Previous Article in Journal
Permissionless Blockchain Recent Trends, Privacy Concerns, Potential Solutions and Secure Development Lifecycle
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Future Internet
Volume 17
Issue 12
10.3390/fi17120548
futureinternet-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Review

Defending the Distributed Skies: A Comprehensive Literature Review of the Arena of Multi-Cloud Environment

by
Labib Hasan Bayzid
1,
Tonny Shekha Kar
1,*,
Mohammad Tariqul Islam
2,3,
Md. Shabiul Islam
4,5,* and
Firoz Ahmed
1
1
Department of Computer Science, American International University Bangladesh, Dhaka 1229, Bangladesh
2
Department of Electrical, Electronic and Systems Engineering, Faculty of Engineering and Built Environment, Universiti Kebangsaan Malaysia (UKM), Bangi 43600, Selangor, Malaysia
3
Computer and Information Sciences Research Center (CISRC), Imam Mohammad Ibn Saud Islamic University (IMSIU), Riyadh 11646, Saudi Arabia
4
Centre for Advanced Devices and Systems, Centre of Excellence for Robotics and Sensing Technologies, Multimedia University, Persiaran Multimedia, Cyberjaya 63100, Selangor, Malaysia
5
Faculty of Artificial Intelligence and Engineering, Multimedia University, Persiaran Multimedia, Cyberjaya 63100, Selangor, Malaysia
*
Authors to whom correspondence should be addressed.
Future Internet 2025, 17(12), 548; https://doi.org/10.3390/fi17120548 (registering DOI)
Submission received: 15 October 2025 / Revised: 21 November 2025 / Accepted: 25 November 2025 / Published: 28 November 2025
Browse Figures
Versions Notes

Abstract

The rapid implementation of multi-cloud architectures, such as the integration of services from multiple cloud providers, gives organizations enhanced flexibility, resilience, and vendor independence. However, the multi-cloud model presents complicated security challenges due to diverse platforms, fragmented governance, and increased areas of concern. This paper presents a comprehensive literature review of the multi-cloud environment arena, focusing on the analysis of threats, vulnerabilities, cost optimization, mitigation strategies, and research trends. It covers a comprehensive range of risks, including data breaches, insider threats, API exploitation, configuration errors, and emerging multi-vector attacks, as well as the cumulative complexity of aligning policies, managing identities, and ensuring compliance across diverse providers. The review analyzes existing and proposed defence mechanisms, spanning cryptographic techniques, fuzzy-logic decision frameworks, AI and ML-driven detection systems, as well as integrated Identity and Access Management (IAM) systems. Analysis of relevant literature reveals a progression from basic foundational encryption systems toward more sophisticated, policy-driven, and collaboration-capable security frameworks. Additionally, the paper identifies significant research gaps in real-world validation, cost optimization, and unified governance models. This research departs from prior work by integrating multiple perspectives rather than limiting its scope to a single area such as security, defence, or cost optimization. It also provides new researchers with comprehensive background information on cloud architecture within a single article.

Graphical Abstract

1. Introduction

The Cloud has emerged as a transformative force for entire industries, not only revolutionizing IT but also driving immense changes in sectors worldwide. It is observed that adaptation continues to accelerate, driven by growing demand for scalable and affordable infrastructure services that provide fast access to applications. The recent statistics illustrate that the cloud’s market share achieved 43% agility [1,2], as it has been mostly adopted by small to medium-sized enterprises, in particular, who have embraced cloud solutions to lower infrastructure expenditures and improve operational agility [3,4]. Financial services firms are leading the charge in adopting multi-cloud approaches as more than 90% of businesses worldwide use cloud computing in their operations [5]. In addition, 84% of organizations report that their workloads are distributed across various cloud services, and tech companies are twice as likely as other industries to have recently hired new cloud professionals [5]. Although cloud computing provides a range of services, including infrastructure, platforms, and applications, ensuring the security of sensitive big data remains a significant struggle. Industries such as healthcare, defence, and government routinely store confidential information in cloud environments, yet users often lack confidence in their providers’ protective measures [1]. Cloud environments encompass a variety of components, including networks, operating systems, memory management systems, and even databases, all of which can be targeted by different types of security attacks [1]. The conventional dependency on a single cloud provider in the cloud computing space is diminishing due to concerns related to service availability and security threats, such as potential malicious insiders.
Figure 1 highlights the evolution of cloud computing from virtualization in 1967 to modern AI, the Internet of Things (IoT), and edge computing. It highlights key developments, such as SaaS, hybrid cloud, and the shift toward intelligent and distributed systems.
As a result, there is an increasing adoption of multi-cloud strategies frequently referred to as inter-cloud or cloud-of-clouds, where services are distributed across multiple cloud providers. This shift demonstrates the evolution of cloud computing from centralized, replication-focused systems to more diverse, technology-driven solutions tailored to specific contexts, and it is vulnerable to attacks [1,24,25,26]. Consequently, businesses are now at times orchestrating workflows in a sequential or parallel manner across multiple providers, leveraging the flexibility and resiliency to run their applications, which is referred to as a multi-cloud approach. A multi-cloud environment combines and interconnects two or more private or public cloud platforms to leverage their collective strengths, such as optimizing data storage capacity, improving security measures, ensuring confidentiality, facilitating efficient sharing and collaboration within disparate systems [27,28,29]. The Futurescape report issued by International Data Corporation predicted, in the context of multi-cloud adoption, that by 2020, more than 85% of large enterprises would have shifted their IT operations to a multi-cloud environment [27,30,31].
Despite the many advantages of multi-cloud, it still lacks in ensuring the security of stored data. To address this issue, many researchers have focused on multi-cloud approaches to enhance data security [1,4,32]. This paper concentrates on the major data security issues and research gaps in multi-cloud environments. It analyzes how sharing data across multiple potentially untrusted cloud providers raises risks, particularly concerning highly sensitive information such as medical records, military or government data, and credit card information. It emphasizes the methods that prevent external attackers and malicious insiders from accessing the data.
To the best of our knowledge, limited prior reviews have simultaneously examined the interconnections among core domains of multi-cloud research. This study integrates four primary perspectives, such as security, Identity and Access Management (IAM), data provenance, and SLA or cost-aware orchestration, into a unified taxonomy and analytical framework. By correlating these axes through consistent evaluative criteria and comparative discussion, the paper provides a balanced and comprehensive understanding of multi-cloud environments that extends beyond domain-specific analyses. In alignment with this aim, the primary objectives of this study are the following:
  • Comprehensive literature review of multi-cloud security: Comprehensive collection and synthesis of recent research on threats, defences, and operational concerns in multi-cloud environments.
  • Taxonomy of attacks and defence families: Clear classification of threat classes and countermeasure categories.
  • Comparative trade-off analysis: Evaluation of security techniques in terms of cost, latency, complexity, and deployment feasibility across providers.
  • Identification of critical gaps, practical research agenda, and recommendations.
The rest of the paper is organized as follows. Section 2 provides background on cloud service models, deployment types, and traces the evolution of hybrid IT and multi-cloud strategies as well as their motivating trade-offs. Section 3 analyzes the threat landscape and specific attack classes that affect multi-cloud systems. Section 4 presents a comparative study of prior works. Section 5 discusses persistent security challenges unique to multi-cloud architecture. Section 6 surveys possible solutions and frameworks, also highlights emerging technologies and enterprise-grade solutions, primarily to influence multi-cloud security. Section 7 synthesizes the most important research gaps and recommended directions for future research. Conclusions along with forthcoming research and evaluation priorities are discussed in Section 8.

2. Background

Cloud refers to a model of service delivery that enables users to access IT resources such as servers, storage, and software from a shared pool on the internet, thereby providing ubiquitous and on-demand access [33,34]. In the same way that a utility functions, it abstracts the complexities of underlying hardware and software infrastructures from end users. Most importantly, the term “cloud” gained the most user traction in 2006, which led to a surge in its popularity [35]. The term “cloud computing” refers to a specific area of interest within distributed computing, specifically the delivery and use of services provided by providers such as Google, IBM, Amazon, and others. Although often referred to as an advanced and sophisticated paradigm, cloud computing has existed for several decades [36]. The National Institute of Standards and Technology (NIST) [4] describes cloud computing as
Definition 1.
A model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.
Figure 2 highlights cloud computing as a virtualized, service-based model that offers scalable, real-time access to IT resources. It emphasizes mobility, data center delivery, shared infrastructure, and consumption-based billing.
Cloud computing offers a cost-effective approach to managing modern IT applications and systems by enabling efficient resource allocation and utilizing a pay-per-use billing model [45,46,47,48,49,50]. It supports automatic scaling based on demand, minimizes initial capital expenditures through a pay-as-you-go pricing structure, and enables the rapid deployment of applications in virtualized environments [51,52,53]. In subscription-based service frameworks, the reliability and integrity of technical support are ensured through service-level agreements (SLAs) [36]. Through the use of distributed and redundant infrastructure, cloud services offer high availability, improved reliability, and robust security while also providing integrated disaster recovery and compliance with regulations. As a result, this model enables organizations, particularly small and medium enterprises, to concentrate on innovation, leverage advanced technologies such as big data analytics and machine learning, and engage in seamless global collaboration with reduced latency [54]. Thus, cloud computing has emerged as a critical component for contemporary organizations that want to achieve greater agility, operational efficiency, and sustained competitive advantage. The Cloud computing architecture comprises two primary components [36]. The front end, as the user-facing segment, encompasses the interfaces and devices that enable clients to access and interact with the system. The back end, as the infrastructural segment, consists of servers, storage devices, networking equipment, and other resources that provision and support cloud services. Together, these front-end and back-end elements form the complete cloud computing environment, with the user interface serving as the principal endpoint for user engagement.
Figure 3 illustrates the layered cloud computing model, detailing user interaction with SaaS, PaaS, and IaaS through networks and front-end interfaces. It highlights how providers manage infrastructure, APIs, and security to deliver services.

2.1. Cloud Service Providers

Cloud computing underpins a broad spectrum of business services by providing demand-driven computing capabilities that are scalable and available on demand. Cloud service providers offer a variety of storage solutions, including object, block, and file storage—tailored to meet diverse data requirements [56]. These services are hosted in large-scale distributed data centers that span multiple geographic locations [57]. Providers strategically balance the efficient utilization of physical infrastructure with the optimization of network performance and cost-effective resource allocation. Fundamentally enabled by virtualization technologies and distributed network architectures, cloud computing empowers users to access a wide range of services without the need to own or manage physical infrastructure. This model provides scalable, cost-effective technology solutions for both enterprises and individual users [58]. Cloud computing is a service-oriented model that offers pay-per-use infrastructure, platforms, and software as services over the Internet [36,57,59]. Initially, this field emerged with Information- as well as Software services through Amazon Web Services and Salesforce.com, further branching out vertically through a middleware framework called Platform-as-a-Service [60]. This development, demonstrated by platforms such as Force.com and Google App Engine, streamlines resource consumption and facilitates cloud-based application development [60].
Cloud-based storage offerings are engineered to address a wide range of needs, for instance, object storage holds large amounts of unstructured data, block storage supports virtual machines, and file storage shares data through network-attached storage [56]. Additionally, cloud platforms enable data access and manipulation through services such as Amazon S3, Microsoft SkyDrive, and Amazon EC2, while also supporting collaborative activities and version control through tools such as Google Apps and repository services [4,61]. Beyond individual or small-scale applications, cloud computing plays an integral role in enterprise operations. For example, it supports large-scale media delivery as seen with Netflix, and extends to routine services such as email backup through Gmail and synchronization with smartphones [62,63].
Table 1 highlighted the summarization of cloud services from major providers, categorized by service model (IaaS, PaaS, SaaS) and their core functions. It highlights how different platforms support various computing needs, including storage, Customer Relationship Management(CRM), project management, and development.
Ensuring the security of customer data represents a primary obligation for cloud service providers, who must also accept accountability for any vulnerabilities that might compromise their clients’ service infrastructures [4]. By actively leveraging cloud-based networking and infrastructure platforms, users obtain rapid, location-independent access to information, extensive data storage and recovery capabilities, robust defences against unauthorized intrusion, and fine-grained, on-demand security controls [64]. Furthermore, deliberate optimization of cloud services across emerging domains such as microservices architectures, big data analytics, the IoT, and eScience holds significant promise for advancing both industrial applications and scholarly research endeavours [65,66,67].

2.2. The Evolution of Hybrid and Multi-Cloud

The cloud computing market is expanding quickly, with a valuation of USD 0.68 trillion in 2024 and is expected to reach USD 1.44 trillion by 2029. This demonstrates a solid CAGR of 16.40% in the coming years [5]. The growth of the Internet of Things fuels the expansion. The shift in data characterizes the IoT paradigm, which has transitioned from centralized locations to edge-computed locations; therefore, traditional cloud computing is less efficient than distributed computing CapEx and OpEx services, as the number of computing and storage services required is overwhelming [24]. Initially, as cloud computing companies migrated their applications and workloads onto the public cloud, they quickly realized that relying on one single cloud service provider did not provide the best scalability, cost management, or performance [36]. Across recent years, Cloud services have evolved from a single external computing service provider to a broad, context-aware, and technology-driven system, resulting in users moving from dependence on a single cloud vendor to multi-vendor cloud services. The optimization of multi-cloud approaches has been driven by concerns regarding service downtimes or failures, as well as hostile insider risks in single cloud environments, which have set the stage for inter-cloud and cloud-of-clouds concepts [4,24]. To maximize the available resources in a flexible, powerful, and efficient manner, organizations have adopted hybrid and multi-cloud strategies, which outsource both private and public cloud IT services [64,68]. Multi-cloud is a unified cloud service that enables the integration of multiple cloud services from different providers to optimize the workload hosting, data storage, security, and sharing [27,28,29]. In a single cloud environment, an attack may compromise the data confidentiality, leading to data loss, and subsequently resulting in data unavailability [69,70]. Conversely, utilizing a multi-cloud approach mitigates this risk by replicating data across multiple cloud infrastructures; if one cloud is compromised, another continues to provide the necessary data, ensuring its availability remains unaffected [4,69]. This allows companies to optimize resource utilization by leveraging the capabilities of each provider, minimizing the risks associated with vendor lock-in. Additionally, businesses can change service providers or bring on new offerings without hassle as their needs change [27,71,72,73]. In contrast to hybrid cloud strategies that combine private and public clouds to maximize resource utilization, multi-cloud approaches focus on utilizing different public cloud vendors such as Amazon Web Services, Azure, and GCP for specific business requirements [73]. Despite the difficulties faced, the institutions are still implementing hybrid and multi-cloud approaches to enhance performance and minimize risks, which stresses the need to analyze these shifts for optimizing the security of cloud ecosystems while ensuring their growth [5].
The challenges, benefits, and characteristics of the different cloud computing deployment models are highlighted in Table 2. The model is designed to help an organization define its objectives and scope systematically.
There is an emerging trend in new research analyzing multi-cloud structures [4,75,76,77,78] that utilizes multiple cloud services within the same company, thereby reducing dependence on a single provider [64]. However, this shift introduces risk, now a major security challenge [79], especially in the areas of threat detection and management, and multi-clouds have become the target of complex cyber-attacks [64].

3. Navigating the Storm

Organizations achieve easier management, resilience, and escape from vendor lock-in with multi-cloud environments; however, these distributed and heterogeneous systems also create significant security challenges. Resources and identities being distributed across several providers mean an expanded attack surface, exposing the systems to traditional threats like data breaches and Denial-of-Service attacks, as well as contemporary threats such as API exploitation and misconfigurations. The complexity of this scenario requires a multi-cloud protection approach that is more cohesive than that of a single-cloud system, and that includes sophisticated and fully mapped adaptive defences.
This section describes the threat landscape of multiple clouds, including the major classes of attacks and systemic weaknesses arising from the disparate and diverse structural configurations.

3.1. Attacks

A Multi-cloud environment integrates services from multiple cloud providers to achieve greater reliability and flexibility while minimizing the risk of vendor lock-in. Even with widespread usage, over 75% of contemporary businesses utilize a multi-cloud environment [80,81], there is limited research concerning the security, vulnerabilities, and risks associated with a multi-cloud setup [82]. Due to the distributed and varied integration approaches, security becomes challenging owing to the sharing of resources and fragmentation of capabilities. As a result, cloud environment security experts need to apply comprehensive and layered solutions to mitigate sophisticated and intricate threats. Diverse providers of cloud services offer varying security features such as APIs, identity management, network security, and logging, which creates a challenge in integration or interoperability. This often requires the attention of dedicated security personnel who must develop their own proprietary or open-source methods. Moreover, the breach of one virtual machine (VM), when multiple virtual machines share a CPU, storage, or memory, may place others at risk, exposing sensitive information and introducing new vulnerabilities that compromise privacy and data integrity [56,83]. Techniques such as network eavesdropping and session hijacking can allow external hackers to gain unauthorized access. Threats such as Trojan-infested malware, compromised secrets, fractured verification methods, and breaches of confidential information are equally dangerous. Exploited system vulnerabilities, hacked APIs, insider threats, account and service hijacking, including DoS attacks [82,84,85,86] and VM hopping are only a few of the other risks. These issues compound those found in cloud services, such as security in PaaS, risks associated with third-party vendors, and difficulties with the foundational infrastructure. Additionally, unencrypted data, cloning, resource pooling, network challenges, XML signature manipulation, SQL injection [87], and MITM attacks [88] become threats.
Figure 4 attempts to categorize various cloud security threats from high-level risks to specific attacks such as DDoS and VM-Sprawl. It emphasizes vulnerabilities in interfaces, virtualization, data handling, and user behaviour that compromise cloud environments.
In the past several years, cyber-attacks targeting the cloud infrastructure have escalated, resulting in the breach of data containing private documents worth millions and causing financial losses exceeding billions of dollars [91,92,93,94]. In 2009, a major security vulnerability was uncovered within Google Docs—an online SaaS service allowing document editing and sharing—due to this vulnerability, when a document was shared with a user, it was automatically made available to everyone the document owner had ever shared other documents with [95,96]. This vulnerability enabled unauthorized access to confidential data, whether or not they intended to commit a breach of trust. Exploitation of Amazon’s EC2 IaaS service occurs when an attacker persistently instantiates virtual machines until they achieve co-residency with a target on the same physical server. This enables the perpetrator to execute cross-VM side-channel attacks to retrieve or alter information about the victim [96,97]. The signature verification process of Amazon EC2 is susceptible to a signature Wrapping Attack [96,98,99], where an attacker can intercept a valid request, add unauthorized actions to it, and bypass detection [96]. As a result, the malicious operation is executed under the victim’s identity and charged to their account. As illustrated by Uber’s incident in September 2022, gaps in interoperability within multi-cloud environments may result in severe security risks. In this case, an attacker was able to access Uber’s cloud services after finding an admin username and password that had been insecurely stored in PowerShell automation scripts [80].
Cloud security breaches usually stem from customers bestowing unnecessary permissions to users, exposing databases, or simple configuration blunders, rather than problems with the actual system. The assertion made in Ponemon Institute’s Data Breach Report 2019 asserts that system glitches and human errors are the cause of 49% of all breaches [91,100]. Additionally, as forecasted by Gartener, until 2025, 99% of failures in cloud technology will be attributed to failures on the user’s end [91]. While cloud service providers have significantly improved the security of their core systems, the responsibility of securing the upper layers still lies with the customers, leaving them vulnerable. Moreover, even though providers are generally trusted to manage customer data responsibly, there remains a risk of compromise by external attackers [96].
Table 3 describes different cloud attacks, including data breaches, DoS, and MITM, highlighting their impact on system confidentiality and availability. It shows how attackers exploit flaws in APIs, user privileges, and infrastructure to disrupt or gain unauthorized access.
The fundamental risks in multi-cloud systems are similar to those in single-cloud setups; multi-cloud environments introduce an expanded attack surface, increased complexity in security architecture, and different mitigation priorities. Most of the existing literature is based on either single cloud providers or on independent providers, which overlooks the consolidated problems that are particular to multi-cloud environments.
In general, the taxonomy demonstrates that, due to the interconnection of multiple clouds, multi-cloud attacks emerge from both well-established cloud exploitation methods and new avenues for exploitation, such as emerging financially motivated or infrastructure-level threats. While individual cloud platforms exhibit similar vulnerabilities, their integration amplifies the propagation of risk and complicates detection and response. This dual nature of the danger emphasizes the need to adopt structural defences, considering the adaptability and operational interdependence of the multi-cloud architecture.

3.2. Financial Abuse and Infrastructure Weaponization in Multi-Cloud Environments

Beyond breaches of confidentiality and data integrity, recent years have witnessed a significant rise in financially motivated exploitation and infrastructure-level exploitation within multi-cloud environments. These emerging threats attempt to inflict economic damage and operational disruption without directly compromising data, leveraging the cloud’s elasticity, shared resources, and pay-per-use features of multi-cloud.
Financial abuse within multi-cloud environments demonstrates a shift from data-centric breaches to economically driven exploitation. Adversaries exploit elasticity and pay-as-you-go pricing structures through cryptojacking and billing fraud to generate direct or indirect profit. Cryptojacking refers to the unauthorized use of cloud computing resources to mine cryptocurrencies. Adversaries infiltrate virtual machines, containers, or serverless instances—often through leaked credentials, misconfigured APIs, and deploy mining scripts that run continuously in the background [102]. Since cloud billing systems are directly tied to the utilization of CPUs and GPUs, even a small-scale cryptojacking operation could result in significant financial damage for customers. Recent analyses reveal a shift of cryptojacking operations from end-user devices to cloud and multi-cloud infrastructures, capitalizing on abundant compute resources and weak configuration management [103]. Tekiner et al. (2023) reported that modern cryptojacking and malware ecosystems increasingly rely on multi-cloud deployments to establish resilient C2 infrastructures [104]. Attackers distribute lightweight controller instances across several cloud providers to enhance fault tolerance and evade provider-specific detection mechanisms. This multi-tenant dispersal enables dynamic reconfiguration of control pathways, rendering conventional IP-based blacklisting ineffective. Caprolu et al. (2019) presented a comprehensive network-traffic-based detection model capable of distinguishing mining activity in cloud workloads with high accuracy [102]. Such evidence underscores that financial sustainability has become an integral element of multi-cloud resilience.
Financially motivated exploitation, particularly in the form of Economic Denial of Sustainability (EDoS) and fraudulent resource consumption, has become a critical dimension of cloud security. Unlike cryptojacking, where attackers profit directly from stolen compute power, billing fraud and EDoS attacks target the victim’s financial sustainability by artificially inflating resource consumption or inducing excessive auto-scaling. Attackers achieve this by repeatedly invoking cloud APIs, triggering automatic provisioning, or generating large volumes of seemingly legitimate traffic. Somani et al. (2017) conceptualized EDoS as a variant of Distributed Denial-of-Service (DDoS) that exploits the economic model of clouds rather than relying solely on bandwidth saturation [105]. More recent work by Dorsett et al. (2025) analyzed denial-of-wallet threats in Function-as-a-Service (FaaS) and container-orchestrated architectures, observing that attackers can trigger cascading scaling events across multi-provider systems, thereby amplifying operational cost and destabilizing billing predictability [106]. Karami et al. (2016) empirically demonstrated that prolonged low-intensity traffic in cloud systems can induce automatic scaling and substantial billing losses for targeted tenants [107]. Similarly, simulation-based research confirms that these attacks differ fundamentally from conventional denial-of-service incidents, as they remain persistent, yet stealthy, degrading service quality while evading rate-based detection thresholds [108]. A documented case study reported that a controlled EDoS experiment resulted in a 300% increase in billing costs for a cloud tenant over a single billing cycle [109]. Aldhyani and Alkahtani (2022) designed an AI-based EDoS detector that evaluates classic ML (SVM, KNN, Random Forest) and DL (CNN, LSTM) models on multi-class attack data, reporting high classification performance and low error [110].
The cloud infrastructure weaponization illustrates how attacks have shifted from targeting the cloud to utilizing the cloud as an attack vector. In multi-cloud environments, adversaries leverage elasticity, redundancy, and dispersed presence to amplify attacks and distributed presence to scale attacks, mask origins, and maintain persistence. Repurposing compromised cloud resources enables the initiation of large-scale DDoS attacks and command and control over DDoS infrastructure while transforming legitimate cloud services into attack platforms. The elasticity and shared infrastructure of public cloud servers are currently being leveraged to amplify DDoS attacks and to stage botnets. Frieß et al. (2024) exposed real-world incidents in which attackers hijacked dangling DNS entries and orphaned resources within major cloud platforms to host malware and act as C2 proxies [111]. By reclaiming abandoned infrastructure components, adversaries created covert control nodes that blended seamlessly into trusted network spaces. This mode of weaponization underscores that even decommissioned or mismanaged assets can be repurposed as vectors for persistent command and control (C2) operations. Such threats can be mitigated through unified cross-provider monitoring, strict egress traffic analytics, and resource lifecycle governance so that cloud systems remain defensive and not part of offensive cyber-attack infrastructures.
Collectively, all these developments illustrate that the contemporary multi-cloud threat landscape goes beyond the conventional risks associated with data and includes the economic exploitation of resources and the weaponization of infrastructure. Acknowledging and incorporating these vectors within a threat taxonomy will provide a more comprehensive understanding of adversary motivations and strengthen the foundation for designing responsive and behaviorally driven, cost-efficient defence strategies in multi-cloud environments.

3.3. Emerging Threats and Vulnerabilities

Cloud computing’s rapid expansion has created a constantly shifting threat landscape that outpaced traditional security frameworks, exposing new vulnerabilities [5]. At the same time, the overwhelming use of multi-cloud infrastructures, where businesses distribute workloads across multiple providers, has outstripped research into specific security risks and vulnerabilities of such systems [82]. Around 88% of cloud security breaches have been shown to result from cybercriminals exploiting misconfigurations, such as unprotected storage buckets or inadequate access controls, which highlights the necessity for improved training and adherence to security practices (Non-peer-reviewed source [112,113]). In summary, the rapid increase in cloud adoption has transformed IT frameworks, created new user communities and market opportunities while highlighting the urgent need for updated security approaches specific to these systems [114,115].
Multi-cloud environments share similar security risks with single-cloud setups, such as common attack vectors, but these risks are intensified by the complexity of managing multiple providers [82,116]. The increasing adoption of technology among a broader range of users creates new vulnerabilities for organizations as they work to ensure robust security. Apart from defending against technical threats, multi-cloud security involves adhering to a myriad of privacy and data governance laws. As data protection becomes more critical, countries worldwide have passed regulations that specify how data must be stored, processed, and shared. One leading example is the EU’s General Data Protection Regulation (GDPR), which imposes strict requirements for any business that collects, processes, or deals with personal information of individuals residing in or associated with the European Union [82,117,118].
As organizations increasingly adopt multi-cloud models, nearly 70% by 2019, they face a complex security attack surface, increased vulnerability, and complicated security frameworks [82,92,119]. The healthcare sector filed more insurance claims related to ransomware attacks than any other economic sector from 2015 to 2019, because of breaches not only compromising sensitive medical information but also significantly increasing access risks during critical phases such as diagnosis, treatment, and transport [84,120,121]. Moreover, research has shown that breaches of data privacy may lead to clinical consequences, as in one study where breaches were linked with higher 30-day mortality rates in hospitals [84,121,122]. In 2019, over 100 million customer accounts were compromised due to a sophisticated data breach at Capital One, which stemmed from a misconfigured web application firewall that was exploited by an attacker [5,113]. During the SolarWinds breach in 2020, attackers exploited software update mechanisms used to infiltrate and gain unauthorized access to cloud networks worldwide [5,123].
Table 4 attempts to summarize research on cloud-based threat, intrusion, and anomaly detection, describing different types of methods. It highlights tools, datasets, and classification usage across multi-cloud environments. All numerical performance metrics are reported exactly as stated in the original studies. Datasets and evaluation contexts vary across works. Therefore, the values are not directly comparable.
A comprehensive approach to cloud security must include ongoing identification and management of vulnerabilities and threats created by insider risks, external attackers, malware, or hardware failures across rapidly evolving, distributed environments. As information and workloads are distributed across multiple servers, locations, and delivery models such as IaaS, PaaS, and SaaS, keeping permissions and access controls updated is critical, yet highly challenging and extremely mandatory [137]. In such a dynamic cloud infrastructure, by plotting possible exposures, interaction risks, and service interruptions against the trade-off of each cloud service model’s confidentiality, integrity, and availability (CIA), organizations can determine the most applicable threats requiring bespoke defences while ensuring access control is maintained to sensitive information infrastructure resources and the risk is mitigated [138].
Table 5 outlines the major threats to the confidentiality, integrity, and availability of cloud services, detailing each threat’s implications for the security and stability of cloud services.
In summary, after analyzing the various threats, it is clear that multi-cloud ecosystems inherit the full spectrum of traditional cloud vulnerabilities while simultaneously introducing additional risks arising from interoperability and dispersed control. These observations reinforce the case for unified approaches that give priority to identity assurance, precise configuration management, and secure data handling across all participating cloud platforms.

4. Comparative Study

As cloud computing has matured, both researchers and industry practitioners have increasingly adopted multi-cloud approaches, which have advanced over time. In particular, recent studies have focused on the infrastructural challenges of integrating and orchestrating resources across several clouds, where resource federation and unified management seem to be the most vibrant areas of research [27]. Security remains the most prominent barrier impeding the adoption of cloud services, while multi-cloud approaches add further complexities to protection; they also provide new opportunities to enhance control over data and services while upholding confidentiality, integrity, and availability. Implementing a multi-cloud approach enhances data confidentiality by distributing information across multiple providers, which improves confidentiality while addressing significant storage challenges, such as outages, data corruption, privacy violations, and vendor lock-in [24,139]. Different types of security measures have been formulated to address the vulnerabilities and strengthen the overall protection for data, ensuring reliable privacy during data provision and storage in a resilient manner. Table 6 provides a comparative overview of multi-cloud security research, highlighting each study’s objectives, applied mechanisms, data integrity considerations, and key limitations. All numerical performance metrics are reported exactly as stated in the original studies. Datasets and evaluation contexts vary across works. Therefore, the values are not directly comparable. The performance metrics reported across prior studies use heterogeneous datasets and evaluation protocols. Thus, the values in Table 6 are reproduced exactly as stated in the original papers and are not intended for direct numerical comparison. When a study did not provide a specific metric, this is noted as ‘Not reported in the original study’.

4.1. Literature Search Description and Selection

To maintain the transparency of the construction of comparative tables, we applied a structured, non-systematic search approach consistent with a comprehensive narrative literature review. Relevant studies related to multi-cloud security, IAM, provenance, and SLA or cost-aware orchestration were identified across the scholarly sources, including IEEE Xplore, ACM Digital Library, SpringerLink, Elsevier, ScienceDirect, Google Scholar, MDPI, and arXiv.

4.2. Search Scope

The search covered publications from 2009 to 2025, reflecting the period during which multi-cloud architectures, data security models, and defence mechanisms matured.

4.3. Search Keywords

“multi-cloud security”, “multi-cloud architecture”, “cross-cloud identity management”, “multi-cloud provenance”, “multi-cloud orchestration”, “cloud cost optimization”, “multi-cloud data security”.

4.4. Inclusion Basis

Studies were included if they met the following conditions:
  • Addressed multi-cloud architectures.
  • Examined at least one of the core domains in this review, such as security, IAM, provenance, or orchestration.
  • Provided conceptual, architectural, empirical, or technical contributions relevant to multi-cloud environments.

4.5. Exclusion Basis

  • Works limited to single-cloud scenarios.
  • Non-technical opinion articles or introductory cloud overviews.
  • Duplicated content between preprints and published versions.
With the increasing reliance on multi-cloud environments for distributed data processing and storage, securing inter-cloud interactions has become a central research focus. Foundational security techniques such as AES, RSA, and hybrid encryption mechanisms (e.g., Feistel-AES) [1,33], have been widely adopted to ensure data confidentiality and secure transmission, often paired with segmentation and indexing strategies [145,147] to minimize exposure risks. To enhance resiliency and mitigate single-point failures, secret sharing schemes such as Shamir’s algorithm [69] and Byzantine fault tolerance (BFT) [27] have been integrated into hybrid architectures to achieve secure, redundant storage across diverse clouds. Recognizing that encryption alone is insufficient, the research progressed toward incorporating dynamic and behaviour-based access control models, as demonstrated in works proposing subjective-objective trust mechanisms [148], enhanced mutual trust algorithms [144], and reputation-driven models [45,142]. These models offer real-time adaptation to user behaviour and cloud reputation, addressing gaps in static role-based models. Further sophistication was introduced through attribute-based encryption (ABE) and digital signature integration [149,151], enabling fine-grained authorization while preserving policy confidentiality. Addressing inter-cloud trust and orchestration, federated brokers and middleware layers have been designed [141,152], often leveraging zero-trust principles and service meshes for secure microservice-level interaction [140]. Parallel to this, monitoring-as-a-service solutions such as CLAMS [150] provided visibility across SaaS, PaaS, and IaaS layers, ensuring SLA enforcement and anomaly detection. In healthcare scenarios, secure visualization and anonymized data access emerged as critical, leading to privacy-preserving multi-cloud models tailored for 3D data and patient-centric workflows [143,145,151]. Blockchain-based trust enforcement [142] and access brokers further addressed the need for transparent, immutable activity logging. Despite these advancements, challenges persist, especially in areas of unified IAM, policy synchronization, and real-world adversarial resilience, as highlighted in governance-centric studies [56] and authentication-focused works [79]. These findings collectively underscore a progressive research trajectory from cryptographic foundations to intelligent, policy-aware, and interoperable multi-cloud security frameworks, essential for scalable and trustworthy digital ecosystems.
While different clouds can help organizations avoid vendor lock-in and enhance redundancy, the disparate specialized services utilized can result in a fragmented and inefficient cost structure. Consequently, optimizing costs is essential to control over provisioning, dormant resources, and erratic invoicing, all of which negatively impact ROI. Due to factors such as varying pricing strategies, inaccessibility to proprietary billing information, and constant shifts in pricing frameworks, optimizing costs in multi-cloud environments has received little attention in the scholarly literature, which is quite unfortunate considering its importance. As a result, most research focuses on issues such as security, performance, and interoperability while neglecting cost optimization, which remains a critical and underexplored domain. Table 7 presents a summary of multi-cloud cost optimization algorithms, outlining their objectives, methods, descriptions, and the limitations associated with each approach.
In recent years, the challenge of jointly optimizing cost and availability in multi-cloud environments has driven a significant evolution in scheduling and data placement methodologies. Initial research focused on centralized formulations, such as ILP-based models for workflow mapping [157,160] and service placement [165], offering optimal cost solutions under deadline and resource constraints. However, the rigidity and computational overhead of these approaches limited their applicability in dynamic, real-world clouds. This led to the adoption of lightweight heuristics, such as the dynamic storage selector in CHARM [161] and greedy schedulers balancing cost-availability trade-offs [164], which improved scalability and responsiveness. Yet, these models often failed to manage trade-offs effectively when faced with multiple conflicting objectives. To address this, researchers introduced multi-objective metaheuristics, including ACO [159], and NSGA-II [156], which generate Pareto-optimal fronts for cost and availability, often enhanced by entropy-based or adaptive selection mechanisms. Simultaneously, genetic algorithms proved effective in resource provisioning and component placement [165,168], particularly for long-running and latency-sensitive applications. As models matured, emphasis expanded to security and redundancy, with LP-based threshold models [166] and network coding techniques such as MSR and MBR [158] offering cost-resilient solutions under failure or spot instance volatility. Moreover, to scale with Internet-scale demands, research transitioned toward decentralized and predictive scheduling, where agent-based approaches [156,167] and trend-based reallocation models [164] adapted dynamically to cloud pricing and workload patterns. Collectively, these existing works depict a maturing field that has shifted from static, cost-centric optimization to adaptive, secure, and availability-aware orchestration frameworks, better aligned with the heterogeneity and volatility of real-world multi-cloud environments.
Despite their progress, recurring limitations persist. Most models assume static task execution times and provider prices, limited support for real-time reallocation or correlated failures, and overreliance on simulation-based validation. Future research must thus address these gaps through robust, real-world adaptive frameworks that can integrate predictive analytics, dynamic pricing, and reliability-aware deployment into unified, end-to-end multi-cloud orchestration solutions.

5. Security Challenges in Multi-Cloud

Organizations using multi-cloud setups often face unique security risks due to the fragmented nature of cloud platforms [4,56]. Each provider comes with its own tools, policies, and architectures, which makes it harder to maintain consistent security rules across the entire environment [56,169]. Without unified governance, sensitive data may be classified differently or left unprotected during transfers [169]. Key management becomes risky when encryption keys are handled differently across providers, as a single forgotten key can lead to full compromise [170]. Visibility is another concern, since monitoring is not centralized, threats in one cloud may remain undetected [143,171]. Also, IAM complexity increases, with orphaned accounts and inconsistent roles becoming a serious threat [4,56]. Shared responsibility is often misunderstood, leading to gaps where no one enforces cross-cloud API protection [96]. Compliance becomes a nightmare as audit logs get scattered and laws vary between data centers [169,170]. This inconsistency can allow attackers to pivot laterally between clouds using exposed APIs or weak access paths [96,171]. All these factors prove that security consistency and unified control are essential in multi-cloud environments [143]. Table 8 summarizes major cloud security challenges, detailing their causes and practical effects, and demonstrates how misconfigurations, fragmented controls, and limited visibility can compromise cloud security and resilience.
In conclusion, the identified challenges reveal that policies failing to address the challenges of fragmentation, inconsistency of IAM, and complexity of key management are not only isolated obstacles but also interconnected challenges that increase exposure to risk across providers. While most studies emphasize the issues of misconfiguration and visibility gaps, fewer studies address the compounded issues of cross-cloud compliance and governance misalignment. This synthesis suggests that to achieve consistent security across multi-cloud ecosystems, there must be a convergence of both technical and organizational controls, particularly unified policy frameworks and comprehensive observability solutions that reach across provider boundaries.

6. Solutions and Frameworks for Securing Multi-Cloud

Navigating security challenges across multiple cloud platforms is inherently difficult; considerable progress has been made in developing robust mitigation strategies. Cryptographic techniques such as secret sharing and homomorphic encryption are often used to protect sensitive data, even when it’s stored or shared across multiple providers [96,170]. These methods ensure that the data stays secure even if part of the system is compromised. Another technique is Machine learning, which is helping security systems become more responsive. It can detect unusual patterns or risky behaviours by analyzing large volumes of cloud activity [56,171]. In some systems, AI is also used to make access decisions or alert teams without human input, which saves time and reduces errors [171]. In cases where the data is unclear or incomplete, fuzzy logic is useful. It provides systems with a way to reason through uncertainty, a common occurrence when different clouds handle information in other ways [171]. Another key tool is Identity and Access Management (IAM). When IAM is centralized, it helps apply the same access policies across clouds, which lowers the chance of mistakes or forgotten user accounts [4,56]. Some research also recommends using tools such as policy-as-code, automated infrastructure setups, and orchestration frameworks to maintain security controls uniform across all platforms [143,170]. These combined solutions provide organizations with better awareness and control, making their overall system more secure. Although no approach is perfect on its own, combining these methods creates a more flexible, stronger, and forward-thinking security strategy for modern cloud environments [96,143,170].

6.1. Cryptographic Techniques for Multi-Cloud Security

Cryptographic techniques are methods used to secure data and communication by transforming plain information into an unreadable form known as ciphertext. These encrypted forms can only be decrypted by authorized parties [69,172]. These techniques are indispensable for upholding the core principles of information security: confidentiality, integrity, and authenticity [172,173]. In multi-cloud environments where data flows across different providers and is stored in varied, often externally managed locations, cryptography becomes important. It safeguards information as it moves or resides across platforms, ensuring protection against unauthorized access, tampering and data leaks [1,69,174]. For example, encrypting data before it exits an organization ensures that cloud providers only handle encrypted forms, reducing the chances of internal abuse or breaches [1]. Overall, modern multi-cloud security heavily relies on cryptography to ensure secure access, data confidentiality, and cross-cloud compliance, allowing organizations to use cloud flexibility without exposing sensitive assets [1,172,174]. Table 9 summarizes cryptographic techniques used in multi-cloud environments, explaining their working principles and highlighting their primary security and performance advantages.
After analyzing various cryptographic approaches, it seems that hybrid encryption, along with secret sharing models, achieves an optimal balance between computational efficiency and confidentiality across distribution. On the contrary, homomorphic and attribute-based encryption approaches offer an improved level of privacy, albeit at a significantly higher computational expense. Blockchain-assisted encryption provides new opportunities for integrating auditability; however, challenges persist regarding scalability. Overall, most recent research in cryptography focused on multi-clouds is transitioning from static encryption to adaptive encryption, utilizing policy-based approaches that embed key management systems and trust enforcement in orchestration layers.

6.2. AI Techniques for Multi-Cloud Security

Artificial Intelligence (AI) techniques have become a cornerstone in strengthening multi-cloud security due to their ability to detect and respond to complex cyber threats in real time. Traditional rule-based systems fail to handle dynamic, large-scale environments, but AI bridges this gap by offering adaptive, intelligent defence mechanisms [176]. Machine learning models such as Random Forest and Gradient Boosting can classify threats effectively. In contrast, deep learning architectures such as LSTM can detect abnormal behaviours by analyzing time-series patterns across diverse cloud infrastructures [177]. Moreover, the integration of reinforcement learning allows cloud systems to update security policies autonomously based on evolving risks, reducing both false positives and mitigation time [177]. Federated learning is another powerful approach that supports privacy-preserving detection without transferring raw logs across cloud platforms, which is vital for regulatory compliance in sensitive sectors such as finance and healthcare [178,179]. To further enhance detection precision, techniques such as Graph Neural Networks help identify multi-step attacks by modelling cloud interactions as structured graphs [178]. In addition, self-supervised learning proves useful when labelled datasets are scarce, allowing AI models to learn directly from unstructured logs [178]. Importantly, zero-trust AI frameworks powered by behaviour analytics and reinforcement learning now enable dynamic access control and micro-segmentation, effectively containing lateral movement and insider threats [178,180]. All these methods work in synergy to provide scalable, cloud-agnostic, and proactive security strategies. Without AI, maintaining uniform protection across heterogeneous cloud platforms such as AWS, Azure, and GCP would remain a fragmented and reactive process [179]. Hence, AI not only empowers real-time threat detection but also ensures that multi-cloud environments remain resilient, intelligent, and future-ready [176,177]. Table 10 presents various AI techniques applied in multi-cloud security, highlighting their purposes and primary advantages in enhancing threat detection, anomaly detection, policy adaptation, and incident response.
AI-based techniques analyses indicate that deep and reinforcement learning models are proficient at identifying and automating responses to dynamic threats. However, their reliance on considerable, high-quality datasets constrains their generalization across heterogeneous clouds. Although federated and graph-based learning approaches address some problems related to data sharing and contextualization, challenges such as explainability and real-time adaptability remain unsolved. The latest advancements in hybrid AI frameworks that integrate predictive analytics with zero-trust micro-segmentation to achieve intelligent, continuous protection across distributed cloud environments.

6.3. ML Techniques for Multi-Cloud Security

Machine learning in multi-cloud security typically involves using algorithms which learn patterns from the vast data across multiple cloud platforms to automatically detect and respond to security issues [181,182]. This strategy is highly significant because traditional rule-based and manual security solutions struggle to deal with the size and complexity of multi-cloud settings [181,183,184]. Conventional tools often fail against new cyberattacks in these distributed cloud setups, which is making AI-driven anomaly detection and analysis increasingly important [121,181]. By applying machine learning, organizations can analyze large volumes of cloud logs and user behaviours to spot unusual patterns or threats in real-time and then predict potential system failures or breaches before they can happen [121,181,185]. They are also able to modify resource allocations or security restrictions [181,182] quickly. This means security teams get proactive warning of suspicious activities and automated assistance in neutralizing risks [121,181]. In summary, machine learning adds an intelligent, adaptive layer of defence that enhances the reliability and safety of multi-cloud [121,181,182,184]. Table 11 outlines key machine learning techniques in multi-cloud security, explaining their applications and highlighting their primary advantages in threat detection, classification, adaptability, and privacy preservation.
The analysis indicates that machine learning techniques have undeniably strong capabilities for detecting anomalies and intrusions. However, they still contend with issues such as a lack of available labels, data imbalance, and dynamically changing attack patterns. In terms of precision, deep architectures such as CNN and LSTM outperform classical approaches, whereas federated models preserve data privacy across providers. Future research should focus on analyzing adaptive self-learning ML pipelines that autonomously retrain when an environment drifts while ensuring confidentiality and minimal latency.

6.4. Fuzzy-Logic Techniques for Multi-Cloud Security

Fuzzy logic has emerged as a powerful tool in multi-cloud security due to its ability to handle uncertainty, ambiguity and imprecision in decision-making. Since cloud environments involve constant changes in trust, risk and resource demands, fuzzy systems help in making smarter decisions. For example, it enables accurate fault detection and automatic task migration using performance metrics such as throughput and response time [186]. It also improves energy efficiency and secure job scheduling by weighing multiple factors such as job size, memory and required security levels [187]. In terms of trust, fuzzy logic combines subjective feedback and objective SLA data to assess service provider reliability more effectively [188]. Moreover, risk analysis becomes more realistic when threats, vulnerabilities, and asset values are treated as fuzzy variables instead of fixed numbers [189]. Recent works show that fuzzy logic adapts well to load balancing, QoS control, and security prediction across various cloud services [190,191]. In provisioning, fuzzy rules optimize resource scaling and reduce SLA violations by reacting to real-time workload fluctuations [192]. It is also powerful in detecting over-privileged access by evaluating user behaviour and permission strength fuzzily [193], and in building adaptive intrusion detection systems with lower false alarm rates [194]. Finally, fuzzy models help quantify layered security risks in MFA and container orchestration, which is crucial for modern multi-cloud setups [195]. All these show that fuzzy logic not only simplifies decision-making but also adds a layer of intelligent control to complex, distributed cloud systems. Table 12 summarizes various fuzzy logic techniques applied in multi-cloud security, highlighting their explanations and primary advantages in enhancing fault tolerance, trust, risk management, scheduling, and intrusion detection.
The analysis of fuzzy-logic frameworks demonstrates distinctive proficiency in managing uncertainty, evaluating trust, and performing multi-criteria decision-making in the context of variable workloads. Fuzzy systems offer interpretability and robustness in diverse contexts, extended beyond just having rule-based models. This becomes particularly effective when combined with artificial intelligence or machine learning for hybrid reasoning. Nevertheless, the extent of their accuracy and scalability remains limited to the manual tuning of rule sets. The integration of fuzzy inference, reinforcement learning, and policy-as-code frameworks could provide multi-cloud environments with adaptive security controllers tailored to their complexity.

6.5. IAM Approach for Multi-Cloud Security

Identity and Access Management (IAM) is one of the foundational pillars of multi-cloud security, ensuring that only authorized users and services can access sensitive data and resources, regardless of the cloud platform in use. As identity becomes the new perimeter, IAM approaches such as Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC), and Multi-Factor Authentication (MFA) provide flexible yet strict access controls tailored to different user roles and conditions [196]. Moreover, techniques such as federated identity using OAuth, OpenID Connect, and SAML allow users to move securely across platforms without credential duplication [197,198]. This is particularly important for avoiding identity silos and ensuring seamless user experience in distributed architectures [199]. In recent years, the shift toward Zero Trust Architecture has redefined IAM by enforcing continuous verification and behaviour-based access decisions, making trust a dynamic, context-aware variable rather than a static rule [200,201]. To strengthen this, AI-driven systems have been integrated into IAM models to detect anomalies, automate policy enforcement, and dynamically assess identity risks [196,201]. In addition, microservice environments benefit from fine-grained access policies enforced through tools such as Open Policy Agent (OPA), allowing real-time, decentralized control [198]. Altogether, IAM not only safeguards against external threats such as credential theft or API abuse, but also reduces insider risks by applying least-privilege principles and monitoring user behaviour across cloud ecosystems [79,200]. Thus, in a world where cloud boundaries blur and attack surfaces grow, IAM serves as both the gatekeeper and the auditor of trust. Table 13 presents different IAM techniques with their details and key benefits, showing how they enhance security, access management, and compliance in multi-cloud environments.
The analysis shows that IAM solutions continue to be fragmented, and also remain lacking in automated role synchronization and consolidated credential lifecycle management across providers. Centralized identity federations may improve visibility but also introduce single points of failure in policy. Architectures of emerging zero-trust IAM systems, along with decentralized identity protocols based on blockchain, show potential for establishing trust boundaries across multiple clouds. The combination of these with compliance-orchestrated governance layers represents a practical pathway for unified governance.

6.6. Emerging Technologies

Multi-cloud security is becoming increasingly secure with new technologies that solve real and growing problems. To begin with, Zero Trust Architecture plays a crucial role by ensuring that no user or device is automatically trusted. Instead, every access request is strictly verified using multi-factor authentication and continuous monitoring [202,203,204]. Additionally, Federated Learning helps train AI models across different cloud nodes without moving sensitive data, which protects privacy and reduces the risk of central data breaches [204,205]. Blockchain also contributes by securing cloud transactions through tamper-proof records and distributed consensus, allowing better transparency in multi-cloud operations [204]. In the case of intrusion detection, Swarm Technologies such as OBL-RIO improve the selection of network features using bio-inspired optimization, which leads to better accuracy and fewer false alerts [133,206,207,208]. In the meantime, the shift towards 6G technologies provides ultra-fast and intelligent support for distributed trust models, helping cloud and edge nodes coordinate securely in real-time [205]. In addition, to enhance decision-making transparency in cloud-based security systems, Explainable AI methods are being adopted, enabling analysts to understand threat classifications and reduce false positives [209]. In multi-cloud environments, Natural Language Processing (NLP) is also increasingly leveraged to enable secure, privacy-aware training of language models for analyzing textual threat intelligence and detecting social engineering attacks [210]. Table 14 highlights emerging technologies that enhance multi-cloud security, describing their mechanisms and emphasizing key benefits such as stronger identity control, improved privacy, secure logging, better intrusion detection, and advanced threat response.
The analyses indicate that progress in blockchain technology, alongside quantum-resistant cryptography and AI-driven orchestration, reflects a transformative movement toward autonomous and trustless verifiable environments of the multi-cloud. The synthesis suggests a greater utilization of interoperable testbeds for validating these innovations with real-world workloads. Future steps in progress may focus on balancing technological advancements with governance, prioritizing that resilience, cost efficiency, and regulatory compliance evolve together with next-generation distributed cloud architectures.

6.7. Enterprise-Grade Solutions

While academic proposals have introduced a wide range of cryptographic, AI, fuzzy-logic, and IAM-based defences, real-world deployment increasingly depends on enterprise-grade solutions. Modern enterprise environments are increasingly dependent on integrated security management platforms that extend beyond traditional academic or experimental models. These consist of Cloud-Native Application Protection Platforms (CNAPP), Cloud Workload Protection Platforms (CWPP), and Cloud Security Posture Management (CSPM). These solutions serve as frameworks that integrate compliance supervision, workload defence, and protection at runtime over dispersed cloud infrastructures. CSPM helps automate the enforcement of compliance and detects configuration drift while also aligning with the research efforts on governance-aware cloud orchestration [211,212]. By integrating vulnerability management with behavioural monitoring, CWPP ensures host- and container-level security, paralleling academic proposals for context-aware anomaly detection(Non-peer-reviewed source [213]). CNAPP provides unified visibility and adaptive response pipelines, which extend these capabilities and effectively implement multi-layered defence architectures(Non-peer-reviewed source [212,214]).
From this analysis, it indicates that academic approaches mainly focus on conceptual innovations such as federated intelligence sharing, adaptive cryptography, and explainable AI, while enterprise tools concentrate on operational scalability and automation. The combination of both perspectives reveals a convergence whereby theoretical frameworks guide the advancement of business systems, while the real-world applications feed back on and polish the theoretical constructs. This integration demonstrates the increasing convergence of research with the practical aspects of securing contemporary multi-cloud environments.
Table 15 presents a summary of these enterprise solutions concerning their primary functions, advantages, and significance in relation to a multi-cloud environment.

7. Research Gap

While multi-cloud security has evolved considerably, critical gaps remain. These areas that are frequently ignored weaken the robustness and effectiveness of current methods. Addressing these issues is essential for guiding future research efforts aimed at strengthening the security of multi-cloud environments.

7.1. Heavy Reliance on Simulation Without Real-World Cloud Validation

A critical shortcoming in the current state of research is the reliance on simulation environments such as CloudSim and iFogSim for the validation of multi-cloud architectures. This reliance on simulation environments deeply undermines the real-world relevance of the proposed models. Such simulators abstract away crucial infrastructure behaviours. For example, these include virtual machine boot delays, API rate limiting, network jitter, the likelihood of an availability zone outage, and the expenses for specific regions. Additionally, they are unable to accommodate service-specific details, which leads to an unrealistic representation of system behaviour. Consequently, insights gained from simulation environments often are incapable of leading to production systems that are deployable, resilient, or efficient. This gap can be addressed by shifting the research focus toward reproducible benchmarking environments using Infrastructure-as-Code (IaC) tools, such as Terraform or Pulumi, to provision actual resources across providers. Multi-cloud service meshes such as Istio and Consul provide routing, observability, and failover, while service orchestration can be managed through Kubernetes Federation (KubeFed). Continuous performance measurement, SLA tracking, and auditing of associated costs will be enabled by Integration with monitoring stacks such as Prometheus and Grafana. Importantly, experiments must include live billing analysis, compliance verification, and API compatibility validation. This transition from hypothetical concepts to practical operations is crucial for achieving resilient, scalable, and production-grade multi-cloud research.

7.2. Fragmented Security Controls and Absence of Federated Trust Models

In multi-cloud deployments, the failure to establish a cohesive, cross-platform, and flexible security architecture remains one of the most difficult obstacles to secure operational security. Most existing models were built under the assumption of a homogeneous trust model. Such environments do not exist in real-world federated environments involving third-party services, hybrid clouds, and decentralized edge nodes. Access control definitions remain static as they rely on older RBAC models or ABAC models, which are too simplistic to capture real-time context such as user location and behavioural deviations. Additionally, the absence of established trust negotiation protocols results in the continued fragmentation and insecurity of identity federation and cross-provider data sharing. To address these limitations, future research should shift towards implementing decentralized trust architectures based on blockchain-based identities and distributed reputation systems to validate and score identities. Smart contracts can enforce data governance and auditability policies, guaranteeing both regulatory compliance and interoperability simultaneously. Coupling this with zero-trust identity fabrics will ensure adaptive, policy-consistent access in even the most dynamic environments. Moreover, adopting context-aware ABAC engines backed by policy-as-code frameworks, such as OPA, would enable dynamic enforcement of security policies based on time, geography, access frequency, and other risk dimensions. Most importantly, these mechanisms also need to be enhanced with compliance-aware filters to ensure that decisions on data placement, access, and replication decisions align with cross-border privacy laws and are synchronized with jurisdictional requirements. The outcome is a unified, resilient, and legally compliant security layer for multi-cloud environments.

7.3. Lack of Real-Time, Cross-Cloud Threat Intelligence and Response

The new attack surface that expands as a result of modern multi-cloud architectures is characterized by distributed control planes and heterogeneous security capabilities of various cloud providers. Despite these persistent challenges, the majority of existing threat-detection systems remain siloed, depending on offline-trained, provider-specific, non-collaborative, and machine learning models, as well as rule-based algorithms. Such systems do not possess the architectural ability to combine asynchronous and distributed within-space threat indicators, such as unusual login attempts in one cloud and concurrent lateral movement in another. Furthermore, existing approaches overlook the continuous nature of attack evolution, leaving them unable to defend against polymorphic and zero-day attacks that adapt faster than signature updates. However, a consolidated behavioural intelligence layer that can aggregate, normalize, and analyze activity patterns across clouds does not exist. This leads to an environment where subtle behavioural deviations, such as anomalous API call patterns or unauthorized lateral movements, go undetected because each cloud sees only a partial picture. This matters especially for detecting stealthy threats, insider attacks, or fraud that span federated services. The consequence is reduced visibility, delayed detection, and a fragmented response posture. To respond appropriately, an improved federated threat detection framework must be architected, which includes real-time ingestions of telemetry from various clouds, cross-border intelligence sharing through standard protocols and online model updating through federated learning techniques. In addition to employing graph neural networks (GNNs) to represent and reason about the interrelated behaviours of the user and entity, these approaches can provide context-aware, precise anomaly detection. When combined with a zero-trust access architecture, such systems would dynamically enforce fine-grained security decisions at runtime, transforming cloud security from static, perimeter-based defence to adaptive, scalable risk mitigation.

7.4. Cost Optimization Strategies Ignore Dynamic Constraints and SLA Penalties

Despite the existence of numerous models to reduce the cost of infrastructure in multi-cloud architectures, they remain fundamentally inadequate in modelling the full complexity of operational environments. Due to the heterogeneous billing structures, dynamic pricing, and hidden operational costs imposed by different cloud providers, the cost modelling of multi-cloud environments remains fragmented and disjointed. Many orchestration strategies optimize for either performance, such as minimizing latency or cost, such as query minimization, but these strategies rarely consider a combination of many real-world constraints. Existing approaches often optimize for static cost parameters such as hourly VM rates or compute unit pricing, while ignoring a multitude of dynamic and context-sensitive variables, including spot price volatility, IOPS-based storage pricing, and SLA penalties for underperformance. Moreover, the optimization logic within several frameworks is not designed to handle non-linear trade-offs between conflicting objectives, such as minimizing cost while ensuring high availability and low latency. Most approaches also overlook workload heterogeneity and do not model user-specific preferences or data compliance constraints. To overcome this, frameworks focused on cost optimization need to transform into multi-objective, SLA-aware optimization engines that can dynamically allocate resources through deep reinforcement learning, multi-objective evolutionary algorithms, or even Bayesian optimization. Such models would need to have the capability to process real-time pricing data and predict SLA breaches and penalties, and QoS preferences. In addition, integrating carbon-intensity APIs and data locality-aware schedulers will enable workload placement based on monetary expense, energy consumption and compliance risk. This shift facilitates resource orchestration that is SLA-compliant, cost-efficient, and sustainable across dynamic multi-cloud environments.

7.5. Lack of Explainability and NLP-Driven Automation in Multi-Cloud Threat Detection and Intelligence Integration

In the evolving landscape of multi-cloud security, two critical research gaps have been identified that compromise the efficiency, transparency, and flexibility of the systems for intelligent threat detection. The initial gap concerns the absence of Explainable Artificial Intelligence (XAI) in deep learning-based threat detection models, especially those using Convolutional Neural Networks (CNNs) and Long Short-Term Memory (LSTM) networks. While these models are successful at anomaly detection and attack classification, they tend to operate as non-transparent systems, providing minimal explanation of their decision-making processes. The absence of transparency creates significant challenges in mission-critical environments where security analysts must justify and audit automated security actions such as access denial, account isolation, or resource suspension. Moreover, a lack of explanation of model outputs impairs the retraining and validation of processes as the threat landscape evolves. Although SHAP, LIME, and attention-weighted visualization techniques offer potential solutions, their integration in the operational pipelines remains insufficient. The second gap concerns the underutilization of Natural Language Processing (NLP) in real-time threat intelligence integration within Security Information and Event Management (SIEM) and Security Operations Center (SOC) platforms. Even with the increasing volume of unstructured threat data, such as advisories, vulnerability reports, and analyst-authored alerts, manual triage remains the standard, resulting in lagging responses and heightened analyst burnout. NLP-based real-time enrichment using domain-specific large language models (LLMs) and intelligent co-pilots can significantly enhance contextual analytical understanding and decision-making capabilities by transforming unstructured feeds into actionable insights. Bridging these two gaps through the integration of interpretable AI and NLP-enhanced automation is essential for establishing transparent, efficient, and adaptable multi-cloud security infrastructures.

7.6. Lack of Robust Data Provenance and Lineage Across Multi-Cloud Environments

In the analyzed literature on data security and trust, a major shortcoming is the absence of dependable data lineage tracing throughout multiple providers. As organizations spread their processing and storage across numerous cloud services, data undergoes transformation, duplication, and movement, often lacking an identifiable, secure log of its origins, subsequent usage, and any alterations that were made. This creates severe compliance, integrity, and forensic risks, particularly when sensitive datasets such as financial records and health data are involved, as well as when service boundaries are crossed. Existing logging mechanisms, such as those offered by CSPs such as AWS CloudTrail, are limited in integration and have restrictive scopes. An effective data provenance framework should integrate timestamped hashes, cryptographic commitments, and immutable logs to achieve comprehensive traceability. Leveraging blockchain or distributed ledger technology (DLT) can ensure that data flow events are both transparent and tamper-proof. Research should focus on ensuring that provenance protocols are cloud-native, scalable, object-store, stream-processor, and container-runtime-friendly, all while achieving low-latency and high-throughput performance. Provenance should additionally be semantically enriched by connecting access logs to business policies, user actions, and system status. This would result in raw data trails being transformed into auditable records, which would be compliant with regulations.

8. Conclusions

In this paper, we present a comprehensive literature review that integrates different areas of research on multi-cloud environments, security threats, defence mechanisms, cost, SLA-aware orchestration, provenance, and privacy, which have been studied individually. Moreover, multi-clouds increase both operational trade-offs and technical complexity. As illustrated in the literature review, some defences which improve confidentiality or integrity exacerbate both latency and cost. Cost-cutting measures increase the attack surface. Additionally, provider diversity makes consistent policy enforcement and forensic analysis more difficult. Identifying these inter-dependencies is critical for formulating effective, actionable solutions for real-world multi-cloud deployments. Our survey also highlights several distinct trends and potential techniques, such as federated and privacy-preserving learning techniques used for cross-cloud anomaly detection, application of graph neural networks for service behavioural correlation across services, use of zero-trust architectures, service meshes for mitigating lateral movements, and stronger data provenance through cryptographic approaches. However, in all these areas, we found that much of the work remains in the experimental phase, often confined to simulations, and few studies evaluate solutions under realistic, adversarial conditions or at production scale. We also emphasize critical gaps that require the most focus. Cross-provider policy synchronization and unified IAM semantics are still unresolved issues. There is also a lack of comprehensive, federated SIEM and threat-intelligence sharing systems. XAI is underexplored, as is the case with the explainability of AI-driven detectors. There is insufficient development on end-to-end, multi-cloud cryptographic and verifiable provenances. Finally, there is a lack of combined optimization of cost, compliance, availability, and sustainability demands for SLA-aware and regulation-informed orchestration strategies.
Based on the review, we recommend that the research community focus on the following:
  • Federated, privacy-preserving detection layers with threat sharing standardization
  • XAI validation for ML models applied to security issues
  • Cross-cloud provenance systems combining cryptographic commitments with immutable logging
  • Multi-objective cost, compliance, availability and environmental impact optimization in orchestration.
Importantly, these efforts should be validated on publicly available benchmarks and real-world testbeds, using adversarial evaluations and longitudinal studies to measure operational robustness and operational costs. Another significant contribution of this study lies in its multi-directional scope. In contrast to prior research, which typically focuses on a single dimension, such as security threats, defence mechanisms, or cost optimization, this work deliberately integrates multiple perspectives. This approach enables researchers to investigate interrelated trade-offs and comprehend implications on a broader system level. In conclusion, securing the distributed skies of multi-cloud environments will require integrated technical, operational, and policy solutions. Through the integration of existing insights, highlighting recurring challenges, and proposing a well-defined research direction, this study aims to support the development of transparent, resilient, and practically applicable multi-cloud security frameworks that are appropriate for real-world adoption.

Author Contributions

Conceptualization: L.H.B., T.S.K. and F.A.; Methodology: L.H.B., T.S.K. and F.A.; Software, L.H.B. and T.S.K.; validation: T.S.K. and F.A.; Formal analysis: L.H.B., T.S.K. and F.A.; Investigation: T.S.K. and F.A.; Resources: L.H.B. and T.S.K.; Data curation: L.H.B. and T.S.K.; Writing—original draft preparation: L.H.B. and T.S.K.; Writing—review and editing: F.A., M.S.I. and M.T.I.; visualization: T.S.K., F.A., M.S.I. and M.T.I.; Supervision: T.S.K. and F.A.; Project administration: T.S.K., F.A. and M.S.I.; Funding acquisition: M.S.I. All authors have read and agreed to the published version of the manuscript.

Funding

This research was funded by Universiti Telekom Sdn. Bhd., Research Management, Multimedia University, Persiaran Multimedia, 63100 Cyberjaya, Selangor, Malaysia.

Data Availability Statement

Summary of our analysis and the papers we have used for comparative analysis during this review work are mentioned in Table 4, Table 6 and Table 7.

Acknowledgments

The authors acknowledge the American International University Bangladesh (AIUB) and Universiti Telekom Sdn. Bhd., Multimedia University, 63100, Cyberjaya, Malaysia, for their support in this study, including facilities and encouragement.

Conflicts of Interest

The authors declare no conflicts of interest. The funder had no role in the design of the study; in the collection, analyses, or interpretation of data; in the writing of the manuscript; or in the decision to publish the results.

Abbreviations

AbbreviationFull Form
RBFNNRadial Basis Function Neural Network
CNNConvolutional Neural Network
LSTMLong Short-Term Memory
CNN-LSTMConvolutional Neural Network Long Short-Term Memory
DNNDeep Neural Networks
MLP-BPMulti-Layer Perceptron Backpropagation
MLP-PSOMulti-Layer Perceptron Particle Swarm Optimization
MFE-ELMMulti-Feature Extraction Extreme Learning Machine
I-GNInteger-Grading Normalization
OBL-RIOOpposition-Based Learning Rat Inspired Optimizer
2D-ACNN2D-Array Convolutional Neural Network
IoTInternet of Things
CAPEXCapital Expenditure
OPEXOperational Expenditure
SIEMSecurity Information and Event Management

References

  1. Viswanath, G.; Krishna, P.V. Hybrid encryption framework for securing big data storage in multi-cloud environment. Evol. Intell. 2021, 14, 691–698. [Google Scholar] [CrossRef]
  2. Canalys. Cloud Market Share Q4 2018 and Full Year 2018. 2018. Available online: https://www.canalys.com/newsroom/cloud-market-share-q4-2018-and-full-year-2018 (accessed on 11 January 2019).
  3. Subashini, S.; Kavitha, V. A survey on security issues in service delivery models of cloud computing. J. Netw. Comput. Appl. 2011, 34, 1–11. [Google Scholar] [CrossRef]
  4. AlZain, M.A.; Pardede, E.; Soh, B.; Thom, J.A. Cloud Computing Security: From Single to Multi-Clouds. In Proceedings of the 45th Hawaii International Conference on System Sciences (HICSS), Maui, HI, USA, 4–7 January 2012; IEEE: Piscataway, NJ, USA, 2012; pp. 5490–5499. [Google Scholar] [CrossRef]
  5. Ahmed, W. Trends and Challenges in Securing Cloud Computing Environments: An Overview of Current Techniques. Prem. J. Comput. Sci. 2024, 1, 100004. [Google Scholar] [CrossRef]
  6. Creasy, R.J. The Origin of the VM/370 Time-Sharing System. IBM J. Res. Dev. 1981, 25, 483–490. [Google Scholar] [CrossRef]
  7. Dee, R. Magnetic Tape for Data Storage: An Enduring Technology. Proc. IEEE 2008, 96, 1775–1785. [Google Scholar] [CrossRef]
  8. Berners-Lee, T.; Cailliau, R.; Groff, J.F.; Pollermann, B. World-Wide Web: The Information Universe. Internet Res. 2010, 20, 461–471. [Google Scholar] [CrossRef]
  9. Hertzfeld, A. Bill and Andy’s Excellent Adventure II. Wired Magazine. 1994. Available online: https://www.wired.com/1994/04/general-magic/ (accessed on 28 June 2025).
  10. Khajeh-Hosseini, A.; Sommerville, I.; Sriram, I. Research Challenges for Enterprise Cloud Computing. arXiv 2010, arXiv:1001.3257. [Google Scholar] [CrossRef]
  11. Choudhary, V. Software as a Service: Implications for Investment in Software Development. In Proceedings of the 40th Annual Hawaii International Conference on System Sciences (HICSS), Waikoloa, HI, USA, 3–6 January 2007; p. 209. [Google Scholar] [CrossRef]
  12. Khajeh-Hosseini, A.; Sommerville, I.; Sriram, I. Research Agenda in Cloud Technologies. arXiv 2010, arXiv:1001.3259. [Google Scholar] [CrossRef]
  13. Bugnion, E.; Devine, S.; Rosenblum, M.; Sugerman, J.; Wang, E.Y. Bringing Virtualization to the x86 Architecture with the Original VMware Workstation. ACM Trans. Comput. Syst. 2012, 30, 12:1–12:51. [Google Scholar] [CrossRef]
  14. Matana, T. Origin & History of ASP, SaaS, PaaS and Cloud Computing. Int. J. Sci. Res. Manag. 2024, 12, 1571–1607. [Google Scholar] [CrossRef]
  15. Randal, A. The Ideal Versus the Real: Revisiting the History of Virtual Machines and Containers. arXiv 2019, arXiv:1904.12226. [Google Scholar] [CrossRef]
  16. Buyya, R.; Calheiros, R.N.; Li, X. Autonomic Cloud Computing: Open Challenges and Architectural Elements. arXiv 2012, arXiv:1209.3356. [Google Scholar] [CrossRef]
  17. Yang, L.; Jaffe, S.; Holtz, D.; Suri, S.; Sinha, S.; Weston, J.; Joyce, C.; Shah, N.; Sherman, K.; Lee, C.J.; et al. How Work From Home Affects Collaboration: A Large-Scale Study of Information Workers in a Natural Experiment During COVID-19. arXiv 2020, arXiv:2007.15584. [Google Scholar] [CrossRef]
  18. López Flores, N.G.; Islind, A.S.; Óskarsdóttir, M. Effects of the COVID-19 Pandemic on Learning and Teaching: A Case Study from Higher Education. arXiv 2021, arXiv:2105.01432. [Google Scholar] [CrossRef]
  19. Cao, Y.; Li, S.; Liu, Y.; Yan, Z.; Dai, Y.; Yu, P.S.; Sun, L. A Comprehensive Survey of AI-Generated Content (AIGC): A History of Generative AI from GAN to ChatGPT. arXiv 2023, arXiv:2303.04226. [Google Scholar] [CrossRef]
  20. Mohamadi, S.; Mujtaba, G.; Le, N.; Doretto, G.; Adjeroh, D.A. ChatGPT in the Age of Generative AI and Large Language Models: A Concise Survey. arXiv 2023, arXiv:2307.04251. [Google Scholar] [CrossRef]
  21. Pérez-Martínez, J.; Díaz, J.; Berrocal, J.; López-Viana, R.; González-Prieto, A. Edge computing. Computing 2022, 104, 2711–2747. [Google Scholar] [CrossRef]
  22. Hasan, B.T.; Idrees, A.K. Edge Computing for IoT. arXiv 2024, arXiv:2402.13056. [Google Scholar] [CrossRef]
  23. Tuli, S.; Mirhakimi, F.; Pallewatta, S.; Casale, G.; Javadi, B.; Yan, F.; Buyya, R.; Jennings, N.R. AI-Augmented Edge and Fog Computing: Trends and Challenges. arXiv 2022, arXiv:2208.00761. [Google Scholar] [CrossRef]
  24. Alonso, J.; Orue-Echevarria, L.; Casola, V.; Torre, A.I.; Huarte, M.; Osaba, E.; Lobo, J.L. Understanding the challenges and novel architectural models of multi-cloud native applications—A systematic literature review. J. Cloud Comput. 2023, 12, 6. [Google Scholar] [CrossRef]
  25. Atieh, A.T. The next generation cloud technologies: A review on distributed cloud, fog and edge computing and their opportunities and challenges. Res. Berg Rev. Sci. Technol. 2021, 1, 1–15. [Google Scholar]
  26. Somani, U.; Kanika, L.; Manish, M. Implementing digital signature with RSA encryption algorithm to enhance the data security of cloud in cloud computing. In Proceedings of the First International Conference on Parallel, Distributed and Grid Computing (PDGC ’10), Solan, India, 28–30 October 2010; IEEE: Piscataway, NJ, USA, 2010; pp. 211–216. [Google Scholar] [CrossRef]
  27. Pachala, S.; Rupa, C.; Sumalatha, L. An improved security and privacy management system for data in multi-cloud environments using a hybrid approach. Evol. Intell. 2021, 14, 1117–1133. [Google Scholar] [CrossRef]
  28. Nandhini, M.; Madhavi, S. Provisioning of data security for file transformation on multi-cloud storage. Bonfring Int. J. Softw. Eng. Soft Comput. 2019, 9, 15–16. [Google Scholar]
  29. Miyachi, C. What is “Cloud”? It is time to update the NIST definition? IEEE Cloud Comput. 2018, 5, 6–11. [Google Scholar] [CrossRef]
  30. Talbi, J.; Haqiq, A. A cloud broker architecture for cloud service selection based on multi-criteria decision making and rough set theory. Int. J. Comput. Aided Eng. Technol. 2020, 13, 448–464. [Google Scholar] [CrossRef]
  31. Software Development Company USA. Simform. 2020. Available online: http://www.simform.com/ (accessed on 28 June 2025).
  32. Fu, Z.; Sun, X.; Liu, Q.; Zhou, L.; Shu, J. Achieving Efficient Cloud Search Services: Multi-Keyword Ranked Search over Encrypted Cloud Data Supporting Parallel Computing. IEICE Trans. Commun. 2015, 98, 190–200. [Google Scholar] [CrossRef]
  33. Junghanns, P.; Fabian, B.; Ermakova, T. Engineering of secure multi-cloud storage. Comput. Ind. 2016, 83, 108–120. [Google Scholar] [CrossRef]
  34. Agrawal, D.; Das, S.; Abbadi, A.E. Big data and cloud computing: Current state and future opportunities. In Proceedings of the 14th International Conference on Extending Database Technology (EDBT/ICDT ’11), Uppsala, Sweden, 21–24 March 2011; pp. 530–533. [Google Scholar] [CrossRef]
  35. Zardari, M.; Low, T.; Zakaria, M. Hybrid Multi-cloud Data Security (HMCDS) Model and Data Classification. In Proceedings of the 2013 International Conference on Advanced Computer Science Applications and Technologies (ACSAT ’13), Kuching, Malaysia, 23–24 December 2013; IEEE: Piscataway, NJ, USA, 2013; pp. 166–171. [Google Scholar] [CrossRef]
  36. Gundu, S.R.; Panem, C.A.; Thimmapuram, A. Hybrid IT and Multi Cloud an Emerging Trend and Improved Performance in Cloud Computing. SN Comput. Sci. 2020, 1, 256. [Google Scholar] [CrossRef]
  37. Bello, S.A.; Oyedele, L.O.; Akinade, O.O.; Bilal, M.; Delgado, J.M.D.; Akanbi, L.A.; Ajayi, A.O.; Owolabi, H.A. Cloud computing in construction industry: Use cases, benefits and challenges. Autom. Constr. 2021, 122, 103441. [Google Scholar] [CrossRef]
  38. Goscinski, A.; Brock, M. Toward dynamic and attribute based publication, discovery and selection for cloud computing. Future Gener. Comput. Syst. 2010, 26, 947–970. [Google Scholar] [CrossRef]
  39. Pallis, G. Cloud computing: The new frontier of internet computing. IEEE Internet Comput. 2010, 14, 70–73. [Google Scholar] [CrossRef]
  40. Misra, S.C.; Mondal, A. Identification of a company’s suitability for the adoption of cloud computing and modelling its corresponding return on investment. Math. Comput. Model. 2011, 53, 504–521. [Google Scholar] [CrossRef]
  41. Armbrust, M.; Stoica, I.; Zaharia, M.; Fox, A.; Griffith, R.; Joseph, A.D.; Katz, R.; Konwinski, A.; Lee, G.; Patterson, D.; et al. A view of cloud computing. Commun. ACM 2010, 53, 50–58. [Google Scholar] [CrossRef]
  42. Sharif, A.M. It’s written in the cloud: The hype and promise of cloud computing. J. Enterp. Inf. Manag. 2010, 23, 131–134. [Google Scholar] [CrossRef]
  43. Voorsluys, W.; Broberg, J.; Venugopal, S.; Buyya, R. Cost of virtual machine live migration in clouds: A performance evaluation. In Proceedings of the 1st International Conference on Cloud Computing, Beijing, China, 1–4 December 2009; pp. 245–265. [Google Scholar] [CrossRef]
  44. Sultan, N. Cloud computing for education: A new dawn? Int. J. Inf. Manag. 2010, 30, 109–116. [Google Scholar] [CrossRef]
  45. Banyal, R.K.; Jain, V.K.; Jain, P. Dynamic Trust Based Access Control Framework for Securing Multi-Cloud Environment. In Proceedings of the 2014 International Conference on Information and Communication Technology for Competitive Strategies (ICTCS ’14), Udaipur Rajasthan, India, 14–16 November 2014; pp. 1–8. [Google Scholar] [CrossRef]
  46. Takabi, D.; Joshi, J.; Ahn, G.J. SecureCloud: Towards a Comprehensive Security Framework for Cloud Computing Environments. In Proceedings of the International Computer Software and Applications Conference (COMPSACW ’10), Seoul, Republic of Korea, 19–23 July 2010; pp. 393–398. [Google Scholar] [CrossRef]
  47. Alliance, C.S. Security Guidance for Critical Areas of Focus in Cloud Computing V3.0. Technical Report. 2011. Available online: https://www.researchgate.net/publication/356433278_Security_guidance_for_critical_areas_of_focus_in_cloud_computing_v30; also available: https://cloudsecurityalliance.org/artifacts/security-guidance-for-critical-areas-of-focus-in-cloud-computing-v3# (accessed on 20 November 2025).
  48. Abbadi, I.M. A framework for establishing trust in Cloud provenance. Int. J. Inf. Secur. 2013, 12, 111–128. [Google Scholar] [CrossRef]
  49. Sekar, J. Multi-cloud Strategies for Distributed AI Workflows and Application. J. Emerg. Technol. Innov. Res. 2023, 10, 600–610. [Google Scholar]
  50. NIST. The NIST Definition of Cloud Computing; Special Publication 800-145; National Institute of Standards and Technology: Gaithersburg, MD, USA, 2011. [Google Scholar]
  51. Buyya, R.; Yeo, C.S.; Venugopal, S.; Broberg, J.; Brandic, I. Cloud computing and emerging IT platforms: Vision, hype, and reality for delivering computing as the 5th utility. Future Gener. Comput. Syst. 2009, 25, 599–616. [Google Scholar] [CrossRef]
  52. Armbrust, M.; Fox, A.; Griffith, R.; Joseph, A.D.; Katz, R.H.; Konwinski, A.; Lee, G.; Patterson, D.A.; Rabkin, A.; Stoica, I.; et al. Above the Clouds: A Berkeley View of Cloud Computing; Technical Report UCB/EECS-2009-28; University of California: Berkeley, CA, USA, 2009. [Google Scholar]
  53. Marston, S.; Li, Z.; Bandyopadhyay, S.; Zhang, J.; Ghalsasi, A. Cloud computing—The business perspective. Decis. Support Syst. 2011, 51, 176–189. [Google Scholar] [CrossRef]
  54. Adabala, S.K. The Role of Cloud Computing in Driving Business Innovation. Int. J. Innov. Res. Creat. Technol. 2020, 6, 1–19. [Google Scholar]
  55. Zawoad, S.; Hasan, R. Cloud Forensics: A Meta-Study of Challenges, Approaches, and Open Problems. arXiv 2013, arXiv:1302.6312. [Google Scholar] [CrossRef]
  56. Yeboah-Ofori, A.; Jafar, A.; Abisogun, T.; Hilton, I.; Oseni, W.; Musa, A. Data Security and Governance in Multi-Cloud Computing Environment. In Proceedings of the 11th International Conference on Future Internet of Things and Cloud (FiCloud ’24), Vienna, Austria, 19–21 August 2024; pp. 215–222. [Google Scholar] [CrossRef]
  57. Mishra, S.K.; Mishra, S.; Alsayat, A.; Jhanjhi, N.Z.; Humayun, M.; Sahoo, K.S.; Luhach, A.K. Energy-Aware Task Allocation for Multi-Cloud Networks. IEEE Access 2020, 8, 178825–178834. [Google Scholar] [CrossRef]
  58. Mavrogeorgi, N.; Gogouvitis, S.; Voulodimos, A.; Kiriazis, D.; Varvarigou, T.; Shulman-Peleg, A.; Kolodner, E.K. Dynamic Rule-Based SLA Management in Clouds. In Proceedings of the 2013 IEEE Sixth International Conference on Cloud Computing (CLOUD ’13), Santa Clara, CA, USA, 28 June–3 July 2013; pp. 964–965. [Google Scholar] [CrossRef]
  59. Lin, X.; Wang, Y.; Xie, Q.; Pedram, M. Task Scheduling with Dynamic Voltage and Frequency Scaling for Energy Minimization in the Mobile Cloud Computing Environment. IEEE Trans. Serv. Comput. 2014, 8, 175–186. [Google Scholar] [CrossRef]
  60. Ferrer, A.J.; Pérez, D.G.; González, R.S. Multi-cloud Platform-as-a-service Model, Functionalities and Approaches. Procedia Comput. Sci. 2016, 97, 63–72. [Google Scholar] [CrossRef]
  61. Cachin, C.; Keidar, I.; Shraer, A. Trusting the cloud. SIGACT News 2009, 40, 81–86. [Google Scholar] [CrossRef]
  62. Alyas, T.; Alissa, K.; Alqahtani, M.; Faiz, T.; Alsaif, S.A.; Tabassum, N.; Naqvi, H.H. Multi-Cloud Integration Security Framework Using Honeypots. Mob. Inf. Syst. 2022, 2022, 2600712. [Google Scholar] [CrossRef]
  63. Gonzalez, A.E.; Arzuaga, E. HerdMonitor: Monitoring Live Migrating Containers in Cloud Environments. In Proceedings of the 2020 IEEE International Conference on Big Data (BigData ’20), Atlanta, GA, USA, 10–13 December 2020; pp. 2180–2189. [Google Scholar]
  64. James, W. AI-Powered Threat Detection in Hybrid and Multi-Cloud Environments: Overcoming Security Challenges. 2023. Available online: https://www.researchgate.net/publication/384935856_AI-Powered_Threat_Detection_in_Hybrid_and_Multi-Cloud_Environments_Overcoming_Security_Challenges (accessed on 20 November 2025).
  65. Heilig, L.; Lalla-Ruiz, E.; Voß, S. Modeling and solving cloud service purchasing in multi-cloud environments. Expert Syst. Appl. 2020, 147, 113165. [Google Scholar] [CrossRef]
  66. Hoffa, C.; Mehta, G.; Freeman, T.; Deelman, E.; Keahey, K.; Berriman, B.; Good, J. On the use of cloud computing for scientific workflows. In Proceedings of the Fourth IEEE International Conference on eScience (eScience ’08), Indianapolis, IN, USA, 7–12 December 2008; IEEE: Piscataway, NJ, USA, 2008; pp. 640–645. [Google Scholar]
  67. Tuli, S.; Mahmud, R.; Tuli, S.; Buyya, R. Towards Secure Fog Computing: A Survey on Trust Management, Privacy, Authentication, Threats and Access Control. Electronics 2021, 10, 1171. [Google Scholar] [CrossRef]
  68. Guan, S.; De Grande, R.E.; Boukerche, A. A Multi-Layered Scheme for Distributed Simulations on the Cloud Environment. IEEE Trans. Cloud Comput. 2019, 7, 5–18. [Google Scholar] [CrossRef]
  69. Muhil, M.; Krishna, U.H.; Kumar, R.K.; Anita, E.A.M. Securing Multi-cloud Using Secret Sharing Algorithm. Procedia Comput. Sci. 2015, 50, 421–426. [Google Scholar] [CrossRef]
  70. Zhou, L.; Zygmunt, H. Securing Ad Hoc Networks. IEEE Netw. 1999, 13, 24–30. [Google Scholar] [CrossRef]
  71. Kritikos, K.; Zeginis, C.; Iranzo, J.; Gonzalez, R.S.; Seybold, D.; Griesinger, F.; Domaschka, J. Multi-cloud provisioning of business processes. J. Cloud Comput. 2019, 8, 18. [Google Scholar] [CrossRef]
  72. Journal of Cloud Computing. 2020. Available online: https://journalofcloudcomputing.springeropen.com/ (accessed on 28 June 2025).
  73. Pochu, S.; Nersu, S.; Kathram, S. Multi-Cloud DevOps Strategies: A Framework for Agility and Cost Optimization. J. Artif. Intell. Gen. Sci. 2024, 7, 104–119. [Google Scholar] [CrossRef]
  74. Seth, D.; Nerella, H.; Najana, M.; Tabbassum, A. Navigating the Multi-Cloud Maze: Benefits, Challenges, and Future Trends. Int. J. Glob. Innov. Solut. (IJGIS) 2024. [Google Scholar] [CrossRef]
  75. Abu-Libdeh, H.; Princehouse, L.; Weatherspoon, H. RACS: A case for cloud storage diversity. In Proceedings of the 1st ACM Symposium on Cloud Computing (SoCC ’10), Indianapolis, IN, USA, 10–11 June 2010; pp. 229–240. [Google Scholar] [CrossRef]
  76. Bessani, A.; Correia, M.; Quaresma, B.; André, F.; Sousa, P. DepSky: Dependable and Secure Storage in a Cloud-of-Clouds. ACM Trans. Storage 2013, 9, 1–33. [Google Scholar] [CrossRef]
  77. Bowers, K.D.; Juels, A.; Oprea, A. HAIL: A high-availability and integrity layer for cloud storage. In Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS ’09), Chicago, IL, USA, 9–13 November 2009; pp. 187–198. [Google Scholar] [CrossRef]
  78. Cachin, C.; Haas, R.; Vukolic, M. Dependable Storage in the Intercloud. Tech. Report 3783, IBM Research. 2010. Available online: https://www.researchgate.net/publication/288925333_Dependable_storage_in_the_Intercloud/citation/download (accessed on 16 July 2025).
  79. Megouache, L.; Zitouni, A.; Djoudi, M. Ensuring User Authentication and Data Integrity in Multi-Cloud Environment. Hum.-Centric Comput. Inf. Sci. 2020, 10, 15. [Google Scholar] [CrossRef]
  80. Reece, M.; Lander, T.E.; Stoffolano, M.; Sampson, A.; Dykstra, J.; Mittal, S.; Rastogi, N. Systemic Risk and Vulnerability Analysis of Multi-cloud Environments. arXiv 2023, arXiv:2306.01862. [Google Scholar] [CrossRef]
  81. Afolaranmi, S.O.; Ferrer, B.R.; Martinez Lastra, J.L. A Framework for Evaluating Security in Multi-Cloud Environments. In Proceedings of the 44th Annual Conference of the IEEE Industrial Electronics Society (IECON ’18), Washington, DC, USA, 21–23 October 2018; pp. 3059–3066. [Google Scholar] [CrossRef]
  82. Lander, T.E., Jr. Multi-Cloud Architecture Attacks Through Application Programming Interfaces. Master’s Thesis, Mississippi State University, Starkville, MS, USA, 2024. [Google Scholar]
  83. Sun, P.J. Privacy Protection and Data Security in Cloud Computing: A Survey, Challenges, and Solutions. IEEE Access 2019, 7, 147420–147452. [Google Scholar] [CrossRef]
  84. Gupta, L.; Salman, T.; Ghubaish, A.; Unal, D.; Al-Ali, A.K.; Jain, R. Cybersecurity of multi-cloud healthcare systems: A hierarchical deep learning approach. Appl. Soft Comput. 2022, 118, 108439. [Google Scholar] [CrossRef]
  85. Salman, T.; Bhamare, D.; Erbad, A.; Jain, R.; Samaka, M. Machine Learning for Anomaly Detection and Categorization in Multi-Cloud Environments. In Proceedings of the 2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud ’17), New York, NY, USA, 26–28 June 2017; pp. 97–103. [Google Scholar] [CrossRef]
  86. Hayajneh, T.; Mohd, B.; Itradat, A. Performance and Information Security Evaluation with Firewalls. Int. J. Secur. Its Appl. 2013, 7, 335–372. [Google Scholar] [CrossRef]
  87. Binu, C.T.; Mohan Kumar, S. A Review on Security Issues in Multi Cloud Computing and Prevention by Security Measures. Int. J. Sci. Res. Publ. 2023, 13, 248–254. [Google Scholar] [CrossRef]
  88. Reece, M.; Rastogi, N.; Lander, T.; Dykstra, J.; Mittal, S.; Sampson, A. Defending Multi-Cloud Applications Against Man-in-the-Middle Attacks. In Proceedings of the 29th ACM Symposium on Access Control Models and Technologies (SACMAT 2024), San Antonio, TX, USA, 15–17 May 2024; pp. 47–52. [Google Scholar] [CrossRef]
  89. Awodele, O.; Ogu, E.; Kuyoro, S.; Umezuruike, C. On the Evolution of Virtualization and Cloud Computing: A Review. J. Comput. Sci. Appl. 2014, 2, 40–43. [Google Scholar] [CrossRef]
  90. Kilari, N.; Sridaran, R. A Survey on Security Threats for Cloud Computing. Int. J. Eng. Res. Technol. (IJERT) 2021, 1. [Google Scholar]
  91. Torkura, K.A.; Sukmana, M.I.H.; Cheng, F.; Meinel, C. Continuous auditing and threat detection in multi-cloud infrastructure. Comput. Secur. 2021, 102, 102124. [Google Scholar] [CrossRef]
  92. Cloud Security Alliance (CSA). Top Threats to Cloud Computing: The Egregious 11; Technical Report; Cloud Security Alliance: Seattle, WA, USA, 2019. [Google Scholar]
  93. Trend Micro. Data on 123 Million US Households Exposed Due to Misconfigured AWS S3 Bucket. 2017. Available online: https://www.trendmicro.com/vinfo/au/security/news/virtualization-and-cloud/data-on-123-million-us-households-exposed-due-to-misconfigured-aws-s3-bucket (accessed on 16 July 2025).
  94. UpGuard. Data Leaks, Cyber Risk, and eStar. 2017. Available online: https://www.upguard.com/breaches/cloud-leak-alteryx (accessed on 20 November 2025).
  95. Kincaid, J. Google Privacy Blunder Shares Your Docs Without Permission. 2009. Available online: http://techcrunch.com/2009/03/07/huge-google-privacy-blunder-shares-your-docs-without-permission/ (accessed on 16 July 2025).
  96. Jensen, M.; Schwenk, J.; Gruschka, N.; Iacono, L.L. Security Prospects through Cloud Computing by Adopting Multiple Clouds. In Proceedings of the IEEE 4th International Conference on Cloud Computing (CLOUD), Washington, DC, USA, 4–9 July 2011; IEEE: Piscataway, NJ, USA, 2011; pp. 565–572. [Google Scholar] [CrossRef]
  97. Ristenpart, T.; Tromer, E.; Shacham, H.; Savage, S. Hey, you, get off of my cloud: Exploring information leakage in third-party compute clouds. In Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS ’09), Chicago, IL, USA, 9–13 November 2009; pp. 199–212. [Google Scholar] [CrossRef]
  98. Gruschka, N.; Iacono, L.L. Vulnerable Cloud: SOAP Message Security Validation Revisited. In Proceedings of the 2009 IEEE International Conference on Web Services (ICWS ’09), Los Angeles, CA, USA, 6–10 July 2009; pp. 625–631. [Google Scholar] [CrossRef]
  99. McIntosh, M.; Austel, P. XML Signature Element Wrapping Attacks and Countermeasures. In Proceedings of the 2005 Workshop on Secure Web Services (SWS ’05), Fairfax, VA, USA, 11 November 2005; pp. 20–27. [Google Scholar] [CrossRef]
  100. Ponemon, I. Cost of a Data Breach Report; Benchmark Research Sponsored by IBM Security Independently Conducted by Ponemon Institute LLC; 2019. Available online: https://insights.integrity360.com/hubfs/2019-cost-of-a-data-breach-report-04_03025203USEN.pdf (accessed on 20 November 2025).
  101. Mohammad, N. Enhancing Security and Privacy in Multi-Cloud Environments: A Comprehensive Study on Encryption Techniques and Access Control Mechanisms. Int. J. Comput. Eng. Technol. 2021, 12, 51–63. [Google Scholar]
  102. Caprolu, M.; Raponi, S.; Oligeri, G.; Di Pietro, R. Cryptomining Makes Noise: A Machine Learning Approach for Cryptojacking Detection. arXiv 2020, arXiv:1910.09272. [Google Scholar] [CrossRef]
  103. Jayasinghe, K.; Guhanathan, P. A Survey of Attack Instances of Cryptojacking Targeting Cloud Infrastructure. In Proceedings of the 2020 2nd International Conference on Cloud Computing and Internet of Things (CCIOT 2020), Singapore, 22–24 February 2020; pp. 100–107. [Google Scholar] [CrossRef]
  104. Tekiner, E.; Acar, A.; Uluagac, A.S.; Kirda, E.; Selcuk, A.A. SoK: Cryptojacking Malware. arXiv 2021, arXiv:2103.03851. [Google Scholar] [CrossRef]
  105. Somani, G.; Gaur, M.S.; Sanghi, D.; Conti, M.; Buyya, R. DDoS Attacks in Cloud Computing: Issues, Taxonomy and Future Directions. Comput. Commun. 2017, 107, 30–48. [Google Scholar] [CrossRef]
  106. Dorsett, M.; Mann, S.; Chowdhury, J.; Mahmood, A. A Comprehensive Review of Denial of Wallet Attacks in Serverless Architectures. arXiv 2025, arXiv:2508.19284. [Google Scholar] [CrossRef]
  107. Karami, M.; Gupta, L.; Shakarian, P.; Shakarian, J. Attribution of Economic Denial of Sustainability Attacks in Public Clouds. EAI Endorsed Trans. Secur. Saf. 2018, 4, e2. [Google Scholar] [CrossRef]
  108. Saeed, S.; Zainal, A.B.; Ghaleb, F.A.; Al-rimy, B.A.S. Enhancing Public Cloud Resilience: An Analytical Review of Detection and Mitigation Strategies Against Economic Denial of Sustainability Attacks. Discov. Internet Things 2025, 5, 79. [Google Scholar] [CrossRef]
  109. Somasundaram, A. Economic Denial of Sustainability (EDoS) Attack on Cloud—A Survey. ICTACT J. Commun. Technol. 2016, 7, 1402–1407. [Google Scholar] [CrossRef]
  110. Aldhyani, T.H.H.; Alkahtani, H. Artificial Intelligence Algorithm-Based Economic Denial of Sustainability Attack Detection Systems: Cloud Computing Environments. Sensors 2022, 22, 4685. [Google Scholar] [CrossRef]
  111. Frieß, J.; Gattermayer, T.; Gelernter, N.; Schulmann, H.; Waidner, M. Cloudy with a Chance of Cyberattacks: Dangling Resources Abuse on Cloud Platforms. arXiv 2024, arXiv:2403.19368. [Google Scholar] [CrossRef]
  112. Pansy. 80+ Cloud Security Statistics to Know for 2024. 2024. Available online: https://sprinto.com/blog/cloud-security-statistics/ (accessed on 16 July 2025).
  113. IBM. Cost of a Data Breach 2024. 2024. Available online: https://www.ibm.com/reports/data-breach (accessed on 20 November 2025).
  114. Alouffi, B.; Hasnain, M.; Alharbi, A.; Alosaimi, W.; Alyami, H.; Ayaz, M. A Systematic Literature Review on Cloud Computing Security: Threats and Mitigation Strategies. IEEE Access 2021, 9, 57792–57807. [Google Scholar] [CrossRef]
  115. Jaeger, P.; Lin, J.; Grimes, J. Cloud Computing and Information Policy: Computing in a Policy Cloud? J. Inf. Technol. Politics 2008, 5, 269–283. [Google Scholar] [CrossRef]
  116. Sasubilli, M.K.; Venkateswarlu, R. Cloud Computing Security Challenges, Threats and Vulnerabilities. In Proceedings of the 6th International Conference on Inventive Computation Technologies (ICICT ’21), Coimbatore, India, 20–22 January 2021; pp. 476–480. [Google Scholar] [CrossRef]
  117. Tankard, C. What the GDPR Means for Businesses. Netw. Secur. 2016, 2016, 5–8. [Google Scholar] [CrossRef]
  118. European Union. General Data Protection Regulation (GDPR). 2020. Available online: https://eur-lex.europa.eu/eli/reg/2016/679/oj (accessed on 20 November 2025).
  119. Cloud Security Alliance (CSA). State of Cloud Report; Cloud Security Alliance: Seattle, WA, USA, 2018; Available online: https://cloudsecurityalliance.org/artifacts/state-of-cloud-report (accessed on 20 November 2025).
  120. NetDiligence. Cyber Claims Study 2020 Report. 2020. Available online: https://netdiligence.com/cyber-claims-study-2020-report/ (accessed on 20 November 2025).
  121. Ali, T.E.; Zoltan, A.D. Hierarchical Deep Learning for Robust Cybersecurity in Multi-Cloud Healthcare Infrastructures. Eng. Technol. Appl. Sci. Res. 2025, 15, 20358–20366. [Google Scholar] [CrossRef]
  122. Choi, S.J.; Johnson, M.E. Do Hospital Data Breaches Reduce Patient Care Quality? arXiv 2019. [Google Scholar] [CrossRef]
  123. Marelli, M. The SolarWinds Hack: Lessons for International Humanitarian Organizations. Int. Rev. Red Cross 2022, 104, 1267–1284. [Google Scholar] [CrossRef]
  124. Jones, J.; Smith, B.; Micheal, O.; Barnes, M.; Adebayo, H. Revolutionizing Cybersecurity with AI-Driven SIEM: Optimizing Threat Detection in Multi-Cloud Environments. 2025; unpublished manuscript. [Google Scholar]
  125. Velavan, A.S.; Sureshkumar, C. Double Fuzzy Clustering-Driven Context Neural Network for Intrusion Detection in Cloud Computing. Wirel. Netw. 2025, 31, 2513–2524. [Google Scholar] [CrossRef]
  126. Masoodi, H.J.K.A.L. Evaluating the Effectiveness of Machine Learning-Based Intrusion Detection in Multi-Cloud Environments. Babylon. J. Internet Things 2024, 2024, 94–105. [Google Scholar] [CrossRef]
  127. Mitropoulou, K.; Kokkinos, P.; Soumplis, P.; Varvarigos, E. Anomaly Detection in Cloud Computing using Knowledge Graph Embedding and Machine Learning Mechanisms. J. Grid Comput. 2024, 22, 6. [Google Scholar] [CrossRef]
  128. Fatani, A.; Dahou, A.; Abd Elaziz, M.; Al-qaness, M.A.A.; Lu, S.; Alfadhli, S.A.; Alresheedi, S.S. Enhancing Intrusion Detection Systems for IoT and Cloud Environments Using a Growth Optimizer Algorithm and Conventional Neural Networks. Sensors 2023, 23, 4430. [Google Scholar] [CrossRef]
  129. Alzughaibi, S.; El Khediri, S. A Cloud Intrusion Detection Systems Based on DNN Using Backpropagation and PSO on the CSE-CIC-IDS2018 Dataset. Appl. Sci. 2023, 13, 2276. [Google Scholar] [CrossRef]
  130. Attou, H.; Mohy-eddine, M.; Guezzaz, A.; Benkirane, S.; Azrour, M.; Alabdultif, A.; Almusallam, N. Towards an Intelligent Intrusion Detection System to Detect Malicious Activities in Cloud Computing. Appl. Sci. 2023, 13, 9588. [Google Scholar] [CrossRef]
  131. Bingu, R.; Jothilakshmi, S. Design of Intrusion Detection System using Ensemble Learning Technique in Cloud Computing Environment. Int. J. Adv. Comput. Sci. Appl. (IJACSA) 2023, 14, 751–764. [Google Scholar] [CrossRef]
  132. Lin, H.; Xue, Q.; Feng, J.; Bai, D. Internet of things intrusion detection model and algorithm based on cloud computing and multi-feature extraction extreme learning machine. Digit. Commun. Netw. 2023, 9, 111–124. [Google Scholar] [CrossRef]
  133. Nizamudeen, S. Intelligent intrusion detection framework for multi-clouds–IoT environment using swarm-based deep learning classifier. J. Cloud Comput. 2023, 12, 134. [Google Scholar] [CrossRef]
  134. Shahzad, F.; Mannan, A.; Javed, A.; Almadhor, A.S.; Baker, T.; Al-Jumeily OBE, D. Cloud-based multiclass anomaly detection and categorization using ensemble learning. J. Cloud Comput. 2022, 11, 74. [Google Scholar] [CrossRef]
  135. Samunnisa, K.; Kumar, G.S.V.; Madhavi, K. Intrusion detection system in distributed cloud computing: Hybrid clustering and classification methods. Meas. Sens. 2023, 25, 100612. [Google Scholar] [CrossRef]
  136. Abusitta, A.; Bellaiche, M.; Dagenais, M.; Halabi, T. A Deep Learning Approach for Proactive Multi-Cloud Cooperative Intrusion Detection System. Future Gener. Comput. Syst. 2019, 98, 308–318. [Google Scholar] [CrossRef]
  137. Achar, S. Cloud Computing Security for Multi-Cloud Service Providers: Controls and Techniques in Our Modern Threat Landscape. Int. J. Comput. Syst. Eng. 2022, 16, 379–384. [Google Scholar] [CrossRef]
  138. Deepa, T.; Kiran Mayee, M. Cloud Computing: Security and Privacy Issues. Int. J. Trend Res. Dev. (IJTRD) 2017. Available online: http://www.ijtrd.com/papers/IJTRD13397.pdf (accessed on 14 October 2025).
  139. Razaque, A.; Nadimpalli, S.S.V.; Vommina, S.; Atukuri, D.K.; Reddy, D.N.; Anne, P.; Vegi, D.; Malllapu, V.S. Secure Data Sharing in Multi-Clouds. In Proceedings of the 2016 International Conference on Electrical, Electronics, and Optimization Techniques (ICEEOT), Chennai, India, 3–5 March 2016; pp. 1909–1913. [Google Scholar] [CrossRef]
  140. Rodigari, S.; O’Shea, D.; McCarthy, P.; McCarry, M.; McSweeney, S. Performance Analysis of Zero-Trust Multi-Cloud. In Proceedings of the 14th IEEE International Conference on Cloud Computing (CLOUD ’21), Chicago, IL, USA, 5–10 September 2021; pp. 730–732. [Google Scholar] [CrossRef]
  141. Dickinson, M.; Debroy, S.; Calyam, P.; Valluripally, S.; Zhang, Y.; Antequera, R.B.; Joshi, T.; White, T.; Xu, D. Multi-Cloud Performance and Security Driven Federated Workflow Management. IEEE Trans. Cloud Comput. 2021, 9, 240–257. [Google Scholar] [CrossRef]
  142. Kurdi, H.; Alsalamah, S.; Alatawi, A.; Alfaraj, S.; Altoaimy, L.; Ahmed, S.H. HealthyBroker: A Trustworthy Blockchain-Based Multi-Cloud Broker for Patient-Centered eHealth Services. Electronics 2019, 8, 602. [Google Scholar] [CrossRef]
  143. Alaluna, M.; Vial, E.; Neves, N.; Ramos, F.M.V. Secure Multi-Cloud Network Virtualization. Comput. Netw. 2019, 161, 168–185. [Google Scholar] [CrossRef]
  144. Shirvani, M.H. Web Service Composition in Multi-Cloud Environment: A Bi-Objective Genetic Optimization Algorithm. In Proceedings of the 2018 Innovations in Intelligent Systems and Applications (INISTA ’18), Thessaloniki, Greece, 3–5 July 2018; pp. 1–6. [Google Scholar] [CrossRef]
  145. Subramanian, K.; John, F.L. Enhanced Security for Data Sharing in Multi Cloud Storage (SDSMC). Int. J. Adv. Comput. Sci. Appl. 2017, 8, 176–185. [Google Scholar] [CrossRef]
  146. Sarojini, G.; Vijayakumar, V.A.; Selvamani, K. Trusted and Reputed Services Using Enhanced Mutual Trusted and Reputed Access Control Algorithm in Cloud. Procedia Comput. Sci. 2016, 92, 506–512. [Google Scholar] [CrossRef]
  147. Sulochana, M.; Dubey, O. Preserving Data Confidentiality Using Multi-cloud Architecture. Procedia Comput. Sci. 2015, 50, 357–362. [Google Scholar] [CrossRef]
  148. Fan, W.; Perros, H. A Novel Trust Management Framework for Multi-Cloud Environments Based on Trust Service Providers. Knowl.-Based Syst. 2014, 70, 392–406. [Google Scholar] [CrossRef]
  149. Kumar, N.S.; Lakshmi, G.V.R.; Balamurugan, B. Enhanced Attribute Based Encryption for Cloud Computing. Procedia Comput. Sci. 2015, 46, 689–696. [Google Scholar] [CrossRef]
  150. Alhamazani, K.; Ranjan, R.; Mitra, K.; Jayaraman, P.P.; Huang, Z.; Wang, L.; Rabhi, F. CLAMS: Cross-layer Multi-cloud Application Monitoring-as-a-Service Framework. In Proceedings of the 2014 IEEE International Conference on Services Computing (SCC ’14), Anchorage, AK, USA, 27 June–2 July 2014; pp. 283–290. [Google Scholar] [CrossRef]
  151. Giweli, N.; Shahrestani, S.; Cheung, H. Enhancing Data Privacy and Access Anonymity in Cloud Computing. Commun. IBIMA 2013, 2013, 1–10. [Google Scholar] [CrossRef]
  152. Dou, W.; Zhang, X.; Liu, J.; Chen, J. HireSome-II: Towards Privacy-Aware Cross-Cloud Service Composition for Big Data Applications. IEEE Trans. Parallel Distrib. Syst. 2015, 26, 455–466. [Google Scholar] [CrossRef]
  153. Tabalvandani, M.A.N.; Shirvani, M.H.; Motameni, H. Reliability-aware web service composition with cost minimization perspective: A multi-objective particle swarm optimization model in multi-cloud scenarios. Soft Comput. 2024, 28, 5173–5196. [Google Scholar] [CrossRef]
  154. Tang, X. Reliability-Aware Cost-Efficient Scientific Workflows Scheduling Strategy on Multi-Cloud Systems. IEEE Trans. Cloud Comput. 2022, 10, 2909–2919. [Google Scholar] [CrossRef]
  155. Wojtowicz, D.T.; Yin, S.; Morvan, F.; Hameurlain, A. Cost-Effective Dynamic Optimisation for Multi-Cloud Queries. In Proceedings of the 2021 IEEE 14th International Conference on Cloud Computing (CLOUD), Chicago, IL, USA, 5–10 September 2021; IEEE: Piscataway, NJ, USA, 2021; pp. 387–397. [Google Scholar] [CrossRef]
  156. Wang, P.; Zhao, C.; Liu, W.; Chen, Z.; Zhang, Z. Optimizing Data Placement for Cost Effective and High Available Multi-Cloud Storage. Comput. Inform. 2020, 39, 51–82. [Google Scholar] [CrossRef]
  157. Gao, T.; Wu, C.Q.; Hou, A.; Wang, Y.; Li, R.; Xu, M. Minimizing Financial Cost of Scientific Workflows under Deadline Constraints in Multi-Cloud Environments. In Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing (SAC ’19), Limassol, Cyprus, 8–12 April 2019; pp. 114–121. [Google Scholar] [CrossRef]
  158. Peralta, G.; Garrido, P.; Bilbao, J.; Agüero, R.; Crespo, P.M. On the Combination of Multi-Cloud and Network Coding for Cost-Efficient Storage in Industrial Applications. Sensors 2019, 19, 1673. [Google Scholar] [CrossRef] [PubMed]
  159. Wang, P.; Zhao, C.; Zhang, Z. An Ant Colony Algorithm-Based Approach for Cost-Effective Data Hosting with High Availability in Multi-Cloud Environments. In Proceedings of the 2018 IEEE 15th International Conference on Networking, Sensing and Control (ICNSC), Zhuhai, China, 27–29 March 2018; IEEE: Piscataway, NJ, USA, 2018; pp. 1–6. [Google Scholar] [CrossRef]
  160. Mohammadi, S.; Pedram, H.; PourKarimi, L. Integer Linear Programming-based Cost Optimization for Scheduling Scientific Workflows in Multi-cloud Environments. J. Supercomput. 2018, 74, 4717–4745. [Google Scholar] [CrossRef]
  161. Zhang, Q.; Li, S.; Li, Z.; Xing, Y.; Yang, Z.; Dai, Y. CHARM: A Cost-Efficient Multi-Cloud Data Hosting Scheme with High Availability. IEEE Trans. Cloud Comput. 2015, 3, 372–386. [Google Scholar] [CrossRef]
  162. Imai, S.; Patterson, S.; Varela, C.A. Cost-Efficient High-Performance Internet-Scale Data Analytics over Multi-Cloud Environments. In Proceedings of the 2015 15th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGrid), Shenzhen, China, 4–7 May 2015; IEEE: Piscataway, NJ, USA, 2015; pp. 793–796. [Google Scholar] [CrossRef]
  163. Lucas-Simarro, J.L.; Moreno-Vozmediano, R.; Montero, R.S.; Llorente, I.M. Cost optimization of virtual infrastructures in dynamic multi-cloud scenarios. Concurr. Comput. Pract. Exper. 2015, 27, 2260–2277. [Google Scholar] [CrossRef]
  164. Bellur, U.; Malani, A.; Narendra, N.C. Cost Optimization in Multi-site Multi-cloud Environments with Multiple Pricing Schemes. In Proceedings of the 2014 IEEE 7th International Conference on Cloud Computing (CLOUD), Anchorage, AK, USA, 27 June–2 July 2014; IEEE: Piscataway, NJ, USA, 2014; pp. 689–696. [Google Scholar] [CrossRef]
  165. Legillon, F.; Melab, N.; Renard, D.; Talbi, E.G. Cost Minimization of Service Deployment in a Multi-Cloud Environment. In Proceedings of the 2013 IEEE Congress on Evolutionary Computation (CEC), Cancun, Mexico, 20–23 June 2013; IEEE: Piscataway, NJ, USA, 2013; pp. 2580–2587. [Google Scholar] [CrossRef]
  166. Singh, Y.; Kandah, F.; Zhang, W. A Secured Cost-Effective Multi-Cloud Storage in Cloud Computing. In Proceedings of the 2011 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), Shanghai, China, 10–15 April 2011; IEEE: Piscataway, NJ, USA, 2011; pp. 619–624. [Google Scholar] [CrossRef]
  167. Simarro, J.L.L.; Moreno-Vozmediano, R.; Montero, R.S.; Llorente, I.M. Dynamic Placement of Virtual Machines for Cost Optimization in Multi-Cloud Environments. In Proceedings of the 2011 International Conference on High Performance Computing & Simulation (HPCSim), Istanbul, Turkey, 4–8 July 2011; IEEE: Piscataway, NJ, USA, 2011; pp. 1–7. [Google Scholar] [CrossRef]
  168. Frincu, M.E.; Craciun, C. Multi-objective Meta-heuristics for Scheduling Applications with High Availability Requirements and Cost Constraints in Multi-Cloud Environments. In Proceedings of the 2011 Fourth IEEE International Conference on Utility and Cloud Computing (UCC), Melbourne, VIC, Australia, 5–8 December 2011; IEEE: Piscataway, NJ, USA, 2011; pp. 267–274. [Google Scholar] [CrossRef]
  169. Gholami, A.; Laure, E. Data Security and Privacy Protection Issues in Cloud Computing: A Survey. Int. J. Big Data Intell. (IJBDI) 2017, 4, 81–87. [Google Scholar]
  170. Casola, V.; Benedictis, A.D.; Rak, M.; Villano, U. Security-by-design in multi-cloud applications: An optimization approach. Inf. Sci. 2018, 462, 220–234. [Google Scholar] [CrossRef]
  171. Paul, A.L. Security Challenges and Solutions in Multi-Cloud Environments. 2024. Available online: https://www.researchgate.net/publication/381074289_Security_Challenges_and_Solutions_in_Multi-Cloud_Environments (accessed on 27 July 2025).
  172. Saini, G.; Kaur, N. A Survey of Various Encryption Techniques in Multi Cloud to Reduce Information Leakage. Int. J. Intell. Syst. Appl. Eng. (IJISAE) 2024, 12, 3262–3273. [Google Scholar]
  173. Tchernykh, A.; Babenko, M.; Kuchukov, V.; Miranda-López, V.; Rivera-Rodriguez, R.; Avetisyan, A.; Radchenko, G. Data Reliability and Redundancy Optimization of a Secure Multi-Cloud Storage Under Uncertainty of Errors and Falsifications. In Proceedings of the International Conference on Computational Science (ICCS), Amsterdam, The Netherlands, 3–5 June 2020. [Google Scholar] [CrossRef]
  174. Gadde, S.; Amutharaj, J.; Usha, S. A Hybrid Cryptography Technique for Cloud Data Security. Int. J. Eng. Trends Technol. (IJETT) 2022, 70, 258–267. [Google Scholar] [CrossRef]
  175. Thangavel, P.; Mary, P.S.A.; RameshKannan, M.; Deiwakumari, K. Enhancing Data Security in Multi-Cloud Settings with Homomorphic Encryption: Concepts, Uses, And Obstacles. Educ. Adm. Theory Pract. 2024, 30, 7347–7353. [Google Scholar]
  176. Shaffi, S.M.; Vengathattil, S.; Sidhick, J.N.; Vijayan, R. AI-Driven Security in Cloud Computing: Enhancing Threat Detection, Automated Response, and Cyber Resilience. J. Cybersecur. Artif. Intell. 2024, 6, 44–56. [Google Scholar] [CrossRef]
  177. Rasel, F.M.; Peter, B. AI-Driven Frameworks for Enhancing Cybersecurity in Multi-Cloud Environments. Int. J. Adv. Eng. Technol. Innov. 2025, 1, 24–32. [Google Scholar]
  178. Talati, D.V. Enhancing Multi-Cloud Security with Quantum-Resilient AI for Anomaly Detection. World J. Adv. Res. Rev. 2022, 13, 629–638. [Google Scholar] [CrossRef]
  179. Nagaraj, B.K. Challenges and Solutions for Integrating AI with Multi-Cloud Architectures. Int. J. Multidiscip. Innov. Res. Methodol. (IJMIRM) 2022, 1, 15–23. [Google Scholar]
  180. Miryala, N.K. Effective Multi Cloud Security Using AI Technologies. Int. J. Comput. Trends Technol. (IJCTT) 2024, 72, 143–149. [Google Scholar] [CrossRef]
  181. Nassif, A.B.; Talib, M.A.; Nasir, Q.; Albadani, H.; Dakalbab, F.M. Machine Learning for Cloud Security: A Systematic Review. IEEE Access 2021, 9, 20717–20735. [Google Scholar] [CrossRef]
  182. Qayyum, A.; Qadir, J.; Al-Fuqaha, A.; Imran, M.A.; Krichen, M. Securing Machine Learning in the Cloud: A Systematic Review of Cloud Machine Learning Security. Front. Big Data 2020, 3, 587139. [Google Scholar] [CrossRef]
  183. Butt, U.A.; Afzal, S.; Asif, H.; Khalil, I.; Halim, Z. A Review of Machine Learning Algorithms for Cloud Computing Security. Electronics 2020, 9, 1379. [Google Scholar] [CrossRef]
  184. Mamidi, S.R. Securing Multi-Cloud Architectures: A Machine Learning Perspective. J. Artif. Intell. Gen. Sci. (JAIGS) 2024, 2, 233–247. [Google Scholar] [CrossRef]
  185. Ahmed, Q.O. Machine Learning for Intrusion Detection in Cloud Environments: A Comparative Study. J. Artif. Intell. Gen. Sci. (JAIGS) 2024, 6, 551–561. [Google Scholar] [CrossRef]
  186. Hagshenas, N.; Mojarad, M.; Arfaeinia, H. A Fuzzy Approach to Fault Tolerant in Cloud using the Checkpoint Migration Technique. Int. J. Adv. Res. Comput. Sci. 2017, 8, 230–236. [Google Scholar] [CrossRef]
  187. Swamy, S.R.; Mandapati, S. A Fuzzy Energy and Security Aware Scheduling in Cloud. Int. J. Comput. Sci. Eng. 2018, 6, 168–173. [Google Scholar]
  188. Soleymani, M.; Abapour, N.; Taghizadeh, E.; Siadat, S.; Karkehabadi, R. Fuzzy Rule-Based Trust Management Model for the Security of Cloud Computing. Math. Probl. Eng. 2021, 2021, 1–15. [Google Scholar] [CrossRef]
  189. Sharmila, L.; Sakthi, U. Cloud Security Risk Analysis Method based on Fuzzy Logic. Int. J. Recent Technol. Eng. (IJRTE) 2019, 8, 6152–6156. [Google Scholar] [CrossRef]
  190. Tariq, M.I.; Tayyaba, S.; Mian, N.A.; Sarfraz, M.S.; Hussain, A.; Imran, M.; Pricop, E.; Cangea, O.; Paraschiv, N. An Analysis of the Application of Fuzzy Logic in Cloud Computing. J. Intell. Fuzzy Syst. 2021, 41, 3629–3640. [Google Scholar] [CrossRef]
  191. Chopra, P.; Bedi, R.P.S. Applications of Fuzzy Logic in Cloud Computing: A Review. Int. J. Sci. Res. Eng. Technol. (IJSRET) 2017, 6, 868–873. [Google Scholar]
  192. Mateen, M.; Nasrullah, N.; Hayat, S.; Tehreem, T.; Akbar, M.A. A Self-Adaptive Resource Provisioning Approach using Fuzzy Logic for Cloud-Based Applications. Int. J. Comput. Digit. Syst. 2020, 9, 341–348. [Google Scholar] [CrossRef]
  193. Parkinson, S.; Khana, S. Identifying High-Risk Over-Entitlement in Access Control Policies Using Fuzzy Logic. Cybersecurity 2022, 5, 6. [Google Scholar] [CrossRef]
  194. Alqahtani, S. Cloud Intrusion Detection Systems: Fuzzy Logic and Classifications. Ph.D. Dissertation, University of Nottingham, Nottingham, UK, 2021. [Google Scholar]
  195. Hersyah, M.H.; Hossain, M.D.; Taenaka, Y.; Kadobayashi, Y. Fuzzyfortify: A Multi-Attribute Risk Assessment for Multi-Factor Authentication and Cloud Container Orchestration. Front. Comput. Sci. 2025, 7, 1557918. [Google Scholar] [CrossRef]
  196. Ike, J.E.; Kessie, J.D.; Okaro, H.E.; Ezeife, E.; Onibokun, T. Identity and Access Management in Cloud Storage: A Comprehensive Guide. Int. J. Multidiscip. Res. Growth Eval. 2025, 6, 245–252. [Google Scholar] [CrossRef]
  197. Cuzzocrea, A.; Belmerabet, I. Towards Privacy-Preserving Multi-Cloud Identity Management Using SOLID. In Proceedings of the 21st International Conference on Security and Cryptography (SECRYPT), Dijon, France, 8–10 July 2024; pp. 649–654. [Google Scholar] [CrossRef]
  198. Barker, N.; Hughes, O.; Warren, R.; James, A. Identity and Access Management (IAM) for Microservices in Multi-Cloud. 2024. Available online: https://www.researchgate.net/publication/392163648 (accessed on 20 November 2025).
  199. Khambam, S.K.R.; Kaluvakuri, V.P.K. Multi-Cloud IAM Strategies for Fleet Management: Ensuring Data Security Across Platforms. J. Adv. Res. Cloud Comput. 2023, 7, 36–48. [Google Scholar] [CrossRef]
  200. Sivaraman, H. Zero Trust Identity and Access Management (IAM) in Multi-Cloud Environments. ESP J. Eng. Technol. Adv. 2023, 3, 135–139. [Google Scholar] [CrossRef]
  201. Akuthota, A.K. Securing Multi-Cloud Environments with SAP BTP, AI, and IAM: A Comprehensive Approach. Int. J. Sci. Technol. (IJSAT) 2025, 16, 14–28. [Google Scholar] [CrossRef]
  202. Peter, H. Emerging Threats and Best Practices in Cloud Security: Protecting Data in Multi-Cloud Environments. University of Belgrade. 2024. Available online: https://www.researchgate.net/publication/392195015_Emerging_Threats_and_Best_Practices_in_Cloud_Security_Protecting_Data_in_Multi-Cloud_Environments (accessed on 20 November 2025).
  203. Aditya, W.F.P.; Sukmaaji, A. Exploring Opportunities and Challenges in Multi-Cloud and Hybrid Cloud Implementation: A Focus on Security and Data Management. Inf. Technol. Int. J. 2024, 2, 64–69. [Google Scholar] [CrossRef]
  204. Karthick, R. A Comprehensive Survey on AI-Enabled Cloud Security, DevSecOps, and Scalable Digital Infrastructure. Preprints 2025. [Google Scholar] [CrossRef]
  205. Blika, A.; Palmos, S.; Doukas, G.; Lamprou, V.; Pelekis, S.; Kontoulis, M.; Ntanos, C.; Askounis, D. Federated Learning for Enhanced Cybersecurity and Trustworthiness in 5G and 6G Networks: A Comprehensive Survey. IEEE Open J. Commun. Soc. 2024, 5, 2456–2487. [Google Scholar] [CrossRef]
  206. Brezočnik, L.; Fister, I.; Podgorelec, V. Swarm Intelligence Algorithms for Feature Selection. Appl. Sci. 2018, 8, 1521. [Google Scholar] [CrossRef]
  207. Varzaneh, Z.A.; Hosseini, S. An Improved Equilibrium Optimization Algorithm for Feature Selection Problem in Network Intrusion Detection. Sci. Rep. 2024, 14, 18696. [Google Scholar] [CrossRef]
  208. Saheed, Y.K.; Usman, A.A.; Sukat, F.D.; Abdulrahman, M. A novel hybrid autoencoder and modified particle swarm optimization feature selection for intrusion detection in the Internet of Things network. Front. Comput. Sci. 2023, 5, 997159. [Google Scholar] [CrossRef]
  209. Zhang, Z.; Hamadi, H.A.; Damiani, E.; Yeun, C.Y.; Taher, F. Explainable Artificial Intelligence Applications in Cyber Security: State-of-the-Art in Research. Procedia Comput. Sci. 2023, 224, 858–865. [Google Scholar] [CrossRef]
  210. Tunde, O. Multi-Cloud Collaborative Training for Large-Scale Language Models: Techniques, Challenges, and Privacy Considerations. Int. J. Multidiscip. Res. Growth Eval. 2025, 6, 517–522. [Google Scholar] [CrossRef]
  211. Jimmy, F.N.U. Cloud Security Posture Management: Tools and Techniques. J. Knowl. Learn. Sci. Technol. 2023, 2, 622. [Google Scholar] [CrossRef]
  212. Palo Alto Networks. Prisma Cloud: Comprehensive CSPM and CNAPP Platform. 2024. Available online: https://www.paloaltonetworks.com/prisma/cloud (accessed on 6 November 2025).
  213. Microsoft Corporation. Microsoft Defender for Cloud Documentation. Microsoft Learn. 2025. Available online: https://learn.microsoft.com/en-us/azure/defender-for-cloud/ (accessed on 20 November 2025).
  214. Petty, C. 2025 Gartner CNAPP Market Guide: Runtime Visibility is No Longer Optional. Sysdig Blog. 2025. Available online: https://www.sysdig.com/blog/2025-gartner-cnapp-market-guide/ (accessed on 20 November 2025).
Futureinternet 17 00548 g001
Figure 1. Milestones in Cloud History–Key Developments from Year 1967 to Present. Reproduced from [6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23], no modifications made. © Original authors/publisher.
Figure 1. Milestones in Cloud History–Key Developments from Year 1967 to Present. Reproduced from [6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23], no modifications made. © Original authors/publisher.
Futureinternet 17 00548 g001
Futureinternet 17 00548 g002
Figure 2. Definitions of Cloud Computing. Reproduced from [37,38,39,40,41,42,43,44], no modifications made. © Original authors/publisher.
Figure 2. Definitions of Cloud Computing. Reproduced from [37,38,39,40,41,42,43,44], no modifications made. © Original authors/publisher.
Futureinternet 17 00548 g002
Futureinternet 17 00548 g003
Figure 3. Cloud Service Layers and Shared Responsibilities. Reproduced from [55], no modifications made. © Original authors/publisher.
Figure 3. Cloud Service Layers and Shared Responsibilities. Reproduced from [55], no modifications made. © Original authors/publisher.
Futureinternet 17 00548 g003
Futureinternet 17 00548 g004
Figure 4. Hierarchical Classification of Cloud Security Threats. Reproduced from [89,90], no modifications made. © Original authors/publisher.
Figure 4. Hierarchical Classification of Cloud Security Threats. Reproduced from [89,90], no modifications made. © Original authors/publisher.
Futureinternet 17 00548 g004
Table 1. Cloud Providers and Services provided by them [37].
Table 1. Cloud Providers and Services provided by them [37].
Cloud ProviderCloud ServiceService ModelService Function
AmazonEC2IaaSServer
AmazonS3IaaSStorage
GoogleGAEPaaSDevelopment Environment
Microsoft CorpWindows AzureIaaSStorage
Microsoft CorpOffice 365SaaSOffice Suite
SalesforceSalesforce Service CloudSaaSCustomer Relationship Management
CDC Software (APTEAN)Pivotal CRMSaaSBusiness Customer Relationship (Built on Amazon Service)
eBid SystemsProcureWareSaaSProcurement System
ProcoreProcore Construction Project Management SoftwareSaaSProject Management System
e-Buildere-BuilderSaaSConstruction Management Software
OracleAconexSaaSProject Management System
AmazonAWS EMRSaaSHadoop Framework
Table 2. Overview of Cloud Deployment Strategies with Benefits and Challenges of Cloud Deployment Models [74].
Table 2. Overview of Cloud Deployment Strategies with Benefits and Challenges of Cloud Deployment Models [74].
Deployment ModelDescriptionAdvantagesDisadvantageChallenges
Single-CloudA computing environment where all applications, IT resources, and services are hosted and managed by one cloud provider.Offers simplified management and cost efficiency by delivering consistent performance through a unified provider ecosystem.Increases the risk of vendor lock-in and service disruptions while limiting flexibility and provider choice.Such as vendor lock-in, limited flexibility, and susceptibility to provider outages.
Multi-CloudAn approach that leverages multiple cloud providers to host various IT resources, optimizing flexibility, performance, and resilience.Enhanced flexibility and resilience while providing access to best-of-breed services and avoiding vendor lock-in.Increases complexity in management, security, and cost optimization due to diverse architectures across providers.Complex management, integration, security, governance, and cost optimization issues.
Hybrid CloudIntegrates on-premises, public, and private cloud environments to enhance flexibility and scalability.Delivers flexibility, scalability, and enhanced security by balancing workloads across on-premises, public, and private clouds.Costly and complex to manage due to integration challenges and the need to maintain both private and public infrastructures.Complex integration and management, data sovereignty and security concerns, and higher costs of operating dual infrastructures.
Table 3. Types of Emerging Cyber-attacks in Multi-Cloud Environments [87,101].
Table 3. Types of Emerging Cyber-attacks in Multi-Cloud Environments [87,101].
Types of AttackDescription
Data LeakageUnauthorized exposure of sensitive data due to weak access controls, improper data classification, or accidental misconfigurations.
Insider ThreatSecurity risk originating from within the organization, such as administrators or employees misusing privileged access to compromise systems.
Integrity IssuesAlteration or corruption of data during transmission or storage, which may result in loss of trust, inaccurate analytics, or faulty application behaviour.
API HackingCloud API hacking refers to the unauthorized leveraging of API vulnerabilities to steal data, escalate privileges, disrupt services, or completely compromise cloud infrastructure.
System VulnerabilitiesSystem vulnerabilities are defined as a flaw in the system’s design, implementation, configuration, or functionality that attackers may use to get unauthorized access, interfere with services, steal or modify sensitive confidential, or breach cloud resource security.
Flooding AttackA flooding attack is a type of denial-of-service (DoS) attack where an attacker overloads cloud services by over-consuming resources such as bandwidth, processing power, leading to services being overwhelmed with traffic.
XML Signature AttackAn XML Signature Wrapping attack performs elements wrapping, duplication, or relocation in a signed XML structure in such a way that retains the original signature while altering the intended meaning of the message.
Denial of Service attacksA Denial of Service (DoS) attack saturates the system with an overload of requests, preventing authentic users from accessing and causing system unavailability, sluggishness, or crashes within the cloud environment.
Malicious AttacksMalicious attacks in cloud leverage malware injection, stealing credentials, insider collusion, or hypervisor exploits to gain unauthorized access, data theft, or service disruption, which compromises confidentiality, integrity, and availability.
MITM AttackMan-in-the-Middle (MITM) attack in cloud invisibly intercepts and even alters the communications between parties, which may lead to data theft, data alteration, or unauthorized access.
Table 4. Studies focused on Threat, Intrusion and Anomaly detection.
Table 4. Studies focused on Threat, Intrusion and Anomaly detection.
Ref.YearTypes of DetectionDetection MechanismTool/Framework UsedEnvironmentDatasetData
Classification
[124]2025Threat DetectionAI-Driven SIEMN/AMulti-CloudN/A
[121]2025Anomaly DetectionSSAE with CHDLCYCombined Hybrid Deep Learning FrameworkMulti-Cloud✓ (BOT-IoT, NSL-KDD)
[125]2024Intrusion DetectionDFCCNN-BWOA-IDCMATLABN/A✓ (DARPA)
[126]2024Intrusion Detection1D-CNN-based IDSN/AMulti-Cloud✓ (UNSW-NB15)
[127]2024Anomaly DetectionCluster-Based Local Outlier Factor (CBLOF), GraphSAGENetworkX, Neo4jN/AN/A
[91]2023Threat DetectionCSBAuditorN/AMulti-CloudN/A
[128]2023Intrusion DetectionHybrid Deep Learning and optimization techniquesN/AN/A✓ (KDDCup-99, NSL-KDD, BoT-IoT, CICIDS-2017)
[129]2023Intrusion DetectionDNN, MLP-BP, MLP-PSON/AN/A✓ (CSE-CIC-IDS2018)
[130]2023Intrusion DetectionRandom Forest (RF), RBFNNN/AN/A✓ (Bot-IoT, NSL-KDD)
[131]2023Intrusion DetectionHybrid Deep Learning techniquesN/AN/A✓ (CICIDS 2018, SDN)
[132]2023Intrusion DetectionMFE-ELM algorithmN/AN/A✓ (NSL-KDD)
[133]2023Intrusion DetectionI-GN, OBL-RIO, 2D-ACNNN/AMulti-Cloud✓ (NF-UQ-NIDS)
[84]2022Anomaly DetectionMUSETensorFlow, KerasMulti-Cloud✓ (BOT-IoT, UNSW-NB15)
[62]2022Intrusion DetectionHoneypotsSnortMulti-Cloud✓ (KDD12)
[134]2022Anomaly DetectionEnsemble Machine Learning (EML), CNN-LSTMN/AN/A✓ (UNSW-NB15)
[135]2022Intrusion DetectionHybrid Machine Learning techniquesN/AN/A✓ (NSL-KDD, KDDCup99)
[136]2019Intrusion DetectionStacked Denoising Autoencoder-based IDS (SDAE-IDS)GPU-enabled TensorFlowMulti-Cloud
[85]2017Anomaly DetectionSupervised ML (Random Forest, Linear Regression)N/AMulti-Cloud ✓ (UNSW)
Note: ✓ indicates that the attribute is considered in the corresponding paper, whereas N/A denotes that the attribute is either not applicable or not reported.
Table 5. Core principles of information security—confidentiality, integrity, and availability [138].
Table 5. Core principles of information security—confidentiality, integrity, and availability [138].
Threats to Confidentiality
Insider User ThreatsThe risk is escalated as internal users, such as administrators, developers, and consultants across SaaS, PaaS, and IaaS models, can access the customer data.
External Attacker ThreatsWhen possessing sensitive or valuable data, all cloud models are vulnerable to external attacks, such as social engineering, supply chain attacks, and even hardware manipulation.
Data LeakageData breaches between organizations sharing the same cloud service provider might occur due to human error or defective machinery.
Threats to Integrity
Data SegregationData integrity may be compromised through improper segregation in shared environments, including SaaS services.
User AccessInadequate controls over access, especially involving former employees, can lead to intentional data damage.
Data QualityData integrity can be affected for other users sharing the same infrastructure due to a misconfiguration or fault in the components by a single user.
Threats to Availability
Change ManagementPoorly managed changes by providers can disrupt service availability.
Denial of ServiceDoS attacks, both internal and external, can affect any cloud model.
Physical DisruptionLess secure user environments are more vulnerable to physical disruptions.
Weak Recovery ProceduresInadequate or untested disaster recovery plans can lead to prolonged outages.
Table 6. Comparative analysis of related works.
Table 6. Comparative analysis of related works.
Ref.YearObjective of
Research		Security/Privacy
Mechanism		Data
Integrity		StrengthLimitation
[56]2024Data Security and GovernanceN/AGovernance & security integration, Multi-tool comparison. Accuracy: Not reported in the original studyLimited to experimental/simulated attacks, No quantifiable evaluation, No long-term deployment
[1]2023Secure big data using hybrid encryptionFeistel network and AES with S-boxComplete security framework, Strong comparative performance. Accuracy: Not reported in the original studyNo integrity verification, Limited scalability tested, Access control not explored
[140]2021Enhance TrustZero Trust Security Model(Istio)Novel cross-cloud setup, Multi-metric monitoring. Accuracy: Not reported in the original studyLimited test scenarios, Hardware imbalance
[27]2021Enhance security and privacyDepSky Model, BFT, Shamir Secret SharingQoS-aware authentication, Real multi-metric benchmarking. Accuracy (as reported): 29.19% (dataset not described)Simulation-Only Evaluation, Limited Scope
[141]2021Enhance performance and security for resource allocationPortunes Algebra, OnTimeURB, SRAAJoint performance/security optimization, Validated OnTimeURB framework. Accuracy: Not reported in the original studyApproximate Optimization, Limited Evaluation
[79]2020Improve authentication and data integrityRSA Encryption, Hashing AlgorithmIntegrated triple-layer defence, Real-world deployment feasibility. Accuracy (as reported): 90–92% (dataset not described)Simulation-Only, Scalability Untested, Heavy RSA Dependency
[142]2019Builds and tracks trustBlockchainDual trust evaluation (direct + indirect), Blockchain audit. Accuracy (as reported): 85–90% (dataset not described)Simulated Evaluation, Performance Overhead
[143]2019Sirius system implementationSecure embedding, IsolationFirst secure, open-source network virtualization platform. Accuracy: Not reported in the original studyNetwork control dependency, Nested VM impact
[144]2018Minimize costBi-objective genetic optimizationAdvanced Mean Failure Cost, Sustainable decision-making. Accuracy: Not reported in the original studyIgnored inter-cloud costs, Static risk estimation
[145]2017Enhanced Security for data sharingData Slicing, EncryptionNo third-party trust dependency, Resistance to insider attacks. Accuracy (as reported): ~90% (dataset not described)Key management issues, Fixed provider count
[33]2016Secure gateway systemHybrid Secret SharingMulti-layer cryptographic design, Resistance to insider attacks. Accuracy: Not reported in the original studyTrust Assumptions, Limited Scalability
[146]2016Increase TrustEnhanced Mutual Trusted Access Control Algorithm, Behaviour-based Trust ModelEvaluates user and provider trust, Ensures malicious access prevention. Accuracy: Not reported in the original studySimulation-only, Uncertainty
[69]2015Increase Data SecurityShamir’s Secret SharingConfidentiality, Integrity, Availability (CIA) through data splitting. Accuracy: Not reported in the original studyNo validation or performance evaluation
[147]2015Enhance confidentiality and integrityAuth, Encryption, SegmentationIntegrity & confidentiality in one model, High reliability and reduced leakage. Accuracy: Not reported in the original studyNo evaluation, Admin trust assumed
[148]2015Increase TrustTrust Propagation NetworkDual-layer trust model, Robust propagation network. Accuracy (as reported): 90% (dataset not described)Simulation-only, No real integrity/privacy
[149]2015Increase Data PrivacyAsymmetric & Ciphertext-Policy Attribute-Based Encryption, Hash functions, Digital signaturesFine-grained access control, Dual authentication, Data verification. Accuracy: Not reported in the original studyComputational Overhead, Lack of Implementation & Performance Evaluation
[45]2014Increase TrustDynamic Trust-Based Access Control (DTBAC), Multi-Factor AuthenticationMulti-layered access control architecture that evaluates real-time trust evidence. Accuracy: Not reported in the original studySimulation-only evaluation, Synthetic data, Lack of explicit privacy/integrity protocols
[150]2014Cross-Layer MonitoringVM isolation, Simple Network Management ProtocolCross-layer visibility, High performance stability. Accuracy (as reported): 99% (dataset not described)Proof-of-concept stage, Evaluated in limited multi-cloud scenarios
[151]2013Increase Data PrivacySymmetric & Asymmetric Encryption, Chinese Remainder Theorem-Based Secret Sharing, Digital signaturesClient-controlled, Data-centric security model. Accuracy: Not reported in the original studyNo Secure Search, Computational Overhead Tuning, Implementation Considerations
[152]2013Privacy in service compositionK-meansPrivacy-preserving design, Computational efficiency. Accuracy (as reported): 99% (dataset not described)Simulation-only evaluation, Sequential service model
Note: ✓ indicates that the attribute is considered in the corresponding paper, whereas N/A denotes that the attribute is either not applicable or not reported.
Table 7. Summary of multi-cloud cost optimization algorithms and their limitations.
Table 7. Summary of multi-cloud cost optimization algorithms and their limitations.
Ref.YearFactor ConsideredAlgorithmStrengthLimitations
[153]2023Minimizes monetary costMulti-Objective Particle Swarm Optimization (MOPSO)Outperforms existing methods with better reliability, cost savings, and faster execution.Excludes indirect cost, human error modelling, and relies on simulated scenarios.
[154]2022reduce execution costFault-tolerant Cost-efficient Workflow Scheduling Algorithm (FCWS)Reduces execution time and cost, improves reliability, and outperforms existing methods across diverse billing models and cloud platforms.Fixed reliability evaluation method, No consideration of other cost factors, such as communication cost tiers or spot pricing discounts.
[155]2021Minimize monetary cost and response timeQuery Graph Generation, Agent-Based Dynamic ExecutionReduce data transfers, improving accuracy, and ensuring more efficient and cost-effective query processing.Inaccurate cost estimation, No strong SLA guarantees, only trust-based, focused only on relational models.
[156]2020Minimize total data management costNSGA-II based approachAchieves better efficiency and adaptability, Leveraging real-world cloud data and supporting dynamic access.Does not address data migration under changing DAF, Availability values are simulated, No support for other SLAs such as latency.
[157]2019Minimize total costWorkflow Mapping, AllocateVT, ChooseBTMinimizes financial cost by efficiently managing both computation and communication resources across diverse workflow scenarios.Assumes fixed VM or bandwidth availability, Uses synthetic workflow generation, Does not account for cloud faults or SLA violations.
[158]2019Minimize storage costsRandom Linear Network Coding (RLNC)Outperforms traditional redundancy methods by efficiently regenerating data during cloud interruptions.Focuses only on storage, assumes fog nodes can always access data, and has Limited real-world trace data.
[159]2018Minimize total costGetBR, SelectCSP, GetBRAAdaptive storage mode selection, Achieves cost savings, High availability and flexibilityFocuses only on availability and cost, Ignores security and latency.
[160]2018minimize executing costInteger Linear Programming (ILP)Outperforms existing methods by offering flexible deadline handling, and strong performance in real-world multi-cloud scenarios.Less Scalable, assumes static scheduling, which is not suitable for real-time dynamic environments.
[161]2015Minimize monetary costHeuristic Data-Placement, Storage-Mode TransitionImproves efficiency, reduces expenses, and adapts to changing workloads while avoiding vendor lock-in.Uses simplified predictor for access frequency, assuming trust in SLAs for availability, Limited to file-level decision granularity, not block-level.
[162]2015Minimize total costCentralized optimizationImproves scalability, supports time and budget constraints, and adapts to dynamic cloud conditions using realistic pricing models.Centralized model lacks scalability, Decentralized model has not yet been implemented, No real-world deployment validation.
[163]2012Minimize total cost0–1 Integer Programming ModelAdapting price changes, enabling partial reallocation, and considering real-world constraints.No integration with real-time cloud APIs, assumes static workload for evaluation.
[164]2013Minimize total infrastructure costImproved Greedy AlgorithmImproves resource efficiency using real-world workload data.Assumes static QoS matrix, Dynamic VM types, and real-time failures not considered.
[165]2013Minimize deployment costGenetic Algorithm (GA), Mixed-Integer Programming (MIP)Offers flexible, cost-effective placement and outperforms traditional solvers on large, real-world multi-cloud scenarios.No support for dynamic workload evolution; assumes fixed resource specs and static demand, Storage or bandwidth pricing not modelled.
[166]2011Minimize total storage costLinear Programming Model (LP-Assignment)Optimizes storage based on cost and quality of service, Privacy-preserving multi-cloud storage.Ignores real-time failures and latency, security relies on non-collusion beyond threshold, simulated deployment.
[167]2011Minimize infrastructure costInteger Linear Programming (ILP)Adapts real-time pricing, ensuring minimal performance impact through controlled, User-transparent reconfiguration.Limited to short-term predictions, ignores migration cost and network latency, and is tested on a limited scale.
[168]2011minimizes cost, and balances resourceGenetic Algorithm (GA)Outperforms traditional methods, improving efficiency, and adapting to varying workload demands.No deallocation strategy included, no real-time cloud API integration or real use of provider data.
Note: The term “cost” refers to cumulative expenses, including computational, storage, data transfer, and reliability-related costs incurred in multi-cloud orchestration.
Table 8. Common Security Challenges in Multi-Cloud Environments.
Table 8. Common Security Challenges in Multi-Cloud Environments.
Security ChallengesNature of the ChallengePractical Significance
Policy AlignmentDifferent providers use distinct policy languages and models [4,96]Misaligned rules left cloud storage buckets publicly exposed
Security Feature DiversityThreat detection and protection tools vary across clouds [56,143]Malware slipped past clouds lacking EDR or advanced threat analysis
Data Classification GapsSensitivity tags don’t sync between clouds [56,169]Sensitive data was left unencrypted in one cloud due to misclassification
Key Management ComplexitySeparate key storage for each cloud makes coordination harder [56,170]Abandoned encryption keys were later exploited after offboarding failures
Compliance & Audit TroubleLogs and events are stored in silos, hard to correlate [169,170]Compliance audits delayed due to scattered cloud event records
Trust Boundaries BlurConfusion around which provider is responsible for what [96]Cross-cloud API traffic went unencrypted and unaudited
IAM FragmentationIAM tools differ, leading to outdated or unused access controls [4,170]Former employee’s credentials remained active in a secondary cloud
Visibility GapsNo single SIEM platform can oversee all clouds well [143,171]A breach in one cloud remained invisible to the organization for days
Expanded Attack SurfaceMore clouds are equal to more APIs, endpoints, identities to defend [4,96,171]Attackers exploited exposed APIs to move laterally between cloud zones
Vendor Lock-In RisksLack of portability make migrating workloads harder, increasing dependency [170,171]Critical apps couldn’t be moved quickly during a provider’s outage, impacting business continuity
Table 9. Cryptographic Techniques in Multi-Cloud Environments.
Table 9. Cryptographic Techniques in Multi-Cloud Environments.
Cryptographic TechniqueExplanationPrimary Advantage
Shamir’s Secret Sharing [69]Splits secret into n parts, reconstructable only with k or moreEnsures confidentiality and availability by distributing fragments across clouds
Hybrid Encryption (AES+RSA) [174]AES encrypts data, RSA encrypts AES keyEnsures layered encryption: fast processing with AES and secure key distribution using RSA
Blockchain + Hybrid Crypto [174]Combines AES+RSA with blockchain smart contracts and immutable logsEnables decentralized access control and tamper-proof traceability of storage actions
Homomorphic Encryption [175]Supports computation directly on encrypted data without decryptionPreserves data privacy during analytics and ML tasks across untrusted clouds
Feistel, AES Framework [1]Feistel-generated keys are used to drive AES encryption rounds over big data slicesImproves encryption speed and randomness; strong avalanche effect across cloud storage
Attribute-Based Encryption [172]Access control tied to attribute policies; only users matching policy can decryptEnables fine-grained access control in collaborative multi-cloud environments
Identity-Based Encryption [172]Public key is generated from the user’s identity, simplifying distributionEases key management across multi-cloud setups
Table 10. AI Techniques In Multi-Cloud Security.
Table 10. AI Techniques In Multi-Cloud Security.
AI TechniquesExplanationPrimary Advantage
LSTM (Long Short-Term Memory) [177]Used for time-series anomaly detection in multi-cloud logs by learning sequential patterns.Achieved 96.5% F1-score in detecting abnormal network behaviour across AWS, Azure, and GCP.
Random Forest [177] & Gradient BoostingUsed as hybrid ensemble classifiers for threat classification in AI-based cloud security systems.Higher detection accuracy than SVM and decision trees.
Reinforcement Learning (Q-Learning) [177]Used for dynamic policy adaptation and firewall rule optimization based on real-time feedback.Reduced false positives by 26% and improved response time by 19%
Self-Supervised Learning (SimCLR, LogBERT) [178]Learns patterns from unlabeled security logs for detecting zero-day threats.96.8% detection accuracy without human-annotated data.
Graph Neural Networks (GCN, GAT) [178]Models cloud interactions as graphs to detect lateral movement and privilege escalation.Reduced undetected attack rates by 43%
Federated Learning [178,179]Enables anomaly detection across multi-cloud without sharing raw logs, preserving privacy.92.5% accuracy and compliant with GDPR/HIPAA.
SVM, Decision Trees [176,177]Traditional ML models for intrusion detection and traffic classification.Useful in baseline detection tasks, though less accurate than DL models.
AI-based SOAR [178]Automates incident response with threat intelligence feeds and deception systems.Reduced MTTD by 53% and MTTR by 47%
Zero-Trust AI [178,180]Uses real-time behavioural risk scoring and micro-segmentation with reinforcement learning.41% reduction in insider threats.
Table 11. Machine Learning Techniques in Multi-Cloud Security.
Table 11. Machine Learning Techniques in Multi-Cloud Security.
ML TechniqueExplanationPrimary Advantage
Deep Learning (SSAE, DNN, CNN, LSTM) [121,181]Deep models (especially Stacked Sparse Autoencoders in healthcare multi-cloud) are used to detect subtle or evolving threats from high-dimensional data.High detection accuracy (>98%), reduced false positives, scalable to edge-core-cloud pipelines.
Reinforcement Learning [181]Proposed as a self-adaptive model for adjusting security decisions based on cloud environment feedback. Mentioned as a future trend in adaptive ML.Enables intelligent, context-aware, dynamic policy tuning for evolving cloud threats.
Federated Learning [182,184]Mentioned as a promising privacy-preserving method to train ML models across clouds without sharing raw data; applicable to multi-cloud pipelines.Maintains data locality while improving threat intelligence collaboratively across providers.
Table 12. Fuzzy Logic Techniques In Multi-Cloud Security.
Table 12. Fuzzy Logic Techniques In Multi-Cloud Security.
Fuzzy Logic TechniquesExplanationPrimary Advantage
Dual Fuzzy Fault Tolerance System [186]Two fuzzy modules: one for fault detection, one for response; based on system metrics such as response time and throughput.Achieved 98.03% fault detection accuracy; reduced recovery time.
Fuzzy Inference for Job Scheduling [187]Fuzzifies job length, energy use, memory, and security level to select a suitable VM.Minimizes makespan and improves resource utilization.
Fuzzy Rule-Based Trust Management [188]Combines subjective feedback and SLA metrics using fuzzy rules to calculate trust levels.Detects fake feedback, improves trust reliability by up to 20%
Fuzzy Risk Assessment Model [189]Uses asset, threat, and vulnerability matrices; weighted by entropy; mapped through fuzzy evaluationEnables granular risk evaluation and prioritization
Fuzzy Firefly and Load Partitioning [191]Divides cloud into partitions; fuzzy + firefly algorithm routes load to optimal segment.Handles heavier loads, reduces execution cost and time.
Fuzzy Neural Network Scheduler [191]Converts input data into linguistic variables, optimized using GA for job-resource mapping.Reduces completion time and bandwidth use.
Fuzzy-AHP + DMM + FIS (FuzzyFortify)  [195]Multi-layered fuzzy model combining AHP and domain mapping for MFA and container risk analysis.Identifies critical risk nodes in authentication and orchestration.
Fuzzy Trust Evaluation (IOWA Aggregation)  [191]Uses CPU, disk, data transfer metrics; fuzzified per time slot; aggregated using IOWA operator.Captures dynamic trust fluctuations in services.
Fuzzy SLA-Based Provisioning [192]Applies fuzzy rules to workload and resource usage (e.g., CPU, task queue) to trigger VM scaling.Improved CPU utilization (up to 98.27%) and reduced SLA violations.
Fuzzy Access Control Risk Detection [193]Evaluates user trust, resource sensitivity, and permission strength using 90 fuzzy rules.Achieved ∼99% accuracy in detecting over-entitlements.
Fuzzy Intrusion Detection Framework [194]Uses fuzzy classifiers with network attributes; combines with ML to reduce false alarms.Improved generalization to unknown attacks and reduced false positive rate by 23%
Table 13. IAM Techniques, Explanation, Primary Advantage.
Table 13. IAM Techniques, Explanation, Primary Advantage.
IAM TechniqueTechnique DetailsKey Benefits
Role-Based Access Control (RBAC) [79,196,199]Assigns permissions based on predefined roles within the organization.Simplifies access management, enforces least privilege, and reduces excessive access risks.
Attribute-Based Access Control (ABAC) [196,198]Grants access based on dynamic attributes such as user location, device type or security clearance.Enables fine-grained, context-aware access control- adaptable for microservices and multi-cloud.
Multi-Factor Authentication (MFA) [79,196,201]Uses two or more verification factors such as passwords, biometrics, tokens for secure authentication.Prevents unauthorized access even if credentials are compromised; mitigates credential theft and insider threats.
Federated Identity (OAuth, OIDC, SAML) [196,197,198]Enables SSO and identity federation across cloud platforms; OAuth for delegation, OIDC for identity verification, SAML for SSO.Reduces credential duplication, improves usability, supports cross-cloud authentication.
Zero Trust Architecture (ZTA) [196,200,201]Enforces continuous identity verification, assumes no implicit trust, and uses dynamic policy evaluation.Blocks lateral movement, reduces attack surface, enforces strict identity checks for every access attempt.
AI/ML-Driven IAM [196,201]Uses machine learning for anomaly detection, risk scoring, adaptive authentication, and automated policy enforcement.Enables real-time threat detection, reduces manual workload, and enhances the accuracy of access decisions.
Open Policy Agent (OPA) [198]Implements ABAC in microservices; integrates with Envoy proxy for real-time, decentralized policy enforcement.Provides fine-grained control over service-to-service access in multi-cloud; decouples logic from code.
Centralized IAM (SAP BTP) [201]Combines AI-powered governance, real-time compliance checks, and centralized identity provisioning using the SAP BTP platform.Achieves 99.97% policy accuracy, rapid threat detection, and cost-efficient IAM operations.
Identity Federation via Broker [198]Custom identity broker translates identity between providers (e.g., Azure AD).Ensures seamless identity integration across cloud platforms, reducing session inconsistency.
SIEM-Integrated IAM Auditing [196,198]IAM logs are fed into SIEM systems for anomaly detection and compliance monitoring.Improves visibility, detects policy violations, and supports regulatory audit trails.
Table 14. Emerging Technologies Enhancing Multi-Cloud Security.
Table 14. Emerging Technologies Enhancing Multi-Cloud Security.
Emerging TechnologiesExplanationKey Benefits
Zero Trust Architecture [202,203,204]Takes every access request as untrusted and verifies it strictly using MFA and policies.Strengthens identity control and prevents unauthorized access in multi-cloud setups.
Federated Learning [204,205]Distributes model training across multiple nodes without exposing raw data.Enhances privacy, lowers data leakage risks, and supports real-time threat detection.
Blockchain [204]Provides secure, decentralized logging and verification for cloud interactions.Ensures integrity, traceability, and tamper-proof audit trails in cloud workflows
Swarm Technologies [133]Applies rat-inspired optimization (OBL-RIO) to improve intrusion detection feature selection.Increases detection performance and reduces false alerts in complex traffic data.
6G [205]Combines AI-native security, federated trust, and ultra-low latency cloud support.Enables fast, distributed, and secure cloud-edge coordination under 6G networks.
Explainable AI [209]Uses interpretable models such as SHAP and LIME to explain AI-driven security decisions in real time.Increases analyst trust, reduces false alarms, and improves response clarity in multi-cloud setups.
NLP [210]Enables secure training and deployment of language models for threat intel and communication analysis.Supports the detection of phishing, social engineering, and chatbot misuse while preserving privacy.
Table 15. Enterprise Security Solutions in Multi-Cloud Environments.
Table 15. Enterprise Security Solutions in Multi-Cloud Environments.
SolutionDescriptionKey Features
CSPM (Non-peer-reviewed source [211,212])Utilizes AI and rule-based automation for remediation and policy enforcement, and identifies misconfigurations and compliance gaps in multi-cloud.Automated detection of misconfigurations; Continuous alignment with regulatory frameworks
CWPP (Non-peer-reviewed source [213])Secures workloads, including VMs, containers, and serverless functions through runtime protection, vulnerability management, and behavioural analytics to detect and prevent exploits.Real-time threat detection across hybrid workloads; Vulnerability scanning, patching, and micro-segmentation
CNAPP (Non-peer-reviewed source [212])Unifies CSPM and CWPP functions to secure cloud-native applications across their entire lifecycle using integrated APIs and identity analytics.Enhanced visibility of microservices, APIs, and containerized workloads
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Bayzid, L.H.; Kar, T.S.; Islam, M.T.; Islam, M.S.; Ahmed, F. Defending the Distributed Skies: A Comprehensive Literature Review of the Arena of Multi-Cloud Environment. Future Internet 2025, 17, 548. https://doi.org/10.3390/fi17120548

AMA Style

Bayzid LH, Kar TS, Islam MT, Islam MS, Ahmed F. Defending the Distributed Skies: A Comprehensive Literature Review of the Arena of Multi-Cloud Environment. Future Internet. 2025; 17(12):548. https://doi.org/10.3390/fi17120548

Chicago/Turabian Style

Bayzid, Labib Hasan, Tonny Shekha Kar, Mohammad Tariqul Islam, Md. Shabiul Islam, and Firoz Ahmed. 2025. "Defending the Distributed Skies: A Comprehensive Literature Review of the Arena of Multi-Cloud Environment" Future Internet 17, no. 12: 548. https://doi.org/10.3390/fi17120548

APA Style

Bayzid, L. H., Kar, T. S., Islam, M. T., Islam, M. S., & Ahmed, F. (2025). Defending the Distributed Skies: A Comprehensive Literature Review of the Arena of Multi-Cloud Environment. Future Internet, 17(12), 548. https://doi.org/10.3390/fi17120548

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Article metric data becomes available approximately 24 hours after publication online.
Back to TopTop