Survey on security issues in file management in cloud computing environment

Cloud computing has pervaded through every aspect of Information technology in past decade. It has become easier to process plethora of data, generated by various devices in real time, with the advent of cloud networks. The privacy of users data is maintained by data centers around the world and hence it has become feasible to operate on that data from lightweight portable devices. But with ease of processing comes the security aspect of the data. One such security aspect is secure file transfer either internally within cloud or externally from one cloud network to another. File management is central to cloud computing and it is paramount to address the security concerns which arise out of it. This survey paper aims to elucidate the various protocols which can be used for secure file transfer and analyze the ramifications of using each protocol.

💡 Research Summary

Cloud computing has become the backbone of modern information technology, enabling real‑time processing of massive data streams generated by a myriad of devices. While this paradigm offers unprecedented scalability and flexibility, it also introduces significant security challenges, especially concerning the transfer of files both within a cloud environment and between disparate cloud networks. The surveyed paper addresses this critical issue by systematically reviewing the most widely adopted secure file‑transfer protocols and evaluating their suitability for cloud‑centric file management.

The authors first outline the threat landscape inherent to cloud file transfers, highlighting risks such as eavesdropping, data tampering, man‑in‑the‑middle attacks, and credential compromise. To provide a structured comparison, they define six evaluation criteria: confidentiality, integrity, authentication, performance, scalability, and operational manageability. Each protocol is then examined against these dimensions.

Secure Shell based protocols (SFTP and SCP) rely on the SSH framework, offering strong symmetric encryption (AES‑256 or similar) and robust key‑exchange mechanisms (Diffie‑Hellman, ECDH). They support both public‑key and password authentication, and can be extended with multi‑factor authentication. SCP excels in raw throughput for bulk copies but lacks advanced file‑metadata handling, whereas SFTP provides richer directory operations and resume capabilities. Both benefit from modern key‑management solutions such as HashiCorp Vault or cloud‑native KMS, which automate key rotation and reduce operational overhead.

FTPS (FTP over TLS/SSL) upgrades the legacy FTP protocol by encapsulating the control and data channels in TLS. While it delivers confidentiality and integrity comparable to SSH‑based solutions, FTPS suffers from complex certificate lifecycle management and the need to open multiple ports (21 for control, a range for data), which can be problematic in restrictive firewall environments. The paper notes that explicit FTPS is more flexible than implicit mode but still incurs higher latency due to repeated TLS handshakes, especially when session reuse is not configured.

HTTPS‑based file transfer leverages the ubiquitous HTTP/2 (or HTTP/3) stack, providing seamless traversal of corporate proxies and NAT devices. By employing TLS 1.3, HTTPS offers forward secrecy and reduced handshake latency. The protocol integrates naturally with modern authentication frameworks (OAuth 2.0, OpenID Connect, JWT) and can be exposed as RESTful APIs, facilitating automation, serverless execution, and fine‑grained access control. However, the authors point out that header overhead and the stateless nature of HTTP can increase per‑request latency for very large files unless chunked transfer encoding or multipart uploads are used.

WebDAV over HTTPS adds a file‑system‑like interface to HTTP, enabling operations such as locking, versioning, and property manipulation. While it inherits the security properties of HTTPS, its default reliance on basic authentication makes it unsuitable for high‑security contexts without additional token‑based layers.

The paper also surveys emerging transport mechanisms such as QUIC, which combines UDP‑based delivery with TLS 1.3 encryption, promising lower connection establishment times and improved performance on lossy networks. Although still maturing, QUIC is highlighted as a potential candidate for IoT and mobile edge scenarios where traditional TCP‑based protocols may be suboptimal.

After a detailed comparative analysis, the authors propose a hybrid security strategy tailored to typical cloud deployment patterns:

1. Intra‑cloud data‑center replication – Use SCP or SFTP for high‑throughput bulk transfers, complemented by automated SSH key rotation and audit logging.
2. External partner exchanges – Prefer HTTPS‑based APIs with OAuth 2.0 scopes, falling back to FTPS when legacy systems require it.
3. Mobile/IoT edge devices – Experiment with QUIC‑enabled transfers to reduce latency and cope with intermittent connectivity.

The survey further identifies future research directions. Post‑quantum cryptography (e.g., CRYSTALS‑Kyber for key exchange, Dilithium for signatures) is recommended to future‑proof cloud file‑transfer mechanisms against quantum adversaries. Blockchain‑based integrity verification could provide immutable provenance records for transferred files, while AI‑driven anomaly detection on transfer logs may uncover covert exfiltration attempts.

In conclusion, the paper emphasizes that no single protocol can address all security, performance, and operational requirements of cloud file management. A layered, context‑aware approach—selecting the appropriate protocol based on data sensitivity, transfer volume, network topology, and compliance obligations—offers the most resilient solution. By presenting a comprehensive taxonomy and practical guidance, the survey equips cloud architects, security engineers, and developers with the knowledge needed to make informed decisions and to design robust, scalable, and secure file‑transfer architectures in today’s cloud‑first world.