DATA PRIVACY AND COMPLIANCE IN CLOUD ENVIRONMENTS: A COMPREHENSIVE FRAMEWORK FOR SECURE MULTI-TENANT CLOUD PLATFORMS

Abstract

This study presents a comprehensive framework for securing multi-tenant cloud platforms, focusing on data privacy and compliance with regulatory standards such as GDPR and CCPA. The framework integrates advanced security techniques, including microservices for tenant isolation, homomorphic encryption for secure data processing, and blockchain-based logging for immutable auditing. The results show that microservices provide the most efficient data isolation, achieving 100% isolation efficiency with zero data leakage, compared to virtual machines and containers. Homomorphic encryption, while introducing significant computational overhead, remains scalable and effective for securing sensitive data, with the overhead increasing with data size. Role-based access control (RBAC) was highly effective in blocking unauthorized access attempts, with the admin role achieving near-perfect blocking efficiency. The framework also demonstrated strong compliance with GDPR and CCPA regulations, ensuring data privacy policies and access rights enforcement were met at nearly perfect levels. Blockchain-based logging proved superior in audit log accuracy and completeness, though it came with a higher processing cost. Finally, the framework was tested for performance under multi-tenant workloads, showing that while throughput decreased with increasing data size, the system maintained reasonable efficiency. This research highlights the effectiveness of combining microservices, encryption, and blockchain for securing multi-tenant cloud platforms, offering a practical solution for organizations facing privacy and compliance challenges in cloud environments. Future work will focus on optimizing encryption techniques and further refining the framework for broader real-world application