Federated Learning for Cloud and Edge Security: A Systematic Review of Challenges and AI Opportunities

Abstract

The ongoing evolution of cloud computing requires sustained attention to security, privacy, and compliance issues. The purpose of this paper is to systematically review the current literature regarding the application of federated learning (FL) and artificial intelligence (AI) to improve cloud computing security while preserving privacy, delivering real-time threat detection, and meeting regulatory requirements. The current research follows a systematic literature review (SLR) approach, which examined 30 studies published between 2020 and 2024 and followed the PRISMA 2020 checklist. The analysis shows that FL provides significant privacy risk reduction by 25%, especially in healthcare and similar domains, and it improves threat detection by 40% in critical infrastructure areas. A total of 80% of reviewed implementations showed improved privacy, but challenges like communication overhead and resource limitations persist, with 50% of studies reporting latency issues. To overcome these obstacles, this study also explores some emerging solutions, which include model compression, hybrid federated architectures, and cryptographic enhancements. Additionally, this paper demonstrates the unexploited capability of FL for real-time decision-making in dynamic edge environments and highlights its potential across autonomous systems, Industrial Internet of Things (IIoT), and cybersecurity frameworks. The paper’s proposed insights present a deployment strategy for FL models which enables scalable, secure, and privacy-preserving operations and will enable robust cloud security solutions in the AI era.

1. Introduction

With cloud computing largely reshaping our digital infrastructures, bringing unheard-of flexibility, scalability, and cost efficiency, it brings with it massive security challenges requiring immediate attention. The exponential growth of cloud services has significantly changed traditional security paradigms in terms of dealing with data breaches, insider threats, insecure application programming interfaces (APIs), and sharing of physical and virtual resources, as discussed in [1]. Cloud computing environments are inherently decentralized and dynamic and face growing attacks on sensitive data, requiring mechanisms to secure the confidentiality, integrity, and availability of data [2]. Cloud computing has progressed rapidly to provide a powerful, flexible, and scalable storage and processing resource for businesses and individuals alike. However, the growing use of the cloud service also increases security risks. In today’s world, where most data are located in remote servers, privacy, confidentiality, and security against cyber threats are more essential than before. Some of the fundamental approaches to security are based on the control of data at a centralized level, meaning that lots of data are collected and processed in a single location, which results in opening up new risks and creating bottlenecks and privacy concerns.

Recent threats such as ransomware, advanced persistent threats, and insider threats are still a threat to the security of cloud infrastructures, as seen in current research [2,3]. These threats are further compounded by the fact that security in the cloud is divided between the provider and the client, where such division leads to inadequate protection measures [2]. Moreover, the distributed and highly scalable nature of cloud computing systems makes traditional security solutions ineffective and, therefore, exposes the system to risks such as configuration errors, access by unauthorized users, and loss of data [1]. These security threats, therefore, call for new solutions that integrate modern technologies to guarantee the security of cloud data.

The following Table 1 [4] shows the possible uses of FL and AI in cloud security based on different domains. As FL is based on a decentralized approach, these technologies provide new approaches to threat identification, privacy, and access control, among others. The particular advantages of each of the domains are identified to prove that FL and AI help enhance cloud security.

Table 1. Opportunities for FL and AI in different cloud security domains.

Cloud Security Domain	Description	Potential Benefit
Threat Detection	Identifying malicious activities and anomalies in real-time	Improved detection without centralizing sensitive data
Privacy Protection	Ensuring data privacy during model training and inference	High privacy standards with federated data processing
Access Control	Managing access permissions using AI-driven policies	Adaptive access policies based on real-time data
Intrusion Detection	Monitoring network activities to detect and mitigate intrusions	Timely detection with decentralized data sources
Compliance Monitoring	Monitoring adherence to compliance regulations using federated models	Continuous compliance without raw data transfer

FL and AI offer an efficient strategy to handle emerging security threats. FL, a form of distributed learning, prevents data from being sent to a central server as no data are transferred to another party [3]. This is due to FL enabling different devices to train models while simultaneously avoiding the transfer of raw data, a key issue in cloud computing. Not only does FL reduce the potential of data leakage but also the consumption of resources in areas where the protection of data is critical [5]. Consequently, FL emerges as a promising approach for overcoming these issues by training machine learning models across devices or servers that are not centralized, without sharing raw data with a central repository. It is a decentralized model that fosters data privacy since sensitive data never leave a local device but only model updates are shared. FL, when combined with AI, further complements cloud security capabilities to detect and remediate cyber threats, such as malware, ransomware, and malicious access, in real-time without compromising user privacy. With AI integrated into cloud security frameworks, threat detection capabilities are advanced, predictive analytics are made possible, and real-time response capabilities exist. AI has the ability to analyze large amounts of data in real-time and identify patterns and anomalies that represent potential cyber threats to which traditional methodology might not have been alerted. Furthermore, AI-driven automation cuts down on the time it takes to resolve security incidents in order to minimize the damage they can do, whether it is ransomware or insider threats. Furthermore, the use of AI for cybersecurity enables the use of predictive models that can forecast and forestall prospective risks, thereby increasing the aggregate security stance of cloud environments.

However, practical applications of FL and AI in cloud security are still full of challenges. For instance, more than 60% of enterprises were affected by cloud breaches in 2023 alone, where ransomware attacks increased by 32% compared to 2022, reaffirming the need for a strong security framework [6]. A study in the healthcare sector has shown that FL decreases privacy risks by 25% during AI model training while keeping sensitive patient data safe [7]. Moreover, the economic impact is massive, as the average cost of a data breach was estimated at USD 4.35 million per incident in 2022 [8]. To contextualize the urgency of deploying advanced solutions like FL to address these risks, statistics are presented. Furthermore, FL is applicable to real-time anomaly detection in IoT networks, which is an important part of the modern cloud ecosystem [9]. FL has been crucial in identifying and solving threats like distributed denial of service (DDoS) attacks and insider threats by allowing secure, collaborative model training. However, these benefits are offset by substantial technical and operational challenges such as communication overhead, data heterogeneity, and vulnerability to adversarial attacks [10].

This study intends to present an overview of the field by looking at case-specific implementations, such as FL for edge computing for real-time intrusion detection and blockchain-enhanced secure aggregation protocols. Advanced privacy-preserving techniques such as homomorphic encryption and differential privacy are integrated to further illustrate the development of secure distributed learning [11]. In addition, FL has been instrumental in ransomware mitigation as we have integrated it into edge computing frameworks to prevent unauthorized access to data. FL-enabled fog computing also brought a 40% latency reduction in threat detection compared to the centralized model, highlighting its operational benefits in security-critical environments [11]. FL’s decentralized architecture allows organizations to meet not only data privacy needs but also the increasing complexity of cyberattacks.

Table 2 [12] shows the contrast between FL and traditional centralized AI in cloud security. Although centralized AI is designed for data consistency, FL preserves privacy as it processes the data in a decentralized manner. All the approaches are compared based on characteristics such as privacy, scalability, and latency to explain the pros and cons of each approach.

Table 2. Comparison of FL and traditional centralized AI in cloud security.

Attribute	FL	Traditional Centralized AI
Privacy	High; data remains on local devices, reducing privacy risks	Lower; data are collected centrally, increasing exposure to breaches
Latency	Lower latency in data access (5–50 ms), but potential delays in model aggregation (100 ms–5 s, depending on communication bandwidth)	High latency due to centralized processing (200 ms–10 s, depending on data center location and workload)
Scalability	Scalable with more devices, but may face aggregation challenges due to communication overhead. Can support 10,000+ edge devices but suffers from synchronization delays	Scalable but limited by central infrastructure constraints. Performance degrades when handling millions of devices simultaneously
Model Accuracy	Dependent on data distribution and device capacity. Federated averaging can lead to 1–5% accuracy degradation compared to centralized training	Often higher accuracy (by 2–10%) due to centralized training on complete, diverse datasets
Data Ownership	Data remains on clients and is stored locally, ensuring regulatory compliance (e.g., GDPR and HIPAA)	Data transferred to central storage, increasing risk of unauthorized access
Communication Overhead	High; requires frequent communication for model updates (100 MB–1 GB per round for deep learning models)	Low; models are trained centrally, reducing communication costs

The study provides a more comprehensive and systematic review of FL and AI in cloud edge security and covers new challenges, such as adversarial attacks and dynamic environments, which will be discussed in the related work section. The study follows the PRISMA 2020 methodological approach and focuses on recent literature and regulatory aspects, which are important for current cybersecurity frameworks. In addition, this paper discusses opportunities offered by FL and AI in cloud security, reviews some of the key challenges that must be resolved, and provides a glimpse into the future of this technology. In this paper, we explore current trends and recent progress in FL and AI, with the goal of providing a big-picture view of how they can change the security landscape of cloud environments. The main objectives of this work are as follows:

• Examine the role of FL and AI in cloud security to determine how the two emerging technologies known as FL and AI can improve cloud security.
• Identify opportunities to emphasize FL’s and AI’s future use in multiple cloud security fields, including threat identification, privacy preservation, and access permission.
• Explore key challenges to consider the major issues that come with FL in cloud security, such as data heterogeneity, communication overhead, and model convergence.
• Review current research trends to identify current trends and gaps in FL and AI contributions to cloud security from published studies.
• Suggest future directions to provide recommendations on aspects that require future study regarding FL and AI in cloud security enhancement.

2. Methodology

In this SLR, the PRISMA 2020 guideline is applied to make sure that the process of reviewing literature incorporates high levels of stringency, transparency, and comprehensiveness. PRISMA 2020 presents a coherent framework that helps to improve the quality, reliability, and repeatability of systematic reviews and meta-analytic studies by delivering appropriate guidelines relating to the planning, conducting, and reporting of research results. This approach defines a three-step process in the identification of studies: identification, screening, and the inclusion of studies, allowing for a clear and reproducible way of selecting the studies to be included in the analysis. The systematic approach of using PRISMA 2020 to present this review harmoniously captures all the steps from database identification to selecting the actual papers to include for synthesizing knowledge on FL and AI in cloud security. The adherence to PRISMA 2020 ensures that the findings are accurate, non-biased, and useful to the development of knowledge in this vastly dynamic field [13].

2.1. Planning Phase

The planning phase entails the formulation of questions to be answered in the review and the creation of inclusion and exclusion criteria to select studies.

2.1.1. Research Questions

This SLR collects and analyzes the literature to address important research questions about FL and AI in cloud security. These questions were chosen based on identified gaps in existing research, growing security threats, and requirements for stronger privacy protection in cloud environments. The scientific questions of this review are described below, together with their reasoning.

• RQ1: What are FL and AI, and how can they effectively contribute to improving the data privacy and security concerns of the cloud?
  Justification: Centralized security models of cloud computing present vulnerabilities in data privacy, unauthorized access, and compliance issues. Recent studies suggest that FL and AI can be used to address these risks by moving data processing to the edge, reducing the surface of the attack and real-time threat detection. It is crucial to understand the role of FL and AI in improving security frameworks to tackle these challenges without compromising on system performance and scalability.
• RQ2: In which fields of cloud security are FL and AI most valuable?
  Justification: Cloud security is broken into multiple sectors, such as threat detection, privacy protection, access control, and compliance monitoring. Traditional AI-driven security models depend on centralized data aggregation, but FL provides an alternative privacy-preserving method. However, there is limited research that explicitly categorizes the most beneficial security applications of FL and AI, and this paper aims to address this gap by identifying these fields, which will provide insights into optimizing FL’s implementation for maximum impact.
• hlRQ3: What challenges are there while applying FL in the cloud?
  Justification: While FL improves privacy by keeping data decentralized, its practical deployment in cloud environments is not without its challenges, which are as follows:
  • Data heterogeneity: This is due to the fact that cloud users employ diverse systems with different data formats and distributions; for instance, FL model convergence is affected by such a scenario.
  • Communication overhead: This is because the frequent model updates between clients and servers cause latency and bandwidth consumption.
  • Security vulnerabilities: Gradual leakage of gradient and model poisoning are some of the adversarial attacks that are likely to affect the implementations of FL.
  It is important to understand these issues in order to develop a solution to improve the learning of FL in cloud security.
• RQ4: What are the computation issues related to FL in the cloud environment?
  Justification: The effectiveness of FL for cloud security is directly related to computational efficiency. In contrast, FL needs much more computational power on edge devices and cloud nodes to perform local training and global model aggregation than centralized AI. The main challenges include the following:
  • Resource constraints: Restrictive processing power available on edge devices is slow.
  • Model aggregation complexity: Combining updates from multiple clients can be quite complex and may lead to inefficiency as well as increase the computation time.
  • Energy consumption: A critical concern when training federated learning models in a distributed system is optimizing power consumption; this is especially important for devices such as IoT and mobile devices.
  By considering these issues, the paper aims to suggest optimization techniques for enhancing FL’s efficiency in cloud environments.
• RQ5: What is the contribution of both FL and AI in addressing the regulation of data privacy and security for clouds?
  Justification: The General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) are regulatory frameworks that require cloud service providers to implement strict data protection measures. The traditional security models are generally inadequate to meet these regulations because they are based on centralized data processing. FL works on the decentralized principle that keeps raw data on local devices, which is in line with legal requirements. However, there is limited empirical evidence to date that establishes how effectively FL complies with data security standards while preserving its performance. Understanding this research question will enable the evaluation of FL’s position in satisfying legal and ethical data security standards.

2.1.2. Inclusion and Exclusion Criteria

This section helps the reader reproduce the selection process and will explain why few papers meet the selection criteria. Furthermore, the following inclusion and exclusion criteria were used to filter the papers relevant to this SLR:

• Inclusion criteria

  –

  Data of publication: Only papers that were published from 2020 to 2024 are included to ensure that the information included is up-to-date.

  –

  Relevance to the field: This SLR aims to include papers that are devoted to using FL and AI to secure the cloud.

  –

  Language: English language papers are required in order to ensure that everyone is able to read and understand them.

  –

  Peer-reviewed: We only include papers that have gone through the peer review process, as in the case of peer-reviewed journal papers, together with selected conference papers and technical papers.

  –

  Full-text access: We only include papers where the reader can access their full content for further examination of the topic.

  –

  Original research papers: This SLR also encompasses papers that present research results in terms of outcomes or theoretical analysis that advance knowledge in FL and AI to secure the cloud.

• Exclusion criteria

  –

  Irrelevant papers: Irrelevant papers include papers that do not focus on FL and AI to secure the cloud.

  –

  Non-peer-reviewed: Non-scientific publications that could be easily found in sources like grey literature and a number of opinion papers are excluded. Grey literature often lacks formal peer review like preprint (e.g., arXiv). Thus, these papers are excluded from the selection.

  –

  Non-English papers: To avoid translation errors and enable understanding the content of papers, only papers in English are considered for this SLR.

  –

  Duplicate studies: This includes any study that is identified twice by two different databases.

  –

  Inaccessible papers: Papers that cannot be read through in their entirety are not considered in the final choice.

  –

  Paper length: This includes brief papers that do not afford comprehensive comprehension or have insufficient details about the topic.

These criteria helped us to identify the most relevant studies that fit the goal of ensuring cloud security using AI and FL.

2.2. Conducting Phase

This section includes details about the data sources and the search string utilized in the conducting phase.

2.2.1. Data Sources

The review adopted two scientific databases, Google Scholar and the Saudi Digital Library (SDL), that are associated with computer science and cybersecurity.

The Saudi Digital Library (SDL) is a free source that was set up by the Ministry of Education in 2010 to provide a source of academic and scientific information in Saudi Arabia. The SDL provides access to more than 169 global and Arabic databases in almost all disciplines. It offers more than 95,000 journals, more than 250,000 books, more than 5 million dissertations, and more than 80,000 multimedia resources from famous publishers like ScienceDirect, SpringerNature, Wiley, Taylor and Francis, SAGE, IEEE, Emerald, Oxford University Press, and ACM Digital Library, among others. The repository also includes Saudi scientific journals, open-access resources, and a digital archive of master’s and doctoral theses from local universities. These include science, engineering, medicine, business, and the humanities, among others, and thus, the SDL is of much importance in supporting the faculty, researchers, and students in Saudi Arabia in their efforts to acquire knowledge from across the globe as well as from within the country [14].

Google Scholar was selected due to its access to a variety of different disciplinary fields and types of sources, including academic publications in peer-reviewed journals, proceedings of conferences, and technical reports with relevance to cloud computing, FL, and artificial intelligence.

At the same time, SDL has a vast array of scholarly and peer-reviewed papers in cybersecurity, cloud computing, and related disciplines or fields essential to Saudi Arabia and global researchers and practitioners.

These two databases were useful in identifying a diverse selection of studies that comprise the comprehensive sample required for this review.

2.2.2. Search String

To locate studies and enhance the quality of the search results, the following search query was employed in the present study: (“Federated Learning” OR “FL”) AND (“AI” OR “Artificial Intelligence”) AND (“Cloud Security” OR “cloud Privacy”). Here, keywords are linked together using boolean operators AND and OR to strengthen the search outcomes and exclude unrelated papers.

2.3. Reporting Phase

A detailed description of the screening and selection processes is provided in this section. In addition, it includes the total number papers in the initial stage, the total filtered papers, and finally, the selected studies, which will help make the selection criteria more transparent.

2.3.1. Screening Process

The title and abstract of each study were used to assess the relevance to the research focus. At this step, all the papers that did not meet the criteria of the present study were eliminated. The next step was that regardless of the focus of each of the shortlisted works, they were examined by the criteria followed by methodology, relevance, and contribution to the field steps. This phase also entailed the exclusion of duplicate as well as irrelevant studies. The identified and included studies were published in peer-reviewed journals and focused on the objective of the review. PRISMA 2020 is the guiding checklist for this process, and its steps include identification, screening, and inclusion; Figure 1 and Supplementary Materials display this information. These phases define the number of studies screened, removed, and included based on predefined criteria, providing a systematic background to the SLR.

Figure 1. PRISMA flow diagram for literature selection.

2.3.2. Selection Process

PRISMA 2020 guidelines helped organize the review process and to improve the management of data flows during the literature analysis [13]. From Google Scholar, the search on literary studies resulted in 12,100 sources; in the Saudi Digital Library, the search provided 9206. For different reasons like ineligibility, duplicate records, year and type filtering, and deviation from the topic, 19,091 papers were removed from the overall amount for the analysis. Finally, an extensive analysis of 2215 included papers was conducted, after which a selection was made, and 30 papers were selected according to the criteria of the research. Overall, it was found necessary to reject the remaining 2185 papers for reasons like not being relevant, being written in a foreign language, not belonging to the requisite time period, or not being freely accessible. Table 3 shows the selected papers across databases.

Table 3. The selected papers across databases.

Database	Total Papers	Relevant Papers	Final Selected
Google Scholar	12,100	1219	18
SDL	9206	996	12

A significant reduction from over 2000 relevant papers to 30 final selections resulted from a rigorous screening process based on the PRISMA 2020 guidelines:

• Inclusion and exclusion criteria: We included papers from 2020–2024 that focused on FL and AI in cloud security and were published in English.
• Quality screening: Non-peer-reviewed sources, inaccessible full texts, and duplicate studies were removed.
• Final selection (relevance and contribution): Papers without original contributions, weak methodologies, or lacking empirical evidence were removed.

This ensured only high-quality, relevant research was included.

3. Background

3.1. FL

3.1.1. Overview

Cooperation between devices is one of the key concerns in FL. FL is a process of training a model using multiple devices without sharing individual data to a centralized server. Instead, we have each device train a model with its local data and send the model updates (such as gradients) to a central server. Thus, the raw data never leave the device, making privacy possible. The process involves four main steps: (1) the central server receives model gradients sent by the clients, (2) the central server updates the global model, (3) the updated global model is sent back to clients, and (4) clients carry out more local training with their private data.

This approach is an answer to the issue of “data islands”, where data are located in different organizations or even in different locations and cannot be easily gathered into a single database that would be used for training machine learning algorithms. Conventional machine learning approaches may fail when exposed to objects that are variations of the given poorly sampled and possibly narrow domain or limited to individual organizations. FL addresses these limitations by enabling the training to take place locally, and yet the model will be able to be trained on diverse data without exposing the data.

FL was initiated by Google in 2016 to estimate user text input without violating their privacy [15]. This, in turn, has enabled the protocol to be adopted in many industries, such as health, finance, and mobile applications, especially if there is a need to uphold privacy [16]. As seen, FL is repetitive and iterative, meaning that models are often refined over a number of rounds, regardless of the models’ state of completion at the end of each round.

FL consists of two main architectures: centralized, where one server is responsible for controlling all training, and decentralized, where there are several servers. The architecture used depends on the application and whether a failure-tolerant or a failed fault tolerance architecture is desired. This is a technique that is thought to offer a good means of preserving the confidentiality of data during model building yet allowing for the creation of very complex models.

Figure 2 describes the taxonomy of FL to distinguish the most important elements of it. Some of the important areas are as follows: data partitioning strategies, types of machine learning models used, scale of federation (cross-silo or cross-device), communication architecture (centralized or decentralized), privacy preservation techniques for data, and reasons for federation, such as incentives and regulatory requirements. When these components are combined, a framework is devised for the application of FL in various applications while considering data privacy and efficiency.

Figure 2. FL taxonomy.

The architecture of FL is shown in Figure 3, whereby edge devices learn local models via their own data and then send model updates to a central aggregation server. In this approach, the updates are aggregated in the aggregation server and combined to refine a global model that is communicated to edge devices. The key to this decentralized approach is that data stays on local devices, and the need for fewer data transfers, as a result, is better for privacy.

Figure 3. FL architecture.

3.1.2. Communication and Architectures

Communication in FL is between a central point, known as the FL server, and FL clients, which are the devices used for training. The communication architecture typically consists of four core elements: the server, the clients, and the framework, which enables computations and communication [17].

The server, which may be a powerful computing device, is in charge of building and maintaining the global machine-learning model. It controls the interaction with them, the quality, and the dependability of the training course served [18]. If a server is unreliable, then the global model may also be incorrect. The best way of solving these problems could be implementing a decentralized server system that could be based on blockchain [19].

In FL, the clients are the devices or organizations which have the data. Every client identifies a model based on its data and sends the model to the server for further usage. The server then takes these local models and produces a new global model. The clients’ hardware differs in terms of capabilities, from powerful machines that can support various models to less capable devices with limited capabilities, such as mobile phones that may not support complex models.

In this case, the server and clients exchange information through a number of steps, the most common of which is the federated averaging (FedAvg) framework [20]. For every round, the server supplies the client with the global model, which the client uses to fine-tune the model with the client’s data. Then, the updated models are sent back to the server, which then takes the average of all the models it receives and creates a new global model. This continues after several iterations until the model is adequately trained.

The communication framework for FL makes use of local computation and global aggregation in order to minimize the transfer of data and thus minimize the risk of data breaches and improve privacy.

The architectures used in FL control the collaboration between multiple devices involved in the system while protecting the data. Two broad architectural models are distinguished in FL, namely centralized and decentralized [21]. All of these architectures have different methods of managing data, model updates, and communication among clients and servers. While the centralized architecture provides an effective solution for model aggregation through the use of a single server, the decentralized architecture aims to distribute the training process to keep the participants’ information secure and to prevent the possibility of having a single point of failure. In this section, we will review both architectural models with a focus on their features, strengths, and weaknesses in the context of FL architectures.

The architectures used in FL can be broadly classified into two types. There are two main forms of operation: centralized and decentralized.

• Centralized architecture: In this particular approach, there is a master server that gathers model parameters from all participating clients (the devices that are used in the training process) and then produces a single, unified model out of these updates. Every client takes its local training data, and when it finishes the local training, it sends the new model parameters, such as weights, to the server. The server receives these updates from all the clients, integrates them, and produces the global FL model, which is sent back to the clients for more updates. Although this approach provides a simple and clear solution for aggregation, it has some privacy and security concerns as well. For example, if the data are not transferred to the server, potential attackers can still extract some information from the updated data [22].
• Decentralized architecture: In the case of decentralized FL, there is no single point of control in the process. Instead, a number of devices or servers collaborate in a distributed fashion in order to train the model. Every device or server has to exchange information with other devices and perform model fusion locally. On the one hand, this approach eliminates the risks of concentrating all functions in one central point; on the other hand, it presents challenges in the form of inter-device communication and collaboration. There are usually technologies that support decentralized architectures, for instance, blockchain, which improves reliability and guarantees safe communication among the involved clients [22].

Although for centralized architectures, it is easier to implement and control the process, decentralized architectures provide better security because the aggregation process is divided between several servers and, in such a way, the risk of having a single point of failure is minimized. Each of the two approaches has its advantages and disadvantages; hence, the selection of the architecture depends on the application or security needs.

3.1.3. Scale of Federation

FL systems can also be classified based on the level of participants involved in the system. Based on these scales, they are mainly divided into cross-silo and cross-device federations to meet different needs. Cross-silo is used in the presence of big organizations with extensive data. On the other hand, cross-device is performed on the basis of numerous small devices with less processing capability. These differences must be understood in order to design FL solutions that would be most suitable to certain contexts.

The scale of FL can be divided into two categories: cross-silo and cross-device.

Cross-silo FL is often performed with a limited number of parties, including businesses or organizations (e.g., hospitals or banks), with large volumes of data. This approach involves clients who may be organizations that have adequate capital in terms of computing power and data [23]. This method enables these institutions to jointly fine-tune a global model without disclosing raw data to each other, thus preserving privacy and enabling the exploitation of the combined data [24]. Cross-silo FL is also more common in sectors with legal restrictions that require data protection measures, including healthcare and finance [25].

Cross-device FL, on the other hand, involves many more devices (e.g., mobile phones or Internet of things devices) that have limited computational capabilities and store less data. In this setup, the devices are all involved in the training of the global model, even though they are, in general, less powerful and have intermittent connectivity [26]. This method is especially useful in environments with many devices, such as mobile applications or smart homes. Although cross-device learning can be carried out from numerous devices in a large network, there are issues regarding device failure, network quality, and the guarantee of satisfactory model efficacy with limited resources on the device [27].

These types of federations have different operations and issues based on the number of participants, volume of data, and capability of the devices used.

3.1.4. Security and Privacy in FL

Due to modern big data technologies and high-performance computing machines, applications of machine learning (ML) have emerged in data-oriented sciences in the field of agri-technologies. Traditional ML depends on the server’s computational resources and data to keep the models relevant and consistent. Basically, in conventional ML scenarios, users’ data are housed on a central server and are used in testing and training to develop new and improved ML models. Still, these centralized approaches present some problems, most notably, the issue of the security and privacy of users’ personal information and, secondly, the issue of computational power and time [28].

Storing and analyzing such personal data in the context of the utilization of AI-based technologies is compliant with the legal measures that protect the privacy of citizens, for example, GDPR regulations in the European Union [29]. In the United States, the California Consumer Privacy Act (CCPA) [30] and the Personal Data Protection Act (PDPA) of Singapore [31] have set similar rules; hence, these concerns are becoming more significant. These laws entail that the data must be processed in an understandable manner and for a specific purpose, and the data subject’s consent must be obtained.

Current research on data security and privacy is becoming more and more extensive, and the same can be said for research in the context of FL. Many papers investigate the security risks and information disclosure in FLs and their components. Nevertheless, the work of [32] shows that FL approaches can be attacked in a number of industries, including industrial manufacturing, healthcare, personal data logs of wearables, and autonomous systems, due to the improper use of shared parameters. FL is used for efficient distributed model training and to protect clients from the theft of private information because the data are stored locally, while only model weights and gradients are shared. Still, this greatly depends on the client’s update to the FL server, which constitutes a significant security risk in FL systems. Gradients that are shared can be recreated to look like the original data, meaning that privacy can be breached even when more complex methods, such as multi-frame federated averaging, are used. FL employs model aggregation techniques where the model parameters from all the participating parties are averaged and shared as a final global model, hence minimizing the sharing of the original data. Other works that are closely related to our work include [33,34], which discusses potential threats and investigates gradient-based reconstruction techniques with an analysis of the effectiveness of different architectures. The available experimental work indicates that privacy cannot be taken for granted in FL; secure applications must be assessed on a case-by-case basis to avoid leakage of information. One attack is as follows: the adversary makes adjustments to the noise added to the gradient sample to match actual gradient values; thus, the adversary can reconstruct local training data [35].

As the need for privacy and security increases, methods and algorithms of the present time are being developed further and further. For instance, there are new measures to prevent gradient-based attacks, and encrypting gradients and parameters is a hot topic. In this case, the intention is to guarantee that the clients only send encrypted gradients to a central server through homomorphic encryption. The conventional methods of encryption are concerned with protecting data storage by ensuring that nobody can compute the data without the key in order to decode it. Homomorphism has the ability to perform computations on encrypted data without in any way exposing the data through secure data processing. This feature enables the users to work on the data and decrypt it with ease, but it comes with high time and computational complexities of learning and training [36]. For cross-silo FL, some solutions help to mitigate the cost of homomorphic encryption, e.g., encrypting batches of quantized gradients instead of individual precision gradients, and new techniques in quantization, pruning, and encryption allow for gradient aggregation on the ciphertext. Other steps that have been proposed to enforce FL security include the use of blockchain-based federated accumulation systems that employ a cuckoo filter and nonce timestamps for request validation and differential privacy for shielding client information [37].

3.2. Privacy-Preserving Mechanisms in FL

The effectiveness of FL is its ability to integrate the most effective privacy-preserving techniques. Of these, differential privacy and homomorphic encryption are the most important. Differential privacy prevents an attacker from identifying specific data points within a dataset by adding noise to the gradient updates in the training of a distributed model [8]. For instance, differential privacy is used efficiently in the joint work of several financial institutions to train machine learning models on the customers’ transaction data while preserving data confidentiality [10].

On the other hand, homomorphic encryption allows computations on the encrypted data without the need for decryption. For instance, in smart energy grid systems, homomorphic encryption is used to protect the usage data gathered from millions of smart meters so that the energy consumption patterns of households remain private, yet the data can be used to develop predictive energy management models [38]. These techniques are opening the door for safe and private AI use in numerous sectors and industries.

3.3. Scalability and Communication Challenges

Despite FL’s decentralized architecture improving data privacy, scalability issues are a major problem, especially in cross-device federations with millions of IoT devices. These scalability issues are exacerbated by the heterogeneity of devices, including differences in computational power and network capabilities. For instance, an FL system designed for a smart city traffic control network experiences delays because of the frequent communication required between edge devices and the central server. To address these delays, optimizations like asynchronous updates are introduced to reduce delays and increase real-time response rates [39].

Similar challenges are also faced in other cases where FL is deployed for large-scale predictive maintenance systems in manufacturing environments. Factory sensors have different processing power, leading to uneven model updates and inefficiencies in the training process. As a result, adaptive federated optimization algorithms have been proposed to tackle these disparities and utilize resources more efficiently [38]. These examples illustrate the need to design FL systems that can scale across diverse and resource-constrained environments.

3.4. Security Vulnerabilities and Adversarial Threats

Although FL has privacy advantages, it is not safe from security threats. Adversaries can poison local model updates and degrade the accuracy and integrity of the global model. Concerning work on FL in fraud detection systems, ref. [7] showed that adversaries could inject false patterns in local updates, which would lead the global model to misclassify legitimate transactions as fraudulent.

In another case, adversarial model updates were seen during collaborative work to train models for autonomous vehicle navigation. During inference, the global model favored unsafe routes because malicious clients introduced biased data. To tackle these threats, researchers have suggested adopting trust-weighted aggregation mechanisms that favor updates from trusted sources and reject potentially malicious contributions [40]. This highlights the importance of strong security protocols to protect FL systems from adversarial threats.

3.5. Opportunities for Advanced FL Integration

FL is a very promising approach. We discuss one promising direction for FL, which is to integrate FL with blockchain technology to enhance trust and security in sensitive applications. For example, blockchain-enabled FL is used in the multi-hospital network to guarantee the integrity of collaborative training models for disease diagnosis. This approach allows for tamper-proofing of model contributions and also provides an immutable record of training processes [41].

FL also has another groundbreaking application for autonomous robotic systems. Deploying federated deep reinforcement learning to task scheduling in heterogeneous robotic fleets optimizes logistics operations across distributed warehouses. The practical benefits of FL in industrial settings [42] have been demonstrated by this method, improving operational efficiency and protecting sensitive operational data from being centralized.

Furthermore, FL has been used to improve anomaly detection in autonomous guided vehicles (AGVs) in smart manufacturing. Using FL, AGVs could collaboratively train models with data privacy and detect objects 30% more accurately than traditional centralized methods. The presentation of this application showcases FL’s ability to promote innovation in industrial IoT environments [43].

These examples illustrate how FL can be leveraged to address security, privacy, and operational challenges and thus open the doors to its adoption in numerous domains, from healthcare to industrial automation.

3.5.1. Federated Averaging (FedAvg)

FedAvg remains a pivotal algorithm in FL, enabling distributed model training across clients without the need for centralized data aggregation. Recent advancements focus on improving its efficiency in handling heterogeneous datasets, enhancing scalability, and optimizing communication overhead. A notable improvement is the development of frameworks that integrate FedAvg with robust mechanisms to tackle non-IID data challenges [44].

However, a critical challenge in FedAvg is handling non-IID data across clients, which is a common scenario in FL due to the diverse nature of edge devices. Non-IID data can lead to model drift, slower convergence, and inconsistent updates, as client updates may not accurately represent the global data distribution. This heterogeneity can result in degraded model performance, especially in real-world applications where data vary significantly across users.

To mitigate these issues, recent research has proposed several improvements to FedAvg. Personalized FL techniques, such as meta-learning and multi-task learning, aim to adapt global models to individual client distributions. Additionally, adaptive aggregation strategies, including weighting updates based on data similarity or clustering clients with similar distributions, have shown promise in improving convergence on non-IID datasets. Other solutions involve regularization methods that stabilize updates from highly skewed client distributions.

A notable improvement is the development of frameworks that integrate FedAvg with robust mechanisms to tackle non-IID data challenges, ensuring better generalization across heterogeneous clients. These advancements continue to refine the applicability of FedAvg in practical FL deployments.

3.5.2. Federated Learning in Healthcare

The healthcare domain has embraced FL due to its ability to process sensitive patient data securely across decentralized locations. This integration has facilitated advancements in personalized diagnostics, medical imaging analysis, and real-time patient monitoring. Federated models enhance cross-institutional collaboration without violating privacy regulations like HIPAA or GDPR, significantly contributing to precision medicine and drug discovery [45].

3.5.3. Federated Learning in Finance and Banking

In the financial sector, FL has unlocked opportunities to develop collaborative models for fraud detection, credit scoring, and personalized financial services. Its decentralized approach minimizes the risks of data breaches while enhancing service quality through real-time analytics. Emerging studies focus on adaptive FL frameworks to manage high-frequency transactional data securely [46].

3.5.4. Edge Computing and IoT

FL significantly contributes to IoT ecosystems by enabling real-time decision-making without requiring data centralization. Applications in autonomous vehicles, smart homes, and industrial automation illustrate how FL optimizes resource utilization while maintaining data privacy. Integrating FL with edge computing reduces latency, enhancing system responsiveness in time-sensitive environments [47].

3.5.5. FL in Dynamic Edge Environments

The FL architecture provides for the training of models in a decentralized fashion across numerous edge devices that operate without the need for shared local data. The concept finds its greatest utility in dynamic and heterogeneous systems, including those based on IoT devices and edge computing architectures. Model training at edge devices reduces data privacy risks and lowers the latency that comes with moving data through central servers. There are several challenges that need to be overcome for efficient implementation of FL, including computational resource heterogeneity, variable network connections, and device mobility [48].

• Real-time decision-making: The integration of FL into edge AI enables models to operate in real-time through local training and update the capabilities of edge devices. Model training in edge devices cuts down the back-and-forth data transmission delay to central servers, thus resulting in more rapid responses. The method also provides improved data privacy through local data management, which reduces the exposure of sensitive information during transfers between source and external servers [48].
• Applications (autonomous vehicles): The FL system enables vehicles to supplement one another’s operational skills by exchanging different driving conditions, which enables real-time decision-making without disclosing raw information.
• Smart manufacturing: The implementation of FL under Industry 4.0 allows machines to gain knowledge of failure patterns without sharing operation-specific data, thus improving their predictive performance and operational effectiveness.
• Healthcare: Medical institutions can train AI models jointly with FL through data protection methods, which both support quick clinical decisions and maintain patient confidentiality.

FL provides systems with rapid and informed decision capabilities that enable them to operate effectively in highly dynamic edge environments.

3.5.6. Federated Learning in Natural Language Processing (NLP)

NLP benefits from FL by enabling collaborative training on multilingual datasets and enhancing the performance of language models. Innovations such as privacy-preserving chatbots and collaborative translation systems demonstrate how FL enriches NLP applications while respecting data ownership and security [49].

3.6. Real-World Applications and Insights

3.6.1. Google’s Zero Trust Implementation

In 2023, Google deployed a Zero Trust security framework to protect its hybrid cloud infrastructure against ever-changing cyber threats. This model implements the principles of ‘never trust, always verify’, meaning that users, devices, and workloads accessing resources are continuously verified. The study by [50] revealed that this approach cut unauthorized access incidents by 50%, particularly in multi-cloud environments where traditional perimeter-based security models have failed. Google’s Zero Trust implementation, BeyondCorp, is critical to enabling employees to work in hybrid setups and access their systems securely remotely. The architecture also uses AI-powered anomaly detection to detect and resolve insider threats in real-time [51].

3.6.2. FL in Healthcare

FL saw one such implementation during the COVID-19 pandemic when the numerical video interface device architecture (NVIDIA) was used institutions like King’s College London and Massachusetts General Hospital to create predictive modeling for COVID-19 diagnosis. These institutions collaborated to train AI models via FL without centralizing sensitive patient data. They strictly adhered to privacy laws like the General Data Protection Regulation (GDPR) but allowed valuable insights to be shared across countries and institutions. However, the researchers found that data inconsistencies and non-IID (independent and identically distributed) data across participating hospitals caused an initial drop in model accuracy of around 12% [6]. Data normalization techniques and weighted model aggregation were used to address these challenges and improve performance and robust diagnostics.

The Ontario Health Data Platform also used FL to support cross-hospital collaboration in Canada. To guarantee patient data confidentiality, this platform employed privacy-preserving techniques, including differential privacy and secure multiparty computation, to improve disease prediction models. Additionally, blockchain-based integrity checks were deployed to reduce adversarial data poisoning risk during training [43].

3.7. Cloud Computing

3.7.1. Introduction to Cloud Computing

Cloud computing has changed the way that businesses, individuals, and other organizations manage and use their data. It offers on-demand and self-service computing power on the web, and the user does not have to own any hardware and only pays for what he or she uses. Cloud computing helps in faster delivery of applications and platforms, as well as data and computing resources for startups and big corporations [13].

The idea of cloud computing can be traced back to the 1960s when time-sharing was used on mainframe computers, where many users shared one computer resource [52]. But, it was in the early 2000s, thanks to faster Internet connections and better technologies, that cloud computing emerged as we understand it today [52]. Some of the greatest contributors to the development of the cloud are Amazon, Google, and Microsoft; Amazon specifically began the commercial use of cloud computing in 2006 with the creation of AWS (Amazon Web Services) [53,54,55]. Since then, the cloud has advanced to include other services such as AI, machine learning, and big data services.

3.7.2. Key Technologies Enabling Cloud Computing

Cloud computing is enabled by several foundational technologies, which provide the required infrastructure, scalability, and efficiency to deliver services over the Internet [56,57,58]. These technologies make cloud computing versatile, cost-effective, and generally accessible.

• Virtualization: Most cloud providers rely on virtualization technology to create several virtual machines (VMs) over one physical server. Virtualization provides the ability for different applications and separately authenticated users to share the same physical hardware by dividing up resources like CPU, memory, and storage and isolating them from each other. It enhances resource utilization, scalability, and flexibility by allowing for simple provisioning, management, and scaling of virtual machines according to demand.
• Distributed Computing: Distributed computing is when you split a computational task among multiple computers or servers that work in coordination to achieve a common goal. Distributed computing for large-scale processing and storage in geographically dispersed data centers is defined in cloud computing. With this model, reliability is increased since tasks can be distributed among multiple nodes so that no single point of failure exists, and scalability is increased as additional resources can be brought on as needed when demand grows.
• Network Infrastructure: Cloud computing needs a robust network infrastructure that ensures client, server and data center networking. To guarantee trouble-free access to cloud resources, high-speed Internet, advanced networking protocols, and data transmission technologies are all essential. Data redundancy and load balancing with efficient network infrastructure help cloud providers provide consistent performance and availability across global locations.

3.7.3. Cloud Computing Security and Privacy

Since data and applications in cloud computing are stored and accessed over the Internet, for example, over multiple locations, security and privacy are a very critical part of this computing. Several security frameworks and protocols are implemented by cloud providers for data protection and to build trust with users. Here, data are encrypted, and access by the users is controlled.

Guidelines and standards that are followed to secure cloud environments are presented by security frameworks and protocols. Best practices within privacy, incident response, and regulatory compliance are outlined by these frameworks. Two commonly adopted frameworks are ISO/IEC 27001 [59], which specifies requirements for an information security management system, and the NIST Cybersecurity Framework which consists of guidance aimed at identifying, protecting, detecting, and responding to cybersecurity threats [60]. For data in transit, protocols like SSL/TLS are used for security [60,61].

Cloud security inherently includes the use of data encryption to safely encode data so that improper use can be avoided. In a cloud environment, data are usually encrypted at rest (when stored) and in transit (when being transferred). Further, security is enhanced by data access being restricted to authorized users who use access controls. Common methods of preventing people from accessing sensitive data from others improperly are multi-factor authentication (MFA) or role-based access control (RBAC), ensuring only those verified and with the proper permissions can have access to sensitive data [61]. Encryption and access controls work together to provide multiple layers of defense to help keep your data private in the cloud.

3.7.4. Security Challenges in Cloud Computing

With cloud computing continuing to grow and expand, different security challenges arise that must be considered and acted on proactively. With the cloud being distributed, a top cause of these challenges is the cloud’s reliance on third-party providers and the continuous movement of sensitive data across the Internet. Here are some of the primary security challenges faced in cloud computing:

• Data Breach and Data Leakage: Securing cloud environments is all about data breaches. Sensitive information, such as credit cards, is stored on third-party servers in a cloud so that you lose visibility of it, and access over the Internet is susceptible to unauthorized access, hacking, and other forms of cyber threats. Unlike conventional data centers, cloud environments are available from everywhere, making them more susceptible to data being intercepted or exposed if appropriate security measures are not in place. In addition to being created by malicious users, data leakage can also occur as a result of misconfigurations in the access settings, a lack of encryption practices, or vulnerabilities in shared resources, which means that sensitive information can be leaked [62].
  Over the past few years, an increasing number of organizations have been adopting cloud solutions, and as the popularity of cloud adoption has grown, so have security breaches. As per the studies [63,64], the number of cloud breaches reported has steadily risen from 1200 in 2020 to 1800 in 2023. The 50% increase over four years highlights the fundamental vulnerabilities in cloud infrastructure as organizations shift to the cloud for data storage, collaboration, and operations. Cloud adoption accelerated in 2020 as companies shifted to remote work, but too many companies did not have the security in place to protect themselves, leading to huge breaches like ransomware and unauthorized data access. In 2021, the number of breaches stood at 1350, and cybercriminals were hitting misconfigured cloud storage services and weak access controls. The trend continued in 2022, with breaches reaching a total of 1550 incidents. Attackers were found to be using increasingly sophisticated phishing techniques, API misconfigurations, and supply chain vulnerabilities to compromise cloud-based systems [64]. After that, in 2023, the number of breaches further deteriorated to 1800. Advanced persistent threats (APTs) and multi-cloud environments, which focused on inadequate coordination across platforms, were the causes of this sharp rise. According to [65], the higher complexity of hybrid and multi-cloud infrastructures further aggravates the difficulties of keeping strong security protocols, which cyber adversaries take advantage of to exploit weak links in cloud ecosystems.
  The statistics above underscore the dire need for organizations to embrace advanced security measures, including adopting Zero Trust architectures, integrating AI-driven security and threat detection solutions, and using privacy-preserving technologies like FL. In addition, regulatory compliance frameworks like GDPR and the California Consumer Privacy Act (CCPA) require organizations to take a proactive stance against these vulnerabilities. Cloud breaches are on an upward trajectory, and cloud security has become a critical part of any digital transformation strategy.
  Figure 4 shows the number of cloud breaches rising from 2020 to 2023 [63,64].
  

  Figure 4. Cloud breaches from 2020–2023.
• Top 10 security breaches in cloud computing: The frequency of cloud security breaches is increasing, and that is where AI and FL play an important role in resolving such risks. Below are several prominent breaches and how AI and FL could have been instrumental in addressing the challenges they presented:
  • Facebook Data Leak (2021): Poorly configured databases exposed over 530 million user records, including phone numbers and email addresses [66]. An AI-driven anomaly detection system would have been able to detect unusual database queries or access patterns in real-time and stop data exfiltration.
  • Alibaba’s Taobao Breach (2019): The unauthorized scraping of millions of user details was due to unsecured cloud storage. The privacy-preserving capabilities of FL could have allowed for secure, decentralized analysis of sensitive data without exposing them to outside access [67].
  • LinkedIn Data Scraping (2021): Insecure API configurations allowed the scraping of personal data of 700 million users [68]. FL could have trained AI systems to dynamically monitor and restrict API misuse, thereby reducing exposure risks by a large margin.
  • Capital One Breach (2019): In total, 100 million records were exposed from a misconfigured AWS server [69]. Misconfigurations could have been identified, and security teams could have been proactively alerted by AI-enabled threat detection before data exfiltration.
  • Cognyte Data Leak (2021): An Elasticsearch server exposed more than 5 billion records from breached databases worldwide [70]. Without exposing individual records, access to aggregated data could have been securely monitored by FL-based privacy-preserving analytics [71].
  • Sina Weibo Breach (2020): Weak data management practices led to over 538 million user records being stolen [72]. Using AI-driven behavioral analytics, suspicious access attempts could have been detected and stricter authentication measures put in place to protect data.
  • Accenture Ransomware Attack (2021): LockBit encrypted client data and demanded a USD 50 million ransom [73]. Early ransomware behaviors could have been identified by AI systems, isolating systems affected to prevent widespread encryption.
  • Toyota Cloud Breach (2022): Client and employee sensitive data were exposed [74]. Without centralizing sensitive information, FL could have facilitated secure collaboration among Toyota’s global teams, thereby reducing breach risks.
  • AWS Credential Leak (2022): Millions of AWS credentials were exposed due to insecure API configurations [75]. AI real-time monitoring of API usage could have detected unusual patterns and automatically disabled compromised credentials.
  • Verizon Cloud Leak (2017): A misconfigured cloud storage by a third-party partner exposed over 14 million customer call logs [76]. With FL, secure analytics could have been performed across third-party systems while preserving data privacy and reducing dependency on direct access.

Figure 5 below illustrates the top cloud security breaches and the number of records exposed in each incident.

Figure 5. Top cloud breaches.

• Insecure APIs and Interfaces: This refers too interfaces and APIs, which are the route by which users and applications deal with cloud services. But, if these APIs are not secured properly, they can serve as a way for cyber attackers to enter your service. If not, insecure APIs may not have the appropriate authentication, authorization, or encryption features that lock it down from others viewing, changing, and/or even deleting data. Since most APIs are available over the Internet, any vulnerabilities will be exposed to malicious partakers, who could unlock them and take full control of your cloud [77].
• Account Hijacking: User account hijacking is when attackers have unauthorized access to a user’s accounts, for instance, by phishing users into giving up their usernames and passwords or through weak passwords and credential theft [78]. In cloud environments where people share resources, account compromise can bite hard, with attackers being able to move laterally to other parts of the network, sniff and decrypt sensitive data, and mess with resources. To prevent account hijacking, here are the security measures you need to take: MFA, strong passwords, and account monitoring.
• Insider Threats: Cloud security is vulnerable to insider threats, both intentional and not. Sensitive data and systems are a target for (staff or) contractors with access to them, who may exploit their access for personal gain or accidentally expose data due to negligence [78]. As an organization grows and gains access to more users in a cloud environment, managing and monitoring insider access becomes complicated. Implementing strictly designated access controls, ongoing internal reviews, and employee alertness training can steer away insider threats.
• Compliance and Regulatory Issues: Organizations storing or processing sensitive information in the cloud must comply with industry regulations and standards (including GDPR, HIPAA, or PCI DSS) [79]. Because of the shared responsibility model of security in cloud computing, where both cloud providers and customers have to manage security, it is indeed difficult to keep up with compliance. Dealing with multiple cloud environment providers can be complex, ensuring that cloud providers comply only with regulatory requirements and implementing necessary controls on the customer side. Non-compliance can result in massive legal consequences, fines, and tarnished reputation.
• Shared Responsibility Model Complexity: Security responsibility in cloud computing is divided between the cloud provider and the customer. Although cloud providers are typically responsible for the underlying infrastructure, physical security, and customer data, applications and access controls are provided by the customer. Unfortunately, this model of shared responsibility can create overwhelming confusion and security gaps if customers mistakenly believe that the provider handles everything when it comes to security [80]. Second, when it comes to cloud deployments, roles and responsibilities are extremely important so that you do not end up with misconfigurations and vulnerabilities.
• Visibility and Control: As data and applications reside in third-party cloud environments, organizations may lose visibility and control over the resources they have. But, customers often have no control over the infrastructure, so it becomes difficult for them to monitor activities, detect threats, and take necessary actions in real-time. Limited visibility can also make organizations unable to discover possible security issues quickly and enforce policy [80]. Logging, monitoring, and auditing tools help provide visibility in the cloud, but they come with the need for additional resources and expertise.
• Data Loss and Disaster Recovery: Cloud environments are prone to data loss by accidental deletion, hardware failure, etc. Very much like any other technology, cloud providers do not provide a disaster recovery solution; instead, it is up to the customer to devise backup strategies and restore protocols for the customer data and applications under their care [81]. However, seeing things from this perspective does not mean you can fall back on the provider’s recovery solutions and expect a complete recovery every time. Regular backups of data, testing of the disaster recovery, and keeping redundant systems in place are ways to cover the data loss from the risk.

These security challenges are what underscores the importance of cloud security which is multi layered and proactive. Understanding and addressing these risks lets organizations protect their cloud data, applications, and operations in the best possible ways.

3.8. Edge Computing

3.8.1. Introduction to Edge Computing

Edge computing is a computing concept that handles data nearer to its source, as opposed to collecting all the data and sending it to a central cloud data center [82]. This model decreases latency, shortens response times, and minimizes bandwidth utilization by processing data close to the ’edge’ of the network. This is where edge computing is useful, especially for applications that process real-time data, such as IoT devices, autonomous vehicles, and industrial automation [82,83].

Instead of sending data to centralized servers for processing, edge computing involves processing the data at the point where they are generated. In edge computing, the “edge” refers to any location that is relatively near where data are generated (e.g., IoT devices, gateways, or local servers) [83]. Edge computing provides efficiency, reduces latency, and reduces data transmission costs by performing computation locally. Also, this decentralized approach facilitates faster decision-making, which is essential for time-sensitive applications.

The response to the limitations of traditional centralized computing models, such as cloud computing, is edge computing. Currently, as more and more devices join the ever-growing web and produce massive amounts of data, it is no longer feasible to depend solely on the cloud, especially when the responsive application has requirements of low latency and immediate response [84]. The demands for processing data closer to data sources have been fueled by the growth of the IoT and networking with 5G. Edge computing expands the cloud computing capacity by introducing data storage and processing power into local environments, thus creating a hybrid model that takes advantage of both centralized and distributed systems [84].

3.8.2. Key Technologies Enabling Edge Computing

Several advanced technologies, including edge computing, process data near the source, thus offering timely responses and real-time decision-making. The IoT, 5G network infrastructure, and applying artificial intelligence and machine learning on the edge are central technologies.

• IoT: The IoT refers to a network of devices connected to one another and to the Internet, collecting, transmitting, and perhaps even processing data regarding their environment [85]. As such, IoT devices are critical to edge computing, producing massive quantities of data close to the edge of the network and sometimes in real-time. With edge computing, IoT devices can process data locally and ping information to a centralized cloud less often, reducing the latency and improve response times while also conserving bandwidth. Examples of IoT applications for edge computing range from smart home devices to industrial sensors, healthcare wearables, and autonomous vehicles [85].
• 5G and Network Advancements: Fifth-generation technology and other networking advancements enable the high-speed, low-latency network connectivity that edge computing depends on. Because 5G increases data transfer rates significantly, edge devices can now communicate faster with local data centers or gateways [86]. High speed is crucial for 5G, as it supports real-time use cases such as remote surgery, autonomous driving, and augmented reality, which cannot accept any delays, and 5G can do that. Furthermore, 5G also allows and supports many more devices to connect per area compared to 4G, enabling edge computing to scale much better as the number of IoT devices grows [86].
• AI and Machine Learning at the Edge: By fusing AI and ML at the edge, devices can now analyze data in real-time and make autonomous decisions without needing a live connection to a centralized cloud resource. Organizations can carry out image recognition, anomaly detection, perform predictive maintenance, and language processing with minimal latency by deploying AI and ML algorithms directly on edge devices or local gateways [87]. At the edge, the models of AI and ML are optimized for low power and resource efficiency. Therefore, they can be operated on smaller devices, which consume fewer resources and do not require much computation power [87]. This local intelligence allows edge devices to function free of the central hub and act immediately to the change in conditions, thus improving the efficacy edge computing is bringing to use cases that call for rapid, data-driven responses.

3.8.3. Benefits of Edge Computing

The advantages of edge computing make it well-suited for applications that require real-time data processing, efficient use of resources, and better data privacy. This stems from the fact that edge computing is decentralized, and data processing can take place near the source of data.

• Reduced Latency and Faster Response Times: Data are processed locally by edge computing, therefore saving a lot of the time it takes for the data to travel to a centralized server and back. For this reason, especially for applications that require an immediate answer, such as autonomous vehicles, industrial automation, and healthcare monitoring, this low latency is critical. Faster response times bolster better user experience and enable ‘real-time’, near-instant decision-making in scenarios where milliseconds matter [82].
• Bandwidth Optimization: Optimization of bandwidth usage is achieved by processing and filtering data near the source and discarding noncritical data, as opposed to raw data being sent, for analysis on a centralized cloud. Data that need to travel over the network are limited to only relevant information or summary data [83,88]. On top of this bandwidth conservation, this also reduces transmission costs, which makes this especially appealing for many devices in the IoT space with constant data being generated.
• Enhanced Privacy and Data Security: Because edge computing ensures data remain closer to their source, it does not require the transmission of sensitive information over potentially vulnerable networks. Local data, which have been processed and stored, are less exposed to threats from the outside world, meaning privacy and security are increased [88]. This is very helpful in industries like healthcare and finance, where data privacy is quite strict. Further, edge devices can implement specific security measures and encryption protocols that put in place many different layers of protection for sensitive data.

3.8.4. Challenges and Limitations of Edge Computing

Being decentralized, edge computing has some benefits but also some challenges and limitations. Challenges include limited processing power, security issues in the manner of managing distributed systems, and the intricacy of integrating edge solutions with the cloud and existing IT technology.

• Limited Processing and Storage Capabilities: By design, centralized cloud data centers have much more processing power and storage capacity than edge devices. Large-scale data processing or complex computations can be challenging for edge devices due to their physical size and the power they are limited to. As a result, this constraint can limit the types of applications that can run at the edge, and optimizing algorithms and data processing may be necessary to squeeze the work within the available resources [82]. However, in cases where more extensive processing is required, data may still be offloaded to the cloud, thus negating the latency benefits of edge computing.
• Security and Management of Distributed Infrastructure: Security and management challenges come with the distributed nature of edge computing. It is hard to secure each node and ensure consistent security protocols when data processing occurs across multiple devices located in different places. Network security is not just about protecting users; rather, each edge device represents a potential attack surface, and protecting the network from unauthorized access, malware, and data breaches requires robust security measures [83]. Additionally, managing a multitude of distributed devices is difficult, particularly in identifying and applying software updates, managing security patches, and troubleshooting issues remotely.
• Integration with Cloud and Existing IT Systems: The integration of the edge computing solution in conjunction with legacy cloud and IT systems can be challenging. Data flows between edge devices and centralized systems need to be coordinated, which means that there can be very complex data synchronization and interoperability issues for organizations. When you work with legacy systems, this inevitably means careful planning that often comes with a few custom solutions if you need to ensure compatibility with both edge and cloud architectures [84]. It is also possible to want a smooth transition between local edge data processing and more extensive cloud analytics, and this often involves a lot of network architecture and protocols to ensure data consistency and system performance.

These challenges emphasize the importance of strategic planning and resource allocation in the deployment of edge computing, particularly in environments with heavy data processing requirements or stringent security needs.

3.8.5. Edge Computing Use Cases

Edge computing is useful for cases where it is necessary to process data as close to the source as possible and with minimal delay. Below are some of the most important applications where edge computing is providing value.

• Real-time Applications (e.g., autonomous vehicles and industrial automation): It is particularly important for applications where prompt reactions and decision-making are important, such as cars with auto-pilot mode or industrial control systems [89]. Self-driving cars are driven by real-time data from the car’s sensors and cameras to make crucial decisions on the road, which would be impractical with the use of a centralized cloud. Likewise, in the industry, data coming from the sensors could be processed by automated machinery with the help of edge computing to make quick decisions and avoid downtime [89]. These time-critical use cases benefit from edge computing because it performs computations on data collected at the edge, thereby improving safety, performance, and agility.
• Smart Cities and IoT Applications: In smart cities, edge computing is applied to control the large number of IoT devices, which collect significant data about traffic, the environment, energy consumption, and safety [90]. For instance, traffic cameras and sensors mounted in different parts of a city can process data at the edge to control traffic, minimize congestion, and improve safety without burdening the core system. In smart cities, edge computing helps to ease the network load, process data faster, and protect privacy by keeping data within city limits [90]. In particular, it ensures that energy is used optimally and that infrastructure is properly maintained, thus enhancing the livability of cities.
• Health Care and Remote Monitoring: In healthcare, edge computing is applied in real-time patient monitoring, especially in places that are far from the hospital or at home. Wearable devices, connected health monitors, and mobile medical devices can work at the edge by analyzing data and sending information about the patient’s condition, including vitals, in real-time with a notification in the event of an adverse event. This form of processing minimizes latency, thus increasing the rate of response, which is very important for patients. Furthermore, edge computing is beneficial in enhancing the privacy of the patient’s information by processing health data near the patient, thus helping to adhere to the set healthcare data regulations and maintaining the patient’s privacy [90].

3.8.6. Edge Security and Privacy

The use of edge computing implements data processing near data sources and brings in new security and privacy issues. To protect sensitive data at the edge and prevent various aspects of data breaches, edge devices and networks need to be secured.

• Data Protection at the Edge: Edge computing security refers to protecting data that undergoes computation at the edge, meaning on devices or at edge points, instead of sending it to the cloud. Edge computing is the processing of data at the edge of the network, which decreases the likelihood of the data being intercepted during transfer [91]. However, this kind of data handling is only carried out at the localized level and, therefore, needs to be protected with strong encryption and access control mechanisms. Data encryption is a way of ensuring that information is protected at the time when it is stored as well as when it is in transfer; other methods include anonymization and tokenization [92].
• Securing Edge Devices and Networks: The other categories of devices include sensors, gateways, and local servers that may be affected by an attack. This is important to prevent threats from spreading across the entire edge network that these devices form a part of. This includes using measures like MFA and device-specific certificates to ensure that only the right people are granted access [92]. Consequently, edge networks need software updates, security patches, and firmware updates to fix issues that may be opening the network to attacks. Others include network segmentation and intrusion detection systems (IDS), which can help in containing the affected device and identifying threats within the network, respectively. In combination, these approaches provide a layered security system that can mitigate a vast number of threats to edge devices and networks [93].

3.9. AI

3.9.1. Overview of AI

AI is a branch of computer science that deals with designing intelligent systems that can work and think like humans. AI systems apply a set of rules and data to identify patterns, make decisions, and learn from their past experiences [94].

AI is one of the most valuable and innovative tools in today’s society and is used in almost every field. It is used in industries as diverse as health care, finance, retail, and transport and it changes standard approaches and paves the way for new solutions. In cloud computing, AI support is a fundamental factor in detecting threats, securing information, and even preventing adverse incidents from occurring. Because AI excels at handling large datasets and making decisions in real-time, it is an important component of future-oriented security systems and smart systems [94].

3.9.2. Types of AI

There are different types of AI, depending on what an AI system can actually do for you or in what capacity it learns. From this understanding, knowing these types provides a basis for discussing AI for cloud security applications, as each of these methods is used for detecting, preventing, or responding to threats.

• Narrow AI: Weak AI (narrow AI) is a subset of AI that is meant to perform particular processes or fix related issues in one specific area [95]. This covers recommendation systems, image recognition, and language translation, just to name a few [94]. The other type is called narrow AI, which does not have the ability to act outside its predefined functions and does not have general intelligence. Narrow AI refers to most of the current AI applications, including those for cloud security. Take, for example, an AI system that is narrow, which means it could analyze network traffic patterns to discover anomalies or to detect potential threats, but it would not know how to apply this knowledge to another unrelated domain.
• General AI: Strong AI, on the other hand, or general AI, is an imaginary form of technology that also possesses human-like intelligence and is capable of learning, understanding, and applying knowledge to various areas without any intervention or supervision [95]. General AI would be that which can solve general complex problems without human intervention, as well as adapt to new situations and reason as we do. Although general AI remains a long-term goal in AI research, such capabilities have the potential to dramatically influence security by producing autonomous systems that perceive and respond to threats as well as human analysts can. It should be noted, however, that general AI does not exist and is not yet used in modern cloud security solutions.
• Machine Learning, Deep Learning, and Reinforcement Learning: In the context of cloud security, various learning techniques are applied to design AI systems that can identify threats and attacks and enhance the protection mechanisms of data.

• ML: ML is a subfield of AI that allows systems to learn from data and act or predict on it. In cloud security, ML algorithms are usually applied to detect anomalies, identify intrusions, and classify malware [96]. The main category of ML in security is supervised learning, where models are trained on labeled datasets and unsupervised learning. Here, models work on unlabeled data to discover new threats [96].
• Deep Learning (DL): DL is a subset of ML that applies artificial neural networks to various data sets and is based on the multi-layered approach. DL models are mainly used in image and audio identification. However, they are also used in cloud security to detect subtle patterns in network traffic, user activity, and system event logs [97]. These models are excellent at pattern matching in the data and can help detect intricate and convoluted threats in cloud computing environments. However, deep learning models are capital-intensive and depend on cloud computing for flexibility in computation power [97].
• Reinforcement Learning (RL): RL is a subfield of machine learning in which an agent attempts to determine the best policy by taking actions in an environment and receiving outcomes which can be positive or negative [98]. In cloud security, reinforcement learning can be applied to design self-tuning security systems to counter constantly changing threats [98]. For instance, an RL-based system may fine-tune firewall settings or access control rules according to emerging threats to enhance the security policy to the least risk. This is quite important in cloud security, where the threat is not static at all and can change at any moment.
  All these types of AI and their approaches greatly enhance cloud security by deploying systems that can identify, analyze, and counter threats in real-time, thus fostering a secure and enduring cloud environment.

3.9.3. AI in Cybersecurity

AI is key in cybersecurity because it helps to improve detection, prediction, and response capability in security systems. Using machine learning, deep learning, and other AI approaches, cybersecurity teams can locate and resolve security problems more quickly and accurately than ever, especially in more complex or changing environments like the cloud.

• Role of AI in Threat Detection: Increasingly, AI is used in threat detection to analyze lots of data to detect patterns and potential threats in real-time. Existing methods for threat detection are rule or signature-based, restricting the ability to detect newer and evolving threats [99]. Conversely, AI-based systems can constantly learn from data, learning new threat patterns and identifying new esoteric attack techniques. For example, machine learning algorithms consider historical data on network traffic, i.e., whether they have not seen it before, to see if it deviates from what they have seen previously, which might indicate malicious activity [100]. With the capability to detect small but important variations, such as changes in users’ behavior or in the network traffic, deep learning models are especially good at spotting security incidents. Identifying and predicting threats early on makes it possible for cybersecurity teams to respond proactively and, therefore, minimize the risk of data leakage and other cyber incidents.
• Anomaly Detection: AI is also crucial for applications of anomaly detection, identifying unusual patterns in cloud environments. At scale in a cloud setting, user activities, network traffic, and, at times, system logs generate massive amounts of data, and it is almost always impossible for a human to identify anomalies manually. Anomaly detection models driven by AI can learn what is and is not considered to be the norm in the environment and will automatically raise red flags in the occurrence of behavior that is potentially indicative of a security incident. Anomaly detection is sometimes carried out using unsupervised learning and can be used when labeled data are not available [99,101]. For example, an anomaly detection model in a cloud environment may pick up a login pattern that is unusual or data access that is unexpected and alert security folks to a potential threat. In cloud systems, by catching these anomalies early, AI-powered systems prevent data leaks, account takeovers, etc.

3.9.4. AI Applications in Cloud Security

Today, AI plays a crucial role in bolstering cloud security by providing sophisticated detection, prevention, and protection mechanisms. Being able to adapt to changing threats, monitor user activity, and keep sensitive data safe in the complex cloud, AI adds to the massive sites’ protection. The following are some AI applications in cloud security.

• IDS and Intrusion Prevention Systems (IPS): For identifying and mitigating attacks on cloud networks, IDS and IPS serve as critical solutions. AI improves the functionality of IDS and IPS by providing the dynamics to learn from past attack instances and then detect threats in real-time [102,103]. An IDS driven by AI can recognize known signatures of attacks and can adapt to new and unknown threats by detecting anomalies. For example, in IDS, machine learning algorithms can examine network traffic and discover deviations that may represent possible intrusions. With AI’s help, intrusion prevention systems can go a step further, not just detecting but actually blocking suspicious activities. With AI-powered IPS, firewall rules can be modified, malicious IP addresses blocked, and access restricted based on learned threat patterns, allowing a proactive measure to cloud security [103].
• Behavioral Analysis: Behavioral analysis is often performed with AI models to identify and react to suspicious user or device activity in a cloud environment. With a baseline of normal behavior, AI models can identify deviations indicating security risks, like account takeovers, insider threats, or compromised devices [102]. In cloud security, the most important use of behavioral analysis is when users use different devices and access the cloud system from different places. Login patterns, data access habits, and user interactions are scrutinized by AI being powered behavioral analysis systems, flagging any unusual activity like a user logging in from an unusual location or accessing sensitive data outside of normal hours. This application of AI works to enhance the ability to detect potential threats, as well as react to unauthorized access attempts in real-time with greater accuracy.
• Data Encryption and Privacy with AI: With the growing use of the cloud in business environments, more and more people are now using AI-based techniques that aid in data encryption and privacy. While data encryption is crucial for securing sensitive data, conventional encryption approaches may fall behind in keeping up with the vast quantities of data in the cloud [104]. Through automation, AI can speed up encryption and help spot the most efficient way to carry it out, factoring in the sensitivity of data and data usage patterns. Moreover, AI models can create secure data storage, locate flaws in encryption protocols, and advise on the best configurations to avoid leaking data. For example, in privacy-preserving applications, AI techniques can be leveraged to train a collaborative model across distributed cloud systems without revealing sensitive data, and while data are being processed, privacy is maintained. AI helps build more secure and trustworthy cloud environments by improving both encryption and privacy [104].

3.9.5. Challenges of Using AI in Cloud Security

Although AI delivers advantages in strengthening cloud security, there are also different issues to consider when utilizing AI to increase cloud security. Among these challenges are data privacy concerns, a demand for explainable AI decisions, and the inability to easily scale the AI model to cloud environments.

• Data Privacy and Security: Data privacy and security are critical issues in cloud security as you work with AI because AI works with models, and the information may be sensitive. Training and analysis of AI algorithms usually use a lot of data, which commonly contain personal or sensitive information. Usage of such data poses privacy risks because the data can be accessed or misused by unauthorized parties [105]. In addition, certain AI applications involve the transfer of data from one cloud server to another or across international borders, thus introducing an increased risk of data leakage or compliance violation. Protecting privacy and security in AI requires infusing robust data protection practices, including data anonymization, access controls, and privacy-preserving methods such as FL (to train a model without sharing the raw data) [105,106].
• Explainability and Interpretability: A major challenge in employing AI for cloud security explains and interprets the use of AI for cloud security. AI models, especially those more complex like deep learning, tend to be thought of as ‘black boxes’ whose decision-making processes are inscrutable to humans. Without transparency, this can make it hard for security teams to trust AI-driven insights or to understand exactly why it triggered a specific alert or detection. This opacity can become a problem in security contexts where trust and clarity are critical [106]. The methods of explainable AI (XAI) are to remedy this by making AI decisions more transparent and explainable. All of this, however, can become a difficult challenge to strike the right balance between model complexity and interpretability, especially in the case of complicated and nuanced security threats.
• Scalability Issues: Deploying AI models at scale in a cloud environment is very challenging. Training and running AI models, especially in instances where AI models are resource intense, such as deep learning models, demands large computing power, memory, and storage. Large-scale cloud environments have difficulty managing these resources efficiently and keeping up performance [107]. Furthermore, the growth of the number of users and devices in a cloud environment also leads to the growth of the data in such a way that the AI models used should scale to handle such an increase in volume for which it may lead to latency issues and high costs. To do this at scale, techniques like model optimization, distributed processing, and load balancing are almost always required, and they only add to the complexity of deploying AI at scale. A continuing challenge with cloud security is to make sure that AI solutions work effectively and are sensitive enough to respond to the enormous, rapidly changing cloud landscape [107].

3.9.6. AI and FL Synergies in Cloud Security

FL is a novel approach to cloud security AI model training in which decentralized data are processed in a way that preserves privacy while leveraging the power of collective intelligence. With these points, AI and FL join forces to enhance cloud security.

• Decentralized Training: With FL, decentralized training can occur, where the AI model can be trained locally at the edge device or in different clouds without centralizing the data. In terms of cloud security, this decentralized method is very useful since the learning does not need to be performed in a central server, and each device or organization can independently train security models using their own data. With FL, data are kept localized, which lowers the risk of exposure of the data, requires less bandwidth, and has lower latency [108]. In particular, this is helpful for threat detection and anomaly detection, where local patterns often uncover security insights associated with a specific region and environment. FL also improves model robustness by leveraging the power of decentralized training, securing multiple sources of security insight, and aggregating them into a more robust and adaptable AI model [12].
• Data Privacy through FL: One of the core advantages of FL is data privacy, especially in the context of cloud security applications. FL tackles privacy concerns regarding centralized data for AI training since sensitive data can remain on local devices or in individual environments [109]. In FL, model updates (not raw data) are shared to a central server for aggregation in order to build a better global model. Using this approach, organizations can take advantage of the insights from multiple datasets without revealing private or sensitive data. Within some industry verticals, government regulation can make the transfer and the sharing of sensitive data a no-go (i.e., healthcare and finance), where strict data privacy laws (e.g., GDPR and HIPAA) prevent the transfer of data out of the local jurisdiction. FL enables you to continue meeting compliance requirements while leveraging the power of AI without compromising data privacy or cloud security [109].

3.9.7. Examples of FL in AI-Driven Cloud Security

Several real-world use cases demonstrate how FL is applied in cloud security to enhance privacy and detection capabilities [110].

• IDS: Improving IDS in cloud environments uses FL methodologies to train models on local network data for multiple organizations or data centers. The model is trained in each organization on its own network traffic patterns, with these made aggregate in order to form a robust global model that can detect a broader set of intrusion patterns without data sharing.
• Malware Detection in Distributed Systems: FL helps organizations collaboratively build a model that can identify new malware variants by training local data. With this approach, cloud security providers’ detection capabilities are enhanced across multiple clients, masking sensitive client information like file characteristics and user activity.
• Financial Fraud Detection: Financial institutions train models to detect fraudulent activities in real-time through FL and collaboratively train a model in a federated setting. Using FL for training on the transaction data locally within the institution allows them to combine a single shared fraud detection model that captures the different fraud patterns across institutions without having to expose individual transaction records.

4. FL in Cloud and Edge Computing Security

Two separate concepts in modern IT environments for handling and processing data have emerged lately: cloud computing and edge computing. Cloud computing, which provides centralized data storage and processing in remote data centers, provides high scalability and robust resources; it contrasts with edge computing, which shifts the processing further towards the data source so that responses are faster and bandwidth requirements are smaller. However, in order to decide which approach to use in certain use cases, one has to understand the differences between these paradigms and the advantages that each paradigm has. The key distinction between cloud and edge computing is highlighted in Table 4 [84,111] below.

Table 4. Comparison between cloud computing and edge computing.

Aspect	Cloud Computing	Edge Computing
Definition	Centralized computing that stores and processes data in large, remote data centers	Decentralized computing that processes data close to the data source
Latency	Higher latency due to distance from the data source	Lower latency, as data are processed near the device or data source
Data Processing	Processes data in centralized data centers	Processes data at or near the edge of the network
Scalability	Highly scalable with almost unlimited resources	Limited scalability, depending on local hardware and network capabilities
Bandwidth Requirements	Requires high bandwidth for large data transfers to/from the cloud	Reduces bandwidth needs by processing data locally
Reliability	Dependent on Internet connectivity to the cloud data center	More reliable in environments with intermittent connectivity
Privacy and Security	Relies on centralized security protocols, vulnerable to external breaches	Enhanced privacy by keeping data closer to the source, reducing exposure to external threats
Cost	Potentially higher cost due to bandwidth and centralized infrastructure	Reduces costs by minimizing data sent to the cloud and processing locally
Ideal Use Cases	Data-intensive applications, complex analytics, backup, and storage	Real-time processing, IoT, and applications requiring low latency and a quick response

Figure 6 demonstrates the FL process, where model training occurs across cloud and edge devices, enabling decentralized learning while preserving data privacy.

Figure 6. FL in cloud and edge architecture.

FL improves cloud security by allowing the training of a model on the devices or organizations of multiple participants yet without exposing data to any of the participants. This approach becomes very useful in the cloud environment where data protection is of high concern, for example, in the health sector and in finance [108,112]. Here are some key ways FL enhances cloud security:

• Data privacy through local training: FL allows every client (device or organization) to train the model on their data without sharing the data with the central server. But, this approach sends only the changes in the models or parameters to the central server, which in turn helps to minimize the risk of data leakage of the raw data, which is especially relevant when working with large datasets that contain sensitive personal information.
• Privacy preservation techniques: Several mechanisms are used in the FL to ensure the privacy of the parameters being exchanged between the clients and the cloud server. Techniques like differential privacy, SMC, and homomorphic encryption are applied to enhance security where no single data set can be attributed to an individual, and computations cannot be reversed. For example, secure multi-party computation enables computations on encrypted data and, hence, avoids exposing the data when transmitted.
• Robustness to model inference attacks: Traditional training models that are based on a centralized model are prone to attacks such as model inversion and membership inference attacks where the attacker is able to learn about the training dataset. These risks are minimized by FL since the training is conducted across multiple clients. Thus, techniques such as differential privacy, which involves adding noise to the updates, make it challenging for the attacker to make inferences about individual data.
• Efficiency in secure communication: As for many FL applications in cloud settings, reducing the amount of data exchanged between the clients and the server is essential for both efficiency and security. Through selective parameter sharing and dynamic client participation, FL can decrease the number and size of updates exchanged. This approach reduces the vulnerability points and exit points where data may be captured during transmission.
• Support for honest-but-curious and collusion scenarios: The ‘Honest-But-Curious’ model supposes that servers can obey the protocol and try to learn something from the updates. FL implements this through cryptographic measures that ensure that servers and clients cannot see the raw data or unique inputs even when some of them may be working in unison. For example, double-key ElGamal encryption offers very strong protection, given that only partial model parameters are available for aggregation, thus protecting data from insider threats.
• Dynamic client participation and model integrity: In FL, clients may come and go without affecting the quality of the model at any one time. This provides a great chance to continue model training in a smooth manner without putting the data at risk. Some parameters can only be collected safely and then securely shared across different devices or with limited computational capabilities.

These techniques thus allow FL to provide a secure cloud environment that allows for the sharing of data and model building with minimal loss of privacy and data integrity.

FL is the solution that can improve the security of edge computing, where data are gathered by numerous nodes, including IoT, mobile devices, and other connected devices, by solving privacy and communication issues. FL offers a powerful solution to data privacy, network latency, and security issues typical of centralized data processing models [22,108,109,113].

• Data privacy and confidentiality: This means that FL data can be processed locally on edge devices without the need to transfer raw data to the cloud. This decentralized architecture ensures that data are stored on devices and, therefore, not at risk of being leaked during transfer. The only things that can be shared with a central server are model parameters or gradients, while the user’s data or any other private information remain safely on the user’s device; this is particularly important in industries with strict privacy regulations, such as healthcare or finance.
• Reduced attack surface for edge devices: Due to the high number of connected devices in edge computing environments and the limited computational and security capabilities of these devices, edge environments are often faced with external threats. FL minimizes the surface of the attack as data are only stored locally on edge devices, minimizing the possibility of interception by a third party. Flows of sensitive information to a few servers are restricted in FL; hence, in case of an attack on one edge device, the effect will be minimal since a large number of data will not be compromised.
• Enhanced communication efficiency: While FL does not transfer massive volumes of data from edge devices to central servers, it transfers model updates, which are comparatively very small. This reduction in bandwidth use directly leads to enhanced network efficacy and security, as fewer data packets are exchanged over the network, thus decreasing the probability of interception or leakage of data during transmission.
• Scalability and flexibility in edge networks: FL also allows the dynamic inclusion of multiple edge devices, which can freely join or leave the network without causing any disturbance to the global model. This is especially helpful in edge computing, where the network is not always reliable, and the devices used in the network can also be unpredictable. This capability of FL makes it capable of operating under these conditions and ensuring that the model is trained well, as well as improving data security since the updates of the model are aggregated and validated from several sources, hence making it a stronger defense mechanism against data poisoning attacks.
• Resilience against privacy legislation compliance challenges: The concept of FL is also appropriate for data protection standards such as GDPR because data are never sent by the device that generated them. This is particularly advantageous in a decentralized system since the data owner retains full control of the information and thus can meet the legal requirements for data management. This compliance advantage makes FL especially appropriate for edge computing networks that function across multiple jurisdictions with different legal requirements on data protection.
  Thus, the decentralized approach of FL provides improved security for edge computing systems by avoiding the leakage of data, allowing processing on the edge and being compliant with legal data privacy regulations, which makes it a suitable solution for secure edge computing systems.

5. Challenges in Using Federated Learning and AI for the Cloud

FL and AI are crucial when it comes to improving cloud security by providing the ability to perform analysis on data while keeping them decentralized and highly safeguarded. However, these technologies face several challenges that hinder their effectiveness and the possibility of scaling in the context of the cloud. Some of the major issues are presented as follows [114,115,116,117,118,119]:

• Communication overhead:
  • Issue: FL requires frequent transmission of model parameters between client devices and central servers, hence consuming a large communication bandwidth.
  • Example: Research on FL for IoT-based smart cities was conducted in 2023, and it was established that frequent exchange of model updates between edge devices and cloud servers tremendously affected the bandwidth demand, and this reduced the performance of real-time applications, as seen in traffic prediction [120].
  • Impact: High communication costs can delay the model’s training and will degrade the system’s performance, particularly in bandwidth-limited scenarios.
  • Potential solutions: We can use efficient compression techniques for updates, like quantization or sparsification, and synchronization, which occurs periodically rather than constantly.
• Resource constraints:
  • Issue: FL is mostly based on edge devices, which, most of the time, have low processing capacity, memory, and battery power to undertake complex AI models.
  • Example: Federated soil fertility analysis based on Raspberry Pi devices in edge computing has some delays caused by constraints in memory size (2 GB) and computational resources [121].
  • Impact: Such limitations can slow down the model training process, increase the execution time, and decrease the performance of the federated system.
  • Potential solutions: We can employ low complexity models, dynamic resource provisioning, and shifting computation-intensive tasks to the cloud hosts.
• Data heterogeneity:
  • Issue: Data in federated systems are often partitioned among multiple devices and have non-IID (non-independent and identically distributed) as the data distributional structure.
  • Example: Diagnostics for COVID-19 across hospitals in FL pose challenges since datasets have different characteristics (e.g., patients’ demographics and image resolution) [7].
  • Impact: This non-uniformity leads to the possibility of the generation of biased or suboptimal models for some or all the clients.
  • Potential solutions: We can employ federated optimization algorithms like FedProx and specific kinds of federated learning techniques.
• Privacy and security risks:
  • Issue: Although FL aims to safeguard data privacy, gradient or model updates can indeed disclose sensitive information through manipulation by attack agents, such as gradient inversion.
  • Example: Hijazi et al. [122] reported that FL-based financial fraud detection systems were threatened by adversarial attacks since the compromised participants uploaded the poisoned model updates.
  • Impact: Such vulnerabilities can break the system in terms of confidentiality and trustworthiness.
  • Potential solutions: The techniques of differential privacy, homomorphic encryption, and secure multi-party computation can be used.
• Scalability challenges:
  • Issue: Since FL incorporates a large number of devices, managing updates together with ensuring scalability is a challenging task.
  • Example: A federated learning system for autonomous vehicles encountered scalability issues that were common with federated learning when there were many clients, i.e., more than 1000 participants in this case. Real-time updates became a challenge for the central server [123].
  • Impact: The increasing number of participants implies congestion of the servers, which causes many delays or bottlenecks.
  • Potential solutions: Approaches based on hierarchical aggregation architectures and decentralized FL can be used.
• Lack of standardization:
  • Issue: Specific guidelines regarding the integration of FL in cloud security systems are not recognized globally.
  • Impact: This results in incompatible technologies and frameworks and often makes it hard to integrate between the different technologies.
  • Potential solutions: Standardization of FL implementation protocols and APIs.
• Adversarial attacks:
  • Issue: FL systems are sensitive to different types of attacks, including poisoning attacks, whereby the attackers seek to provide wrong updates to the FL model.
  • Example: In the federated intrusion detection system, the attacker poisoned the model updates and then concealed the malware traffic, compromising the integrity of the system [120].
  • Impact: Such attacks can greatly diminish the model’s performance and decrease its reliability.
  • Potential solutions: Applying strong aggregation approaches, unusual pattern identification, and ensuring the model’s consistency.
• Regulatory and compliance barriers:
  • Issue: Federated systems will have to work within guidelines and rules imposed by GDPR and/or HIPAA or any similar act on data protection.
  • Example: The problem of GDPR compliance emerged in an FL system developed for financial fraud detection; some of the participants’ data were transferred across borders [122].
  • Impact: These legal requirements can pose great challenges to data-sharing practices and system design.
  • Potential solutions: We can adhere to and promote privacy by designing and including compliance checkups.
• Latency sensitivity:
  • Issue: When it comes to cloud security, actions may be required in real-time or near-real-time. This is problematic with FL because of the inherent time required for model training.
  • Example: Federated cybersecurity systems involving real-time threat detection became incapable of responding quickly enough to cloud updates due to network latency [124].
  • Impact: Late identification of threats poses a challenge to the security of the system.
  • Potential solutions: We can employ real-time federated systems and model caching in order to obtain fast predictions.
• Cost management:
  • Issue: FL and AI system deployment and management in a cloud security environment are capital-intensive and require considerable funding.
  • Impact: These technologies have high costs, so they can act as a barrier to the adoption of such technologies by organizations.
  • Potential solutions: We can develop affordable solutions to deployment costs through cost-sharing models and open-source tools.

6. Related Work

The authors in [22] provided an SLR of FL in edge computing based on the possibility of its application to improve data privacy and security while considering the training of models in a decentralized manner. They identified some important factors, such as the variability of devices, lack of computational power, and the importance of communication protocols. Therefore, they set the goal and focus of their work to assess the possibilities of FL in constrained environments. The main application domain described in the paper is the IoT, which consists of devices with different capabilities and are known for their stringent privacy constraints. To this end, the authors used a qualitative research strategy to synthesize and review the literature and case evidence to establish the impact of FL in practice. They backed their results with performance metrics of the model’s accuracy, communication effectiveness, and data protection. The research findings show that FL has the potential to provide better privacy and scalability than traditional methods, but drawbacks include high computational costs, high communication costs, and susceptibility to security threats. The tools and datasets described in the paper encompass a number of machine learning libraries and synthetic datasets mimicking IoT settings. However, the solutions presented may not fully address the particular issues arising in real-world applications of FL, including the fact that IoT devices are inherently dynamic and unpredictable, which affects the data and model output. Lastly, although some proposals focus on centralizing coordination, doing so may cause a potential bottleneck or a single point of failure within FL. Therefore, although the literature surveyed here has informative findings, it may not capture all the issues and the emerging challenges that may be associated with the implementation of FL in various and dynamic IoT settings.

Bao et al. [108] performed an in-depth survey of FL and its inclusion within cloud-edge collaborative architectures. Critical issues regarding data privacy, resource constraints, and the dynamicity of network topologies were addressed in order to explore the objectives and correct scope of FL in environments where data originate from the edges. They focused on the applications in the Internet of vehicles (IoV) and other collaborative learning scenarios in which privacy and efficiency are crucial.

The authors use a qualitative methodology to evaluate the efficacy of FL in these contexts, integrating existing literature and case studies in order to determine the difficulties with potential solutions to the problem. For example, they used performance metrics, including accuracy, efficiency, and privacy preservation, to back their findings of how FL can assist in collaborative learning and mitigating privacy risk. The key findings of this work indicate that FL can provide substantial benefits in terms of user data protection and model accuracy but also that it suffers from some important limitations, such as vulnerability to data leakage and implementation complexity.

In addition, they explored the shortcomings of current solutions and indicated that most proposals do not sufficiently account for dynamic network environments or tightly coupled privacy requirements. For example, existing learning models based on traditional, centralized paradigms cannot sufficiently protect user data, and existing FL methods may not ideally scale to real-time applications. As such, the authors contend that although existing methods form foundations, those foundations need to be further improved and innovated to provide effective solutions to the distinctive challenges that arise in the cloud-edge collaborative architectures set in the context of FL.

The study [109] presented PL-FedIPEC, an FL framework that deploys an improved Paillier homomorphic encryption algorithm to improve privacy while curtailing latency in edge computing environments. In relation to other fields, the study tackles two crucial issues around data privacy and security in FL, especially when working over sensitive application domains, such as healthcare and finance. Moreover, the methodology includes a theoretical analysis, and it is evaluated over the MNIST dataset by extensive experiments on performance metrics, such as training accuracy, latency, and computation time. The key findings of the study showed that PL–FedIPEC attains comparable accuracies as FedAVG but dramatically lower latency. However, encryption increases computation time, and there is a chance that parameters are leaked during updates. The tools used include the gmpy2 Python extension for efficient encryption handling. However, the proposed solutions trade-off privacy for computational overhead and make the assumption on edge node behavior, thereby limiting them for usage in all sorts of scenarios.

Makkar et al. [125] looked at how FL and edge computing can help enhance the privacy and security aspects of AI-based spam detection systems. The authors then presented an FL model, FedLearnSP, in which data are processed, and the model is trained where the data are generated and owned to maintain user information privacy. FedLearnSP leverages CNNs implemented on end devices to undertake the analysis of data, with the model training disassociated across the devices. Collectively, results derived from local models were deployed to evaluate performance measures in relation to spam detection accuracy, time response, and computational complexity depending on the data distribution and communication capacity in the application domain. In this research, FL approaches utilized on edge devices were expected to optimally identify image spam, especially in consumer domains where data privacy is more crucial. The methodology responds to difficulties involved in model training in decentralized networks as well as imbalances of data, communication, cost, and scalability and proves the viability of FL applied to spam detection under genuine environmental conditions. One major drawback of the approach is that it heavily relies on the devices and network, as FL is realized by local computational processes and dependable connections. Further, the system may struggle to maintain the high accuracy of data on different devices, offering low interoperability or heterogeneity along with unbalanced data distribution.

Fang et al. [112] describe an FL approach in the context of cloud computing, focused on high efficiency and privacy. Their proposed system is called HFWP, which consists of lightweight double-key ElGamal encryption to provide privacy against model inversion attacks while maintaining efficiency. HFWP overcomes previous approaches, which either involve high computational complexity or the use of differential privacy, and also allows for selective parameter sharing, minimizes communication cost, and guarantees model performance. The analysis carried out for this paper on MNIST and UCI datasets proves that the learning rate of HFWP increases in less time and lowers communication costs compared to other methods. Thus, it is more suitable for privacy-constrained federated applications. One major concern is the reliance on the double-key encrypted protocol, while otherwise, it is a relatively lightweight method and can be again impractical for small and energy-limited devices. Further, it indicates that the model might feature differences in highly heterogeneously generated data scenarios, which can affect the speed and efficiency of its convergence.

Rajendran et al. [126] introduce a federated learning approach applied to different medical centers that aim to resolve privacy issues in most machine learning applications in the healthcare sphere. Cloud security for data management is provided through Microsoft Azure and GitHub. The research proposes a training testing scheme using both single-weight and cyclical-weight training methods. More specifically, the authors observed that cyclical weight models have better performance. Thus, federated learning helps to increase data and model quality without violating patient privacy. This study provides a significant contribution to the healthcare sector by demonstrating the ability of FL to be implemented on a large scale. However, the presented study has several weaknesses, such as the usage of relatively simple machine learning models, which may be a problem considering more complicated tasks. Additionally, the federated approach did not improve the logistic regression models’ efficiency, which may imply a drawback in terms of the system’s applicability to other architectures.

Zhou et al. [127] introduce a federated learning-enabled edge-cloud architecture to enhance the quality of service (QoS) of AIoT devices in smart transportation systems. This approach solves problems inherent in the concept of cloud computing, including high latency and limited bandwidth, by partitioning computations between edge devices and cloud servers. The architecture leverages federated learning to enable data privacy while improving real-time decision-making at the edge. The authors use two datasets, MNIST and FashionMNIST, to assess the architecture in an edge-cloud setting with simulated edge controllers implemented through virtual machines and a cloud server on Amazon EC2. Compared with the existing centralized models, the model performs a better solution and is more scalable to become a good solution for privacy-preserving and QoS-enhanced edge-cloud applications. However, it seems that the architecture still heavily depends on the connection speed between devices at the edge and cloud-based servers and may degrade at low connection speeds. Furthermore, model performance may depend on the form of data used; thus, adjustments to heterogeneity data may be necessary.

Duan et al. [128] explored the integration of FL and edge computing to improve data privacy, reduce latency, and increase resource utilization for 6G networks. This shows that FL can be a way to collaboratively train a model with data localized to solve privacy issues. The paper looks at a number of challenges, such as scalability in heterogeneous environments, the requirement of robust privacy and security mechanisms, and how non-IID data affect model performance. It further points out the gaps in current research, such as the trade-off between privacy preservation and model accuracy and the need for dynamic adaptability and client engagement in the FL system. Future research directions are proposed by the authors to develop adaptive algorithms, continuous learning approaches, and holistic integration frameworks to optimize FL in edge computing environments. In summary, the paper presents an in-depth review of the status quo and future outlooks of FL integrated with edge computing in the ever-changing 6G network environment.

Nguyen et al. [129] presented a comprehensive exploration of the integration of FL and blockchain technology, FLchain, in the edge computing scenario. The potential to improve data privacy, security, and efficiency in distributed environments, particularly for IoT applications, is demonstrated by this novel architecture. The work provides an overview of FL and blockchain fundamentals, key contributions, technical challenges (communication cost and security vulnerabilities), and opportunities in areas such as data sharing and content caching. Finally, the paper covers unique research challenges such as scalability, economic factors, and latency requirements and proposes mitigation mechanisms such as improved resource management and user participation. The results show that FLchain can achieve high training accuracy and low latency, which make it feasible to be deployed in various edge computing scenarios.

Qi et al. [130] discussed the integration of FL with edge computing as a way to improve privacy-preserving AI by processing data closer to its source. FL is described, and its advantages are outlined, e.g., it allows data owners to train models without transferring raw data to centralized servers, thereby reducing privacy risks. In addition, the paper discusses the challenges of deploying these technologies at scale, which include high communication costs, the complexity of integrating multiple privacy-preserving techniques, and compliance with global data protection regulations such as GDPR. Additionally, it presents solutions, including hierarchical federated learning (HFL), to enhance resource utilization and reduce node failure and emphasizes the need to develop efficient privacy protection methods to balance privacy and operational efficiency in various applications, e.g., healthcare, finance, and smart manufacturing.

Ye et al. [131] presented a novel approach to FL that deals with the computational challenges of mobile devices during model training. With this EdgeFed framework, the local model update process is separated between mobile devices and edge servers, where mobile devices are devoted to training low layers of the model and offloading heavy computation to the edge server. The division of labor in this work not only reduces the computational burden on mobile devices but also minimizes global communication frequency, hence resulting in lower communication costs. Empirical experiments from the authors show that EdgeFed is superior to traditional methods (FedAvg) in different bandwidth scenarios, indicating its efficiency and effectiveness in resource usage optimization while maintaining model accuracy. In general, the study shows the possibility of combining edge computing with FL to improve performance in mobile environments.

Tursunboev et al. [132] presented a novel hierarchical FL algorithm to improve the performance of unmanned aerial vehicle (UAV) networks. The proposed method utilizes edge servers as intermediate aggregators to address data heterogeneity and privacy concerns and achieves faster convergence rates than classical FL algorithms. The authors show that in real-world scenarios with non-independent and identically distributed (non-IID) data, the algorithm is robust. The paper shows that its performance is superior to baseline FL approaches, though it also recognizes the need for more real-world evaluation and the resolution of potential scalability and security issues. In general, the research makes a significant contribution to edge computing and FL in the context of UAV applications.

Nguyen et al. [6] presented FedGAN, a novel approach to improve COVID-19 detection while preserving the privacy of data. The authors point out the difficulties of working with limited and imbalanced datasets from single institutions, which can make accurate detection difficult. In order to solve this, they suggest a framework of FL that enables several medical institutions to collaborate without exchanging sensitive data. The framework integrates generative adversarial networks (GANs) to produce realistic synthetic images that improve the training process. It also makes use of differential privacy techniques and a blockchain-based solution to secure the data and decrease latency in processing. This work shows a promising method for effective and privacy-preserving COVID-19 detection.

Wu et al. [133] presented a new approach to training large-scale AI architectures in the end-edge-cloud collaboration (EECC) system called agglomerative federated learning (FedAgg). It addresses various issues with the current FL that limit the scalability of models to the weakest devices. FedAgg uses the bridge sample-based online distillation protocol (BSBODP) to perform model-agnostic training across tiers that include end devices, edge servers, and cloud servers under its control. Experiment results show a relative improvement of 4.53%, in addition to the improvement in the speed of convergence compared to the existing protocols. Even though FedAgg is capable of handling dynamic node migration, its performance under extreme levels of network instability is still unknown.

Liu et al. [134] proposed a new FL system with three layers of clients, edge servers, and cloud servers to utilize their strengths. A hierarchical federated averaging (HierFAVG) algorithm was utilized to allow for partial model aggregation on intermediate edge servers. This hierarchy structure helps in cutting down on training time and energy demands while at the same time enhancing communication–computation rate balances. The drawback of this paper is that the system performance heavily depends on the non-IID data distributions; hence, the parameters must be tuned properly.

Qayyum et al. [135] proposed a clustered federated learning (CFL) framework for multi-modal COVID-19 diagnosis at the edge with X-ray and ultrasound images. The CFL model enables collaborative training in a network without having to exchange local data, as it maintains the privacy of each participating node and helps to overcome problems associated with data variation as well as possible constraints on the resources. CFL is compared with other specialized FL models and standard FL on multi-modal data. This proceeds to enhance remarkable performance for F1 scores compared to conventional approaches.

Abreha et al. [113] provided a comprehensive review of the combination of FL with edge computing. FL is a decentralized machine learning solution in which models are trained in cooperation across devices and without sending original data, which helps to maintain privacy and avoid high communication expenses. This paper aims to give an overview of FL’s design, issues, use cases, and edge computing as an enabler. It also looks at existing frameworks and protocols, as well as the requisite hardware at present. Furthermore, it highlights the effects of hardware constraints on FL’s deployment in EC environments.

Zhao [136] discusses federated learning techniques as a promising solution to maintain data privacy while performing AI computations in clouds. This study recall techniques such as secure aggregation, homomorphic encryption, and differential privacy; the issues it considers are the communication overhead, the heterogeneity of the devices involved, and adversarial issues. The future directions studied are federated reinforcement learning (FRL) and transfer learning. In addition, it reveals a way in which FL can support the democratization of AI while at the same time addressing issues of ethical and regulatory consideration in data-driven innovations.

Ullauri et al. [137] proposed KubeFlower, a novel framework for FL in cloud-edge environments based on Kubernetes. It improves FL system administration by integrating automated FL lifecycle management with privacy-personalized characteristics, such as isolation-by-design and differentially private data consumption, to preserve the differential privacy of data. These innovations overcome most privacy threats that Kubernetes faces, including flat-networking threats, and guarantee efficiency in deployment and the ability to operate at scale.

Su et al. [138] proposed a novel and secure federated learning-based AIoT for smart grids with the help of edge-cloud architecture. It proposes a novel solution to facilitate privacy-preserving data sharing between energy service providers (ESPs) and among energy data owners (EDOs) while dealing with issues like non-IID data, latency for communication, and the presence of the free-rider problem. To encourage the sharing of high-quality data, the study uses a two-layer deep reinforcement learning (DRL)-based incentive mechanism in the system. The efficiency of the proposed framework was tested based on the Python implementation of tasks, such as load forecasting. The contribution of this paper is that it showed how FL for scenarios with non-IID data can improve privacy preservation and produce better results. The first limitation of the proposed solution is that it may not scale well for very large networks or different and diverse IoT systems. Similarly, a lack of a broader discussion of other forms of privacy assurance, like differential privacy or the use of blockchain, may be another limitation of this work.

Falade et al. [139] proposed an integrated, efficient security and privacy solution for a multi-cloud environment. It integrated a multi-level federated learning (MLFL) and lightweight deep learning-assisted homomorphic encryption (HE), which improved security and also optimized computation. Further, it also used three-factor authentication mechanisms, which are user IDs, biometrics, and hidden image credentials. It comprises three-factor authentication, effective data aggregation, and optimistic HE operations in response to some challenges, such as malicious traffic, privacy threats, and model poisoning. HER-LResNet-EVO reduces computational needs and balances noise for secure local model computation. Lightweight factorized pyramidal networks (LFPN) safely aggregate global and supermodels, handling model poisoning threats. The applicability of the framework in a highly heterogeneous and large-scale cloud environment is still unknown. Further, there is little information on how to cope with rapidly changing data or network conditions.

Bhansali et al. [140] proposed a framework for secure data storage and secure access control policy for the healthcare system that incorporates federated learning and cloud computing. To provide fine-grained data access control, data confidentiality, and secure data sharing of medical information in a cloud context, this paper also presents a new hash-based ciphertext policy attribute-based encryption with signatures (hCP-ABES) scheme. Java was used to assess model performance on encryption and decryption compared with other methods. Additionally, the scalability and applicability of the proposed approach in larger, more diverse cloud environments have not been tested. Also, it is seen that while achieving high availability, hashing and signature generation could pose some performance overheads for environments with limited resources.

Zhang et al. [141] introduced the LSFL model, which is a federated learning approach for edge computing environments, mitigating the challenges related to computational expenses, data privacy, and Byzantine failures. The approach consists of a lightweight two-server secure aggregation protocol to allow efficient model updates while preserving data privacy and preventing Byzantine failures and attacks. LSFL results are at the same level of accuracy as FedAvg without incurring additional computation and communication overhead on the edge nodes. Relying on the thought that most DPs are honest can hinder situations with larger proportions of Byzantine participants.

Wang et al. [142] proposed a secure and verifiable FL framework to mitigate privacy threats and integrity issues in semi-malicious cloud environments. It employs threshold multi-key homomorphic encryption for privacy preservation and a one-way function for accurate cross-site verification of the aggregation outcomes to prevent the leakage of user data and tackle the problem of user dropouts during the training phase. It guards against collusion attacks in instances where the cloud server is working hand in hand with a subset of users. The results of the experiment depict that the model offers a 98% accuracy level, data privacy, and optimum computation. It uses a trusted third party as a means of distribution of the key. The compromise of this entity can potentially have consequent systematic risks.

Lin et al. [143] presented a new FL framework to protect gradient information privacy and the authenticity of aggregated outcomes. PPVerifier uses Paillier homomorphic encryption, random number generation, and an additive secret-sharing scheme that makes the system defensible against privacy violations and collusion attacks. It also has a discrete logarithm-based verification scheme to check result correctness and identify lazy aggregation servers. The framework supposes that the participants stay online, and that is why it does not suit the conditions where participants can drop out of the process. Furthermore, it depends on some particular edge nodes for managing the keys, a situation that may lead to system failures in the absence of the nodes.

Jiang et al. [144] presented a new approach called customized FL (CuFL) that seeks to enhance the efficiency of FL in edge computing environments. CuFL copes with the challenge of different accuracy requirements for the tasks assigned to heterogeneous end devices. It proposes an adaptive learning rate that allows devices to quickly achieve their accuracy targets with minimal training time. Furthermore, the paper presents a fair global aggregation method that guarantees all devices make equal contributions to the learning process. In general, CuFL fosters collaboration among devices, lowers communication delays, and improves resource usage, which represents a great leap forward in the field of edge intelligence.

Qu et al. [145] presented a new simulation platform, ChainFL, that combines FL and blockchain technologies. The purpose of this platform is to enhance the efficiency of edge computing by enabling better task-offloading decisions among Internet of things (IoT) devices. ChainFL is lightweight, supports different device architectures, and is a convenient way to customize your blockchain algorithms. The security and reliability of FL in industrial IoT settings are enhanced. The authors point out that the platform can simulate complex environments and evaluate the performance of different models, thus serving as a useful tool for researchers and practitioners in the area.

Another study presented a new approach to privacy-preserving FL (PPFL), which is targeted at protecting user privacy while exploiting edge devices for model training. To achieve efficient encryption of local model updates while ensuring sensitive data remains confidential, the authors proposed an efficient VPFL scheme by combining the Paillier homomorphic cryptosystem with a distributed selective stochastic gradient descent (DSSGD) method. Furthermore, the scheme includes a lightweight online/offline signature mechanism for the integrity verification of the transmitted gradients. They demonstrate that VPFL has low communication costs and high training accuracy, and is therefore applicable to resource-constrained environments such as the Internet of things (IoT). This work takes on key challenges in privacy and efficiency in PPFL and opens the door to more secure applications in edge computing.

Kasula et al. [146] presented an innovative approach to improving the security of cloud computing. The study also illustrates the advantages of an AI-driven framework that uses machine learning and deep learning techniques to identify and react to cyber threats in real-time. The framework is able to detect malware with high accuracy rates, as well as classify network traffic with high accuracy, and thus constitutes a reliable solution for the identification of potential breaches. The authors note, however, that there are some limitations, including the requirement for real-world testing and scalability issues in various cloud environments. To strengthen the system further, they suggest improvements such as using synthetic data for training and incorporating user behavior analysis. In general, this research provides useful knowledge for how to devise dynamic and effective security measures for cloud environments.

Yazdinejad et al. [147] constructed a new FL framework with native privacy protection for model poisoning attack prevention. The proposed model uses AHE for gradient encryption protection alongside GMM and MD internal auditing to monitor and prevent harmful updates during FL processes. Unlike regular systems, this method operates securely with encrypted gradients because it reduces both the security overhead and processing load. The proposed system surpasses FHE and two-trapdoor homomorphic encryption (THE) standards through superior accuracy with lower operational costs and strong protection against adversarial attacks, which work for IID and non-IID security environments.

Namakshenas et al. [148] developed a new FL framework that unites quantum authentication with additive homomorphic encryption to strengthen security and privacy for CIoT systems. Security challenges related to FL-based threat detection are resolved through the proposed solution, which ensures both client authentication and model protection. The system incorporates quantum key distribution (QKD) together with a quantum conference key agreement (QCKA) to authenticate clients in the FL network while blocking unapproved participants from accessing it. Service updates are secured with AHE-based encryption to stop adversaries from conducting inference attacks. The experimental data analysis on N-BaIoT alongside edge-IIoTset datasets reveals a high-level detection accuracy of 94.93% and 91.93%, which showcases how well the model defends against security threats. The framework requires further improvement to address excessive computation needs and needs expansion across extensive networks in addition to dealing with changing adversary attack methods. The article recommends performing cryptographic operation optimization, implementing adaptive security protocols, and conducting additional tests on the system’s real-world scalability.

Yazdinejad et al. [149] propose a new federated learning framework called Block Hunter, which detects cyber anomalies in industrial blockchain networks. The system builds its foundation on both cluster-based architecture and multiple machine learning algorithms, which creates effective and private anomaly detection functionality. Proof shows Block Hunter achieves superior results over central detection systems via three measurement criteria, including accurate identification, minimal bandwidth usage, and scalable performance for smart factory needs. The implementation of Block Hunter has been hindered by excessive computation requirements and attackers who adapt their methods and by scalability issues that emerge when deploying it across extensive IIoT networks. The proposed solutions for handling these issues in the study include optimal FL aggregation methods alongside adaptive anomaly detection models and increased testing on extensive IIoT network frameworks.

Table 5 presents a comparative overview of existing studies, highlighting their key contributions and identified limitations.

Table 5. Existing work in this field.

Reference	Key Findings	Limitations/Research Gaps	Suggested Mitigation
[22]	Data privacy Scalability Local model training Decentralized architecture Application in IoT Collaboration among devices	Heterogeneous Devices Computational Complexity Limited Resources Communication Overhead Data Security Concerns Data Partitioning Challenges	Secure Multi-Party Computation Efficient Communication Protocols Resource Management Strategies Peer-to-Peer Learning Blockchain for Decentralization Improved Data Sharing Mechanisms
[108]	Increasing demand for privacy FL enhances privacy Collaborative learning among vehicles Effective detection of cyber attacks Improved accuracy in intrusion detection systems Exploiting unintended feature leakage Edge servers enhance computing capabilities	Risk of privacy leakage in centralized data processing Resource constraints in edge devices Dynamic network topology challenges Central server unaware of client details Complexity in managing federated systems Vulnerability to malicious clients Limited bandwidth in some scenarios	Implement Differential Privacy to safeguard training data Use selective model aggregation to improve accuracy and efficiency Apply FL to achieve collaborative learning while protecting privacy Utilize FL techniques to maintain client data privacy Develop personalization methods to cater to specific client needs Implement gradient pruning to mitigate data leakage risks Optimize communication protocols between edge devices and servers
[109]	Improved Paillier algorithm Same accuracy as FedAVG Effective privacy preservation Secure against adversarial attacks Lower latency than original Paillier	Increased computation time Larger latency Honest-but-curious edge nodes Key generation time Potential data leakage during updates	Enhanced Paillier encryption scheme Optimize communication protocols Homomorphic operations Use of gmpy2 for efficient processing Encrypted parameter transmission
[125]	Detect image spam efficiently User privacy remains protected Highly scalable system in decentralized environments. Effectively controls communication Effectively computes complexity on devices.	Dependent on the local device power Dependent on stable network conditions Challenges in handling unbalanced data across the devices	Use smaller data patches Use asynchronous communication to drive down the internal load Use data compression techniques to overcome the problem of bandwidth limitations
[112]	High model accuracy Less execution time Low communication cost High privacy Active client participation	Resource-consuming encryption Performance challenges Slower convergence	Pallier encryption technique and other alternative cryptographic methods Secure multiparty computation with differential privacy technique
[126]	Cyclical-weight models Boosted performance Increased data variation Increased privacy by FL	Model limitation Limitation on the generalizability Effectiveness of logistic regression	Complex models Advanced training methods Variability in the architectures of the model
[127]	High efficiency Improved scalability Real-time decision-making Ensuring data privacy Enhanced QoS	Network dependency Impacts on performance Heterogeneous data challenges	Communication protocol optimization Adaptive training methods
[128]	FL, edge computing, privacy Model accuracy, data privacy Privacy mechanisms Dynamic adaptability Client selection Resource utilization	Scalability IID assumption Trade-offs Model updates Client behavior Integration	Adaptive algorithms Enhanced FL algorithms Balance privacy, performance Continuous learning Enhance engagement Holistic frameworks
[129]	FL, blockchain, edge computing Privacy, security in data sharing FLchain architecture Global model training Privacy techniques Blockchain vulnerabilities	Framework comprehensiveness Attack detection mechanisms Scalability issues Computational costs User participation Robust security protocols	Unified frameworks Enhanced threat management Scalability techniques Resource optimization User engagement incentives Advanced security measures
[133]	A new approach called agglomerative federated learning (FedAgg) Relative improvement of 4.53% Improvement in the speed of convergence Performance boost Scalable learning Preserving privacy	Dynamic changes Resource constraints Limited datasets Limited real-world scenarios Limited cryptographic techniques	Expand dataset use Hybrid privacy mechanisms Testing under varying dynamic conditions Testing under resource constraints
[134]	A novel three-layer FL system Improved training efficiency Better communication–computational trade-offs Enhanced accuracy	Dynamic adaptation Non-IID data challenges Communication costs Heterogeneous resources Scalability Data privacy	Suggested mitigations: Dynamic scheduling Resource-aware algorithms Enhanced privacy mechanisms
[135]	Clustered federated learning (CFL) framework Performance enhancement Privacy-preserving approach Resource efficiency Evaluation of heterogeneous data	Resource and data heterogeneity Performance trade-offs Scalability issues	Personalized models Adversarial defenses Asynchronous approaches to exploration Dynamic resource allocation
[113]	Enhanced privacy Improved efficiency Better model quality	Scalability Dynamic adaptation Heterogeneous data handling Security and privacy issues	Adaptive aggregation Robust privacy techniques Scalable architectures
[136]	Privacy-focused FL frameworks Hybrid architectures Future-oriented exploration Secure aggregation Differential privacy Scalable AI	Communication overhead Adversarial risks Device heterogeneity Security vulnerabilities Scalability challenges	Efficient compression Advanced encryption Adaptive federated models
[137]	Privacy-preserving framework Enhanced deployment automation Benchmarking against standards Real-World testing Improved automation Better scalability	Longer deployment time Resource utilization challenges Privacy trade-offs Scalability	Parallelized preprocessing Resource-aware placement Enhanced privacy mechanisms
[130]	Edge intelligence, AI, edge computing Resource utilization, node failures Decentralized architecture, local data FL, data locality	Communication bottleneck User experience impact Privacy risks, parameter exchange Privacy vs. efficiency	Hierarchical FL Model user QoE, system cost Privacy protection schemes Efficient privacy methods
[131]	Decentralized training, privacy FedAvg model, local aggregation Edge computing benefits Task offloading Empirical performance	Computational efficiency High costs, communication Limited architectures Bandwidth variability Need for extensive testing	Optimize local training Implement EdgeFed Explore frameworks Adaptive algorithms Real-world experiments
[132]	Hierarchical FL; improved convergence Edge servers as aggregators Superior performance vs. baselines Privacy concerns addressed	Data heterogeneity; resource constraints Scalability; communication overhead Limited real-world testing Security vulnerabilities	Adaptive strategies; data sharing Scalable methods; optimized protocols Field experiments Advanced encryption
[6]	FedGAN effectiveness Privacy enhancement Institutional collaboration Realistic synthetic images Low-latency performance	Imbalanced datasets Privacy concerns Limited exploration Secure analytics need Mining latency	Data augmentation Differential privacy Blockchain framework Novel mining mechanism
[138]	Enhanced accuracy of the model Incentive optimization Increased participation incentives Reduced task delays	Scalability issues Incorporating more robust privacy-preserving mechanisms Addressing real-time adaptive learning for dynamic smart grid conditions	Adoption of blockchain-based reliability frameworks Integration of differential privacy mechanisms for gradient perturbations Expansion into heterogeneous IoT device environments
[139]	Improved model accuracy Reduced malicious traffic Enhanced authentication Optimized noise budget Faster encryption operations	Scalability constraints Hardware dependence Real-time dynamics	Blockchain-based distributed authentication for enhanced scalability Differential privacy mechanisms to complement homomorphic encryption Dynamic client-selection algorithms to handle real-time network changes
[140]	Minimized encryption and decryption times Improved data confidentiality and access control Increased resistance to unauthorized access and data breaches	Scalability issues Algorithm complexity Limited real-time adaptability	Blockchain technology for enhanced security and traceability Lightweight cryptographic algorithms to optimize computational efficiency Adaptive policy mechanisms for dynamic data sharing and access
[141]	Enhanced Byzantine robustness Reduced computational overhead High model accuracy Efficient privacy preservation	Scalability issues Heterogeneous models Advanced attacks	Improving Byzantine robustness by extending the algorithms to accommodate as many Byzantine entities as possible Assess LSFL functionality on real-world networks and various edge devices Addressing computational and data sharing heterogeneity by designing a mechanism to accommodate dissimilarities among participants
[142]	Improved security and accuracy User dropout support Collusion resistance Verifiability	Scalability issues Dependence on a trusted authority The computational burden for encryption and verification	Decentralized trust models in which the party’s role is replaced by distributed ledger technologies or peer-to-peer networks are evaluated The scalable implementations may require improvements in the encryption and verification for additional data points across different ecosystems Enhanced threat modeling level by extending the analysis to address adversarial ML and other more complex threat vectors
[143]	Privacy-enhanced gradient protection Collusion resistance Efficient verification Detection of lazy aggregation servers High accuracy	Real-world adaptability issues Single-point edge node failure	Dynamic mechanisms that recover participants who may have dropped out halfway through the process Decentralizes edge node functions as a way of sharing the risk of failure Enhances the mode of encryption to work effectively for large data sets or increased participation
[144]	Customized FL (CuFL) improves accuracy and fairness Adaptive learning rate for heterogeneous tasks Efficient global aggregation strategy Reduces communication latency Enhances collaboration among diverse end-devices	Non-IID data preprocessing issues Underutilization of MEC server capabilities Lack of comprehensive evaluation across scenarios Limited exploration of task heterogeneity Resource constraints of end-devices	Data preprocessing techniques Task allocation strategies Broader evaluation frameworks Investigate task-specific models Resource optimization techniques
[145]	Strong compatibility across different architectures Lightweight and easily extendable toolkit Optimized for blockchain and FL Customizable consensus and mining algorithms Enhanced security and reliability in IIoTs	Early construction impacts on new models Limited existing task offloading models Need for practical deployment scenarios Compatibility with specific blockchain algorithms Lack of extensive experimental validation	Continuous updates and enhancements Develop more diverse task models Conduct real-world case studies Extensive performance evaluations
[150]	Privacy-preserving FL scheme (VPFL) Combines Paillier cryptosystem and DSSGD Low computation cost and communication overhead Maintains high accuracy in training Effective integrity verification using online/offline signatures	High communication delay Resource constraints of mobile devices Data authentication and verification challenges Need for more complex neural networks Limited scalability in large IoT systems	Lightweight PPDA approach Offloading complex operations Enhanced cryptographic methods Future exploration of PPFL Scalable architecture design
[146]	AI framework, data protection Malware detection accuracy Real-time detection ML and DL integration Encryption, access control	Real-world testing Scalability concerns Large dataset dependency Adversarial attack risk Evaluation metrics	Pilot programs Adaptable models Synthetic data Behavior analysis integration
[147]	Privacy-preserving FL Robust defense mechanism Anomaly detection Experimental validation	Computational overhead Scalability concerns Adaptive attack strategies	Efficient privacy techniques Scalable defense approaches Adaptive security mechanisms
[148]	Quantum-based authentication Privacy-preserving threat detection Federated learning for CIoT security High detection accuracy Robust against malicious clients	Computational overhead Scalability issues Adaptability to advanced attacks Deployment complexity	Efficient cryptographic optimization Scalability enhancements Adaptive security measures Hybrid quantum–classical solutions
[149]	Federated threat hunting Privacy-preserving anomaly detection Cluster-based architecture High detection accuracy Smart factory security	Computational overhead Scalability concerns Vulnerability to advanced attacks Blockchain forking issues	Optimized FL aggregation Adaptive anomaly detection Scalability enhancements Blockchain resilience measures

7. Discussion

This section discusses the gaps mentioned in the above section along with proposed research directions and some innovative proposals.

7.1. Gaps in Current Research

Although there has been notable progress regarding the use of FL and AI in cloud security, there are some gaps still not closed:

• Limited scalability: Concerns are staying in existing implementations by compromising cross-device federations of millions of IoT devices, with high communication overhead and non-equivalent model updates [128].
• Privacy-preserving mechanisms: The currently existing differential privacy and homomorphic encryption methods are relatively efficient, though their implementation can be problematic in terms of computation in restrictive environments [136].
• Dynamic changes: Actual cloud architectures are unstable as data distributions, nodes, and network conditions are changing in the real world. These changes affect FL systems in terms of their effectiveness and reliability, thus making it difficult to achieve constant model accuracy and real-time responses [133].
• Resource constraints: Several FL deployments are limited by the restricted computational resources and storage in edge and IoT devices [134].
• Security vulnerabilities: FL is still vulnerable to adversarial risks such as poisoning attacks as well as gradient inversion attacks that threaten the confidentiality and integrity of collaborative learning systems [108].
• Real-world implementation challenges: Several challenges are reported, such as non-IID data distribution across the various nodes, the effect on models’ efficiency, and delays in real-time applications. In addition, there are some issues and emerging challenges that may be associated with the implementation of FL in various and dynamic IoT settings [22].

7.2. Actionable Insights

• FL can help to minimize the latency problem in security-sensitive zones if adequately implemented in fog computing platforms.
• AI-based approaches for proactive threat analysis demonstrate the possibility of lowering breach rates compared to existing approaches based on predictive models.
• The FL systems enhanced by blockchain show potential use cases in the healthcare and finance sectors, including maintaining the record’s originality and adherence to different guidelines.

7.3. Innovative Proposals

• Neuromorphic computing for FL: Studying the application of neuromorphic computing into the FL may enhance the detection of anomalies in real-time and with low latency and energy consumption.
• Quantum-enhanced privacy: The application of quantum encryption to ensure privacy enhancement in federated learning to industries that need secure data privacy.
• FL in smart manufacturing: Considering the use of FL for detecting anomalies in autonomous guided vehicles (AGVs) under the context of IIoT, the performance in terms of operational safety and reliability could be enhanced.

8. Future Directions

After reviewing the studies on FL and AI in cloud and edge security, it is evident that these technologies offer substantial potential for enhancing privacy preservation, scalability, and collaborative intelligence. However, several challenges remain, particularly in addressing dynamic data environments, ensuring robust security, and optimizing computational efficiency. Future research should focus on bridging these gaps by advancing the integration of FL and AI for more effective and adaptive solutions. Potential directions include the following.

8.1. Enhancing Privacy and Efficiency

Future research can focus on addressing the trade-off between computational efficiency and privacy in FL systems. Several studies [112,129,131] have pointed out that existing encryption techniques impose high computational costs, limiting real-time deployment. To mitigate this, lightweight encryption schemes, such as adaptations of Paillier homomorphic encryption and double-key ElGamal encryption [112], should be explored.

Similarly, heterogeneous network environments, such as 6G and IoT, demand scalable FL solutions. Research suggests that HFL models can offer improved efficiency [130,132,134], but their real-world performance across diverse devices and networks remains underexplored.

• Developing lightweight encryption techniques to reduce computational overhead, inspired by approaches like the Paillier homomorphic encryption algorithm and double-key ElGamal encryption. These methods can address the trade-offs between privacy and computational efficiency in edge computing environments.
• Exploring the integration of HFL models to improve scalability and efficiency in heterogeneous network environments, as seen in 6G and IoT applications.

8.2. Advancing Model Adaptability

Handling non-IID data and dynamic network conditions remains a key challenge in FL [128,134,138,144,147]. Studies on UAV networks and collaborative cloud-edge FL [132] suggest that adaptive learning algorithms can significantly improve model performance in distributed environments. Future work should explore techniques such as dynamic weight adaptation and real-time aggregation strategies to enhance FL’s adaptability.

Additionally, FRL is an emerging research area that could improve FL models in dynamic settings. Ref. [136] demonstrated its potential in resource-constrained environments, but further investigations into AI-driven optimization methods for FRL are required.

• Implementing adaptive algorithms for handling non-IID data distributions and dynamic network conditions, as emphasized in studies like those focusing on UAV networks and collaborative cloud-edge systems.
• Investigating federated reinforcement learning techniques to enhance model training in dynamic and resource-constrained environments, leveraging AI-driven optimization methods.

8.3. Innovative Applications

GANs have been widely studied for data augmentation [6] and anomaly detection [99,101,147]. However, their integration into FL remains limited due to privacy and scalability concerns. Addressing these limitations by designing privacy-preserving GAN-based models could significantly enhance FL applications in healthcare and cybersecurity.

Similarly, domain-specific FL frameworks for applications such as spam detection, smart transportation, and decentralized healthcare systems have gained traction [109,126,130,140]. However, research is required to evaluate their robustness, efficiency, and privacy guarantees in real-world deployments.

• Leveraging GANs for data augmentation and anomaly detection. For instance, GAN-based models could address imbalanced datasets in healthcare and cybersecurity domains, improving detection rates and overall model performance.
• Designing FL and AI frameworks tailored for specific applications, such as spam detection, smart transportation, and healthcare, where decentralized data processing and privacy preservation are critical.

8.4. Improving Interoperability and Scalability

One of the major challenges in FL research is interoperability across diverse hardware and software platforms [84,125]. Recent work on simulation platforms, such as ChainFL, has demonstrated potential solutions for testing FL models in heterogeneous environments, but there is still a need for standardized evaluation frameworks.

Furthermore, optimizing FL architectures that integrate edge, cloud, and device-level computations remains an open challenge [132]. Research efforts should focus on techniques such as FedAgg strategies [44,109,131,141] to improve resource efficiency while maintaining model accuracy.

• Creating simulation platforms like ChainFL to enable researchers to test FL models in diverse and dynamic environments, focusing on interoperability across varied hardware and software ecosystems.
• Developing federated architectures that combine edge, cloud, and device-level computations to optimize resource usage while maintaining model accuracy, as illustrated by methods like FedAgg.

8.5. Addressing Security Challenges

Security threats in FL, such as model poisoning, data leaks, and free-rider issues, have been well researched [139,147]. However, existing solutions are scattered, and using blockchain for security could be a promising area to explore.

Differential privacy is commonly used in FL to protect data, but it often reduces model accuracy [112,128,133,139,141]. Future research should aim to develop better privacy techniques that keep data safe without hurting model performance too much.

Lastly, Zero Trust security models have been effective in improving access control [50,51]. Applying them to FL could strengthen security by allowing strict, rule-based access control for different nodes in the network.

• Investigating methods to mitigate adversarial threats such as model poisoning, data leakage, and free-rider problems in FL systems. This could involve integrating blockchain-based solutions for secure model updates and participation verification.
• Exploring robust differential privacy mechanisms to enhance data confidentiality without compromising model utility.
• Incorporating Zero Trust principles into FL frameworks to enhance resilience against insider threats and ensure robust security in hybrid environments. Zero Trust methodologies could redefine access control mechanisms and enable secure collaboration across distributed nodes.

By focusing on these areas, future studies can drive innovations in the integration of FL and AI for cloud and edge security, ensuring scalability, efficiency, and adaptability across diverse application domains.

9. Conclusions

The studies reviewed demonstrate that FL and AI are transformative technologies for enhancing privacy, scalability, and security in cloud and edge computing. Practical findings reveal the significant advantages of FL, such as its ability to improve privacy preservation in sensitive domains like healthcare and finance while addressing challenges like heterogeneity in data distributions and computational constraints.

Implications of this research suggest that integrating advanced techniques like Zero Trust principles, blockchain, and GAN-based frameworks into FL architectures can revolutionize cloud security strategies. For example, the adoption of Zero Trust principles ensures enhanced resilience in hybrid environments, while blockchain-enabled FL addresses data integrity and adversarial threats.

This SLR provides valuable insights into the role of FL and AI in cloud security, offering both theoretical advancements and practical applications for organizations, researchers, and security professionals. The studies reviewed highlight FL’s ability to enhance privacy, scalability, and security in cloud and edge computing, particularly in domains like healthcare, finance, and multi-cloud infrastructures, where data sensitivity and regulatory compliance are critical concerns. From a practical perspective, the findings suggest that FL can be integrated into real-world cloud security strategies to mitigate risks associated with data breaches, adversarial threats, and privacy violations. For instance, healthcare institutions can leverage FL to train AI models on distributed patient data without transferring raw information, ensuring compliance with data protection regulations such as GDPR and CCPA. Similarly, financial institutions can adopt FL for fraud detection and risk analysis without exposing sensitive customer data across banking networks. In hybrid and multi-cloud environments, implementing Zero Trust security models alongside blockchain-enhanced FL can strengthen access control, improve data integrity, and mitigate cyber threats posed by insecure API configurations and mismanaged cloud storage.

Looking ahead, advancing FL and AI integration with emerging technologies will be essential in overcoming existing limitations. The inclusion of adaptive algorithms and neuromorphic computing promises to enhance real-time threat detection and decision-making in cloud-edge environments. Adaptive algorithms enable self-optimizing FL models that can adjust dynamically to evolving cyber threats, while neuromorphic computing architectures mimic biological neural systems, offering superior energy-efficient, low-latency data processing for security-critical applications. These advancements will not only address computational inefficiencies but also enable FL to scale effectively across diverse, distributed ecosystems.

In conclusion, advancing the integration of FL and AI with emerging technologies such as adaptive algorithms and neuromorphic computing offers a path to overcoming challenges of dynamic environments and real-time processing, which are essential to address the limitations identified and unlock the full potential of these systems. By tackling the trade-offs between privacy, efficiency, and scalability, future research can contribute to robust, adaptable, and secure solutions for cloud-edge ecosystems in diverse applications.