Survey of Privacy-preserving Mechanisms and Compliance Frameworks for Secure Cloud Adoption

© 2025, AJCSE. All Rights Reserved 1
REVIEW ARTICLE
Survey of Privacy-preserving Mechanisms and Compliance Frameworks for
Secure Cloud Adoption
Dinesh Yadav*
Department of CSE, St. Andrews Institute of Technology and Management, Gurugram, Haryana, India
Received: 01-03-2025; Revised: 15-06-2025; Accepted: 01-08-2025
ABSTRACT
Digital data and improved computing technologies have expanded exponentially, prompting an
increased rate of adoption of up-and-coming IT resource delivery models. One of them has become
prominent, cloud computing, which comprises on-demand storage, application, and processing power
of the virtualized environments. The cloud model is based on some fundamental characteristics such
as scalability, elasticity, and pay-per-use and these characteristics save organizations a lot of money as
well as provide high levels of flexibility in operations. Concerns about privacy, security, and regulatory
compliance arise when critical data are stored in the cloud by unaffiliated third parties. Several privacy-
preserving techniques have been suggested, including cryptography, anonymization, homomorphic
encryption, and secure multi-party computations, to ensure long-term adoption and establish confidence.
Consistent with this trend, data governance and regulatory compliance are receiving formal frameworks
from international compliance models such as the General Data Protection Regulation, Health Insurance
Portability and Accountability Act, and National Institute of Standards and Technology standards. The
foundations, mechanisms, and compliance frameworks that underpin the secure adoption of clouds are
reviewed in this survey paper. It focuses on the interconnection between privacy-protective technologies
and regulatory needs, their effectiveness and drawbacks, and also outlines the upcoming issues. The
debate seeks to point academia and industry the way to secure, privacy-sensitive, and regulation-
compliant cloud ecosystems.
Key words: Cloud adoption, cloud computing, compliance frameworks, deployment models,
mechanisms, privacy-preserving, privacy, secure cloud, security, service models
INTRODUCTION
Cloud computing has become a revolutionary
trend in both the academic and industrial
world, which is the result of the development
and adoption of different technologies and
computational prototypes.[1]
Storage, networks,
servers, applications, and services may all be
easily accessed on demand using shared clusters.[2]
In the simplest definition, cloud computing refers
to providing scalable IT-enabled services on a
per-service basis as a service or resource provider
over the Internet so that users can access resources
dynamically without the demand to sustain costly
infrastructure.
The speed of the transition toward cloud
technologies has been catalyzed by the meteoric
Address for correspondence:
Dinesh Yadav
E-mail: dinesh.yadav@saitm.ac.in
increase in the volume of digitalized information,
enhanced internet connection speeds, and the
growing needs of flexible storage and computing
resources.[3]
The efficiency has also been enhanced
by cloud databases and virtualization, which
allows organizations to develop, deliver, and
manage applications effortlessly.[4]
Nonetheless,
this ease of use poses serious issues in data privacy,
security, and regulatory compliance courses.
Security is a required underpinning to securing
the cloud environments; however, this is not
enough to instill trust in the users. Businesses
and consumers alike are increasingly looking for
assurances that their sensitive data will remain
secure at all times, even when they are not aware
of certain threats.[5]
Encryption, secure multi-party
computation (SMPC), differential privacy, and
homomorphic encryption are examples of privacy-
preserving mechanisms (PPMs) developed to
safeguard sensitive data. These mechanisms,
Available Online at www.ajcse.info
Asian Journal of Computer Science Engineering 2025;10(3):1-9
ISSN 2581 – 3781

Yadav: Survey of Privacy-preserving Mechanisms and Compliance Frameworks for Secure Cloud Adoption
AJCSE/Jul-Sep-2025/Vol 10/Issue 3 2
however, are susceptible to trade-offs in terms
of the usefulness of data at the expense of their
privacy levels; hence, their choice and setup are
not easy. Since data gathered and processed in
cloud settings is heterogeneous, automated tools
have been suggested to aid in the configuration
of PPMs and analysis results.[6]
However, the
problem of customization of PPMs to application-
specific requirements is an open one.
In addition, there is also the concern of storage
and processing of the data, and managing data in
a secure manner with so much data movement
and volume.[7]
Despite its scalability and cost-
effectiveness, the insidious nature of cloud
computing is hampering its usage due to elaborate
and tricky compliance guidelines.[8]
The General
Data Protection Regulation (GDPR), Health
Insurance Portability and Accountability Act
(HIPAA), and the California Consumer Privacy
Act are just a few examples of the new data
protection and privacy rules that place stringent
requirements on clouds and their users.
Cloud security frameworks have been presented to
solve these risks. Such frameworks include rules,
standards, policies, tools, and best practices that
assist organizations in identifying vulnerabilities,
controlling threats, and aligning their cloud
operations to compliance requirements.[9]
Cloud
security frameworks also permit and provide a
systematic way to address risk management, and
therefore help enable cloud adoption and build trust.
Structure of the Paper
This paper is organized in the following way: in
Section II, the principles of cloud computing are
presented along with the security issues related
to cloud computing. Section III reviews privacy-
preserving mechanisms, including cryptographic
and anonymization techniques. Section IV
discusses compliance frameworks such as GDPR,
HIPAA, and the National Institute of Standards
and Technology (NIST). Section V presents
related literature, while Section VI concludes with
insights and future research directions.
BASICS OF CLOUD COMPUTING AND
SECURITY
Cloud computing is implemented using the
centralization approach. Some argue that the
advantages of modern security technologies–
including data and process segregation, high
availability, redundancy, and centralized security–
makethemthego-toforcloudcomputingproviders.
This leads providers to focus solely on protecting
the cloud architecture.[10]
However, a recent poll
reveals that individuals are quite wary of moving
their data and processes to the cloud due to privacy
and security concerns. This is because customers
do not always know where their data are stored or
processed.[11]
Some academics argue that privacy
and security concerns with cloud computing are
the biggest roadblocks to expanding the use of
cloud services. Concerning the centralization
concept and the anticipated expansion of cloud
computing, security concerns would undoubtedly
hinder its widespread adoption.
Cloud Computing Service Models
The different types of service models are briefly
explained below.All of these models are used over
the Internet and have a pay-per-use strategy.[12]
Here are the cloud service models are as follows:
• SoftwareasaService(SaaS):Cloudcomputing’s
Infrastructure as a Service (IaaS) paradigm
is one of three main ones. Figure 1 shows the
infrastructure needs of a cloud computing
platform with several layers. To execute their
programs,usersinthisapproacharegivenaccess
to computer resources. Through a network
of interconnected computers, the computing
services are made available in a simulated
setting, commonly known as the cloud.
Figure 1: The layers of cloud service models

• Platform as a Service (PaaS): Cloud-based
platform is a subset of cloud computing
that allows programmers to connect to a
platform where they may create and access
apps and services. Users can access PaaS
services through web browsers because they
are available in the cloud. The PaaS concept
relies on cloud providers to supply essential
software components such as an OS, database,
web server, and execution environment for
programming languages. IaaS: SaaS is the
third approach; it makes software available
to consumers over a cloud platform. Users of
SaaS applications will not need to be concerned
with the administration of the underlying
cloud infrastructure or platform. The service
providers are already responsible for software
installation and operation with IaaS and PaaS.
The applications are usually intended for end
users and are made available through a network
on an as-needed, pay-per-use basis.
Cloud Deployment Models
Cloud deployment tactics can be broadly
categorized into four types: public, private,
hybrid, and community.[13]
Figure 2 provides an
illustration of how each model caters to various
organizational demands in terms of control,
security, and scalability.
• Public model: Multiple users share the same
storage hardware that their cloud provider
supplies based on their subscription in
this deployment architecture. Application
development and testing, file-sharing, and
non-mission-critical operations like email
service make up the majority of public clouds’
usage.
• Private model: This type of operation uses
the cloud by a single company and has a
cloud service provider, which can do the
work on-site or off-site. The private cloud
model requires more capital for acquisition
and maintenance, making it more expensive
than the public cloud model. Organizations’
security and privacy issues are best handled
by private clouds.
• Hybrid model: This deployment strategy is
essentially a hybrid of the public and private
cloud architectures, wherein an organization
makes use of both types of cloud services.
Businesses that experience cyclical storage
needs often employ hybrid cloud solutions.
• Community model: Government agencies,
financial institutions, businesses, etc., all work
together under this approach.
Security and Privacy Challenges in Cloud
Adoption
Data breaches, unauthorized access, and insider
threats that threaten confidentiality are some of the
issues that come with using cloud computing.[14]
In
addition, issues such as data location, regulatory
compliance, and lack of transparency create
barriers to maintaining privacy and trust in cloud
environments:
• Immoral use and abuse of cloud computing:
Storage and bandwidth capacity are just
two of the many functions made available
to consumers by cloud computing
infrastructure.[15]
However, malicious users
and attackers are quick to exploit these
weaknesses because the cloud infrastructure
has limited control over these resources.
• Malicious insider attackers: One of the most
underratedtypesofassaults,attacksperpetratedby
hostile insiders, has the potential to compromise
every part of the cloud infrastructure.
• Vulnerable programming interfaces: One
feature of cloud services that allows user
engagement at all levels is the publication of
application programming interfaces (APIs)
that make deployment or development easier.
The cloud architecture becomes even more
intricate with the addition of these APIs.
• Data leakage and loss: A significant concern
with cloud computing is data leakage, which
occurs as a result of the constant movement
Figure 2: Cloud deployment models

and transmission of data between unrelated
networks.The largest problem in the ITindustry
rightnowisdatatheft,whichhappenswhendata
are lost. This has terrible financial ramifications
for companies and their consumers.
• Distributed technology vulnerabilities:
Virtualization for shared on-demand services
is a feature of the multi-tenant architecture.
This means that several users with access to
the same application can share it.
PRIVACY-PRESERVING MECHANISMS
IN CLOUD COMPUTING
Protecting personal data, sanitization processes
such as generalization, suppression, perturbation,
anonymization, permutation, and slicing are
frequently used by mechanisms. By erasing or
altering data properties, sanitization aims to
safeguard sensitive information. The substitution
of a more generalized value for an existing one
is the same as generalization.[6]
For example,
establishing a hierarchy for category attributes
and substituting intervals for numerical data are
two examples. One way to hide data is to remove
part of its values from an attribute; this is called
suppression.[16]
In tables, this action is commonly
used to remove an entire row of entries or all of the
values of an attribute from a column. The process
of perturbation entails substituting values with
identical statistical information for the original
data.Adding noise is a frequent way to accomplish
this procedure. To avoid associating sensitive
attributes with quasi-identifiers, anatomization
involves de-associating the two in two different
databases. Rearranging values after they have
been partitioned into a set is what a permutation
is all about. It is common practice to combine
this procedure with slicing, even though it is
insufficient for real-world data when used alone.
Cryptographic Approaches
The goal of cryptography is to make data
unintelligible to anybody who does not have the
proper key to decipher it. The primary goal of
cryptography is to prevent unauthorized people
from gaining access to sensitive data.[17]
The three
pillars of security are availability, integrity, and
confidentiality. Protecting sensitive data stored in
the cloud is the primary goal of cryptography.[18]
Two types of algorithms exist: (i) those that rely
on symmetric keys and (ii) those that rely on
asymmetric keys and are also known as public-key
sets of rules. The goal of data cryptography is to
encrypt data in a way that makes it unintelligible,
undecipherable, and invisible during storage and
transmission,whetheritistextormedia.Encryption
is the name given to this technique.[19]
Decryption
refers to the opposite process of obtaining the
genuine records from encrypted ones. It is possible
to encrypt records on cloud storage using either
symmetric or asymmetric keys; but, as illustrated
in Figure 3, a symmetric key-based technique is
faster for the majority of databases and information
stored in cloud storage.
Data Anonymization Techniques
Data anonymization techniques are employed to
safeguard sensitive information while enabling
valuable research and analysis.[20]
To avoid
personal identification, these strategies use
different types of data obfuscation or modification.
Below are some of the most common types of data
anonymization techniques:
• Generalization: The process of generalization
entails substituting more general categories or
ranges for more particular data values. This
reduces the granularity of data, thus protecting
individual privacy while maintaining some
level of useful information.
• Suppression: Suppression refers to the
complete removal of sensitive data fields
or attributes from a dataset. This method is
applicable in cases where some points of data
information are felt to be too sensitive to save.
• Data Masking: Data masking is the practice
of hiding sensitive information using fake or
encrypted values while keeping the underlying
data’s format and structure intact. Ensuring
the security of sensitive data while preserving
its usefulness for testing or analysis is the
fundamental objective.
Figure 3: Symmetric-key cryptography

• Perturbation: The perturbation alters the
original results by adding slight random
deviations, which complicates the process of
extracting specific knowledge but does not
exclude the possibility of aggregate study
• k-Anonymity: k-Anonymity guarantees that
no single dataset holding of a record can be
distinguished by at least k other records on the
attribute. This avoids re-identification such
that a collection of records does not allow de-
anonymization to one person.
SMPC
SMPC is a sophisticated system of mathematical
constructs and cryptographic techniques that
enable safe, collaborative computation over
confidential information.[21]
A number of people
can enter values into a function, and the SMPC
basically solves the problem of how to do it without
letting each other in on the secret.[22]
The section
discusses the technical properties of SMPC, i.e.,
its mathematical background, its algorithmic
description, and its cryptographic protocols:
Cryptographic protocols in SMPC
SMPC relies on a multiplicity of cryptographic
schemes so that the input of individual data is kept
secret up to the execution of the computation.
Such protocols are secret sharing, homomorphic
encryption, and oblivious transfer.
Mathematical framework
SMPC is based on the principles of number
theory and complex algebra structures. The above
classes of functions that should be computed are
often decomposed as circuits or as polynomials
to simplify the computational procedures and to
ensure a secure executive process on encrypted
data or shared data. SMPC security is normally
analyzed in a computation model where adversary
behavior and potential threats are considered
to ensure that, whatever the type of attack, the
protocol is resilient to that attack.
Algorithmic implementation
SMPC research aims to implement SMPC by
reinterpreting the cryptographic protocols and
mathematical models into computer-executable
algorithms. This involves not only the design of
efficient protocols to perform particular kinds of
computation but also optimization of protocols in
termsofspeedandresourcecosts,andtheprovision
of security against theoretical and practical attacks
on the algorithms used. The practical concerns
that should be addressed in the implementation
include network communication among the
parties, fault tolerance, and the synchronization of
the computation among the different participants.
COMPLIANCE FRAMEWORKS FOR
SECURE CLOUD ADOPTION
Compliance frameworks offer assurance to
organizations that the cloud is not disrupting
industry, legal, or regulatory laws compliance
requirements, but is rather a positive
enabler.[23]
More and more organizations are
migrating sensitive workloads to the cloud, and
compliance frameworks such as GDPR, HIPAA,
ISO/IEC 27001, NIST Cybersecurity Framework
(CSF), and Cloud Security Alliance guidance on
data integrity and confidentiality accountability
are becoming important sources of reference.
By leveraging compliance frameworks to create
a framework for compliance, organizations can
reduce risks related to data privacy, cross-border
data transfers, and regulatory obligations.[24]
Compliance in cloud strategies is going to generate
security weaknesses, risks that erode customer
trust,andlimittheavailabilityofcloudtechnologies
in specific industry, regulatory, or legal sectors.[25]
Hence, integrating compliance frameworks into
cloud strategies enables a better measure of
customer trust and the secure deployment of cloud
technologies.
GDPR Compliance
The new rule for protecting personal data in
the European Union (EU), called the GDPR,
came into effect on May 25, 2018. It affects all
companies, regardless of location, that deal with
the personal data of EU residents. By definition,
“any information relating to an identified or
identifiable natural person”[26]
is deemed personal
data according to the GDPR. Included in this
category are both direct and indirect identifiers,
such as names and government ID numbers, as
well as, when applicable, online identifiers such
as IP addresses, cookies, and device IDs:

GDPR sets out some key principles relating to the
processing of personal data.
• Lawfulness, fairness, and transparency:
Data should be processed in a lawful, fair,
and transparent manner in such a way that
individuals are informed as to what is being
done with their data.
• Purpose limitation: Collection of personal data
must have a specific, explicit, and legitimate
purpose and may not be used in other non-
related actions.
• Data minimization: Personal data required to
meet the explained purpose should be collected
in only the necessary minimum amount.
• Storage limitation: Data must be retained as
long as required by the purpose to which it
was used and must be deleted securely when
no longer needed.
• Integrity and confidentiality: Technical and
organizational measures should be put in place
to ensure the privacy of data from unauthorized
access, adjustment, or loss.
Datasubjectsareentitledtoavarietyofrightsunder
it, including the following: access, rectification,
erasure (“right to be forgotten”), restriction of
processing, data portability, objecting, and rights
pertaining to automated decision-making and
profiling.
HIPAA Compliance
“HIPAA” stands for the Health Insurance
Portability andAccountabilityAct.Administrative
simplification, a provision of the HIPAA of
1996, places an emphasis on the need to secure
health information to improve the efficiency
and effectiveness of the healthcare system. The
security, efficiency, and efficacy of the country’s
healthcare system are meant to be enhanced by
the standard. Under specific conditions, HIPAA
mandates the acquisition of consent before
the disclosure of personally identifiable health
information.[27]
After de-identification, sharing
health information without agreement is no
longer restricted by the Privacy Rule. “Covered
entities”[28]
refer to businesses that must follow
HIPAA rules. Health insurance companies,
healthcare aggregators, medical facilities, home
health agencies, nursing homes, pharmacies, labs,
doctors, physical therapists, and primary care
physicians are all examples of covered entities.
NIST CSF
The NIST CSF was created in reaction to
Executive Order 13636 of 2013 to strengthen the
cybersecurity of America’s vital infrastructure.
It provides a voluntary, risk-based approach
that organizations can adopt to strengthen their
cybersecurity posture.[29]
Identify, protect, detect,
respond, and recover are the five pillars on
which the framework rests, and they encompass
the whole range of cybersecurity operations
that a company may undertake. These features
are useful for handling important things such as
system recovery, incident response, monitoring,
access control, and asset management. The
framework can help businesses with a variety
of tasks, including assessing the efficacy of
vulnerability scanning procedures and how they
fit into a larger risk management plan. Figure 4
depicts the five core functions of the NIST CSF:
Identify risks through assessment, protect systems
with proactive safeguards, detect threats through
continuous monitoring, respond with incident
containment, and recover through resilience
planning, ensuring comprehensive cybersecurity
management.
Figure 4: The National Institute of Standards and Technology cybersecurity framework

LITERATURE REVIEW
This literature Summary highlights diverse
advancements in cloud security, encompassing
risk assessment, privacy-preserving encryption,
distributedlearning,audience-basedauthorization,
fog-based access control, and SDN-enabled
architectures, while emphasizing persistent
challenges and outlining future research directions
for secure cloud adoption.
Drissi et al. offered the newest solutions to
evaluating risks on cloud, thus adding to the
progress of an integrated RA as well as taking up
the peculiarities of the cloud and the complexity
of the system into consideration. Furthermore, it
is used to discuss the procedure of further research
work that should contribute to the improvement
of RA in terms of various criteria. This industrial
revolution is based on key aspects of Cloud
Computing, AI, Big Data, and the Internet of
Things (IoT). Cloud Computing is a service
that provides organizations with a variety of
possibilities which include flexibility, scalability,
and cost effectiveness.[30]
Mohamoud et al. examine the problem of image
privacy in cloud computing ecosystems and suggest
anewparadigmofprivacy-enhancedimagesecurity
based on the combined use of intelligent encryption
mechanisms. The main research topic here is to
prevent the security of sensitive visual information
when the information is stored and processed
within cloud platforms, in which conventional
encryption cannot be sufficiently used to maintain
confidentiality and utility. The proposed resolution
utilizes a smart encryption function that morphs
according to the image to be encrypted, providing
a high level of protection that does not compromise
the needs of image processing within the clouds
to be efficient. The results of this study are useful
in continued conversation on privacy-preserving
methods in cloud computing and can provide a
fruitful direction in the creation of secure, efficient
image protection interventions.[31]
Afzal et al. developed the paradigms emerging
in distributed learning. The next section will
provide a high-level review of distributed
learning-related privacy and security concerns,
and then it will offer solutions to those concerns.
Furthermore, highlight key areas of opportunity
and challenge for future research on distributed
systems strengthening. A number of approaches
have recently emerged that can support ubiquitous
IoT systems with distributed learning and
pervasive computing. To address the drawbacks
of centralized learning, such as privacy concerns
and delay caused by sharing local data, several
decentralized solutions have been put forward,
with distributed computations being seen as a
potential replacement for centralized learning.[32]
Yi et al. propose a unique method for protecting
personal data, wherein the effect of each audience
on the data owner’s privacy problem is assessed.
More specifically, to satisfy the information
owner’s subjective needs, it is recommended
to apply prospect theory to align the audience’s
impact with the owner’s criteria. Access to the
information should only be allowed to audiences
that fit these matching parameters. Ciphertext-
policy Attribute-based Encryption is also
employed by the proposed method, which can
likewise prevent service providers from obtaining
private data. Thus, the mechanism grants the data
owner the ability to fulfill its unique needs while
minimizing risk posed by individuals and service
providers.[33]
Gai et al. A fog-based access filter (FAF) is
a concept for multi-layer access filtering that
is specifically intended for fog computing
environments that prioritize privacy. The three
primary algorithms that comprise FAF are tuple
reduction, optimal privacy-energy-time, and
access filter initialization. To further differentiate
the security goals, a hierarchical classification is
employed. The experimental evaluation results
demonstratethatFAFsuccessfullystrikesabalance
between privacy protection and computing costs.
Even among conservative and delicate spheres
like the military and governments, fog computing
is gaining traction.[34]
Liang et al. propose a safe cloud using cloud
computing, add security agents to the business
cloud, link the two clouds using software-
defined networking, and use the security agents
to dynamically partition the business cloud into
logically separate areas. Consequently, security is
considered independently of the business cloud’s
implementation technology and deployment
scheme. To improve the security of network
information, a protection scheme for information
security in a cloud computing environment is
suggested, taking into account certain factors’
characteristics.[35]

Table 1 provides a synopsis of current research
on privacy-preserving methods and compliance
frameworks for safe cloud adoption, comparing
different studies and highlighting methodologies,
important results, difficulties, and potential future
research directions.
CONCLUSION AND FUTURE WORK
Cloud computing has transformed the digital world
by providing scalability, flexibility, and cost-
effectivesolutionsthatalloworganizationstoutilize
storage, processing, and applications efficiently.
Through its deployment models, it reduces
infrastructurecostswhileofferingaccessibilityand
performance benefits across industries. However,
this paradigm shift is accompanied by persistent
challenges in security, privacy, and compliance,
which continue to hinder universal adoption.
Cyberattacks, insider threats, and the complex
demands of regulatory frameworks highlight the
need for strong and consistent solutions. Privacy-
preserving technologies, including cryptographic
protocols, anonymization, and SMPC, along with
internationally recognized guidelines such as
GDPR, HIPAA, and NIST, are crucial in building
trust and accountability. Despite its enormous
potential as a driver of digital transformation, a
critical concern remains in balancing usability and
efficiency with stringent security controls. High
implementation costs, compliance complexity,
and performance overhead also limit widespread
adoption.
The future of cloud security lies in the
advancement of cryptographic algorithms, AI-
based threat detection, and blockchain-enabled
trust models. Optimized privacy-preserving
strategies, integrated compliance monitoring, and
harmonized international regulations will support
secure scalability. Furthermore, energy-efficient
practices, combined with seamless integration of
IoTand edge environments, will shape sustainable,
trusted, and globally adopted cloud solutions.
REFERENCES
1. Verma V. Big data and cloud databases revolutionizing
business intelligence. Tech Int J Eng Res 2022;9:48-58.
2. Reley A, Jain A, Sabri MS. A literature survey on
privacy-preserving in cloud storage. SSRN Electron J
2018;7:7-14.
3. Shah V. Securing the cloud of things : A comprehensive
analytics of architecture. Use cases, and privacy risks.
ESP J Eng Technol Adv 2023;3:158-65.
4. Neethu J, Daniel E, Vasanthi NA. Survey on Privacy-
Preserving Methods for Storage in Cloud Computing.
Berlin: Research Gate; 2013. p. 1-4.
5. Shah V. Managing security and privacy in cloud
Table 1: Summary of a study on privacy‑preserving cloud adoption frameworks
Authors Study on Approach Key findings Challenges Future directions
Drissi
et al. (2025)
Risk
assessment (RA) in
cloud computing
Integration of AI, Big
Data, IoT with Cloud
Computing
Proposed solutions
for comprehensive
RA addressing cloud
complexities
Handling multi‑criteria
risk factors in dynamic
cloud environments
Develop adaptive RA
frameworks considering
evolving cloud risks
Mohamoud
et al. (2024)
Image privacy in the
cloud
Intelligent encryption
techniques
Preserves
confidentiality and
utility of cloud‑based
image processing
Traditional encryption
fails in maintaining
both privacy and
usability
Advance adaptive encryption
for real‑time cloud image
security
Afzal
et al. (2023)
Protecting personal
information during
remote education
Survey of decentralized
learning approaches in IoT
Distributed systems
mitigate privacy risks
of centralized learning
Privacy leakage,
latency, and system
robustness
Explore robust
privacy‑preserving
distributed learning
frameworks
Yi et al. (2022) Audience‑based
privacy‑preserving
mechanism
CP‑ABE + Prospect
theory
Selective
authorization ensures
owner‑controlled
privacy
Balancing subjective
privacy requirements
with system efficiency
Extend CP‑ABE for scalable,
user‑centric privacy in cloud
Gai et al. (2022) Fog‑based access
control
Fog‑based Access
Filter (FAF) with
multi‑layer filtering
Achieves balance
between privacy
protection and
computational costs
High complexity in
fog environments
Enhance scalability and
efficiency in fog‑cloud
integration
Liang
et al. (2021)
Protecting data in
the cloud
security agents in an
SDN‑enabled cloud
Proposes logically
isolated business
cloud areas for
enhanced security
Integration overhead
and management of
distributed agents
Design lightweight, adaptive
cloud–SDN security
architectures
CP‑ABE: Ciphertext‑policy Attribute‑based Encryption

frameworks : A risk with compliance perspective for
enterprises. Int J Curr Eng Technol 2022;12:606-18.
6. Cunha M, Mendes R, Vilela JP. A survey of privacy-
preserving mechanisms for heterogeneous data types.
Comput Sci Rev 2021;41:100403.
7. Najana M, Ranjan P. Compliance and regulatory
challenges in cloud computing: A sector-wise analysis.
Int J Glob Innov Solut 2024.
8. Maddali G, Wawge SJ. Site Reliability Engineering.
United States: O’Reilly Media, Inc; 2025.
9. Chauhan M, Shiaeles S. An analysis of cloud security
frameworks, problems and proposed solutions. Network
2023;3:422-50.
10. Alashoor T. Cloud computing: A review of security
issues and solutions. Int J Cloud Comput 2014;3:228.
11. Sharma A, Kabade S. Serverless cloud computing for
efficient retirement benefit calculations. Int J Curr Sci
2022;12:858-62.
12. Dash SB, Saini H, Panda TC, Mishra A. A theoretical
aspectofcloudcomputingservicemodelsanditssecurity
issues: A paradigm. J Eng Res Appl 2014;4:2248-9622.
13. Patkar U, Singh P, Panse H, Bhavsar S, Pandey C. Cloud
computing and security fundamentals. Int J Comput Sci
Mob Comput 2022;11:18-24.
14. Abdulsalam YS, Hedabou M. Security and privacy in
cloud computing: Technical review. Fut Int 2022;14:11.
15. Bheri SP, Modalavalasa G. Advancements in cloud
computing for scalable web development: Security
challenges and performance optimization. J Comput
Technol 2024;13:1-7.
16. Prajapati NK. Federated learning for privacy-preserving
cybersecurity: A review on secure threat detection. Int J
Adv Res Sci Commun Technol 2025;5:520-8.
17. Bhargav AJ, Manhar A. A review on cryptography in
cloud computing. Int J Sci Res Comput Sci Eng Inf
Technol 2020;6:225-30.
18. Patel D, Tandon R. Cryptographic trust models and
zero-knowledge proofs for secure cloud access control
and authentication. Int J Adv Res Sci Commun Technol
2022;2:749-58.
19. Prajapati NK. Review of quantum computing advances
and their impact on modern cryptographic security. Int
J Innov Sci Res Technol 2025;10:2023-35.
20. Raghunathan B. Data anonymization techniques. In:
The Complete Book of Data Anonymization. Florida:
Auerbach Publications; 2013. p. 192-217.
21. Patel UH. Secure multi-party computation (SMPC) for
privacy-preserving data analysis. Int J Creative Res
Thought 2024;12:2320-882.
22. Modalavalasa G, Pillai S. Exploring azure security
center : A review of challenges and opportunities in
cloud security. ESP J Eng Technol Adv 2022;2:176-82.
23. Nerella VM. Architecting secure, automated multi-
cloud database platforms strategies for scalable
compliance. Int J Intell Syst Appl Eng 2021;9:128-38.
24. Folorunso A, Babalola O, Nwatu CE, Ukonne U.
Compliance and governance issues in cloud computing
and AI: USA and Africa. Glob J Eng Technol Adv
2024;21:127-38.
25. Narang S, Gogineni A. Zero-trust security in intrusion
detection networks: An AI-powered threat detection
in cloud environment. Int J Sci Res Mod Technol
2025;4:60-70.
26. Kanungo S. Data privacy and compliance issues in
cloud computing: Legal and regulatory perspectives.
Int J Intell Syst Appl Eng 2024;12:1721-34.
27. Janumpally BK. A review on data security and privacy
in serverless computing: Key strategies, emerging
challenges. Int J Innov Sci Res Technol 2025;10:9.
28. Tyagi P, Aggarwal N, Dubey BP, Pilli ES. HIPAA
compliance and cloud computing. Int J Comput Appl
2013;70:29-32.
29. Edwards J, Weaver G. NIST cybersecurity framework.
In: Cybersecurity Guid. To Governance, Risk,
Compliance. Vol. 10. United States: IEEE; 2024.
p. 191-207.
30. Drissi S, Chergui M, Khatar Z. A systematic literature
review on risk assessment in cloud computing:
Recent research advancements. IEEE Access
2025;13:76289-307.
31. MohamoudAH, Gupta G, KumarA. Privacy-Preserving
Image Protection in Cloud Computing Using Intelligent
Encryption. In: 2024 OPJU International Technology
Conference (OTCON) on Smart Computing for
Innovation and Advancement in Industry 4.0; 2024.
p. 1-5.
32. Afzal MU, Abdellatif AA, Zubair M, Mehmood MQ,
Massoud Y. Privacy and security in daistributed
learning: A review of challenges, solutions, and open
research issues. IEEE Access 2023;11:114562-81.
33. Yi Y, He J, Zhu N, Ma X, Luo Y. A Privacy-Preserving
Mechanism Based on Privacy Situation Awareness for
Information Sharing in OSNs. In: 2022 3rd
International
Conference on Electronics, Communications and
Information Technology (CECIT); 2022. p. 285-90.
34. Gai K, Zhu L, Qiu M, Xu K, Choo KK. Multi-access
filtering for privacy-preserving fog computing. IEEE
Trans Cloud Comput 2022;10:539-52.
35. Liang H, Liu H, Dang F, Yan L, Li D. Information
System Security Protection Based on SDN Technology
in Cloud Computing Environment. In: 2021 IEEE
International Conference on Advances in Electrical
Engineering and Computer Applications (AEECA);
2021. p. 432-5.

Survey of Privacy-preserving Mechanisms and Compliance Frameworks for Secure Cloud Adoption

More Related Content

Similar to Survey of Privacy-preserving Mechanisms and Compliance Frameworks for Secure Cloud Adoption

More from BRNSSPublicationHubI

Recently uploaded

Survey of Privacy-preserving Mechanisms and Compliance Frameworks for Secure Cloud Adoption