Yaser Baseri

Yaser Baseri, Abdelhakim Hafid, Arash Habibi Lashkari

Quantum Computing (QC) threatens the cryptographic foundations of Cloud Computing (CC), exposing distributed infrastructures to novel attack vectors. This survey provides comprehensive analysis of quantum-safe cloud security, examining vulnerabilities, transition strategies, and layer-specific countermeasures across nine architectural layers (application, data, runtime, middleware, OS, virtualization, server, storage, networking). We employ STRIDE-based risk assessment aligned with NIST SP 800-30 to evaluate quantum threats through three transition phases: pre-transition (classical cryptography vulnerabilities), hybrid (migration risks), and post-transition (PQC implementation weaknesses including side-channel attacks). Our security framework integrates hybrid cryptographic strategies (algorithmic combiners, dual/composite certificates, protocol-level migration), cryptographic agility, and risk-prioritized mitigation tailored to cloud environments. We benchmark NIST-standardized PQC algorithms for performance and deployment suitability, assess side-channel and implementation vulnerabilities, and analyze quantum-safe strategies from leading CSPs (AWS, Azure, GCP). The survey delivers layer-specific threat taxonomies, likelihood-impact risk matrices, and CSP-informed deployment roadmaps for cloud architects, policymakers, and researchers. We identify six critical research directions: standardization and interoperability, hardware acceleration and performance optimization, AI-enhanced security and threat mitigation, integration with emerging cloud technologies, systemic preparedness and workforce development, and migration frameworks with crypto-agility.

Yaser Baseri, Vikas Chouhan, Ali Ghorbani

The emergence of quantum computing presents a double-edged sword for cybersecurity. While its immense power holds promise for advancements in various fields, it also threatens to crack the foundation of current encryption methods. This analysis explores the impact of quantum computing on critical infrastructure and cloud services, meticulously evaluating potential vulnerabilities across various layers, including applications, data, runtime, middleware, operating systems, virtualization, hardware, storage, and networks. We advocate for proactive security strategies and collaboration between sectors to develop and implement quantum-resistant cryptography. This crucial shift necessitates a comprehensive approach, and the paper introduces a tailored security blueprint encompassing nine critical infrastructure components. This blueprint strengthens each area's defenses against potential quantum-induced cyber threats. Our strategic vulnerability and risk assessment equips stakeholders with the knowledge to navigate the complex quantum threat landscape. This empowers them to make informed decisions about design, implementation, and policy formulation, ultimately bolstering the resilience of critical infrastructure. In essence, this analysis not only forecasts quantum threats but also offers a sophisticated, actionable framework for fortifying infrastructure and cloud environments against the multifaceted challenges of the quantum era. This proactive approach will ensure continued data security and a thriving digital landscape in the years to come

Hamidreza Fereidouni, Abdelhakim Senhaji Hafid, Dimitrios Makrakis et al.

The proliferation of Internet services has led to an increasing need to protect private data. User authentication serves as a crucial mechanism to ensure data security. Although robust authentication forms the cornerstone of remote service security, it can still leave users vulnerable to credential disclosure, device-theft attacks, session hijacking, and inadequate adaptive security measures. Risk-based Authentication (RBA) emerges as a potential solution, offering a multi-level authentication approach that enhances user experience without compromising security. In this paper, we propose a Federated Risk-based Authentication (F-RBA) framework that leverages Federated Learning to ensure privacy-centric training, keeping user data local while distributing learning across devices. Whereas traditional approaches rely on centralized storage, F-RBA introduces a distributed architecture where risk assessment occurs locally on users' devices. The framework's core innovation lies in its similarity-based feature engineering approach, which addresses the heterogeneous data challenges inherent in federated settings, a significant advancement for distributed authentication. By facilitating real-time risk evaluation across devices while maintaining unified user profiles, F-RBA achieves a balance between data protection, security, and scalability. Through its federated approach, F-RBA addresses the cold-start challenge in risk model creation, enabling swift adaptation to new users without compromising security. Empirical evaluation using a real-world multi-user dataset demonstrates the framework's effectiveness, achieving a superior true positive rate for detecting suspicious logins compared to conventional unsupervised anomaly detection models. This research introduces a new paradigm for privacy-focused RBA in distributed digital environments, facilitating advancements in federated security systems.