the need for standardization in securing ERP systems on the cloud. They propose future research directions, such as applying machine learning and artificial intelligence to security analytics.

Overall, the paper outlines a thorough strategy for safeguarding ERP systems using cloud computing and emphasizes the significance of addressing security issues related to this technology. Organizations can protect their ERP systems and make sure the Security as well as privacy of their data by implementing these security pillars and mechanisms. 

Investigate the application of blockchain technology to enhance the security of cloud-based ERP systems. Look into the use of machine learning and artificial intelligence to identify and stop security threats in cloud-based ERP systems. Create fresh security measures that are intended only for cloud-based ERP systems. By more effectively managing access control and data encryption, cloud-based ERP systems can be made more secure. Inform ERP users about the security dangers that come with cloud-based ERP systems and how to avoid them.

10. Optimized data storage algorithm of IoT based on cloud computing in distributed system

The article proposes an optimized data storage algorithm for Internet of Things (IoT) devices which runs on cloud computing in a distributed system. In IoT apps, which normally generate huge amounts of data by various devices, the algorithm tries to increase the data storage and faster retrials of the same. 

The algorithm proposed includes three main components: Data Processing, Data Storage, and Data Retrieval. The Data Processing module preprocesses IoT device data by filtering or compressing it. The Data Storage module distributes the preprocessed data across cloud servers using partitioning and stores it in a distributed database. The Data Retrieval module efficiently retrieves stored data in response to user queries, minimizing data transmission and enhancing query efficiency. The authors evaluated the algorithm's performance using an IoT dataset and compared it to other storage and retrieval algorithms. Results show that the proposed algorithm surpasses others in terms of storage effectiveness, query response time, and network usage. 

They suggest future directions such as leveraging edge computing and blockchain technology for optimizing data storage and retrieval in IoT applications. In conclusion, the paper introduces a promising method to improve data archival and retrieval in distributed cloud based IoT applications, enhancing the effectiveness and scalability of IoT applications.

Create a data storage algorithm capable of storing and managing large amounts of IoT data efficiently. Examine the use of cloud computing to improve the performance and scalability of data storage algorithms for IoT. Create a secure and privacy-preserving data storage algorithm. Assess the performance and effectiveness of data storage algorithms for IoT in real-world applications.

How to Write a Perfect Research Paper?

• Choose a topic: Select the topic which is interesting to you so that you can share things with the viewer seamlessly with good content. 
• Do your research: Read books, articles, and websites on your topic. Take notes and gather evidence to support your arguments.
• Write an outline: This will help you organize your thoughts and make sure your paper flows smoothly.
• Start your paper: Start with an introduction that grabs the reader's attention. Then, state your thesis statement and support it with evidence from your research. Finally, write a conclusion that summarizes your main points.
• Edit and proofread your paper. Make sure you check the grammatical errors and spelling mistakes. 

Cloud computing is a rapidly evolving area with more interesting research topics being getting traction by researchers and practitioners. Cloud providers have their research to make sure their customer data is secured and take care of their security which includes encryption algorithms, improved access control and mitigating DDoS – Deniel of Service attack etc., 

With the improvements in AI & ML, a few features developed to improve the performance, efficiency, and security of cloud computing systems. Some of the research topics in this area include developing new algorithms for resource allocation, optimizing cloud workflows, and detecting and mitigating cyberattacks.

Cloud computing is being used in industries such as healthcare, finance, and manufacturing. Some of the research topics in this area include developing new cloud-based medical imaging applications, building cloud-based financial trading platforms, and designing cloud-based manufacturing systems.

Frequently Asked Questions (FAQs)

Data security and privacy problems, vendor lock-in, complex cloud management, a lack of standardization, and the risk of service provider disruptions are all current issues in cloud computing. Because data is housed on third-party servers, data security and privacy are key considerations. Vendor lock-in makes transferring providers harder and increases reliance on a single one. Managing many cloud services complicates things. Lack of standardization causes interoperability problems and restricts workload mobility between providers. 

Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) are the cloud computing scenarios where industries focusing right now. 

The six major components of cloud infrastructure are compute, storage, networking, security, management and monitoring, and database. These components enable cloud-based processing and execution, data storage and retrieval, communication between components, security measures, management and monitoring of the infrastructure, and database services.  

Vinoth Kumar P

Vinoth Kumar P is a Cloud DevOps Engineer at Amadeus Labs. He has over 7 years of experience in the IT industry, and is specialized in DevOps, GitOps, DevSecOps, MLOps, Chaos Engineering, Cloud and Cloud Native landscapes. He has published articles and blogs on recent tech trends and best practices on GitHub, Medium, and LinkedIn, and has delivered a DevSecOps 101 talk to Developers community , GitOps with Argo CD Webinar for DevOps Community. He has helped multiple enterprises with their cloud migration, cloud native design, CICD pipeline setup, and containerization journey.

Avail your free 1:1 mentorship session.

Something went wrong

Upcoming Cloud Computing Batches & Dates

• Trending Now
• Foundational Courses
• Data Science
• Practice Problem
• Machine Learning
• System Design
• DevOps Tutorial

Top 15 Cloud Computing Research Topics in 2024

Cloud computing has suddenly seen a spike in employment opportunities around the globe with tech giants like Amazon , Google , and Microsoft hiring people for their cloud infrastructure . Before the onset of cloud computing , companies and businesses had to set up their own data centers , and allocate resources and other IT professionals thereby increasing the cost. The rapid development of the cloud has led to more flexibility , cost-cutting , and scalability .

The Cloud Computing market is at an all-time high with the current market size at USD 371.4 billion and is expected to grow up to USD 832.1 billion by 2025 ! It’s quickly evolving and gradually realizing its business value along with attracting more and more researchers , scholars , computer scientists , and practitioners. Cloud computing is not a single topic but a composition of various techniques which together constitute the cloud . Below are 10 of the most demanded research topics in the field of cloud computing .

What is Cloud Computing?

Cloud computing is the practice of storing and accessing data and applications on remote servers hosted over the internet, as opposed to local servers or the computer’s hard drive. Cloud computing, often known as Internet-based computing, is a technique in which the user receives a resource as a service via the Internet. Files, photos, documents, and other storable documents can all be considered types of data that are stored.

Let us look at the latest in cloud computing research for 2024! We’ve compiled 15 important cloud computing research topics that are changing how cloud computing is used.

1. Big Data

Big data refers to the large amounts of data produced by various programs in a very short duration of time. It is quite cumbersome to store such huge and voluminous amounts of data in company-run data centers . Also, gaining insights from this data becomes a tedious task and takes a lot of time to run and provide results, therefore cloud is the best option. All the data can be pushed onto the cloud without the need for physical storage devices that are to be managed and secured. Also, some popular public clouds provide comprehensive big data platforms to turn data into actionable insights.

DevOps is an amalgamation of two terms, Development and Operations . It has led to Continuous Delivery , Integration, and Deployment therefore reducing boundaries between the development team and the operations team . Heavy applications and software need elaborate and complex tech stacks that demand extensive labor to develop and configure which can easily be eliminated by cloud computing . It offers a wide range of tools and technologies to build , test , and deploy applications within a few minutes and a single click. They can be customized as per the client’s requirements and can be discarded when not in use hence making the process seamless and cost-efficient for development teams .

3. Cloud Cryptography

Data in the cloud needs to be protected and secured from foreign attacks and breaches . To accomplish this, cryptography in the cloud is a widely used technique to secure data present in the cloud . It allows users and clients to easily and reliably access the shared cloud services since all the data is secured using either encryption techniques or by using the concept of the private key . It can make the plain text unreadable and limit the view of the data being transferred. Best cloud cryptographic security techniques are the ones that do not compromise the speed of data transfer and provide security without delaying the exchange of sensitive data.

4. Cloud Load Balancing

It refers to splitting and distributing the incoming load to the server from various sources. It permits companies and organizations to govern and supervise workload demands or application demands by redistributing, reallocating, and administering resources between different computers, networks, or servers. Cloud load balancing encompasses holding the circulation of traffic and demands that exist over the Internet. This reduces the problem of sudden outages, results in an improvement in overall performance, has rare chances of server crashes and also provides an advanced level of security. Cloud-based server farms can accomplish more precise scalability and accessibility using the server load balancing mechanism . Due to this, the workload demands can be easily distributed and controlled.

5. Mobile Cloud Computing

It is a mixture of cloud computing , mobile computing , and wireless network to provide services such as seamless and abundant computational resources to mobile users, network operators, and cloud computing professionals. The handheld device is the console and all the processing and data storage takes place outside the physical mobile device. Some advantages of using mobile cloud computing are that there is no need for costly hardware, battery life is longer, extended data storage capacity and processing power, improved synchronization of data, and high availability due to “store in one place, accessible from anywhere”. The integration and security aspects are taken care of by the backend that enables support to an abundance of access methods.

6. Green Cloud Computing

The major challenge in the cloud is the utilization of energy-efficient and hence develop economically friendly cloud computing solutions. Data centers that include servers , cables , air conditioners , networks , etc. in large numbers consume a lot of power and release enormous quantities of Carbon Dioxide in the atmosphere. Green Cloud Computing focuses on making virtual data centers and servers to be more environmentally friendly and energy-efficient. Cloud resources often consume so much power and energy leading to a shortage of energy and affecting the global climate. Green cloud computing provides solutions to make such resources more energy efficient and to reduce operational costs. This pivots on power management , virtualization of servers and data centers, recycling vast e-waste , and environmental sustainability .

7. Edge Computing

It is the advancement and a much more efficient form of Cloud computing with the idea that the data is processed nearer to the source. Edge Computing states that all of the computation will be carried out at the edge of the network itself rather than on a centrally managed platform or data warehouse. Edge computing distributes various data processing techniques and mechanisms across different positions. This makes the data deliverable to the nearest node and the processing at the edge . This also increases the security of the data since it is closer to the source and eliminates late response time and latency without affecting productivity

8. Containerization

Containerization in cloud computing is a procedure to obtain operating system virtualization . The user can work with a program and its dependencies utilizing remote resource procedures . The container in cloud computing is used to construct blocks, which aid in producing operational effectiveness , version control , developer productivity , and environmental stability . The infrastructure is upgraded since it provides additional control over the granular activities of the resources. The usage of containers in online services assists storage with cloud computing data security, elasticity, and availability. Containers provide certain advantages such as a steady runtime environment , the ability to run virtually anywhere, and the low overhead compared to virtual machines .

9. Cloud Deployment Model

There are four main cloud deployment models namely public cloud , private cloud , hybrid cloud , and community cloud . Each deployment model is defined as per the location of the infrastructure. The public cloud allows systems and services to be easily accessible to the general public . The public cloud could also be less reliable since it is open to everyone e.g. Email. A private cloud allows systems and services to be accessible inside an organization with no access to outsiders. It offers better security due to its access restrictions. A hybrid cloud is a mixture of private and public clouds with critical activities being performed using the private cloud and non-critical activities being performed using the public cloud. Community cloud allows systems and services to be accessible by a group of organizations.

10. Cloud Security

Since the number of companies and organizations using cloud computing is increasing at a rapid rate, the security of the cloud is a major concern. Cloud computing security detects and addresses every physical and logical security issue that comes across all the varied service models of code, platform, and infrastructure. It collectively addresses these services, however, these services are delivered in units, that is, the public, private, or hybrid delivery model. Security in the cloud protects the data from any leakage or outflow, theft, calamity, and removal. With the help of tokenization, Virtual Private Networks , and firewalls , data can be secured.

11. Serverless Computing

Serverless computing is a way of running computer programs without having to manage the underlying infrastructure. Instead of worrying about servers, networking, and scaling, you can focus solely on writing code to solve your problem. In serverless computing, you write small pieces of code called functions. These functions are designed to do specific tasks, like processing data, handling user requests, or performing calculations. When something triggers your function, like a user making a request to your website or a timer reaching a certain time, the cloud provider automatically runs your function for you. You don’t have to worry about setting up servers or managing resources.

12. Cloud-Native Applications

Modern applications built for the cloud , also known as cloud-native applications , are made so to take full advantage of cloud computing environments . Instead of bulky programs like monolithic systems , they’re built to prioritize flexibility , easy scaling , reliability , and constant updates . This modular approach allows them to adapt to changing needs by growing or shrinking on demand, making them perfect for the ever-shifting world of cloud environments. Deployed in various cloud environments like public, private, or hybrid clouds, they’re optimized to make the most of cloud-native technologies and methodologies . Instead of one big chunk, they’re made up of lots of smaller pieces called microservices .

13. Multi-Cloud Management

Multi-cloud management means handling and controlling your stuff (like software, data, and services) when they’re spread out across different cloud companies, like Amazon, Google, or Microsoft. It’s like having a central command center for your cloud resources spread out across different cloud services. Multi-cloud gives you the freedom to use the strengths of different cloud providers. You can choose the best service for each specific workload, based on factors like cost, performance, or features. This flexibility allows you to easily scale your applications up or down as required by you. Managing a complex environment with resources spread across multiple cloud providers can be a challenge. Multi-cloud management tools simplify this process by providing a unified view and standardized management interface.

14. Blockchain in Cloud Computing

Cloud computing provides flexible storage and processing power that can grow or shrink as needed. Blockchain keeps data secure by spreading it across many computers. When we use them together, blockchain apps can use the cloud’s power for big tasks while keeping data safe and transparent. This combo boosts cloud data security and makes it easy to track data. It also lets people manage their identities without a central authority. However, there are challenges like making sure different blockchain and cloud systems work well together and can handle large amounts of data.

15. Cloud-Based Internet of Things (IoT)

Cloud-based Internet of Things (IoT) refers to the integration of cloud computing with IoT devices and systems. This integration allows IoT devices to leverage the computational power, storage, and analytics capabilities of cloud platforms to manage, process, and analyze the vast amounts of data they generate. The cloud serves as a central hub for connecting and managing multiple IoT devices, regardless of their geographical location. This connectivity is crucial for monitoring and controlling devices remotely.

Also Read Cloud computing Research challenges 7 Privacy Challenges in Cloud Computing Difference Between Cloud Computing and Fog Computing

Cloud computing has helped businesses grow by offering greater scalability , flexibility , and saving money by charging less money for the same job. As cloud computing is having a great growth period right now, it has created lots of employment opportunities and research work is done is different areas which is changing the future of this technology. We have discussed about the top 15 cloud computing research topics . You can try to explore and research in these areas to contribute to the growth of cloud computing technology .

Please Login to comment...

Similar reads.

• Cloud-Computing

Improve your Coding Skills with Practice

What kind of Experience do you want to share?

MIT Technology Review

• Newsletters

Advancing to adaptive cloud

An adaptive cloud approach offers enterprises a unified and robust data infrastructure, customizable to support its future features and use cases.

• MIT Technology Review Insights archive page

In partnership with Microsoft Azure and AMD

For many years now, cloud solutions have helped organizations streamline their operations, increase their scalability, and reduce costs. Yet, enterprise cloud investment has been fragmented, often lacking a coherent organization-wide approach. In fact, it’s not uncommon for various teams across an organization to have spun up their own cloud projects, adopting a wide variety of cloud strategies and providers, from public and hybrid to multi-cloud and edge computing.

The problem with this approach is that it often leads to “a sprawling set of systems and disparate teams working on these cloud systems, making it difficult to keep up with the pace of innovation,” says Bernardo Caldas, corporate vice president of Azure Edge product management at Microsoft. In addition to being an IT headache, a fragmented cloud environment leads to technological and organizational repercussions.

A complex multi-cloud deployment can make it difficult for IT teams to perform mission-critical tasks, such as applying security patches, meeting regulatory requirements, managing costs, and accessing data for data analytics. Configuring and securing these types of environments is a challenging and time-consuming task. And ad hoc cloud deployments often culminate in systems incompatibility when one-off pilots are ready to scale or be combined with existing products.

Without a common IT operations and application development platform, teams can’t share lessons learned or pool important resources, which tends to cause them to become increasingly siloed. “People want to do more with their data, but if their data is trapped and isolated in these different systems, it can make it really hard to tap into the data for insights and to accelerate progress,” says Caldas.

As the pace of change accelerates, however, many organizations are adopting a new adaptive cloud approach—one that will enable them to respond quickly to evolving consumer demands and market fluctuations while simplifying the management of their complex cloud environments.

An adaptive strategy for success

Heralding a departure from yesteryear’s fragmented cloud environments, an adaptive cloud approach unites sprawling systems, disparate silos, and distributed sites into a single operations, development, security, application, and data model. This unified approach empowers organizations to glean value from cloud-native technologies, open source software such as Linux, and AI across hybrid, multi-cloud, edge, and IoT.

“You’ve got a lot of legacy software out there, and for the most part, you don't want to change production environments,” says David Harmon, director of software engineering at AMD. “Nobody wants to change code. So while CTOs and developers really want to take advantage of all the hardware changes, they want to do nothing to their code base if possible, because that change is very, very expensive.”

An adaptive cloud approach answers this challenge by taking an agnostic approach to the environments it brings together on a single control plane. By seamlessly collecting disparate computing environments, including those that run outside of hyperscale data centers, the control plane creates greater visibility across thousands of assets, simplifies security enforcement, and allows for easier management.

An adaptive cloud approach enables unified management of disparate systems and resources, leading to improved oversight and control. An adaptive approach also creates scalability, as it allows organizations to meet the fluctuating demands of a business without the risk of over-provisioning or under-provisioning resources.

There are also clear business advantages to embracing an adaptive cloud approach. Consider, for example, an operational technology team that deploys an automation system to accelerate a factory’s production capabilities. In a fragmented and distributed environment, systems often struggle to communicate. But in an adaptive cloud environment, a factory’s automation system can easily be connected to the organization’s customer relationship management system, providing sales teams with real-time insights into supply-demand fluctuations.

A united platform is not only capable of bringing together disparate systems but also of connecting employees from across functions, from sales to engineering. By sharing an interconnected web of cloud-native tools, a workforce’s collective skills and knowledge can be applied to initiatives across the organization—a valuable asset in today’s resource-strapped and talent-scarce business climate.

Using cloud-native technologies like Kubernetes and microservices can also expedite the development of applications across various environments, regardless of an application’s purpose. For example, IT teams can scale applications from massive cloud platforms to on-site production without complex rewrites. Together, these capabilities “propel innovation, simplify complexity, and enhance the ability to respond to business opportunities,” says Caldas.

The AI equation

From automating mundane processes to optimizing operations, AI is revolutionizing the way businesses work. In fact, the market for AI reached $184 billion in 2024 —a staggering increase from nearly $50 billion in 2023, and it is expected to surpass $826 billion in 2030.

But AI applications and models require high-quality data to generate high-quality outputs. That’s a challenging feat when data sets are trapped in silos across distributed environments. Fortunately, an adaptive cloud approach can provide a unified data platform for AI initiatives.

“An adaptive cloud approach consolidates data from various locations in a way that’s more useful for companies and creates a robust foundation for AI applications,” says Caldas. “It creates a unified data platform that ensures that companies’ AI tools have access to high-quality data to make decisions.”

Another benefit of an adaptive cloud approach is the ability to tap into the capabilities of innovative tools such as Microsoft Copilot in Azure. Copilot in Azure is an AI companion that simplifies how IT teams operate and troubleshoot apps and infrastructure. By leveraging large language models to interact with an organization’s data, Copilot allows for deeper exploration and intelligent assessment of systems within a unified management framework.

Imagine, for example, the task of troubleshooting the root cause of a system anomaly. Typically, IT teams must sift through thousands of logs, exchanging a series of emails with colleagues, and reading documentation for answers. Copilot in Azure, however, can cut through this complexity by easing anomaly detection of unanticipated system changes while, at the same time, providing recommendations for speedy resolution.

“Organizations can now interact with systems using chat capabilities, ask questions about environments, and gain real insights into what’s happening across the heterogenous environments,” says Caldas.

An adaptive approach for the technology future

Today’s technology environments are only increasing in complexity. More systems, more data, more applications—together, they form a massive sprawling infrastructure. But proactively reacting to change, be it in market trends or customer needs, requires greater agility and integration across the organization. The answer: an adaptive approach. A unified platform for IT operations and management, applications, data, and security can consolidate the disparate parts of a fragmented environment in ways that not only ease IT management and application development but also deliver key business benefits, from faster time to market to AI efficiencies, at a time when organizations must move swiftly to succeed.

Microsoft Azure  and  AMD  meet you where you are on your cloud journey.  Learn more  about an adaptive cloud approach with Azure.

Keep Reading

Most popular, how to opt out of meta’s ai training.

Your posts are a gold mine, especially as companies start to run out of AI training data.

• Melissa Heikkilä archive page

Supershoes are reshaping distance running

Kenyan runners, like many others, are grappling with the impact of expensive, high-performance shoes.

• Jonathan W. Rosen archive page

Why does AI hallucinate?

The tendency to make things up is holding chatbots back. But that’s just what they do.

• Will Douglas Heaven archive page

The return of pneumatic tubes

Pneumatic tubes were supposed to revolutionize the world but have fallen by the wayside. Except in hospitals.

• Vanessa Armstrong archive page

Stay connected

Get the latest updates from mit technology review.

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at [email protected] with a list of newsletters you’d like to receive.

Information

• Author Services

Initiatives

You are accessing a machine-readable page. In order to be human-readable, please install an RSS reader.

All articles published by MDPI are made immediately available worldwide under an open access license. No special permission is required to reuse all or part of the article published by MDPI, including figures and tables. For articles published under an open access Creative Common CC BY license, any part of the article may be reused without permission provided that the original article is clearly cited. For more information, please refer to https://www.mdpi.com/openaccess .

Feature papers represent the most advanced research with significant potential for high impact in the field. A Feature Paper should be a substantial original Article that involves several techniques or approaches, provides an outlook for future research directions and describes possible research applications.

Feature papers are submitted upon individual invitation or recommendation by the scientific editors and must receive positive feedback from the reviewers.

Editor’s Choice articles are based on recommendations by the scientific editors of MDPI journals from around the world. Editors select a small number of articles recently published in the journal that they believe will be particularly interesting to readers, or important in the respective research area. The aim is to provide a snapshot of some of the most exciting work published in the various research areas of the journal.

Original Submission Date Received: .

• Active Journals
• Find a Journal
• Proceedings Series
• For Authors
• For Reviewers
• For Editors
• For Librarians
• For Publishers
• For Societies
• For Conference Organizers
• Open Access Policy
• Institutional Open Access Program
• Special Issues Guidelines
• Editorial Process
• Research and Publication Ethics
• Article Processing Charges
• Testimonials
• Preprints.org
• SciProfiles
• Encyclopedia

Article Menu

• Subscribe SciFeed
• Google Scholar
• on Google Scholar
• Table of Contents

Find support for a specific problem in the support section of our website.

Please let us know what you think of our products and services.

Visit our dedicated information section to learn more about MDPI.

JSmol Viewer

Artificial internet of things, sensor-based digital twin urban computing vision algorithms, and blockchain cloud networks in sustainable smart city administration.

1. Introduction

2. methodology, 3. source correlation analysis, 4. iot green governance, ai data-based mobile communication systems, and urban digital twin technologies for sustainable smart city planning, 5. deep learning forecasting and prediction tools, sensing and big data technologies, and self-organizing spatial–social network and decision support systems in environmentally responsible governance of smart cities and sustainable urbanism, 6. cloud computing technologies, blockchain and ai-driven sustainable urban mobility, and computer simulation network performance algorithms for cost-effective smart city management and resource optimization, 7. discussion, 8. specific contributions to the literature, 9. limitations and further directions of research, 10. practical implications, 11. opportunities, challenges, and gaps according to the selected literature, 12. conclusions, supplementary materials, author contributions, data availability statement, conflicts of interest.

• Yin, H.-T.; Wen, J.; Chang, C.-P. Going green with artificial intelligence: The path of technological change towards the renewable energy transition. Oecon. Copernic. 2023 , 14 , 1059–1095. [ Google Scholar ] [ CrossRef ]
• Bibri, S.E.; Krogstie, J.; Kaboli, A.; Alahi, A. Smarter eco-cities and their leading-edge artificial intelligence of things solutions for environmental sustainability: A comprehensive systematic review. Environ. Sci. Ecotechnol. 2024 , 19 , 100330. [ Google Scholar ] [ CrossRef ] [ PubMed ]
• Ortega-Fernández, A.; Martín-Rojas, R.; García-Morales, V.J. Artificial Intelligence in the Urban Environment: Smart Cities as Models for Developing Innovation and Sustainability. Sustainability 2020 , 12 , 7860. [ Google Scholar ] [ CrossRef ]
• Belli, L.; Cilfone, A.; Davoli, L.; Ferrari, G.; Adorni, P.; Di Nocera, F.; Dall’olio, A.; Pellegrini, C.; Mordacci, M.; Bertolotti, E. IoT-Enabled Smart Sustainable Cities: Challenges and Approaches. Smart Cities 2020 , 3 , 1039–1071. [ Google Scholar ] [ CrossRef ]
• Gracias, J.S.; Parnell, G.S.; Specking, E.; Pohl, E.A.; Buchanan, R. Smart Cities—A Structured Literature Review. Smart Cities 2023 , 6 , 1719–1743. [ Google Scholar ] [ CrossRef ]
• Caputo, F.; Magliocca, P.; Canestrino, R.; Rescigno, E. Rethinking the Role of Technology for Citizens’ Engagement and Sustainable Development in Smart Cities. Sustainability 2023 , 15 , 10400. [ Google Scholar ] [ CrossRef ]
• Benites, A.J.; Simões, A.F. Assessing the urban sustainable development strategy: An application of a smart city services sustainability taxonomy. Ecol. Indic. 2021 , 127 , 107734. [ Google Scholar ] [ CrossRef ]
• Galaz, V.; Centeno, M.A.; Callahan, P.W.; Causevic, A.; Patterson, T.; Brass, I.; Baum, S.; Farber, D.; Fischer, J.; Garcia, D.; et al. Artificial intelligence, systemic risks, and sustainability. Technol. Soc. 2021 , 67 , 101741. [ Google Scholar ] [ CrossRef ]
• Bibri, S.E. Data-driven smart sustainable cities of the future: Urban computing and intelligence for strategic, short-term, and joined-up planning. Comput. Urban Sci. 2021 , 1 , 8. [ Google Scholar ] [ CrossRef ]
• Roy, S.K.; Alam, T.; Mojumder, P.; Mondal, I.; Al Kafy, A.; Dutta, M.; Ferdous, N.; Al Mamun, A.; Mahtab, S.B. Dynamic assessment and prediction of land use alterations influence on ecosystem service value: A pathway to environmental sustainability. Environ. Sustain. Indic. 2024 , 21 , 100319. [ Google Scholar ] [ CrossRef ]
• Ahad, M.A.; Paiva, S.; Tripathi, G.; Feroz, N. Enabling technologies and sustainable smart cities. Sustain. Cities Soc. 2020 , 61 , 102301. [ Google Scholar ] [ CrossRef ]
• Singha, S.; Sharmab, P.K.B.; Shojafarc, M.; Chod, G.H.; Rae, I.H. Convergence of blockchain and artificial intelligence in IoT network for the sustainable smart city. Sustain. Cities Soc. 2020 , 63 , 102364. [ Google Scholar ] [ CrossRef ]
• Feroz, A.K.; Zo, H.; Chiravuri, A. Digital Transformation and Environmental Sustainability: A Review and Research Agenda. Sustainability 2021 , 13 , 1530. [ Google Scholar ] [ CrossRef ]
• Bibri, S.E. A foundational framework for smart sustainable city development: Theoretical, disciplinary, and discursive dimensions and their synergies. Sustain. Cities Soc. 2018 , 38 , 758–794. [ Google Scholar ] [ CrossRef ]
• Nitoslawskia, S.A.; Galleb, N.J.; Van Den Boscha, C.K.; Steenbergc, J.W.N. Smarter ecosystems for smarter cities? A review of trends, technologies, and turning points for smart urban forestry. Sustain. Cities Soc. 2019 , 51 , 101770. [ Google Scholar ] [ CrossRef ]
• Sodhro, A.H.; Pirbhulal, S.; Luo, Z.; de Albuquerque, V.H.C. Towards an optimal resource management for IoT based Green and sustainable smart cities. J. Clean. Prod. 2019 , 220 , 1167–1179. [ Google Scholar ] [ CrossRef ]
• Martin, C.; Evans, J.; Karvonen, A.; Paskaleva, K.; Yang, D.; Linjordet, T. Smart-sustainability: A new urban fix? Sustain. Cities Soc. 2019 , 45 , 640–648. [ Google Scholar ] [ CrossRef ]
• Heidari, A.; Navimipour, N.J.; Unal, M. Applications of ML/DL in the management of smart cities and societies based on new trends in information technologies: A systematic literature review. Sustain. Cities Soc. 2022 , 85 , 104089. [ Google Scholar ] [ CrossRef ]
• Zahmatkesh, H.; Al-Turjman, F. Fog computing for sustainable smart cities in the IoT era: Caching techniques and enabling technologies—An overview. Sustain. Cities Soc. 2020 , 59 , 102139. [ Google Scholar ] [ CrossRef ]
• Li, X.; Fong, P.S.; Dai, S.; Li, Y. Towards sustainable smart cities: An empirical comparative assessment and development pattern optimization in China. J. Clean. Prod. 2019 , 215 , 730–743. [ Google Scholar ] [ CrossRef ]
• Abu-Rayash, A.; Dincer, I. Development of integrated sustainability performance indicators for better management of smart cities. Sustain. Cities Soc. 2021 , 67 , 102704. [ Google Scholar ] [ CrossRef ]
• Son, T.H.; Weedon, Z.; Yigitcanlar, T.; Sanchez, T.; Corchado, J.M.; Mehmood, R. Algorithmic urban planning for smart and sustainable development: Systematic review of the literature. Sustain. Cities Soc. 2023 , 94 , 104562. [ Google Scholar ] [ CrossRef ]
• Bibri, S.E. Data-driven smart sustainable cities of the future: An evidence synthesis approach to a comprehensive state-of-the-art literature review. Sustain. Futur. 2021 , 3 , 100047. [ Google Scholar ] [ CrossRef ]
• Razmjoo, A.; Østergaard, P.A.; Denaï, M.; Nezhad, M.M.; Mirjalili, S. Effective policies to overcome barriers in the development of smart cities. Energy Res. Soc. Sci. 2021 , 79 , 102175. [ Google Scholar ] [ CrossRef ]
• Khakurel, J.; Penzenstadler, B.; Porras, J.; Knutas, A.; Zhang, W. The Rise of Artificial Intelligence under the Lens of Sustainability. Technologies 2018 , 6 , 100. [ Google Scholar ] [ CrossRef ]
• Saheb, T.; Dehghani, M.; Saheb, T. Artificial intelligence for sustainable energy: A contextual topic modeling and content analysis. Sustain. Comput. Inform. Syst. 2022 , 35 , 100699. [ Google Scholar ] [ CrossRef ]
• Singh, T.; Solanki, A.; Sharma, S.K.; Nayyar, A.; Paul, A. A Decade Review on Smart Cities: Paradigms, Challenges and Opportunities. IEEE Access 2022 , 10 , 68319–68364. [ Google Scholar ] [ CrossRef ]
• Weil, C.; Bibri, S.E.; Longchamp, R.; Golay, F.; Alahi, A. Urban Digital Twin Challenges: A Systematic Review and Perspectives for Sustainable Smart Cities. Sustain. Cities Soc. 2023 , 99 , 104862. [ Google Scholar ] [ CrossRef ]
• Hui, C.X.; Dan, G.; Alamri, S.; Toghraie, D. Greening smart cities: An investigation of the integration of urban natural resources and smart city technologies for promoting environmental sustainability. Sustain. Cities Soc. 2023 , 99 , 104985. [ Google Scholar ] [ CrossRef ]
• Szpilko, D.; Naharro, F.J.; Lăzăroiu, G.; Nica, E.; de la Torre Gallegos, A. Artificial intelligence in the smart city—A literature review. Eng. Manag. Prod. Serv. 2023 , 15 , 53–75. [ Google Scholar ] [ CrossRef ]
• Zaidi, A.; Ajibade, S.-S.M.; Musa, M.; Bekun, F.V. New insights into the research landscape on the application of artificial intelligence in sustainable smart cities: A bibliometric mapping and network analysis approach. Int. J. Energy Econ. Policy 2023 , 13 , 287–299. [ Google Scholar ] [ CrossRef ]
• Gkontzis, A.F.; Kotsiantis, S.; Feretzakis, G.; Verykios, V.S. Enhancing Urban Resilience: Smart City Data Analyses, Forecasts, and Digital Twin Techniques at the Neighborhood Level. Futur. Internet 2024 , 16 , 47. [ Google Scholar ] [ CrossRef ]
• Chen, Y.; Chen, S.; Miao, J. Does smart city pilot improve urban green economic efficiency: Accelerator or inhibitor. Environ. Impact Assess. Rev. 2024 , 104 , 107328. [ Google Scholar ] [ CrossRef ]
• Jo, J.H.; Sharma, P.K.; Sapalo Sicato, J.K.; Park, J.H. Emerging Technologies for Sustainable Smart City Network Security: Issues, Challenges, and Countermeasures. J. Inf. Process. Syst. 2019 , 15 , 765–784. [ Google Scholar ] [ CrossRef ]
• Rejeb, A.; Rejeb, K.; Abdollahi, A.; Keogh, J.G.; Zailani, S.; Iranmanesh, M. Smart city research: A bibliometric and main path analysis. J. Data Inf. Manag. 2022 , 4 , 343–370. [ Google Scholar ] [ CrossRef ]
• Bibri, S.E.; Alexandre, A.; Sharifi, A.; Krogstie, J. Environmentally sustainable smart cities and their converging AI, IoT, and big data technologies and solutions: An integrated approach to an extensive literature review. Energy Inform. 2023 , 6 , 9. [ Google Scholar ] [ CrossRef ] [ PubMed ]
• Zamponi, M.E.; Barbierato, E. The Dual Role of Artificial Intelligence in Developing Smart Cities. Smart Cities 2022 , 5 , 728–755. [ Google Scholar ] [ CrossRef ]
• Shehab, M.J.; Kassem, I.; Kutty, A.A.; Kucukvar, M.; Onat, N.; Khattab, T. 5G Networks Towards Smart and Sustainable Cities: A Review of Recent Developments, Applications and Future Perspectives. IEEE Access 2021 , 10 , 2987–3006. [ Google Scholar ] [ CrossRef ]
• Verdejo, Á.; Espinilla, M.; López, J.L.; Melguizo, F.J. Assessment of sustainable development objectives in Smart Labs: Technology and sustainability at the service of society. Sustain. Cities Soc. 2022 , 77 , 103559. [ Google Scholar ] [ CrossRef ]
• Filiou, D.; Kesidou, E.; Wu, L. Are smart cities green? The role of environmental and digital policies for Eco-innovation in China. World Dev. 2023 , 165 , 106212. [ Google Scholar ] [ CrossRef ]
• Mishra, P.; Singh, G. Energy Management Systems in Sustainable Smart Cities Based on the Internet of Energy: A Technical Review. Energies 2023 , 16 , 6903. [ Google Scholar ] [ CrossRef ]
• Pandiyan, P.; Saravanan, S.; Usha, K.; Kannadasan, R.; Alsharif, M.H.; Kim, M.-K. Technological advancements toward smart energy management in smart cities. Energy Rep. 2023 , 10 , 648–677. [ Google Scholar ] [ CrossRef ]
• Herath, H.; Mittal, M. Adoption of artificial intelligence in smart cities: A comprehensive review. Int. J. Inf. Manag. Data Insights 2022 , 2 , 100076. [ Google Scholar ] [ CrossRef ]
• Pigola, A.; da Costa, P.R.; Carvalho, L.C.; da Silva, L.F.; Kniess, C.T.; Maccari, E.A. Artificial Intelligence-Driven Digital Technologies to the Implementation of the Sustainable Development Goals: A Perspective from Brazil and Portugal. Sustainability 2021 , 13 , 13669. [ Google Scholar ] [ CrossRef ]
• Jaramillo-Alcazar, A.; Govea, J.; Villegas-Ch, W. Advances in the Optimization of Vehicular Traffic in Smart Cities: Integration of Blockchain and Computer Vision for Sustainable Mobility. Sustainability 2023 , 15 , 15736. [ Google Scholar ] [ CrossRef ]
• Dong, L.; Liu, Y. Frontiers of policy and governance research in a smart city and artificial intelligence: An advanced review based on natural language processing. Front. Sustain. Cities 2023 , 5 , 1199041. [ Google Scholar ] [ CrossRef ]
• Tehrani, A.A.; Veisi, O.; Fakhr, B.V.; Du, D. Predicting solar radiation in the urban area: A data-driven analysis for sustainable city planning using artificial neural networking. Sustain. Cities Soc. 2024 , 100 , 105042. [ Google Scholar ] [ CrossRef ]
• Xiang, Y.; Chen, Y.; Xu, J.; Chen, Z. Research on sustainability evaluation of green building engineering based on artificial intelligence and energy consumption. Energy Rep. 2022 , 8 , 11378–11391. [ Google Scholar ] [ CrossRef ]
• Reyes-Rubiano, L.; Serrano-Hernandez, A.; Montoya-Torres, J.R.; Faulin, J. The Sustainability Dimensions in Intelligent Urban Transportation: A Paradigm for Smart Cities. Sustainability 2021 , 13 , 10653. [ Google Scholar ] [ CrossRef ]
• Hashem, I.A.T.; Usmani, R.S.A.; Almutairi, M.S.; Ibrahim, A.O.; Zakari, A.; Alotaibi, F.; Alhashmi, S.M.; Chiroma, H. Urban Computing for Sustainable Smart Cities: Recent Advances, Taxonomy, and Open Research Challenges. Sustainability 2023 , 15 , 3916. [ Google Scholar ] [ CrossRef ]
• Said, O.; Tolba, A. Accurate performance prediction of IoT communication systems for smart cities: An efficient deep learning based solution. Sustain. Cities Soc. 2021 , 69 , 102830. [ Google Scholar ] [ CrossRef ]
• Samuel, O.; Javaid, N.; Alghamdi, T.A.; Kumar, N. Towards sustainable smart cities: A secure and scalable trading system for residential homes using blockchain and artificial intelligence. Sustain. Cities Soc. 2022 , 76 , 103371. [ Google Scholar ] [ CrossRef ]
• Strielkowski, W.; Zenchenko, S.; Tarasova, A.; Radyukova, Y. Management of Smart and Sustainable Cities in the Post-COVID-19 Era: Lessons and Implications. Sustainability 2022 , 14 , 7267. [ Google Scholar ] [ CrossRef ]
• Bibri, S.E. A novel model for data-driven smart sustainable cities of the future: The institutional transformations required for balancing and advancing the three goals of sustainability. Energy Inform. 2021 , 4 , 4. [ Google Scholar ] [ CrossRef ]
• Curşeu, P.L.; Semeijn, J.H.; Nikolova, I. Career challenges in smart cities: A sociotechnical systems view on sustainable careers. Hum. Relat. 2021 , 74 , 656–677. [ Google Scholar ] [ CrossRef ]
• Lăzăroiu, G.; Ionescu, L.; Andronie, M.; Dijmărescu, I. Sustainability Management and Performance in the Urban Corporate Economy: A Systematic Literature Review. Sustainability 2020 , 12 , 7705. [ Google Scholar ] [ CrossRef ]
• Tcholtchev, N.; Schieferdecker, I. Sustainable and Reliable Information and Communication Technology for Resilient Smart Cities. Smart Cities 2021 , 4 , 156–176. [ Google Scholar ] [ CrossRef ]
• Manman, L.; Goswami, P.; Mukherjee, P.; Mukherjee, A.; Yang, L.; Ghosh, U.; Menon, V.G.; Qi, Y.; Nkenyereye, L. Distributed Artificial Intelligence Empowered Sustainable Cognitive Radio Sensor Networks: A Smart City on-demand Perspective. Sustain. Cities Soc. 2021 , 75 , 103265. [ Google Scholar ] [ CrossRef ]
• Andronie, M.; Lăzăroiu, G.; Iatagan, M.; Hurloiu, I.; Dijmărescu, I. Sustainable Cyber-Physical Production Systems in Big Data-Driven Smart Urban Economy: A Systematic Literature Review. Sustainability 2021 , 13 , 751. [ Google Scholar ] [ CrossRef ]
• Lavalle, A.; Teruel, M.A.; Maté, A.; Trujillo, J. Improving Sustainability of Smart Cities through Visualization Techniques for Big Data from IoT Devices. Sustainability 2020 , 12 , 5595. [ Google Scholar ] [ CrossRef ]
• Brodny, J.; Tutak, M. The level of implementing sustainable development goal “Industry, innovation and infrastructure” of Agenda 2030 in the European Union countries: Application of MCDM methods. Oecon. Copernic. 2023 , 14 , 47–102. [ Google Scholar ] [ CrossRef ]
• Trettin, C.; Lăzăroiu, G.; Grecu, I.; Grecu, G. The Social Sustainability of Citizen-centered Urban Governance Networks: Sensor-based Big Data Applications and Real-Time Decision-Making. Geopolit. Hist. Int. Relations 2019 , 11 , 27. [ Google Scholar ] [ CrossRef ]
• Jakubelskas, U.; Skvarciany, V. Circular economy practices as a tool for sustainable development in the context of renewable energy: What are the opportunities for the EU? Oecon. Copernic. 2023 , 14 , 833–859. [ Google Scholar ] [ CrossRef ]
• Balcerzak, A.P.; Uddin, G.S.; Igliński, B.; Pietrzak, M.B. Global energy transition: From the main determinants to economic challenges. Equilib. Q. J. Econ. Econ. Policy 2023 , 18 , 597–608. [ Google Scholar ] [ CrossRef ]
• Ogutu, H.; El Archi, Y.; Dávid, L.D. Current trends in sustainable organization management: A bibliometric analysis. Oecon. Copernic. 2023 , 14 , 11–45. [ Google Scholar ] [ CrossRef ]
• Cegarra-Navarro, J.G.; Vătămănescu, E.-M.; Dabija, D.-C.; Nicolescu, L. The role of knowledge and interpersonal competences in the development of civic and public engagement and entrepreneurial intention. Int. Entrep. Manag. J. 2023 , 20 , 189–213. [ Google Scholar ] [ CrossRef ]
• Cegarra-Navarro, J.-G.; Bratianu, C.; Martínez-Martínez, A.; Vătămănescu, E.-M.; Dabija, D.-C. Creating civic and public engagement by a proper balance between emotional, rational, and spiritual knowledge. J. Knowl. Manag. 2023 , 27 , 2113–2135. [ Google Scholar ] [ CrossRef ]
• Lyons, N.; Lăzăroiu, G. Addressing the COVID-19 Crisis by Harnessing Internet of Things Sensors and Machine Learning Algorithms in Data-driven Smart Sustainable Cities. Geopolit. Hist. Int. Relat. 2020 , 12 , 65. [ Google Scholar ] [ CrossRef ]
• Fernando, X.; Lăzăroiu, G. Spectrum Sensing, Clustering Algorithms, and Energy-Harvesting Technology for Cognitive-Radio-Based Internet-of-Things Networks. Sensors 2023 , 23 , 7792. [ Google Scholar ] [ CrossRef ]
• García, J.S.; Gómez, E.G. What drives the preferences for cleaner energy? Parametrizing the elasticities of environmental quality demand for greenhouse gases. Oecon. Copernic. 2023 , 14 , 449–482. [ Google Scholar ] [ CrossRef ]
• Lăzăroiu, G.; Ionescu, L.; Uță, C.; Hurloiu, I.; Andronie, M.; Dijmărescu, I. Environmentally Responsible Behavior and Sustainability Policy Adoption in Green Public Procurement. Sustainability 2020 , 12 , 2110. [ Google Scholar ] [ CrossRef ]
• Zheng, M.; Feng, G.-F.; Chang, C.-P. Is green finance capable of promoting renewable energy technology? Empirical investigation for 64 economies worldwide. Oecon. Copernic. 2023 , 14 , 483–510. [ Google Scholar ] [ CrossRef ]

Click here to enlarge figure

Share and Cite

Matei, A.; Cocoșatu, M. Artificial Internet of Things, Sensor-Based Digital Twin Urban Computing Vision Algorithms, and Blockchain Cloud Networks in Sustainable Smart City Administration. Sustainability 2024 , 16 , 6749. https://doi.org/10.3390/su16166749

Matei A, Cocoșatu M. Artificial Internet of Things, Sensor-Based Digital Twin Urban Computing Vision Algorithms, and Blockchain Cloud Networks in Sustainable Smart City Administration. Sustainability . 2024; 16(16):6749. https://doi.org/10.3390/su16166749

Matei, Ani, and Mădălina Cocoșatu. 2024. "Artificial Internet of Things, Sensor-Based Digital Twin Urban Computing Vision Algorithms, and Blockchain Cloud Networks in Sustainable Smart City Administration" Sustainability 16, no. 16: 6749. https://doi.org/10.3390/su16166749

Article Metrics

Article access statistics, supplementary material.

ZIP-Document (ZIP, 87 KiB)

Further Information

Mdpi initiatives, follow mdpi.

Subscribe to receive issue release notifications and newsletters from MDPI journals

Cloud Computing: The Catalyst for Innovation and Transformation, by Abdul Sajid Mohammed, PhD.

The adoption of cloud computing is one of the unavoidable decisions organizations are facing today. This is an area that Dr. Abdul Sajid Mohammed has decided to explore and help organization to exploit the benefits of cloud computing. As a Senior Engineer and Cloud Solutions expert, Dr. Mohammed continues to contribute his skills and knowledge at Microsoft Corporations, which is a leading software technologies development organization. The scholar and professional boasts of over 14 years of expertise, involving accomplishing many demanding targets and leading and executing business-critical projects for some of the leading global corporations. He is actively involved in developing and implementing cloud solutions. He earned his PhD. in Information Technology from The University of the Cumberlands.Dr. Mohammed’s impactful research in cloud computing has been published in distinguished journals.  

In the research titled “ Exploring the Quality of Service Impacts of Cloud Computing over Wireless Networks ” Dr. Mohammed and colleagues discovered that cloud computing had the potential to improve the overall quality of service (QoS) of Wi-Fi wireless networks. Leveraging cloud computing improves the quality of wireless networks in terms of availability, bandwidth, latency, and first-rate experience. Dr. Mohammed believes that more research is needed to uncover the impact of the evolution of cloud computing and wireless networks while establishing ways through which their performance can be optimized. The goal is to enhance the understanding and utilization of these technologies for the benefit of businesses and consumers. He argues that cloud computing is capable of reducing the costs involved in operating and maintaining wireless networks.  

As a researcher and expert in cloud computing, Dr. Mohammed pays close attention to cloud scheduling algorithms. He believes that the performance of cloud-based solutions depends on the effectiveness with which jobs are organized. The three main scheduling methods in cloud computing include task scheduling, resource scheduling, and workflow scheduling. Task scheduling is concerned with the selection of the most appropriate and suitable resources needed to execute a task. Considerations in task scheduling algorithms include resource utilization, execution time, throughput, response time, fault tolerance, quality of service, and scalability. Resource scheduling is concerned with the assignment of resources in the most optimal way. The three categories of resource allocation algorithms include cost optimization-based, agent-based, and dynamic scheduling algorithms. Finally, workflow scheduling is concerned with mapping the workflow task to the virtual machines while taking into account different functional and non-functional requirements.  

Machine learning is an important area of interest for Dr. Mohammed who focuses on investigating the role of machine learning in optimizing the performance of cloud-based applications. His research in this area has made him to conclude that ML is a powerful tool for optimizing dynamic scaling strategies for cloud-based applications. ML algorithms are capable of discovering correlations between input and output values, which supports automated decision-making about the allocation of resources in a cloud-based application. Exploiting the predictive capabilities of ML models enables the discovery of valuable insights into traffic and usage of systems, which can inform the decision to fine-tune cloud-based applications’ dynamic scaling strategies. Dr. Mohammed is involved in the development of artificial intelligence (AI) -induced machine learning models to optimize the performance of cloud-based applications. He develops ML models that are used to model the behaviors of users and automate the detection of anomalies in cloud-based applications.  

Dr. Mohammed has also been involved in research on serverless computing solutions and the role of dynamic scheduling algorithms . Dynamic scheduling algorithms play a vital role in serverless architectures by optimizing and maximizing serverless architectures. His research in this area has led to four major findings. First, the deployment of dynamic scheduling algorithms enhances the utilization of resources in serverless computing through green workload control and sensible allocation of resources. Second, it leads to reduced fees because serverless computing operates in an on-demand mode, which reduced the fees charged. Dr. Mohammed also argues that the deployment of dynamic scheduling algorithms in cloud-based environments enhances both safety and availability.  

• Share full article

Advertisement

Supported by

Microsoft Profit Jumps 10%, but Cloud Computing Grows Less Than Expected

The tech giant’s revenue also grew 15 percent, but Wall Street is watching whether its investment in A.I. is paying off for its cloud computing business.

By Karen Weise

Karen Weise has covered Microsoft since 2018.

Microsoft closed its first full fiscal year of aggressive artificial intelligence investment with a mixed bag of results for people worried about how much big tech companies are spending on A.I.

Sales from April through June hit $64.7 billion, up 15 percent from the same period last year, the company reported on Tuesday. Profit rose 10 percent, to $22 billion.

The results beat Wall Street’s expectations and Microsoft’s own predictions. But the company’s cloud computing business did not grow as quickly as investors had expected, leading its share price to drop more than 6 percent in after-hours trading.

Azure, Microsoft’s flagship cloud computing product that includes A.I. services, grew 30 percent in the quarter after taking into account currency fluctuations. Investors had been hoping it would grow between 30 and 31 percent, as Microsoft had told them to expect.

On a call with investors, Satya Nadella, the company’s chief executive, and Amy Hood, the finance chief, said that Microsoft could have sold more if they’d had enough data center capacity — and that those constraints would last through the end of 2024. They added that the A.I. investments are attracting new customers to Microsoft’s cloud business.

“These are generational things once they get going with you,” Mr. Nadella said.

The earnings report showed how the company is spending mightily to build the data centers and acquire the pricey chips that power A.I. technology. Microsoft’s capital expenses have grown every quarter since late 2022, when Mr. Nadella pushed his top executives to make big investments in A.I. Microsoft spent almost $19 billion on capital expenses last quarter, more than twice as much as two years earlier.

We are having trouble retrieving the article content.

Please enable JavaScript in your browser settings.

Thank you for your patience while we verify access. If you are in Reader mode please exit and  log into  your Times account, or  subscribe  for all of The Times.

Thank you for your patience while we verify access.

Already a subscriber?  Log in .

Want all of The Times?  Subscribe .

Special Features

Vendor voice.

Cloud Infrastructure Month

Enterprise spend on cloud up sharply as world biz splashes $80B in Q2

Plus: oracle nudges to top of second tier providers.

Enterprise spending on cloud infrastructure services continues to grow, now nearing $80 billion per quarter, with the big three continuing to dominate and Oracle emerging as leader of the second tier providers.

The second quarter of 2024 was a good one if you are a cloud operator, with enterprise customers upping their cloudy spend by $14.1 billion to $79.1 billion, an increase of 22 percent compared with a year ago.

These figures come from Synergy Research , which said this is the third consecutive quarter in which the year-on-year growth rate for the global cloud market has been north of 20 percent.

However, cloud services have grown continually over the last several years, with only the rate of increase slowing when enterprises reined back spending because of economic conditions.

Total cloud infrastructure services revenue for the preceding 12 months adds up to $297 billion.

The big three cloud providers - AWS, Microsoft and Google - continue to account for about two thirds of the total worldwide market, with their share of the spoils shifting up or down slightly each quarter.

And if you consider only public cloud, the dominance of the major providers is even more pronounced, as the big three account for 73 percent of that market.

Amazon's AWS maintained a clear lead in the market, accounting for 32 percent of worldwide market share during Q2, which is actually a percentage point increase on the previous quarter.

Microsoft's Azure stayed in second place with 23 percent market share, though this is down slightly from the 25 percent that Synergy pegged it at in the previous quarter, when it appeared to be slowly gaining ground on AWS.

Google also gained a smidgeon, increasing its share to 13 percent from 11 percent in the prior quarter. However, the long-term trend is for it and Microsoft to slowly increase their share while that of AWS decreases.

According to Synergy, there is more sign of movement and competition among the second tier of cloud operators, and it picked out Oracle as emerging as a "leader of the following pack".

This is possibly because Oracle's market share appears to be on the rise, although at 3 percent it is currently lower than that of Alibaba, which sits at 4 percent.

Synergy lists Salesforce as having 3 percent market share, while IBM, Tencent and Huawei are all on 2 percent, and a bunch of others come in at about 1 percent to the nearest percentage point, including Baidu, China Telecom, China Unicom, Fujitsu, NTT, Snowflake, SAP, Rackspace and VMware.

In terms of regional spread, the US remains by far the largest cloud market, although the APAC region showed the strongest growth, according to synergy. India, Japan, Australia and South Korea all saw a bounce of 25 percent or more in cloud services during the quarter.

In Europe, the largest cloud markets remain the UK and Germany, but those markets with the highest growth rates included Ireland, Italy and Spain.

• Microsoft: Our licensing terms do not meaningfully raise cloud rivals' costs
• Alibaba Cloud closing Australian and Indian datacenters
• Euro banks worry AI will increase their dependence on US big tech
• AWS leads UK cloud market while Microsoft dominates growth and new customers

"We are now seeing more normalized growth of the cloud market, though some speed bumps do remain," said Synergy Research Group Chief Analyst John Dinsdale in a statement.

He noted that Amazon and Google's share both nudged upwards in Q2 while Microsoft's share dropped a little, but the trend lines for both Microsoft and Google continue heading upwards.

"Oracle is now starting to separate itself to become a top five player," Dinsdale claimed, though the gulf between it and top trio remains huge. "In this market Google is almost five times the size of Oracle, while Amazon is almost three times the size of Google," he said. ®

• Cloud Computing

Narrower topics

• Cloud native
• Content delivery network
• Digital Ocean
• Disaster recovery
• Edge Computing
• Google Cloud Platform
• Hybrid Cloud
• Open Compute Project
• Private Cloud
• Public Cloud
• Software defined data center
• Systems Approach
• Virtualization

Send us news

Other stories you might like

Cloud growth puts hyperscalers on track to take up 60% of datacenter capacity by 2029, ai boom is reshaping the face of cloud infrastructure, rising costs biggest issue for datacenter operators as demand grows, ransomware thieves beware.

Supermicro CEO teases service to build or upgrade datacenters in six months

Datacenters guzzled more than a fifth of ireland's electricity in 2023, need to move 1.2 exabytes across the world every day just effingo, huawei cloud built a network monitor so sensitive it spotted the impact of a single faulty chip, japan's fugaku supercomputer released in virtual version that runs in aws, amd hopes to unlock mi300’s full potential with fresh code, tencent cloud's home-grown traffic-tamer halves wan latency, amazon: our cloud growth just sped up. did you know we are also quite a big retailer.

• Advertise with us

Our Websites

• The Next Platform
• Blocks and Files

Your Privacy

• Cookies Policy
• Privacy Policy
• Ts & Cs

Copyright. All rights reserved © 1998–2024

AI is poised to drive 160% increase in data center power demand

On average, a ChatGPT query needs nearly 10 times as much electricity to process as a Google search. In that difference lies a coming sea change in how the US, Europe, and the world at large will consume power — and how much that will cost. 

For years, data centers displayed a remarkably stable appetite for power, even as their workloads mounted. Now, as the pace of efficiency gains in electricity use slows and the  AI revolution  gathers steam, Goldman Sachs Research estimates that data center power demand will grow 160% by 2030.

At present, data centers worldwide consume 1-2% of overall power, but this percentage will likely rise to 3-4% by the end of the decade. In the US and Europe, this increased demand will help drive the kind of electricity growth that hasn’t been seen in a generation. Along the way, the carbon dioxide emissions of data centers may more than double between 2022 and 2030.

How much power do data centers consume?

In a series of three reports, Goldman Sachs Research analysts lay out the  US ,  European , and  global  implications of this spike in electricity demand. It isn’t that our demand for data has been meager in the recent past. In fact, data center workloads nearly tripled between 2015 and 2019. Through that period, though, data centers’ demand for power remained flattish, at about 200 terawatt-hours per year. In part, this was because data centers kept growing more efficient in how they used the power they drew, according to the Goldman Sachs Research reports, led by Carly Davenport, Alberto Gandolfi, and Brian Singer.

But since 2020, the efficiency gains appear to have dwindled, and the power consumed by data centers has risen. Some AI innovations will boost computing speed faster than they ramp up their electricity use, but the widening use of AI will still imply an increase in the technology’s consumption of power. A single ChatGPT query requires 2.9 watt-hours of electricity, compared with 0.3 watt-hours for a Google search, according to the International Energy Agency. Goldman Sachs Research estimates the overall increase in data center power consumption from AI to be on the order of 200 terawatt-hours per year between 2023 and 2030. By 2028, our analysts expect AI to represent about 19% of data center power demand.

In tandem, the expected rise of data center carbon dioxide emissions will represent a “social cost” of $125-140 billion (at present value), our analysts believe. “Conversations with technology companies indicate continued confidence in driving down energy intensity but less confidence in meeting absolute emissions forecasts on account of rising demand,” they write. They expect substantial investments by tech firms to underwrite new renewables and commercialize emerging nuclear generation capabilities. And AI may also provide benefits by accelerating innovation — for example, in health care, agriculture, education, or in emissions-reducing energy efficiencies.

US electricity demand is set to surge

Over the last decade, US power demand growth has been roughly zero, even though the population and its economic activity have increased. Efficiencies have helped; one example is the LED light, which drives lower power use. But that is set to change. Between 2022 and 2030, the demand for power will rise roughly 2.4%, Goldman Sachs Research estimates — and around 0.9 percent points of that figure will be tied to data centers.

That kind of spike in power demand hasn’t been seen in the US since the early years of this century. It will be stoked partly by electrification and industrial reshoring,  but also by AI . Data centers will use 8% of US power by 2030, compared with 3% in 2022.

US utilities will need to invest around $50 billion in new generation capacity just to support data centers alone. In addition, our analysts expect incremental data center power consumption in the US will drive around 3.3 billion cubic feet per day of new natural gas demand by 2030, which will require new pipeline capacity to be built.

Europe needs $1 trillion-plus to prepare its power grid for AI

Over the past 15 years, Europe’s power demand has been severely hit by a sequence of shocks: the global financial crisis, the covid pandemic, and the energy crisis triggered by the war in Ukraine. But it has also suffered due to a slower-than-expected pick up in electrification and the ongoing de-industrialization of the European economy. As a result, since a 2008 peak, electricity demand has cumulatively declined by nearly 10%.

Going forward, between 2023 and 2033, thanks to both the expansion of data centers and an acceleration of electrification, Europe’s power demand could grow by 40% and perhaps even 50%, according to Goldman Sachs Research. At the moment, around 15% of the world’s data centers are located in Europe. By 2030, the power needs of these data centers will match the current total consumption of Portugal, Greece, and the Netherlands combined.

Data center power demand will rise in two kinds of European countries, our analysts write. The first sort is those with cheap and abundant power from nuclear, hydro, wind, or solar sources, such as the Nordic nations, Spain and France. The second kind will include countries with large financial services and tech companies, which offer tax breaks or other incentives to attract data centers. The latter category includes Germany, the UK, and Ireland.

Europe has the oldest power grid in the world, so keeping new data centers electrified will require more investment. Our analysts expect nearly €800 billion ($861 billion) in spending on transmission and distribution over the coming decade, as well as nearly €850 billion in investment on solar, onshore wind, and offshore wind energy. 

This article is being provided for educational purposes only. The information contained in this article does not constitute a recommendation from any Goldman Sachs entity to the recipient, and Goldman Sachs is not providing any financial, economic, legal, investment, accounting, or tax advice through this article or to its recipient. Neither Goldman Sachs nor any of its affiliates makes any representation or warranty, express or implied, as to the accuracy or completeness of the statements or any information contained in this article and any liability therefore (including in respect of direct, indirect, or consequential loss or damage) is expressly disclaimed.

Our weekly newsletter with insights and intelligence from across the firm

By submitting this information, you agree to receive marketing emails from Goldman Sachs and accept our  privacy policy . You can opt-out at any time.

Featured Article

Cloud infrastructure revenue approached $80 billion this quarter

With ai propelling the market forward.

The cloud infrastructure market has put the doldrums of 2023 firmly behind it with another big quarter. Revenue continues to grow at a brisk pace, fueled by interest in AI. Synergy Research reports revenue totaled $79 billion for the quarter, up $14.1 billion or 22% from last year.

This marked the third consecutive quarter that year-over-year growth was 20% or more and AI was a big part of that growth, according to Synergy.

The bottom line is that the cloud, in spite of last year’s hiccups, is showing little sign of slowing down. Even with some element of political and economic uncertainty on the horizon, Synergy chief analyst John Dinsdale sees a market that will continue to grow, with the firm expecting the market to double again in four years’ time. It took 13 quarters to double from $40 billion to almost $80 billion (which it will surpass soon).

One surprise this quarter was Microsoft Intelligent Cloud, which includes Azure, missing analysts’ estimates. The company reported $28.52 billion versus analysts’ expectations of $28.68 billion, per CNBC; Azure still grew 30% , per Altimeter partner Jamin Ball, so it wasn’t all bad news.

Dinsdale says that it’s important, however, not to make too much out of the miss. “Microsoft’s Intelligent Cloud quarterly revenues came in within the guidance range provided by Microsoft three months ago. To be growing a $28.5 billion business by 19% a year is no mean feat. Azure is the largest chunk of Intelligent Cloud and it grew by 29% [for the quarter], which is actually rather impressive,” he told TechCrunch.

Amazon reported revenue of $26.3 billion for the quarter , up 19% over the prior year, as it seems to have settled into this growth rate range for the time being after dipping into the 12% and 13% range in early 2023.

Google Cloud had a nice quarter pushing over $10 billion for the first time, up 29% YoY, per Ball. But it’s important to note his number includes Google Workspace, as well as infrastructure services. More importantly, perhaps, the company gained a full percentage point of market share, according to Synergy, whose numbers don’t include Workspace.

The overall market share numbers came out to 32% (around $25 billion) for Amazon; 23% (around $18 billion) for Microsoft; and 12% (around $9.5 billion) for Google. It’s worth noting that Microsoft lost approximately two percentage points of market share over last quarter , according to Synergy, yet continues to grow at a brisk rate — a point that Dinsdale acknowledged, attributing the drop to seasonality in the Azure sales cycle.

“There is some seasonality to Azure numbers and sequential growth is often weak in the April-June quarter after strong growth in the previous quarters. That happened again,” he said. “While Azure did not grow relative to the first quarter, both Amazon and Google did and their market shares both improved. If you take out the seasonality and look at rolling annualized growth rates, Azure actually grew more than either Google or Amazon. Azure is most definitely not in a trough.”

In the next tier of companies, Oracle nudged up to 3%, passing IBM and tying Salesforce for fifth place overall. While that might sound good, the Big 3 account for more than 73% of the market, but 3% is still good for over $2 billion in revenue.

It does get confusing looking at the different ways the companies and the firms that watch them count cloud numbers. Ball is looking at publicly reported information. Synergy looks at infrastructure as a service, platform as a service and hosted private cloud services. It does not count SaaS and includes some of its own market analysis in its numbers.

More TechCrunch

Get the industry’s biggest tech news, techcrunch daily news.

Every weekday and Sunday, you can get the best of TechCrunch’s coverage.

Startups Weekly

Startups are the core of TechCrunch, so get our best coverage delivered weekly.

TechCrunch Fintech

The latest Fintech news and analysis, delivered every Tuesday.

TechCrunch Mobility

TechCrunch Mobility is your destination for transportation news and insight.

The tech world mourns Susan Wojcicki

Susan Wojcicki, a longtime Googler who spent nearly a decade as the CEO of YouTube, passed away Friday after a two-year battle with non-small cell lung cancer. Wojcicki, who was…

As Alexa turns 10, Amazon looks to generative AI

While Amazon has continued releasing Echo devices, including an upgraded Spot announced last month, the company has taken its foot off the gas.

Redfin CEO promises to ‘drink our own urine’ if mortgage rates don’t fall

He really said that: When asked about the company’s “Plan B” if mortgage rates don’t fall, Redfin CEO Glenn Kelman responded, “Plan B is to drink our own urine or…

Turkey restores access to Instagram

Turkey appears to have restored access to Meta-owned Instagram, after blocking the app on August 2.  Abdulkadir Uraloglu, the country’s minister of transport and infrastructure, posted today that the ban…

Tesla’s Dojo, a timeline

Elon Musk doesn’t want Tesla to be just an automaker. He wants Tesla to be an AI company, one that’s figured out how to make cars drive themselves.  Crucial to…

OpenAI faces more leadership shake-ups

OpenAI co-founder John Schulman has left the company for rival AI startup Anthropic. In addition, OpenAI co-founder and president Greg Brockman is taking an extended leave after nine years at…

Maybe Friend wasn’t crazy for spending $1.8M on a domain after all

Avi Schiffmann, the founder and CEO of Friend, told TechCrunch over email that the purchase has already paid for itself.

One man decided to take on Google Maps, 20 years later OpenStreetMap is still going strong

From internet protocols and operating systems, to databases and cloud services, some technology is so omnipresent most people don’t even know it exists. The same can be said about OpenStreetMap, the community-driven platform that serves companies and software developers with geographic data and maps so they can rely a little…

The 10 largest GDPR fines on Big Tech

This list only includes major penalties issued to tech firms under the GDPR. In recent years, some significant sanctions have also been issued on Big Tech

CSC ServiceWorks reveals 2023 data breach affecting thousands of people

The data breach is the latest security issue to beset CSC ServiceWorks over the past year, after multiple researchers found security bugs.

After global IT meltdown, CrowdStrike courts hackers with action figures and gratitude

CrowdStrike tried to go back to business as usual at one of the world’s largest annual cybersecurity conferences, weeks after its massive global IT crash.

Former YouTube CEO Susan Wojcicki has passed away at age 56

Tragedy has again struck a famous Silicon Valley family. Former YouTube CEO Susan Wojcicki just passed away, according to social media posts by her husband, Dennis Troper, and by Google…

Student raised security concerns in Mobile Guardian MDM weeks before cyberattack

This is the second cyberattack targeting the school device management service Mobile Guardian this year.

Smartwatches shipments see sharp decline in India

India’s wearable market declined in Q2, primarily because smartwatch are not attracting consumers.

Anysphere, a GitHub Copilot rival, has raised $60M Series A at  $400M valuation from a16z, Thrive, sources say

Anysphere, a two-year-old startup that’s developed an AI-powered coding assistant called Cursor, has raised over $60 million in a Series A financing at a $400 million post-money valuation, two sources…

How to ask Google to remove deepfake porn results from Google Search

The internet is full of deepfakes — and most of them are nudes. According to a report from Home Security Heroes, deepfake porn makes up 98% of all deepfake videos…

Ecovacs home robots can be hacked to spy on their owners, researchers say

Researchers found flaws that could allow anyone to spy on the owners of Ecovacs home robots by hijacking their cameras and microphones.

The X exodus that wasn’t

When digging into the data to determine how large the exodus everyone on Threads is talking about actually is, we oddly came up short.

Substack now lets anyone publish posts, even if they don’t have a newsletter

Substack is opening up to more users with its recent announcement that anyone can now publish content on its platform without setting up a publication. With the change, Substack is…

China’s autonomous vehicle startup WeRide prepares for a US IPO

WeRide, a Chinese autonomous vehicle company, is officially gearing up for a U.S. public debut, over a year after China started easing its effective ban of foreign IPOs.  WeRide registered…

AI founders play musical chairs

Welcome to Startups Weekly — your weekly recap of everything you can’t miss from the world of startups. Want it in your inbox every Friday? Sign up here. This week we…

How a cybersecurity researcher befriended, then doxed, the leader of LockBit ransomware gang

Jon DiMaggio used sockpuppet accounts, then his own identity, to infiltrate LockBit and gain the trust of its alleged admin, Dmitry Khoroshev.

As unrest fueled by disinformation spreads, the UK may seek stronger power to regulate tech platforms

The U.K. government has indicated it may seek stronger powers to regulate tech platforms following days of violent disorder across England and Northern Ireland fueled by the spread of online…

First look at the Startup Battlefield judges at TechCrunch Disrupt 2024

The Startup Battlefield is the crown jewel of Disrupt, and we can’t wait to see which of the thousands of applicants will be selected to pitch to panels of top-tier VCs…

Humidity sucks. Transaera has a new way to deal with it

The startup’s core technology is a proprietary material that absorbs moisture from the air, allowing air conditioning to cool buildings more efficiently.

YouTube is testing a sleep timer on its Premium tier

YouTube’s latest test involves a sleep timer that pauses the video after, well, a set period of time.

Ola Electric surges 20% in India’s biggest listing in two years

Ola Electric, India’s largest electric two-wheeler maker, surged by 20% on its public debut on Friday, making it the biggest listing among Indian firms in two years. Shares of the…

Rocket Lab’s sunny outlook bodes well for future constellation plans 

Rocket Lab surpassed $100 million in quarterly revenue for the first time, a 71% increase from the same quarter of last year. This is just one of several shiny accomplishments…

CloudPay, a payroll services provider, lands $120M in new funding

In 1996, two companies, Patersons HR and Payroll Solutions, formed a venture called CloudPay to provide payroll and payments services to enterprise clients. CloudPay grew quietly over the next several…

Security bugs in ransomware leak sites helped save six companies from paying hefty ransoms

The vulnerabilities allowed one security researcher to peek inside the leak sites without having to log in.