|
| Domain | Author | Year | Findings |
|
| Cybersecurity issues | Campos et al. [41] | 2016 | Being crucial for the organization, the cloud data needs proper security measures such as encryption, virtual firewalls, ISO standards, etc. While working with Big Data, it is important to have periodic risk management and follow maintenance-oriented lifecycle management using technological solutions. Cyber-insurance should be done with appropriate statistical models to predict associated cybersecurity risks. |
| Xu et al. [42] | 2019 |
|
| Structural issues | Troshani et al. [18] | 2011 | Cloud computing poses technological, organizational, and jurisdictional risks. The customers are always vulnerable to losing their data permanently or temporarily not able to retrieve data. The CSP and CC should make SLAs as comprehensive as possible and touch upon various untoward scenarios. |
| Amron et al. [19] | 2019 |
|
| Information security risk | Julisch et al. [38] | 2010 | Information Security Management System (ISMS) under the ISO/IEC 27001 can be extended to cloud computing in the form of Virtual ISMS. The need is the narrow the gap between the CC and CSPs by adhering to adequate standards, audits and keeping the CC informed about the future risks |
|
| Jurisdictional risks | Ward et al. [34] | 2010 | The placement of data servers by CSP at different geographic locations may confront the customer's country's data protection laws/regulations. Further, CSP may also covertly utilize the IaaS, PaaS, or SaaS of their peers across the globe without informing the CC. Jurisdictional issues are the root cause of the exuberant litigation cost incurred by the CSPs. There is an absence of any international organization that provides general framework law in the cloud computing domain. |
| Hon et al. [15] | 2012 |
|
| Power consumption risks | Liu et al. [32] | 2020 | The mushrooming of data centers across the globe may adversely affect the environment due to massive energy requirements. It is paramount to source the green energy solutions and place the data centers at an optimal geographic location to minimize carbon emissions. High latitude areas of the Pan-Arctic regions are favorable locations to increase the Power Usage Effectiveness (PUE). Big Data is potentially producing astronomical volumes of data per year loaded onto the cloud storage, thereby expanding the energy footprint of cloud devices. |
| Perrons. [20] | 2015 |
|
| Legal issues and territorial disputes | Powell et al. [45] | 2010 | Peaceful resolution of disputes is essential while settling cross-country cloud computing-related conflicts. The literature shows that bilateral negotiations or treaties (77%) are most preferred among the various dispute resolution instruments. Sometimes federated data regulations (as in the USA) become a bone of contention while dealing with cross-country data protection laws. In many cases, the CSPs are often found not honoring their SLAs in letter and spirit and try to subvert the commitments by taking advantage of data protection laws of third world countries (the state that is not part of the original SLA) |
| Coyle et al. [22] | 2019 |
| Vurukonda et al. [23] | 2016 |
|
| Data governance issues | Štarchoň et al. [29] | 2019 | General Data Protection Regulation (GDPR) serves as the gold standard in the international forum in the realm of myriad data protection laws. As cloud computing involves remote storage and data processing, it can be governed by various domestic and international IT (Information Technology) laws and data protection acts. In extreme situations, specific domestic national security laws (e.g., US PATRIOT Act) can lawfully coerce CSPs to divulge their users' data. Such ambiguities require a rule-based approach. |
| Goddard. [28] | 2017 |
| Penasa et al. [27] | 2018 |
| Al-Ruithe et al. [14] | 2017 |
|
