1 Chapter Two: Literature Review Student's Name Name of the Institution Course Number and Name Professor Due Date Privacy Issues in Multi-Tenant Cloud Computing Chapter Two: Literature Review Introduction A multitenant cloud is a cloud computing architecture that allows customers to share computing resources in a public or private cloud. Multitenant involves different cloud computing clients using or transferring a single computing infrastructure. This arrangement exposes the clients who have agreed to various privacy issues relating to their data and information stored in the cloud (Al-Ruithe et al., 2018). Evidence indicates that some of the privacy issues involved in multitenant cloud computing include data leakage, data breach, and exposure of the private data relating to clients involved in the agreement. As the number of people using cloud computing balloon, privacy issues are becoming a significant problem for many consumers who use the same cloud computing architecture in a private or public setting. It is essential to define what multitenant cloud entails before developing a clear concept or problem that can be investigated. According to Park et al. (2018), "A multitenant cloud is a cloud computing architecture that allows customers to share computing resources in a public or private cloud" (Park et al., 2018). Each tenant's data must be isolated in this cloud computing arrangement and cannot be accessed or seen by the partner tenant. However, the recent growth in technology has made data privacy in cloud computing challenges, posing a big problem to cloud computing providers. The theoretical foundation for the current privacy issues in multitenant cloud computing is drawn from the study done by Park et al. (2018). According to Park et al. (2018), the most significant privacy issue in multitenant cloud computing is the lack of configurability. Configurability poses a colossal privacy issue in this infrastructure because the tenants have to share the same configuration. However, there is little evidence to provide this theory, and this study will play a significant role in contributing to this theoretical framework (Meng et al., 2021). The purpose of the current study is to investigate privacy and confidentiality issues in multi-tenancy cloud computing. Specifically, in this chapter, studies that have been done in the last five years focusing on this topic will be reviewed through a professional literature review. Chapter Outline The current chapter will be structured using headings and subheadings to ensure that each aspect is captured during the literature review. The study will be structured in 12 different sections, of which some may have sub-sections. The twelve sections in the current chapter will include introduction, chapter outline, search strategy, introduction to cloud computing, multi-tenancy cloud computing, and cloud computing deployment models. The other sections will consist of cloud computing service models, ...

1. 1
Chapter Two: Literature Review
Student's Name
Name of the Institution
Course Number and Name
Professor
Due Date
Privacy Issues in Multi-Tenant Cloud Computing
Chapter Two: Literature Review
Introduction
A multitenant cloud is a cloud computing architecture that
allows customers to share computing resources in a public or
private cloud. Multitenant involves different cloud computing
clients using or transferring a single computing infrastructure.
This arrangement exposes the clients who have agreed to
various privacy issues relating to their data and information
stored in the cloud (Al-Ruithe et al., 2018). Evidence indicates
that some of the privacy issues involved in multitenant cloud
computing include data leakage, data breach, and exposure of
the private data relating to clients involved in the agreement. As
the number of people using cloud computing balloon, privacy
issues are becoming a significant problem for many consumers
who use the same cloud computing architecture in a private or
public setting. It is essential to define what multitenant cloud
entails before developing a clear concept or problem that can be
investigated. According to Park et al. (2018), "A multitenant
cloud is a cloud computing architecture that allows customers to

2. share computing resources in a public or private cloud" (Park et
al., 2018). Each tenant's data must be isolated in this cloud
computing arrangement and cannot be accessed or seen by the
partner tenant. However, the recent growth in technology has
made data privacy in cloud computing challenges, posing a big
problem to cloud computing providers.
The theoretical foundation for the current privacy issues in
multitenant cloud computing is drawn from the study done by
Park et al. (2018). According to Park et al. (2018), the most
significant privacy issue in multitenant cloud computing is the
lack of configurability. Configurability poses a colossal privacy
issue in this infrastructure because the tenants have to share the
same configuration. However, there is little evidence to provide
this theory, and this study will play a significant role in
contributing to this theoretical framework (Meng et al., 2021).
The purpose of the current study is to investigate privacy and
confidentiality issues in multi-tenancy cloud computing.
Specifically, in this chapter, studies that have been done in the
last five years focusing on this topic will be reviewed through a
professional literature review.
Chapter Outline
The current chapter will be structured using headings and
subheadings to ensure that each aspect is captured during the
literature review. The study will be structured in 12 different
sections, of which some may have sub-sections. The twelve
sections in the current chapter will include introduction, chapter
outline, search strategy, introduction to cloud computing, multi -
tenancy cloud computing, and cloud computing deployment
models. The other sections will consist of cloud computing
service models, multi-tenancy characteristics and architecture,
privacy issues in multi-tenancy cloud computing, solution
models to the challenges, contributions to the study, and a
chapter summary.
Search Strategy

3. The purpose of the current study is to investigate privacy and
confidentiality concerns in multi-tenancy cloud computing. The
present chapter focused on reviewing the studies that have been
done in the past few years on this topic. To achieve the
chapter's goals, inclusion and exclusion criteria were developed
based on the year of the study publication and the relevancy of
the findings to this study. Only articles that had been published
between 2017 to date were selected for review in this study. All
the identified articles came from reliable peer-reviewed journals
such as the Journal of Cloud Computing: Advances, Systems
and Applications (JoCCASA), government institutions,
computer engineering professional association publications,
symposiums, and whitepapers from the relevant field. Google
search was undertaken to access the articles in which keywords
such as cloud computing, multi-tenancy, and privacy in multi-
tenancy were used.
Introduction to Cloud Computing
Al-Ruithe, Benkhelifa, and Hameed (2018) noted that there had
been a considerable surge in the adoption of cloud computing
services in the last few years and the trend is likely to upsurge
further as organizations continue to realize the benefits of the
concept. According to the industry forecasters, the cloud-
computing market will likely generate $241 billion in revenue
by 2020 compared to the estimated $185 billion. The range of
the benefits that are offered by the use of cloud computing and
the constant maturity of the concept from an organizational
perspective and the vendors is one of the reasons why the
concept will increase in popularity not only in data storage but
in other parts of organizational management (Barona & Anita,
2017, April). Most organizations and enterprises are using
cloud-computing technology because they have realized that it
accelerates the business processes by allowing them to enhance
their agility and flexibility, which reduces costs that
organizations incur (Meng et al., 2021). Cloud computing as a
concept can be defined as a technology model designed to

4. enable organizations to access ubiquitous, on-demand, and
convenient networks to the shared configurable resources
configured. By design, cloud computing platforms are described
by five main characteristics that include the following.
Cloud computing provides on-demand self-service, which are
unilateral computing services to organizations and end-users.
Provide broad network access capabilities, accessed through the
clients' platforms, ranging from desktops to mobile phones and
tablets. Alsmadi et al. (2018) revealed that the platform
providers have access to a pool of resources, serving many
customers using different tenant models, which assigns
resources based on customer demands. They provided elastic
capabilities designed to be rapid and are released based on the
customers' scalabilities. They can provide measured services to
ensure that the services provided match the client's scalability
and are monitored, controlled, and reported as one-way of
ensuring transparency to the vendor and the client.
As much as the five mentioned features of cloud computing
describe the significant attributes of cloud computing, there are
different techniques that the end-users use to access cloud
computing infrastructures. Marinescu (2017) noted that the
decision to pick the most appropriate technique would depend
on many factors, including the volume of data managed,
sensitive data, and data confidentiality. Some organizations that
operate in regulated industries may find it easy to identify the
type of cloud computing infrastructure with the features they
want because of the commercially available recommendations.
However, such organizations still have to task their information
technology teams to perform due diligence on potential
providers to determine the best cloud computing infrastructure
that meets the organization's needs (Barona & Anita, 2017,
April). However, the characters mentioned in this area must be
considered. Four main types of cloud computing include hybrid,
public, private, and community cloud computing.
Cloud Computing Deployment Models

5. Cloud deployment models are classified or described based on
how the cloud platform is implemented, who has access to it,
and is hosted. According to the findings of a study that was
done by Smallwood (2019), "All cloud computing deployments
operate on the same principle by virtualizing the computing
power of servers into segmented, software-driven applications
that provide processing and storage capabilities" (Smallwood,
2019). There are four cloud computing deployment models and
are discussed below.
Private Cloud Deployment Model
In many instances, a private cloud model is hosted behind a
firewall and can be utilized by a single organization or a group
of organizations that share the same model. Shaikh and Iyer.
(2018, August) Note that private could models are becoming
popular today because they allow the organizations or users to
exhibit a high level of confidentiality. It is relevant for
organizations that operate in industries with increased
regulatory requirements. The commonly known colocation
providers provide this type of cloud model. Authorized private
cloud users can access, utilize and process data in the private
cloud from anywhere, just like they could do with public and
other cloud models (Barona & Anita, 2017, April). Evidence
indicates that some of the privacy issues involved in multitenant
cloud computing include data leakage, data breach, and
exposure of the private data relating to clients involved in the
agreement. As the number of people using cloud computing
balloon, privacy issues are becoming a significant problem for
many consumers who use the same cloud computing architecture
in a private or public setting. It is essential to define what
multitenant cloud entails before developing a clear concept or
problem that can be investigated.
The difference between the private cloud computing platform
and the public deployment is that access is limited to the
authorized persons alone, unlike in the public deployment

6. model. Private cloud model, which is designed to provide
clouding services to a single organization. Shaikh and Iyer.
(2018, August) argued that the provider both hosts this type of
platform on the premise of and might be owned by the
organization, the provider's client, or the third-party, which may
be the vendor. Tight confidentiality and data privacy are one of
the main benefits of these deployment models. However, as
Guerbouj et al. (2019) noted, its main shortcoming is that it is
expensive to deploy because the company that owns it has to
cater to the software and infrastructure that support the model,
making it expensive to install.
Public Cloud Deployment Model
Unlike the private cloud platforms, public cloud deployment
models are designed to be shared by many organizations willing
to outsource their cloud computing services. These cloud
computing models include those offered by Amazon, Google,
and Microsoft, among other entities that offer cloud computing
services. Public organizations provide the software and the
infrastructure that support the cloud computing services that the
clients share. This type of cloud computing model is
characterized by high scalability because of the enormous
storage volume or space. This model is mainly consumed by the
organizations involved in collaborative projects because of their
flexibility, and different organizations can access them.
According to Baig (2021), the public cloud model is another
form of a model designed to be accessed by the public. The
government organization, a single business, academic, or a
partnership of the two public cloud models can form this model.
This type of cloud computing model is hosted at the premises of
the service provider. Many organizations that offer public
computing services offer the resources in packages as part of
the services. Stergiou et al. (2018) noted that "Public cloud
examples range from access to a completely virtualized
infrastructure that provides little more than raw processing

7. power and storage (Infrastructure as a Service, or IaaS) to
specialized software programs that are easy to implement and
use (Software as a Service, or SaaS)," (Stergiou et al., 2018).
There are several factors that prompt cloud computing users to
adopt the public cloud deployment model. One is that it is cheap
to install since the organization must install no software and
infrastructures. However, the main shortcoming of the model is
that the confidentiality and privacy of the data can be
compromised.
Community Cloud Deployment Model
The community cloud deployment model is not commonly
utilized as compared to the other three types of platforms. Al-
Ruithe et al. (2018) noted that community cloud computing
platform is highly collaborative and are utilized in many multi -
tenancy arrangements. The model is designed to allow cloud
computing clients to share the applications. According to
Venkatesh and Eastaff (2018), many community cloud
computing model consumers are in the same industry, field,
practice, or share exact compliance requirements,
confidentiality concerns, and performance needs. The other
form of cloud computing model is the community cloud model.
This model is designed to be accessed and used by a specified
community of end-users from identified organizations. Studies
have defined the community cloud model differently based on
the perceptions of the scholars. El-Zoghby and Azer (2017,
December) noted that cloud computing is a private cloud model
that functions as a public model. The service may be owned,
operated, or managed by one or more organizations included in
the community, a third party, or a partnership. The service may
be hosted on or off the premises (Xue et al., 2018). The
community cloud computing platform users are segmented on
their service needs and are common in healthcare, banking and
finance, government agencies, and non-profit organizations.

8. Hybrid Cloud Deployment Model
The last and final form of the model is the hybrid model, which
combines two or more models. This model combines private and
public models to form a single and more compelling cloud
computing deployment model. The model is designed to enable
seamless interaction between the public and private data and
applications from one model to another. According to Azeez et
al. (2019), the decision to adopt a hybrid deployment model
depends on the industry's size and nature. Many large
organizations with multiple branches have favored this type of
cloud computing service. Hybrid cloud models are grouped into
two categories: cloudbursting that uses a private model as a
primary cloud, application, and storage. The hybrid cloud model
also runs most applications and houses data in a private cloud
environment but outsources non-critical applications to a public
cloud provider. This form of cloud computing model is in the
form of an application (Azeez et al., 2019). For instance, this
model form can be formed through a combination of the private
and public models infused on specific technology formations.
The benefits of the hybrid cloud deployment model are
overwhelming and include privacy and confidentiality of the
data and the cost-effectiveness of installing the services.
Figure 1: Cloud Computing Deployment Models
Multi-Tenancy Cloud Computing
Several scholars have directed their interests and energy in
investigating multi-tenancy in cloud computing today. There are
a plethora of studies that have been published focusing on the
issues around multi-tenancy cloud. According to Gupta et al.
(2018), data privacy concerns and confidentiality have been the
primary issues bedeviling and limiting the concept of multi -
tenancy cloud computing. Evidence suggests that organizations
and individuals consuming cloud computing services need to be
concerned with the privacy and confidentiality of their

9. information stored in the cloud. Multi-tenancy is defined
differently. However, many scholars have agreed that the
sharing of resources in cloud computing facilitates the
community cloud deployment model. Ghorbel et al. (2017)
noted that although the users of multi-tenancy cloud computing
services enjoy many benefits, they are also faced with integrity
and confidentially risks. To better understand privacy issues in
multi-tenancy cloud services, exploring what constitutes a
multi-tenancy cloud is imperative.
Many organizations and individuals have adopted the multi -
tenancy cloud because of its economic benefits from sharing
and virtualization of computing resources. Hathaliya and
Tanwar (2020) noted that "Multi-Tenancy implies different
meanings from different points of view and services. In SaaS,
Multi-Tenancy implies; when two or more users use the same
software or application that is provided by the Cloud Service
Provider irrespective of the resources" (Sahmim &
Gharsellaoui, 2017). Similarly, multi-tenancy occurs differently
in the case of PaaS. In PaaS, multi-tenancy is only achieved
when different clients share a platform or VM. This is different
for IaaS, where multi-tenancy occurs when different platforms
that belong to different users share the same cloud resources.
The idea of multi-tenancy explains the significance of sharing
resources as SaaS by the clients and reducing cloud computing
costs. However, it is interesting to note that using multi-tenancy
cloud computing can apply different techniques to attain their
multi-tenancy needs.
In this cloud computing arrangement, the service consumers are
known as tenants who choose and subscribe to a package that
they feel can satisfy their computing needs. This can be done in
all cloud computing service models that include IaaS, PaaS, and
IaaS. However, Stergiou and Psannis (2017) noted that SaaS is
the best platform for multi-tenancy because it allows the clients
to own, maintain, and host software and infrastructure

10. applications of the service provider. In many ways, the
application level of multi-tenancy is compared to SaaS. It
includes a structure and design that enable many clients to host
through a single application or server. Maliszewski et al. (2018,
July) noted that many of the prevailing multitenant models are
not flexible apart from the operational and maintenance costs
benefits and the multiple software types it provides to the users.
Many of the available multi-tenancy applications are designed
to align with SaaS applications that enable many different
consumers with different computing needs to share the same
software, the infrastructure of applications (Stergiou & Psannis,
2017). One of the main features of multi-tenancy is that the
applications are designed more flexibly, allowing each client to
customize it to meet their cloud computing requirements, needs,
and demands. Similarly, it is predictable in terms of use, and
therefore, consumers are allowed to pay for what they have
consumed at the end of the month.
Although multi-tenancy is highly associated with SaaS, it can
also be supported by PaaS to a certain level. Sahmim and
Gharsellaoui (2017) noted that PaaS platforms support multi-
tenancy in designing and developing applications. However,
many PaaS platforms do not have the features that support
tenant customization, as are SaaS and IaaS to a certain extend.
Chenthara et al. (2019) noted that "The mechanism of multi-
tenancy provides application data partitioned between tenants,
including the ability to offer a unique namespace string ID for
each tenant supported by various vendors of multi-tenancy
services, such as data isolation, data store, and caching
service," (Chenthara et al., (2019). Finally, Kumar et al. (2017)
revealed that the main benefits of multi-tenancy are reducing
computing costs and enhancing resource sharing among cloud
computing clients with similar needs. However, the drawbacks
of the concept are also far-reaching. They are in many cases
related to scalability of the services, privacy of the data due to
confidentiality and integrity risks, and high risks of data

11. leakage since the applications are shared. These issues
compromise the confidentiality of data in multi-tenancy,
limiting its use or adoption by cloud computing clients.
Cloud Computing Service Models
There are three types of cloud computing service categories
categorized as a platform, services, and applications. The
categories include Software-as-a-service (SaaS), Platform-as-a-
service (PaaS) and Infrastructure-as-a-service (IaaS)
(Marinescu, 2017). These are the types that the cloud computing
team must understand when evaluating cloud service-providing
vendors to ensure that the needs of the organizations are met.
Many service providers are flooding the cloud computing
market, but some do not have the knowledge that may be
required to serve sensitive organizations. Available evidence
indicates that cloud computing teams should not just consider
the hypes in the market since no one platform can meet the
requirements of the organization's networking (Ma et al., 2018).
The team should perceive cloud computing as a logical
evolution of utility networking to enrich themselves on how the
preferred platforms will secure the organizational data and
networking services.
Software as a Service
Under the Software as a Service, the service provider provides
application software as an on-demand service. Consumers using
this platform may acquire application software from different
providers or vendors, which increases the flexibility of the
infrastructure and software supporting customization of the
platform in the process. This is a platform that highly supports
multi-tenancy because of the minimi zed privacy issues
associated with the platform. Although getting the applications
from different providers is an advantage in this platform, it is
also a considerable risk to the privacy and confidentiality of the
data. This is because it becomes challenging to compose the

12. different applications into one platform and protect the
information contained in the operating system. According to Gai
et al. (2017), "SaaS, providers typically enable services with a
large number of integrated features, resulting in less
extensibility for customers" (Gai et al. (2017). The merit of the
platform is that the service provider is responsible for the
privacy and confidentiality of the applications, data, and
services. This is common in the public cloud deployment model,
where many consumers have tight confidentiality requirements
that the provider must meet before a deal is completed.
Similarly, private IaaS users may require enhanced
confidentiality and privacy to safeguard their customized
requirements.
Platform as a Service
Platform as a Service is a bit different from other delivery
models because it focuses on a programming environment to
allow the clients to access and use more application building
blocks. Almusaylim and Jhanjhi (2020) noted that these
programming environments have some limitations to application
architecture, such as controlling the application's services or
access from the operating system. According to Almusaylim and
Jhanjhi (2020), "a PaaS environment might limit access to well -
defined parts of the file system, thus requiring a fine-grained
authorization service" (Almusaylim & Jhanjhi, 2020). One of
the main reasons PaaS has found use in multi-tenancy is that it
gives the clients the freedom to build their applications apart
from the ones provided by the delivery model. This means that
the platform is more flexible and allows customization of the
services. However, just like IaaS, the consumers are responsible
for the platform's privacy and confidentiality, making it less
secure. Similarly, consumer s are responsible for differentiating
between workspaces and applications in the platform that limits
its use.

13. Infrastructure as a Service
Based on the tenets of the IaaS, the providers of the cloud
computing services provide the consumers with a set of
virtualized components such as the virtual machines and storage
space that consumers are allowed to anchor their applications
and operate in the process. Consumers who design and operate
using this platform are found in virtual operating systems and
virtual machines. In this platform, many issues limit the
application of this type of service delivery model. Some of the
issues include the hardening of the host, the confidentiality of
the inter-host communication, and the ability to trust virtual
machines. According to Khodashenas et al. (2017, June), these
are some of the issues that limit the use of IaaS in multi -tenancy
cloud computing because it is vulnerable to confidentiality and
integrity issues. However, in other application areas, IaaS is the
most extensible service delivery model but provides few
application-like features absent in some instances. Under this
platform, the consumers must secure the applications, operating
system, and content, limiting its application in multi-tenancy
cloud computing. Despite the client's responsibilities in the
confidentiality of the platform, the provider also has the
mandate to provide low-level privacy and confidentiality
assurances and services.
Figure 2: Cloud Computing Service Deployment Models
Multi-Tenancy Characteristics and Architecture
According to Kumar et al. (2018), understanding the
characteristics and architectures of multi-tenancy cloud
computing is essential towards comprehending the privacy and
confidentiality issues in this field of cloud services. This
section of the literature review focused on understanding the
studies investigating the characteristics and the architecture of
multi-tenancy cloud computing.

14. Characteristics of Multi-Tenancy Cloud Computing
Sharing Of the Hardware Resources
Kumar et al. (2019) noted that each customer has their virtual
machines customized to meet their computing needs in a
conventional single-tenant computing setting. Kumar et al.
(2019) revealed that the number of tenants who can use the
platform is limited because of the nature of virtual machines
used in their perspective. This is different for multi -tenancy,
where many different tenants can share the same software or
application, increasing resource utilization and cutting
operation costs.
High Level of Configurability
Karthiban and Smys. (2018, January) focused on investigating
the degree of configurability in multi-tenancy cloud computing.
All the customers share the same application instance in multi -
tenancy, unlike a single-tenant where each consumer has a
customized application instance. Because of this, different
consumers or tenants sharing the same application have
different computing needs, which must be met in the process.
Because of these, the services under multi-tenancy are designed
with a high degree of configurability to ensure that they can be
configured and customized to meet the needs of different
tenants.
Similarly, Guerbouj et al. (2019) noted that all product designs
are integrated with configuration options in a multi-tenancy
setting. Because of these reasons, many applications in the
multi-tenancy setting are run next to each other to enhance
sustainability. This ensures that the platform's functions are
enhanced by also increasing data privacy in the operating
system.
Shared Database and Application Instances
Applications in the multi-tenancy are runtime configured and

15. are therefore not different, as is the case in single tenancy,
where customization may create application variations.
According to Karthiban and Smys. (2018, January), the number
of instances is few or one in many cases, but all the applications
may be duplicated to enhance scalability in multi-tenancy cloud
computing. In this way, deploying applications in this setting is
easy and faster as compared to single tenancy.
Similarly, Alrawais et al. (2017) argued that "new data
aggregation opportunities are opened because all tenant data is
in the same place. Hence, user behaviors traces can be collected
easily, which can help improve user experience" (Alrawais et
al., 2017). In this way, there is the high and effective utilization
of hardware resources in multi-tenancy, enhancing cheaper and
swift maintenance of the applications. The platform is cost-
effective and presents opportunities for data aggregations.
Data Management Architecture in Multi-Tenancy
Studies have indicated that cloud computing can be defined by
multi-tenancy. This is because the shared applications in multi -
tenancy change dynamics in the area achieve the economic
benefits of cloud computing. In this setting, many clients can
access and utilize the same application, although they are
exposed to some privacy issues in the process. However, Ali et
al. (2018) noted that the application designs in multi-tenancy
are designed to distinguish between users to ensure that no user
uses data of another user. Therefore, Ali et al. (2018) revealed
the three techniques utilized in the multi-tenancy perspective:
physical separation, using a database, and virtualization.
Similarly, Guan et al. (2018) noted that multi-tenancy could be
achieved through using dedicated technology which provides or
allow users to access resources individually. This model has
been relied on to assure the platform users of their privacy,
confidentiality, and data integrity. This is called physical
separation in multi-tenancy, and it is less commonly used
because it is the most expensive method of achieving multi -
tenancy.

16. The three main architectures for managing multitenant data in
the cloud include storing data relating to each tenant on a
separate database. This is also the most common and most
accessible form of data isolation. Secondly, using a single
database to house different tenants with their tables classified
into schema created or designed for a specific tenant. Marwan et
al. (2018) termed this approach effective as it allows more data
to be stored in the same space, making it easy to retrieve. The
final framework stores data of different tenants in the same
database and similar sets of tables. This has been the riskiest
approach to data storage in multi-tenancy and exposes the
information to privacy issues. Goyal et al. (2019, February)
noted that "multi-tenancy, on Cloud environments provides
seemingly limitless scalability and an alternative to the
expensive data center infrastructure, it raises confidentiality and
privacy issues because it hands the processing and storage task
over to third parties" (Goyal et al., 2019, February).
Conceptual Architecture in Multitenant Application
Management
All layers of applications are affected in multitenant cloud
computing. However, to enhance data privacy in multitenant
cloud computing, three areas have to be focused on by the
service providers and the consumers. Separating user data is
warranted in multitenant settings because the applications and
databases are shared in many instances. To ensure that privacy
issues are managed in multitenant cloud computing, access
control and authentication must be implemented to ensure that a
user cannot access the data of another user. Secondly, Park et
al. (2018) noted that consumers could feel that their data is
secure if the processes and procedures are configured from a
multitenant perspective. This includes general configuration,
workflow configuration, data input-output configuration, and
layout style configuration. Finally, there must be a high level of

17. data isolation in multitenant settings to enhance data privacy.
Data isolation is necessitated by the fact that applications and
databases are shared in many instances. Therefore, data
isolation using techniques such as authentication will limit the
platform users to their data alone.
Figure 3: Multitenant Architecture With Tenant-Isolated
Components
Privacy and Confidentiality Challenges in Multi-Tenancy Cloud
Computing
The benefits of multitenant cloud computing are overwhelming
based on the recent findings. However, these benefits are
limited to some privacy and confidentiality challenges that the
platform face today. According to Sun (2020), privacy issues
limit the concept regarded as one of the essential components of
cloud computing. Sun (2020) noted that multitenant cloud
computing has contributed to resource utilization and the cost-
effective nature of the practice. However, many organizations
using cloud computing services cannot shift to multi-tenancy
computing because of the privacy issues that put client data at
risk of being compromised by other system users. Despite the
benefits, the challenges that stop the implementation of this
type of cloud computing are many. According to Xiong et al.
(2018), physical data isolation considered a measure of privacy
and confidentiality in multi-tenancy, may not be effective
enough based on the technique used to implement the approach.
Physical isolation of data needs to be done more effectively to
achieve its obstructing intrusion goals. Considering this
argument, it becomes apparent that a malicious tenant may
infiltrate another tenant's data sharing the platform with others
through the shared components of multi-tenancy. The violation
of privacy, in this case, can be done by introducing the code to
the SaaS platform, utilizing the loopholes in the applications
that are shared, or through advanced hacking.

18. Singh et al. (2021, July) noted that one of the main challenges
to multi-tenancy privacy is that much of the software is not easy
to test for the confidentiality of the data. However, many of the
producers of developers of the software will argue that their
products are secure, yet they are not. Many service providers
have no confidentiality software and applications yet promote
that their servers are secure and limit data privacy issues. This
has been an enormous problem that has slowed down the use of
multitenant cloud computing. Similarly, Joshi et al. (2018)
argued that human error in data privacy and confidentiality
management in cloud computing is another privacy challenge.
Indeed, many recent data breaches involving colossal amounts
of money have been instigated due to human errors. Many
employees or system administrators are, in many instances,
likely to contravene the authentication of the users allowing
unauthorized persons to access private data in the servers. If
this occurs, data privacy violations will likely occur (Joshi et
al., 2018). Similarly, some organizational employees have
violated the confidentiality and information privacy policies of
their organizations intentionally or accidentally. Data privacy
will be violated if this is the case in any organization giving
way to unauthorized access.
Khoso et al. (2021) noted that multi-tenancy in cloud computing
could set an environment where the attacker and the victim
share the same platform. This is a huge privacy issue that many
confidentiality and privacy models or literature have not
provided solutions to. The hypervisor or resident operating
system may not detect attackers on the same platform as the
victim. George Amalarethinam and Rajakumari (2019) argued
that any tenant within the multitenant arrangement could attack
the neighbor because simple methods such as side channels can
be used to infiltrate the database of tables of another tenant.
Similarly, multi-tenancy is considered a privacy risk in cloud
computing because privacy and confidentiality of the
information can be menaced. Although the system users are

19. virtually isolated, they are still connected concerning hardware
since tenants share the same hardware. Amalarethinam and
Rajakumari (2019) related multitenant to multitasking where
many resources such as network, CPU, software, and
applications are shared. And just like it is the case of
multitasking, multi-tenancy is prone to privacy and
confidentiality lapses.
Virtualization
Virtualization, which refers to the abstraction of computer
resources, is one of the key features in cloud computing
privacy, confidentiality, and security. Through utilizing
virtualization technology, dynamic resource allocation and
providing services are possible. It also enables the user to
install several OSs in one physical machine without interfering
with one another. According to Kaur et al. (2020), different
virtualization technologies have been developed and
implemented in different industries, and some of them include
VMware and Xen. Privacy issues in multi-tenancy cloud
computing arise because there is a high level of sharing the
resources such as the machines and databases provided by the
computing services provider. According to Singh and
Dhurandher (2020, December), virtualization causes losing
control over personal and private data. The client may lose
control over the location where data is stored, security and
privacy policies, and over the people who may access the data,
which is common in multi-tenancy cloud computing services.
Singh and Dhurandher (2020, December) noted that privacy and
confidentiality could easily be breached in multi-tenancy
because the attacker can easily manipulate the hypervisor (the
software layer between the operating system and the hardware)
and gain access a virtual machine that different tenants share.
The presence of a hypervisor in this architecture increases the
attack surface since it adds the application program interfaces

20. (APIs) and the sockets, enhancing the system's complexity.
However, there are contrary accounts that authors have
observed on this issues; according to Pulkkinen (2018), the
existence of a hypervisor in the multi-tenancy cloud computing
infrastructure increased the privacy and confidentiality of the
data in the architecture because it reduced the number of attacks
because of its efficiency as compared to conventional operating
systems. Pulkkinen (2018) focused on several issues
undermining the effectiveness of multi-tenancy cloud services
because of virtualization. Privacy issues that are instigated by
virtualization in cloud computing services, according to the
available publication, include cross-virtual machine attacks
(instigated by another tenant in the cloud arrangement),
malicious system administration attacks (instigated by insiders
working for the cloud vendor), and another area of vulnerability
is virtual machine hopping.
Cross Virtual Machine Attack
This privacy and security vulnerability enables the system
attacker to steal data from the information system without
leaving any trace or raising the alarm. According to Kumar et
al. (2018, December), system hackers can achieve this by
placing the malicious virtual machine on the physical server
where the targeted client’s virtual machine is installed. System
hackers achieve this by determining the location of the target
client’s VM instance is installed. To determine where the VM is
located, the adversaries used networking probing tools such as
the nmap, wget, and hping, among others. The adversary should
determine if there are two VM instances by comparing IP
addresses to see if they match and measure the small packet
round-trip time.
A study done by Kumar et al. (2018, December) noted that
providers such as Amazon had launched new instances of virtual
machines installed on a single physical machine which increases

21. the vulnerability of the physical machine because malicious
VMs can easily be placed on the physical machine. Privacy and
confidentiality of the client’s data are therefore violated once
the malicious and the client’s VMs have been aligned on a
particular physical machine since they can share some
resources, including CPU pipelines, data cache, and network
access, among others. Maliszewski et al. (2018, July) noted that
it is therefore easy for the attacker to steal a user’s passwords
because the attacker measures cache usage to estimate the
server's current load, estimate traffic rate, and keystroke timing
by attacking the virtual machine. Similarly, Maliszewski et al.
(2018, July) provide several mitigating strategies to combat
cross-VM attacks such as co-residency, placement prevention,
and NoHype.
Malicious System Administration (malicious SysAdmin)
Campanile et al. (2020) noted that malicious system
administration vulnerability is caused by the privileged
administrators who have access to the memory of the client’s
virtual machine. In many instances, systems with xenaccess can
allow the administrators to access virtual machines' memory
during run time by running the systems user’s level process
domain0. Kumar et al. (2017) noted that this vulnerability could
be enhanced by the increasing number of multi-tenants and
demand for cloud computing services, increasing privacy and
confidentiality of data vulnerabilities. Several frameworks have
been proposed to mitigate this vulnerability of data to privacy
and confidentiality. According to Khodashenas et al. (2017,
June) and Kaur et al. (2020), the vulnerability can be solved by
implementing a trusted cloud computing platform (TCCP). The
trusted cloud computing platform effectively protects the
privacy and confidentiality of new client’s virtual machines.
Kaur et al. (2020) noted that “TCCP is a set of technologies
developed by the Trusted Computing Group (TCG) to face the
concern of untrusted execution environment.

22. TCCP guarantees that the execution of virtual machines doesn't
leak any information and keeps data confidential” (Kaur et al.,
2020). The tool solves the problem because it bars any
privileged administrator from accessing the virtual machine
memory and closes the execution in a protected perimeter. This
privacy protection model is founded on the Trusted Platform
Module, which is installed or incorporated on the motherboards
of the machine and includes other peripheral technologies such
as authenticated booting, sealed storage, and remote attestation.
Similarly, Khodashenas et al. (2017, June) noted that privacy
could be achieved in multi-tenancy using the TCCP by
combining TCCP and virtualization technology. The
combination is effective because it helps the user to gain greater
confidentiality on virtual machines. Privacy is enhanced in this
model because the virtual machine operating system is
customized. Privacy can also be increased since the combination
of the TCCP and virtual technologies protect code from the
cloud service providers and disable less useful virtual devices.
Kaur et al. (2020) noted that clients’ data confidentiality is
significantly improved against the service provider. Only valid
users can boot the target virtual machines if the listed
procedures are implemented.
Figure 4: Trusted Cloud Computing Platform (TCCP)
architecture.
Virtual Machine Hopping
This is a kind of vulnerability where the adversary hacks into
the virtual machine using different techniques and takes control
of other virtual machines in the system. The hacker can achieve
the goals by manipulating or exploiting the hypervisor’s
vulnerabilities. However, according to Yadav et al. (2021),
virtual machine hoping vulnerability is founded on the
assumption that the software layer between the operating system

23. and the hardware or physical machine has a security lapse.
Yadav et al. (2021) noted that hackers could not achieve their
goals when targeting a cloud service system with a robust
hypervisor. This implies that multi-tenancy cloud computing
infrastructures and architectures should be designed with a
robust hypervisor to mitigate the issue of privacy breaches
through virtual machine hopping.
Data Location
Once the information or data has crossed borders which may be
country borders or company boundaries, it is faced with
numerous privacy and security risks. According to Lejaha,
2017), many of cloud computing service users do not know
where their data is stored. For these reasons, concerns relating
to privacy, accessibility, and protection of personal data have
dominated regional and national data protection policies. The
whereabouts of data location is a huge concern that
organizations handling private data have today because it
balloons their worries over data safety and protection. In multi -
tenancy cloud computing, data is stored in multiple locations in
different countries and regions with no information provided to
the consumers about the location where their data is stored.
Stergiou et al. (2018) noted that because of a lack of knowledge
on the whereabouts of consumer data in multi-tenancy cloud
computing, consumers are constantly worried about the legal
and compliance requirements of their data. The situation is even
more complex considering the different laws and data regulation
policies that different countries have implemented. Studies have
indicated that data location issues are divided into three main
categories according to literature. The study done by Kumar et
al. (2018, December) indicates that the three data location
categories include data combination and commingling,
outsourcing, and offshoring.

24. Data Outsourcing Privacy Challenge
Data outsourcing is a major privacy issue in multi-tenancy
cloud computing because data leaves the company jurisdiction
and is stored in locations known by the cloud service providers
alone. According to Ali et al. (2018), “customers physically
lose control on their data, and this loss of control is one of the
main causes of cloud insecurity and raises governance and
accountability questions in data outsourcing architecture” (Ali
et al., 2018). Since the data owner does not know where data is
stored and who has access to it, clients in a multi-tenancy cloud
service become more concerned because they share several
resources in this arrangement.
General Issues in Data Outsourcing. Literature provides several
privacy and security issues related to data outsourcing in cloud
computing, especially in multi-tenancy clouds services. Many
consumers using cloud computing services ask how they are
sure that their data is stored safely and in compliance with the
law and how private and confidential their data is. Maliszewski
et al. (2018, July) noted that in a traditional operating system,
the user is sure of where the data is stored and can ensure that
data privacy and confidentiality are met by implementing
different measures. However, this is different in multi-tenancy
cloud computing as the system user trusts the data with other
third parties responsible for the storage, safe, confidentiality,
and privacy of their data. Campanile et al. (2020) noted that
outsourcing data would lead to data privacy violations because
the data is in the storage system of a third party. The data owner
has no control over the private data in this arrangement.
Nevertheless, regardless of the risks that data is exposed to in
outsourcing arrangement, Kumar et al. (2017) and Khodashenas
et al. (2017, June) argued that outsourcing of data maybe even
secure as compared to the traditional data storage systems. This
is because cloud computing service providers have a team of
experts with experience and skills to safeguard and store data,

25. unlike individual storage systems where the individual computer
user may not have the skills to safeguard data in the computer.
Because of this finding, many consumers embrace cloud
computing services for their data storage compared to indoor
data storage systems. However, Singh and Dhurandher (2020,
December) do not agree with this argument. Singh and
Dhurandher (2020, December) noted that “the levels of privacy
and anonymity for a user will be lower than a desktop user, and
some consensus on this topic is required as future research”
(Singh & Dhurandher, 2020, December). This argument cannot
be overlooked, and it is because of this, the issue has to be
explored further through research.
Yadav et al. (2021) noted that several measures had been
implemented to enhance consumers' confidence in the multi-
tenancy cloud computing g category by assuring them that their
data privacy is guaranteed. NIST guidelines have been provided,
and cloud computing providers with or without multi-tenancy
cloud services must adhere to the guidelines. Yadav et al.
(2021) note that “a framework outlining which activities and
steps an organization should follow to ensure that the
outsourcing of data is done securely and compliance with all
organizational policies while maintaining privacy” (Yadav et
al., 2021). Several requirements need to be followed when
uploading and accessing the stored data in a multi-tenancy
setting and include requirements specification, privacy and
security risk assessments, and determining the competency of
the service provider. Adhering to these requirements will ensure
that data privacy is assured in using multi-tenancy cloud
services and enjoy the benefits of the cloud architecture.
Customers’ Privacy Requirements, Policies, and Lack of
Execution Control. Different organizations and individuals
using multi-tenancy cloud services have different privacy levels
requirements for their data. Lejaha, R. (2017) noted that
healthcare, finance and banking, legal and consultancy, and

26. technology organizations need a high level of data privacy
compared to small and medium enterprises or business start-ups.
However, many of the available multi-tenancy cloud service
providers offer their consumers the same level of data privacy
protection with similar and inflexible Service Level Agreements
(SLA). This practice of holding to the SLA compromises the
data privacy requirements of organizations dealing with
sensitive data, which causes privacy concerns. According to
Stergiou et al. (2018), “a poor provider selection can affect
company reputation, customer trust, and service delivery. If
cloud service providers could include better policies and
practices, users could be able to assess better privacy and
confidentiality risks they face” (Stergiou et al., 2018).
Similarly, consumers who have consented to the multi-tenancy
like other consumers of cloud computing do not have complete
control over the execution of the resources remotely since many
of the resources are shared. Again, the consumers have no
remote execution and control of their data, so they cannot
determine whether their data is stored according to the
applicable laws. Therefore, consumers in multi-tenancy cloud
service arrangements cannot inspect and monitor how the data is
being stored, safeguarded of telling people or entities that have
access to their data hence raising privacy issues or concerns.
This means that dishonest employees in a cloud computing
service organization may compromise consumer data without
the owner knowing. It is a fact that many service providers deal
with large volumes of data from different tenants in multi-
tenancy cloud computing arrangements. In this way, meeting the
different data privacy demands of the consumers in this setting
requires a high level of commitment and determination from the
providers’ perspective.
Xue et al. (2018) recommended cloud computing vendors “cloud
computing industry to establish standards in the paradigm, as
the current lack of them makes it difficult to users to analyze

27. and assess the differences between cloud service vendors” (Xue
et al., 2018). This is important because the privacy policy of the
tenant may not align with that of the vendor. Therefore, having
established standards to control data privacy policies will
enhance the confidence of the consumers in the provider to
safeguard their data.
Audit, Monitoring, and Accountability. Audit monitoring is the
only way tenants in multitenant cloud service arrangements can
hold their service providers accountable for their data privacy
and security. Al-Ruithe et al. (2018) argued that the purpose of
data audit and monitoring is “the purpose is to watch what
happened in the Cloud system to ensure that privacy
requirements, SLAs and compliance with laws are enforced
when their personal information is in the cloud” (Al-Ruithe et
al., 2018). However, this is one area that is very limited
regarding consumer access as they have no access to
information relating to the collection, usage, user profiling to
ensure high privacy recommendations.
Some consumers may not like how their data content is
monitored or is audited, but they may not change this because
they have no access to such information. Hathaliya and Tanwar
2020) noted that some cloud service providers might be required
to disclose and provide reports to the authorities, government
agencies, and security committees or organizations on the
nature of the information stored in their databases. This is done
in many cases without the knowledge of the data owners,
something that violates their privacy in the process.
Data Offshoring
Offshoring is the movement of the data from one region to the
other or region to the other. In a nutshell, offshoring is the
mobility of data across different jurisdictions, including
companies, among individuals and countries. However, in many

28. instances, this area of data privacy literature has focused on
data mobility across international boundaries. As expected, data
movement or offshoring of data increases the risks that data
from different organizations face today due to legal and
compliance regulation complexities. In a multi-tenancy setting,
cloud service providers serve consumers from different parts of
the world.
In contrast, these providers may not have data locations in some
countries where the consumers reside. According to NIST, the
“organization’s responsibility to operate in agreement with
established laws, regulations, standards, and specifications”
(NIST). Compliance also includes the understanding of who is
maintaining the outsourced data.
General Issues in Offshoring. Several studies have been done to
investigate privacy issues related to data offshoring in multi -
tenancy cloud computing. The studies have provided consumers
privacy concerns regarding g to offshoring while providing the
frameworks to mitigate the concerns. Some cloud service
providers do not inform their consumers of the location of their
data because of the data governance and processes safeguards or
policies. One of the main issues found in this perspective
reflected in the study of Campanile et al. (2020) is which laws
are applied to information in offshore perspective and how this
is determined. The nature and location of the data is an
important issue and significantly affects data privacy since
some jurisdictions have laws and regulations that may limit
access to information stored in their jurisdiction. Similarly,
some jurisdiction, for instance, China has different laws relating
to data security and privacy which many other jurisdictions
have noted as vague. Therefore, consumers whose data is stored
in countries such as China may feel or may have privacy
concerns because of the poor regulation of the cyber industry in
China.

29. Another privacy issue that has been identified from a study
done by Campanile et al. (2020) is the compliance regulations
that the company or the consumer has to follow before joining
or moving data to multi-tenancy cloud service. In the European
Union, the legislation bars the processing of personal
information to the cloud if the data subject is not aware of the
processing and the purpose for the actions. This is different
from other jurisdictions that allow the processing of personal
information to the clouds without necessarily notifying the
subject of the action or the purpose of the action. When this is
the situation, it becomes difficult for the tenants to upload or
access their data when they need to do so at their own time.
Similarly, it is imperative to understand that cloud computing
service vendors are in business, and they generate huge
revenues based on the number of subscribers. In this way, they
will promise consumers who intended to buy their data privacy
and security services. These promises may include disclosure of
their data location to motivate such clients to buy their services.
The promises may enhance the consumers' confidence in their
data privacy, but in a real sense, data may not be stored in the
locations that the providers have disclosed. According to
Khodashenas et al. (2017, June), cloud service providers split
their data storage facilities into many different jurisdictions to
reduce the risks of data breach and damage experienced when
data is stored in the same jurisdiction. This is a critical concern
for the consumers because they cannot tell which laws and
regulations apply to their data. This is also a huge privacy issue
because the tenants may violate the policies and regulations
relating to data handling without their consent because they are
unaware of the laws that apply to their data.
Legal and regulatory issues. As already mentioned in the
general privacy issues related to the offshoring section,
different jurisdictions have varying privacy laws that regulate
data storage and access. To make it worse, many of the legal

30. issues relating to data privacy are involved or addressed during
the assessment of the contract formed. These include Service
Level Agreements (SLA) and User Licensing Agreements
(ULA). According to Pulkkinen (2018), the privacy concern
here is that some of the privacy laws in different jurisdictions
are outdated or ambiguous and do not capture the essence of
cloud computing, especially multi-tenancy cloud services.
Several studies have investigated legal and regulatory
compliance effects on the privacy of data stored offshore. One
of the privacy issues in this perspective is the dissimilar
perception of the jurisdiction of what constitutes privacy or
what amounts to privacy violation. These concerns have
resulted in different legal battles in courts, which have refused
to fade because of other jurisdictions' different interpretations
of privacy. The authors explain some examples of conflicting
regulations are the U.S. Federal Rules of Civil Procedure
(FRCP) and the EU Directive. For instance, the definition of
privacy in the United States and the European Union is broad. It
is regulated by different laws, including data security, privacy,
cyber, and human rights laws. According to Yadav et al. (2021),
“even though many laws have been published to protect users'
privacy and businesses secrets, they are out of date and
inapplicable to scenarios where more parties enter in action
(like Cloud Computing)” (Yadav et al., 2021). Yadav et al.
(2021) believe that such complex and multiple laws that define
privacy make it difficult to determine what exactly constitutes
data privacy.
Similarly, Yadav et al. (2021) noted that many established laws
control or regulate data privacy offshore. Interestingly, privacy
laws are different and apply differently to different industries or
sectors. For instance, in the United States, financial sector data
and information privacy is regulated by Gramm Leach Bliley
Act which provides additional requirements compared to the
health insurance portability and accountability act (HIPAA) that

31. apply to the healthcare industry. Given the difference in the
laws that apply to different sectors, privacy regulation
experiences gaps and making it difficult to define what
constitutes privacy data violation. Lejaha, R. (2017) noted that
“some of the laws do not regulate activities of the third-party
providers of health care businesses, so a legal demand by a
private party to a CSP for disclosure of protected health
information would lead users’ private information to be
disclosed,” (Lejaha, 2017). This makes it difficult to understand
which law applies to areas that are not regulated by the
established privacy laws in the sector.
Data Combination and Commingling In Multi-Tenant Cloud
Computing
Data combination and commingling is a major privacy issue in
multi-tenancy cloud computing. Ali et al. (2018) defined data
combination as separating customers’ stored private data in the
cloud from other tenants. Considering the definition of data
combination, it is one of the main processes in cloud computing
that focuses on cloud computing data privacy in multi-tenancy
clouds service arrangement. According to Ali et al. (2018),
multi-tenancy cloud computing consumers need to be assured
that their data is stored separately from other tenants. In a
situation where private data is stored in the same database, the
risks of privacy violations became evident and became exposed
to attacks and virus transmission. When information is kept in
the same database, an attack on a single tenant may likely
spread to other tenants and cause a huge privacy violation and
reduce data integrity. Therefore, cloud service providers need to
be careful when handling data in a multitenant environment.
Hathaliya and Tanwar (2020) noted no evidence linking data
commingling and combination to virtualization. However,
virtualization is frequently applied to data combination and
commingling to reduce the risks associated with this privacy
concern in a multi-tenancy setting.

32. Solution
Models to the Privacy Challenges in Multi-Tenancy Cloud
Computing
Literature on Privacy