Cloud Security Vulnerabilities: A Comprehensive Survey and Analysis of Risks in IaaS, PaaS, and SaaS Models with Practical Data and Methodology for Mitigating Breaches

Abstract

: Cloud computing has become integral to modern IT infrastructure, offering scalability, flexibility, and cost efficiency. However, its multi-tenant nature and reliance on shared resources present unique security challenges. This study aims to assess the security risks associated with three major cloud service models—Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS)—through both qualitative and quantitative methods. A survey was conducted to gather risk scores from 100 IT professionals, which were then analyzed statistically. The results revealed that the mean risk scores for IaaS, PaaS, and SaaS were 6.21, 6.69, and 7.11, respectively. Descriptive statistics showed that IaaS exhibited greater variability in risk scores compared to PaaS and SaaS. Correlation analysis indicated a moderate positive correlation between IaaS and SaaS (0.72), while the correlations between IaaS and PaaS (0.43) and PaaS and SaaS (0.42) were lower. An ANOVA test revealed no significant differences in the risk scores across the three cloud models (F = 2.53, p = 0.107), suggesting that risk levels were similar. However, regression analysis indicated that cloud model type significantly predicted risk scores (R² = 0.219, p = 0.032), with SaaS exhibiting the highest risk scores. These findings underscore the need for tailored security strategies based on the specific characteristics of each cloud service model, while highlighting the potential of statistical methods in analyzing cloud security risks.