BULUTLI HISOBLASH MUHITIDA MA’LUMOTLAR MAXFIYLIGINI TA’MINLASH MUAMMOLARI
Keywords:
cloud computing, data privacy, encryption, access control, homomorphic encryption, data residency, insider threat, compliance.Abstract
This scientific article examines the key challenges of ensuring data privacy in cloud computing environments. Based on the analysis of recent research and statistical data from leading cybersecurity organizations, the study identifies five major categories of privacy threats in cloud infrastructure: unauthorized access risks, insider threats, compliance and legal issues, data residency problems, and side-channel attacks. The article evaluates the effectiveness of existing privacy protection mechanisms including encryption, access control, homomorphic encryption, and differential privacy. The results show that while encryption remains the most widely used method, no single solution fully addresses all privacy concerns, and a layered approach combining multiple mechanisms achieves the highest level of protection.
References
Mell, P., & Grance, T. (2011). The NIST definition of cloud computing. National Institute of Standards and Technology, SP 800-145. https://doi.org/10.6028/NIST.SP.800-145
Pearson, S. (2013). Privacy, security and trust in cloud computing. In Privacy and Security for Cloud Computing (pp. 3-42). Springer, London. https://link.springer.com/chapter/10.1007/978-1-4471-4189-1_1
Zissis, D., & Lekkas, D. (2012). Addressing cloud computing security issues. Future Generation Computer Systems, 28(3), 583-592.
Gentry, C. (2009). Fully homomorphic encryption using ideal lattices. In Proceedings of the 41st annual ACM symposium on Theory of computing (pp. 169-178). https://dl.acm.org/doi/10.1145/1536414.1536440
Acar, A., Aksu, H., Uluagac, A. S., & Conti, M. (2018). A survey on homomorphic encryption schemes: Theory and implementation. ACM Computing Surveys, 51(4), 1-35.
Dwork, C., & Roth, A. (2014). The algorithmic foundations of differential privacy. Foundations and Trends in Theoretical Computer Science, 9(3-4), 211-407.
National Institute of Standards and Technology (NIST). (2019). Digital Identity Guidelines: Authentication and Lifecycle Management (SP 800-63B). https://pages.nist.gov/800-63-3/
Open Security Foundation. (2025). DataLossDB – Open database of data breach incidents. https://datalossdb.org/
Gartner Inc. (2025). *Forecast: Public Cloud Services, Worldwide, 2022-2028*. https://www.gartner.com/en/newsroom/press-releases
Cybersecurity Ventures. (2025). Cybercrime Damage Predicted to Reach $8 Trillion Annually by 2025. https://cybersecurityventures.com/cybercrime-damage-6-trillion-by-2021/
Tursunov, O. R., & Xudoyberdiyev, A. M. (2023). Bulutli texnologiyalarda ma’lumotlar xavfsizligi muammolari va ularni hal qilish usullari. Muhammad al-Xorazmiy nomidagi TATU Ilmiy texnik jurnali, 5(2), 67-74. [O‘zbekiston Respublikasi Oliy attestatsiya komissiyasi tomonidan tavsiya etilgan ilmiy jurnal]
Abdullayev, B. S., & Raximova, D. F. (2024). Bulutli muhitda shaxsiy ma’lumotlarning maxfiyligini huquqiy va texnik jihatdan himoya qilish masalalari. Axborot xavfsizligi va axborot texnologiyalari, 3(1), 19-27. [Toshkent axborot texnologiyalar universiteti “Axborot xavfsizligi” kafedrasi]
