Data protection remains the most prominent concern when it comes to cloud computing. Organizations store highly sensitive data within cloud platforms, like financial records, healthcare data, proprietary research, and government documents. If the contents of these were to be breached, the consequences would be very severe
Al-Otaibi (2) identifies key data security challenges, including data leakage, improper segregation, data remoteness, and privacy exposure. Data leakage may occur due to weak authentication controls, misconfigured storage systems, or insufficient encryption. Improper segregation can arise when logical isolation mechanisms fail, allowing unintended access between tenants. With how hands-off cloud data is, the more complicated this is. Since data may be stored across multiple geographic regions, organizations may lack precise knowledge of its physical location. This uncertainty complicates compliance with national and international regulations.
Data security in the cloud must be considered across three states: data at rest, data in transit, and data in use. Encryption is commonly implemented to protect data at rest and in transit. But even encryption does not completely eliminate risks if key management practices are weak. Elsherbiny et al. (6) highlight authentication weaknesses, insecure APIs, and inadequate identity and access management (IAM) controls as recurring vulnerabilities. Even strong encryption mechanisms can be undermined if access credentials are compromised.
In order to address privacy concerns while data is being processed, researchers have explored advanced cryptographic approaches. Junior et al. (4) conduct a systematic review of homomorphic encryption techniques in cloud environments. Fully Homomorphic Encryption (FHE) enables computations to be performed directly on encrypted data without decrypting it, thereby preserving confidentiality during processing. In theory, FHE could eliminate a major vulnerability associated with cloud computing, the exposure of data during computation.
However, Junior et al. (4) also identify substantial performance limitations. FHE introduces high computational complexity, increased communication overhead, and significant energy consumption. This directly restricts real-time deployment in large-scale environments. This illustrates a broader theme in cloud security: stronger privacy protections often introduce performance trade-offs. Organizations must balance confidentiality with scalability and efficiency, particularly in environments that prioritize high availability and rapid processing.