Blockchain‐cloud integration: Comprehensive survey and open research issues

Cloud computing has attracted great interest in various scientific and technical fields recently as one of the widely adopted networking technologies. Despite their many benefits and applications, it still faces many security and trust challenges, including managing and controlling services, privacy, data integrity in distributed databases, data backup, and synchronization. Moreover, due to its centralized architecture, and lack of transparency and traceability, the results of the trust assessment cannot be fully recognized by all users. However, creating a trust‐based transaction environment has become its key factor. Blockchain, with its nature of decentralization and security, can be leveraged to address these challenges and build a distributed and decentralized trust architecture, due to the underlying characteristics such as transparency, traceability, decentralization, security, immutability, and automation. This article makes a comprehensive study of how blockchain is applied to deliver security services in the cloud computing model, focusing on up‐to‐date approaches, opportunities, and future directions. This survey also discusses the benefits of the technical fusion of blockchain and cloud. It provides a classification of proposed systems based on privacy, data sharing, authentication, and access control, as well as auditing and data integrity. Finally, the main conclusions of this study will be the challenges and future directions to stimulate further research in this promising field.

cloud security trust model typically adopts a centralized architecture, resulting in significant management overhead, network congestion, and even a single point of failure.
Moreover, compromised cloud service providers can also pose huge security breach risks to users.For example, a for-profit CSP (cloud service provider) may delete infrequently accessed outsourcing data without users' permission and may even alter some data to gain economic benefits. 3erefore, it is essential to design a schema to verify whether the data stored in the cloud is intact.To ensure the integrity of remote data, many researchers have proposed the use of a private audit between the CSP and the DO (data owner), where the DO generates a challenge to the CSP and verifies the corresponding evidence of the CSP to verify data integrity.However, the limitation of this solution (private audit) is that the verification procedure is only performed by the DO, which means that the DOs will bear a large computational load due to the increase in data volume and audit requests.Due to the inherent nature of the cloud, its security gaps cannot be fully closed despite the development of improved security solutions over the past few years.
As an emerging decentralized framework and distributed computing paradigm, Blockchain is considered an adaptable alternative to establishing a trusted platform due to a few of its features, for example, transparency, traceability, decentralization, security, immutability, and automation.It is a distributed ledger that stores tamper-proof data in the form of a string without going through trusted intermediaries (central authority).Blockchain was first proposed by Nakamoto, 4 which provides a decentralized network, where all nodes are equal and no control center exists.It has been widely accepted that blockchain can not only be used in financial services such as bitcoin but also implemented in application-oriented scenarios. 5 this context, smart contracts are software used to facilitate, verify, and enforce the negotiation of a transaction on a blockchain platform as it introduces the capability of automatic control. 6Since its proposal in 2008, blockchain technology has witnessed a growing integration across various domains, including but not limited to C-ITS (cooperative intelligent transport systems), 7,8 IoT (internet of things), and recently extending into the realm of cloud computing.In fact, to facilitate the growth of cloud computing, we can overcome access control and data security issues by integrating blockchain technology.Table 1 shows the comparison of our survey with other existing surveys.Unfortunately, a concise, service-oriented review of blockchain-cloud integration is missing.For that, this survey focuses on the technical fusion of blockchain and cloud computing and discusses current trends, classifications, and unresolved difficulties.This survey aims to indicate recent research on blockchains that can be used to power cloud systems or these new mechanisms to empower blockchain systems using cloud-based approaches.

Literature review of existing surveys
In recent years, the security of data stored in a cloud environment has attracted the attention of many researchers.According to our review of the existing literature, a blockchain-based approach is currently the most reliable way to achieve distributed and decentralized storage.Several surveys have been published on similar topics in recent years.Table 1 reviews related literature surveys on trust approaches incorporating cloud computing and blockchain technology.These surveys mainly concern the introduction and integration of blockchain technology with cloud computing, 18,20,16 and integrity audit for cloud data. 19These surveys are chosen according to the following main criteria: we have selected recent surveys published between 2019 and 2022, which deal with topics in the field of cloud integration with blockchain to strengthen the level of data security.
Keke et al. 13 conducted a survey that provides recent blockchain studies that can be used to power cloud systems or those new mechanisms that use cloud-based methods to empower blockchain systems.In this study, the authors neglected to compare the diagrams presented nor to identify the limits of each solution.
Although the investigation in Reference 20 presents an overview of the use of blockchain for cloud exchange, they only provide brief introductions on this topic without in-depth investigation, unlike our article.
The survey of Xu et al. 9 focuses on the application of blockchain technology in cloud data security after analyzing the threats in the cloud environment.In this investigation, the authors did not cover the most recent blockchain technology mechanisms, especially those based on decentralized storage techniques.Bharathi et al. 11 briefly introduced cloud computing, and blockchain technology, and discussed the benefits of integrating the blockchain network with a scalable cloud environment.This survey did not cover recent solutions and focused on the benefits that blockchain brings to cloud computing.
Wenjuan et al. 15 conducted a review of blockchain-based trust management approaches in cloud computing systems.Also, they presented a comparison of existing blockchain-based trust approaches.Despite the good analysis, they did not take into consideration several evaluation criteria.
In addition, the study did not consider cloud-stored data integrity audit mechanisms and briefly discussed access control mechanisms.
Although the survey 10 examines the main challenges that can be solved by integrating cloud computing with blockchain technology, it is very short and deals with solutions that have not been updated.
Soumik Sarker et al. 12 presented a review on blockchain-cloud integration services.In this survey, the authors studied the industrial approaches and research approaches of "blockchain as a service" technology, but they did not mention the mechanisms and protocols necessary to show the effectiveness of this technology.
The authors in Reference 14 focused on introducing blockchain-based storage systems and how they work, a comparison of these systems with cloud-based storage networks, and their advantages.Thus, the different techniques of consensus protocols in each group are also explored.
TA B L E 1 Related surveys.However, this survey did not cover recent solutions.Moreover, the authors focus on the theoretical explanation of each mechanism without making an effective comparison.
Jinglin Zou et al. 16 presented an in-depth study of how blockchain is applied to provide security services in the cloud computing model, classifying and discussing them.They lightly discussed proposed solutions to address security challenges in the cloud.Moreover, the study did not take into account the comparison of the methods proposed in the literature or identify their limits.

Motivation and main contributions
Motivated by the above observations, we provide a comprehensive survey of blockchain for storing data in an untrusted environment, services fundamental knowledge, up-to-date approaches, opportunities, research challenges, issues, and future directions.The main objective of this survey is to give an in-depth analysis of the latest research on blockchain technology and its applications in powering cloud systems.The study's most important contributions can be summarized as follows: 1. We identify the most important security policies and requirements associated with using an untrusted cloud service provider and the security issues associated with their use.3. We provide an in-depth comparison of the solutions discussed to identify the strengths and weaknesses of each proposal and to identify the main issues of each architecture that proposes to integrate blockchain technology into cloud computing environments.
4. Finally, we discuss several research challenges, including cloud data access control challenges, cloud user authentication challenges, latency challenges, … , to guide scientists and practitioners, and show them where they should focus their future research.

The organization of the survey
The organizational structure of this survey is shown in Figure 1.Section 2 presents the methodology that we applied to find related articles.In Section 3, we provide an overview of cloud and blockchain technology as well as the motivations behind using blockchain for the cloud.The benefits of using blockchain in several applications and its great potential to improve the security of data stored in the cloud are discussed in the same section.Then, Section 4 provides a comparative analysis of relevant recent works based on different blockchain-based security services in the cloud computing model.Additionally, we synthesize work on cloud integration methods with blockchain.Section 5 highlights and summarizes current research challenges and solutions.Finally, the investigation concludes in Section 6.The acronyms used in this paper are listed in Table 2.

RESEARCH METHODOLOGY
In this section, we describe the methodology used to identify already existing solutions, research directions, and relevant topics related to secure storage and access control of data in a cloud computing environment using blockchain technology.It aims to provide a common classification system that can be shared between security experts and cloud users.We used the PRISMA (preferred reporting items for systematic reviews and meta-analyses) 21 methodology to identify relevant publications to ensure a comparable and in-depth result.

Identification
Many databases, namely, IEEE Xplore, Elsevier, Springer, ScienceDirect, and Wiley database were the main online databases used in the search strategy to find publications.Searches via Google Scholar led to the identification of relevant scientific journal publications and conference proceedings using appropriate keywords and keyword combinations.However, the words "Access control", "Data sharing", "blockchain", and "cloud computing" were used to search the titles, keywords, and abstracts of the research articles.As in some manuscripts access control redefines "user authentication, key management, data integrity", we also concatenated them with "cloud computing" to find more related articles.Subsequently, we adjusted the search strategy and only used the keywords "secure distributed cloud storage" and "blockchain" to retrieve many more articles, which we manually filtered to select the most relevant articles.The search was limited to the years 2018 to 2023, which restricts the scope of our meta-analysis to more recent publications.

Research questions
Before conducting research, it is crucial to understand the research questions.These are the research questions related to trust challenges in cloud computing and the effect of integrating blockchain technology in cloud environments.The literature review aims to find answers to the following research problems and research questions (RQ): 1. RQ1: What are the requirements that need to be met in the specific area of distributed storage in a cloud environment, in order to be an efficient and useful tool and what are the main practical motivations behind cloud-blockchain integration?

Selection process
Table 3 displays the criteria for inclusion/exclusion used during the selection process.These articles for literature review were selected and rejected in three stages.A total of 387 articles were found for "secure cloud storage" and "Blockchain".During the First Selection Stage, 92 articles were eliminated because they were clearly irrelevant, as indicated by their titles.An article will not be deleted unless the title indicates that it goes well beyond the context of the topic related to distributed data storage in a cloud environment.Next, we searched for articles containing relevant keywords, such as "Access control", "Data sharing", "blockchain", and "cloud computing".We also review the abstract of an article and sometimes the content has been revised to understand the topic of the article better.Finally, we performed a paper quality check and removed 221 articles because they are less relevant to our research scope.In this final stage, a total of 74 articles were collected in this study.Figure 2 shows the technical steps of paper classification and provides the main filter classification criteria for the most relevant elements.

BLOCKCHAIN AND CLOUD COMPUTING
Before delving deeper into the state of the art on blockchains in cloud computing, it is necessary to introduce several basic concepts on blockchain technology and cloud systems.Hence, in this section, we will provide a brief background on cloud storage and blockchain operations, followed by highlighting the key advantages that emerge from the integration of blockchain and cloud computing.

Overview of cloud storage
Cloud computing is the use of a network of remote servers to store, manage, and process data on demand from any corner of the world.
Cloud computing applications and services such as data storage are delivered to organizational devices via the Internet. 22Automatic updating of software present in the cloud makes the cloud easily manageable.It also has some limitations due to its rapid growth, which also increases security concerns for cloud developers. 23As user data is stored in a cloud environment and controlled by centralized third parties like in References 24,25, this introduces new security challenges in managing and controlling secure services, privacy, data confidentiality, data backup, synchronization and the procedures necessary for their processing.Therefore, the lack of security in the cloud can lead to a loss of user confidence.F I G U R E 3 Taxonomy of cloud security issues.

Security policies in cloud computing
The use of cloud computing has offered several advantages and has simplified certain tasks, but it has also raised new security issues.There are likely a large number of distinct vulnerabilities that can be exploited by malicious actors, due to various types of data being scattered across the network and stored in a variety of cloud services.Technologies such as data storage outsourcing, virtualization, multi-tenancy, and big data make users fear the risk of privacy leakage, as shown in Figure 3 below.
1. Security of confidential data: Security risks such as leaks of confidential data in the cloud, confidential disclosure, management of access rights, and difficulties in data destruction are particularly important, due to the outsourcing model of services.
2. Cloud data storage:Data security in cloud centers is the responsibility of service providers rather than the user.The information is physically stored on a large number of servers, and the user management of these records is controlled by legal contracts.Concerns about storage, availability, privacy; and other types of security have arisen as a direct result of data management issues.Moreover, the service provider has a monopoly on the formulation of the terms and conditions while the users have no role in the creation of the contract.Additionally, there is a growing need for distributed computing systems to store data in a manner that is both secure and accessible. 26. Identity and access management:Identity and access management, which is a policy-based framework for controlling digital identity within an organization, is one of the major requirements of cloud security.Access management systems to identity are required to take all necessary measures to ensure the security of user credentials during storage and registration, as well as to prevent any possibility of predicting the encryption key with brute force attacks or by cryptanalysis. 27 Authentication:A fundamental authentication method that does not allow access to data from a variety of cloud service providers.Ensuring that only legitimate users have access to data is a challenge for cloud service providers when users need to be able to access their applications from anywhere and from any device such as mobile phones, tablets, laptops, smart TVs, and so forth.In addition, it should be noted that there are various authentication threats and attacks in the cloud environment, such as password discovery attacks, cookie response attacks, man-in-the-middle attacks, medium, and many others.
5. Availability:The centralization of cloud systems can lead to several issues such as single point of failure vulnerability and falsification of data information.Meanwhile, malicious users who have hacked into the system can modify the data as they wish.Additionally, rogue cloud providers may display harassing advertisements when users search for appropriate resources.This highlights the need for a decentralized system.

Security requirement in cloud computing 1. Data sharing
With the opening of the cloud and the sharing of virtualized resources by the multi-tenant, the data of the owners of the data can be accessed by other unauthorized users. 28However, data encryption can improve the security and privacy of data stored in the cloud so that the CSP can schedule data backups.In addition to storing and sharing data reliably, it is also important to transmit data securely between users.Data sharing involves the questions of when and where data is encrypted, when and where it is decrypted, and the methods used to share the encryption key.

Data integrity
Cloud computing has been seen as a good solution to the problem of growing data storage costs. 29A growing number of businesses and individual users are choosing to store and process their data with cloud computing services.Users can access data held by the cloud anytime via the Internet.This means that data integrity may be compromised when stored in the cloud (the likelihood that the data has not been altered or destroyed is not guaranteed).Therefore, one of the critical customer concerns to address is ensuring the integrity and accuracy of their data in the cloud.

Data auditing
For many enterprises and users, the remaining barriers to adopting cloud computing services are related to security.One such significant security issue is the lack of audibility for various aspects of security. 30However, the user must regularly check the integrity of the data, and frequent interaction with the CSP and auditing operations can lead to significant consumption of computer resources.Thus, the user can verify the integrity of outsourced data via a remote public data audit solution.However, the auditing procedure has a large computational load, which employs a third-party auditor (TPA) to perform the auditing task on behalf of the users and the users only need to know the audit results of the TPA.While in most existing public auditing systems, TPA is a centralized party and was considered completely trustworthy, which also raises security risks.For example, if an irresponsible TPA only tells the user that the audit results are correct in every audit without performing an actual audit, the user's data will be at great risk.

Authentication and access control
Identity authentication and access control ensure that participants in cloud marketplaces, including service providers and users, are authenticated legitimate nodes. 31It is undeniable that the identification and authentication mechanisms of systems must deal with vulnerabilities to avoid exposing sensitive information.Moreover, an unreliable access control method can also affect other functions, such as authentication, authorization, and data auditing.A common weakness of traditional access control mechanisms is that they generally require a third-party management center, which can lead to security risks and generally lacks transparency, traceability, inviolability, and governance.

Overview of blockchain technology
The term blockchain was first introduced by Satoshi Nakamoto in Reference 4. Blockchain technology is informally defined as a distributed database (peer-to-peer network) that records all transactions that occur in the network in which smart contracts operate in a decentralized, secure, and reliable manner.Smart contracts 32 are one of the best applications of blockchain technologies and are also crucial in facilitating the negotiation of a transaction without third parties in a blockchain.The history of all transactions is stored in the blockchain, which makes it immutable and very difficult to tamper with.Nowadays, the use of blockchain in cloud computing is one of the most common innovations that can solve the challenges of security, anonymity, and data integrity without any third party in a cloud environment.
Smart contracts: Smart contracts are self-executing contracts launched in 1994 by Nick Szabo, which consist of a group of codes defining the rules governing transactions and are built on an underlying cryptocurrency platform.Users can create their smart contracts in digital form as a series of commitments by writing the logic in a few lines of code to transfer their digital assets without third parties according to predefined arbitrary rules. 33The data present in the block will be executed within the blockchain, which offers reliability, uniqueness, traceability, and irreversibility.
As smart contract data is present in the blockchain, the relationship between the parties is built by rules that establish trust between the parties who do not know each other.Some research offers the results that Ethereum is the best example of building smart contracts. 34Figure 4 gives the representation of the smart contract.

Blockchain platform
In this section, we present the most popular blockchain platforms available, that is, whose code is open source: Bitcoin, Ethereum, and Hyperledger, as illustrated in Table 4.Note that many different cryptocurrencies exist today, 35 comparing cryptocurrency frameworks is beyond the scope of this article, although it is an interesting topic.

Bitcoin
Bitcoin is the first and most popular distributed and widely used blockchain platform that introduced blockchain technology and platform to the world. 4It offers a reliable, fast, and cheap mechanism to conduct digital financial transactions without the need for a central bank or central authority.Bitcoin enables the implementation of smart contacts using a scripting language to create and send transactions to the blockchain network.Bitcoin uses the PoW consensus protocol to verify transactions and therefore consumes a lot of energy.Many other alternative cryptocurrencies and consensus protocols have been proposed and developed due to the success of Bitcoin, including the other platforms reviewed in this study.

Ethereum
Ethereum has proven to be the most well-known platform for creating and using decentralized applications based on smart contracts using an integrated scripting language, named Solidity, which runs on blockchain technology. 36In recent years, Ethereum has had a profound effect on the evolution of blockchain technology.Ethereum makes it possible to apply blockchain technology not only to cryptocurrencies but also to different fields of application due to the simplicity of creating smart contracts.This has made Ethereum the most popular solution for developing reliable, secure, and decentralized blockchain applications.It adapts the proof of stake consensus protocol.Ethereum is also cryptocurrency-based like Bitcoin, that is, it manages budgets (measured in gas and paid for by transaction originators) used to pay for transaction fees and services in the network Ethereum.

Hyperledger fabric
Hyperledger fabric platform is an open-source blockchain infrastructure designed for use in private blockchain systems, it does not have the concept of miners.It is a platform developed under the Linux foundation for use in the enterprise context. 37As the use of blockchain should meet different needs, hyperledger fabric facilitates the creation of smart contracts using general-purpose scripting languages such as Go, Java, and Node.js rather than domain-specific languages (DSL) limited.Thus, it supported pluggable consensus protocols, allowing the platform to be customized for industry-specific use cases.It should also be noted that hyperledger has global collaborations with several companies.In a blockchain network, blocks are encrypted using hashing algorithms.Each block in the network will have a hash key where one block represents all the different transactions.It contains the timestamp of the transaction along with the details of the participants involved in the transaction and the hash key of previous blocks and is linked via them.Therefore, tracing the block via the hash key is comfortable in the blockchain network and provides a complete audit trail.

Immutability
Immutability simply refers to the permanence of data (i.e., the data in the blocks cannot be tampered with because the data in the blocks is linked via the hash key, and changing the data would invalidate subsequent blocks).Instead of relying on centralized authorities, blockchain technology works through a collection of nodes and each node in the network has a copy of the digital ledger.When a transaction is initiated, each node checks the validity of the transaction and if the majority of nodes think it is valid, then it is added to the network. 38

Decentralization
The blockchain network adopts a P2P network which has no governing authority that will be responsible for all decisions.This approach eliminates the communication delay problem in traditional systems where nodes must be validated through a centralized trusted server.Each node realizes self-verification, information transmission, and management through distributed storage, and the newly added node can choose to download all or part of the block data from the old nodes to query or verify the block data.This decentralized approach allows participants to not rely on any third-party management institution or hardware facility that could provide complete privacy to users.

Consensus
The operation of blockchain frameworks is based on associated consensus algorithms, which are responsible for helping the network make quick and unbiased decisions.This makes the validation process of a transaction faster and similar to a voting system where the majority wins and the minority must support it. 39

Data security
The decentralized and immutable nature of blockchain and the use of encryption provide another high level of security to the system.The use of cryptography involves the implementation of complex algorithms that help prevent unauthorized attacks.Every piece of information on the blockchain is hashed, which means that all blocks contain their unique hash and the hash of the previous block.Any attempt to modify the data means modifying all the hash IDs, which is quite impossible, and due to this hash property, the blocks are cryptographically linked to each other.

Consensus algorithms
When a block needs to be added to the blockchain, that block must be verified as valid by all nodes in the network distributed together.Otherwise, some nodes may be maliciously attacked.Consensus algorithms are a kind of protocol that determines which blocks are inserted (added) to the BC and the current state to reach transaction order decisions and filter out invalid transactions.To solve the decision problem, various methods are designed and developed as consensus algorithms.However, in this section, we make a detailed description of the principles of these most important consensus algorithms that are widely used in blockchain networks.Table 5 details a comparison of various consensus models.

Proof of work (PoW)
POW is the first and oldest blockchain consensus algorithm introduced by Nakomoto and is used in Bitcoin. 4 The main purpose of consensus models is to perform many calculations to solve a mathematical puzzle.The miners (i.e., the computer trying to solve the mathematical puzzle) will calculate the value which is equal to or less than the consensus value such that this value has a predefined condition.When a miner hits the target value, they broadcast the block to the entire network and all other nodes must mutually confirm the correctness of the hash value.

Proof of stake (PoS)
PoS offers a lightweight and power-efficient alternative to PoW without wasting resources.In PoS, the age of a coin is its value multiplied by the time period after its creation, that is, the longer a node holds the coins, the more rights it can obtain on the network.Proof of stake (POS) is considered less risky when it comes to the potential of an attack on the network, as the holders of the coins will receive a certain reward based on the age of the coin which makes an attack less advantageous.With the concept of the coin age, the blockchain no longer relies entirely on proof of work and many blockchains plan to gradually transition from PoW to PoS. 40

Delegated proof of stake (DPoS)
DPoS is an advancement of the core concepts of proof of stake and minor node selection is based on delegation.In this process, stakeholders select representatives by vote to validate the blocks.Chosen parties create new blocks one by one as assigned and get rewards.Transactions are finalized faster due to fewer nodes and blocks.The adjunct nodes could reject dishonest stakeholders and the decision is made taking into account the block size and block intervals such that at least 50% of the voting actors believe that decentralization is sufficient.

Practical byzantine fault tolerance (PBFT)
PBFT is like a consensus mechanism introduced in the late 1990s by Barbara Liskov and Miguel Castro that can withstand Byzantine flaws.
In distributed systems, Byzantine fault tolerance is to guard against system failures using collective decision-making that aims to reduce the influence of faulty nodes.In this method, all nodes must participate in the voting process to add the next block, and the consensus is reached when more than two-thirds of the nodes have a favorable opinion on the block.This way, consensus can be achieved faster and more cost-effectively compared to proof-of-work.

Proof of authority (PoA)
This consensus algorithm aims to give a small, designated number of blockchain actors the power to validate transactions or interactions with the network and update its more or less distributed ledger. 41There are many similarities between PoA and PoS, for example, they do not require mining to generate a new block and hence the rights to generate new blocks are granted to nodes that have proven their authority to do so.The disadvantage of this method is the low level of decentralization it has generated.

Benefit of blockchain-cloud integration
Combining blockchain with cloud computing can improve data security, privacy, and traceability.It can create an immutable and transparent transaction ledger, prevent data tampering, and enable secure data access control.Some of the benefits are below as follows: 1.

Adaptability
Blockchain has amazing information processing techniques to have large-scale exchanges in organizations to enable adaptable blockchain services.Due to the scalability capabilities of cloud computing, it can provide on-demand services for blockchain businesses.In this way, an exceptionally versatile coordinated system can be provided with a mixture of blockchain and cloud computing.

Blockchain for secure data sharing and storage
Blockchain, with its decentralized and immutable nature, is capable of supporting reliable data transmissions and data sharing, to solve the security and privacy issues that remain in traditional data transmission protocols.Users, especially organizations, are reluctant to store sensitive information on a system managed by a trusted third party because there are several issues regarding data application security, privacy leaks, and trust crises, as well as the centralized data single point of failure.The cloud provider still faces some challenges in terms of security, although encrypting files before storing them in the cloud is one of the solutions.Some mechanisms should be adopted to control access and ensure the confidentiality of data.Decentralized blockchain can provide the solution to such kind of security issues and help to ensure safe file storage and avoid a single point of failure.However, the combination of the two (blockchain and cloud computing) still faces many challenges, including solutions to the single point of failure problem, congestion and availability issues, the balance between optimizing system performance and decentralization, optimization of the use of resources and reduction of costs, and improvement of the quality of service. 42

Decentralization
Information stored in cloud computing is kept in a centralized server for data management and decision-making, which is one of the major issues from a security perspective; it is possible that this problem can be solved by accepting decentralized blockchain in cloud computing.
Blockchain can solve these problems because in the decentralized framework, the information is stored on many servers, which eliminates the risk of failure of the whole system and there is no more risk of the whole system going down.crash if only one server does it.Moreover, integrating blockchain with cloud computing is a good possible solution for decentralization and could provide complete privacy to users.However, since there is a lot of duplicate information available on different nodes, a lack of information cannot be a problem.

Tolerance for errors
The blockchain requires the replication of information on a network of computer servers firmly connected to each other by collaborative clouds.This will minimize the risk of single failure due to disruption of any cloud node so that the blockchain can provide uninterrupted services and continuous operation.

Scalability
It is very important to have robust powerful data processing services to have high transaction execution, due to the huge number of transactions on large-scale blockchain applications, to enable scalable blockchain services.Thus, we can see that the combination of cloud computing and blockchain can provide a highly scalable integrated system.

Audibility
The most critical threats of cloud storage are privacy leaks and data integrity.Additionally, an auditing scheme based on a trust architecture is becoming increasingly important in the cloud. 43Users can verify the integrity of outsourced data via a remote data audit solution, however, the audit procedure has a heavy computational load, which employs a third-party auditor (TPA) to perform the task of the audit.But, TPA is not so reliable, it may collude with CSP or users to activate economic benefits, or some users may maliciously declare data loss for high compensation.
Meanwhile, the emergence of blockchain technology and its advantage of decentralization, trustless consensus, inviolability, and traceability, can provide a new research idea to solve the problem of mutual trust.With a decentralized public audit scheme for blockchain-based cloud storage, the audit task was assigned to multiple CSPs, and blockchain technology was used to record the audit process.

PRESENT RESEARCH FOCUS
This section comprehensively reviews blockchain-based data sharing and access control approaches for credible interactions in cloud computing environments.Our basis for document classification relies on the methods offered by blockchain to ensure secure sharing and access control of data in different areas of cloud computing applications.As shown in Figure 5, the related solutions are therefore classified into four categories: blockchain-enhanced privacy, blockchain-enhanced data sharing, blockchain-enhanced authentication and access control, and blockchain-enhanced data auditing and integrity.The main techniques used in each category are mentioned in this figure.To select articles with the same topic as our investigation, we used the following keywords; Cloud storage based on blockchain technology, blockchain access control and data auditing, and so forth, and we have selected recent articles published from 2018 to 2023.We analyze and describe the issues covered by the four categories of articles and the solutions that they offer.In each category, we further categorize the items based on application scenarios.The main cloud computing solutions based on blockchain are summarized and compared in Table 6.

Blockchain-enhanced privacy
Privacy is considered highly relevant to data security in the cloud, along with other security attributes that have a positive or negative influence on privacy.Key management forms the basis of all data security since keys ensure the secure transmission of data over an Internet connection.
F I G U R E 5 Blockchain-based data sharing and access control approaches in cloud computing.
Well-protected keys should only be accessible to users who need them, as the loss or compromise of any encryption key would invalidate the data security measures in place.However, to ensure that only authorized users can read or access data, good key management must ensure high levels of security around encrypted data.
In this context, the authors of Reference 44 proposed a decentralized storage mechanism with the Ethereum blockchain to develop a data storage and sharing scheme for decentralized cloud storage systems.Under the proposed framework, shared data is stored in the cloud, while metadata such as hash values or user address information can be kept securely on the blockchain for sharing, to overcome the risks of centralized storage, that is, leakage of sensitive data and a single point of failure.The data holder can encrypt the shared information by specifying the access policy and technique that has been used with fine-grained data access control, and then forwarding the secret key to authorized users.The limitation of this work is that data owners were responsible for all required tasks, from generating secret keys to encrypting files to setting up a secure channel to communicate with another party (users allowed).
However, the paper 45 proposed an accurate blockchain-based timestamp scheme for data outsourcing to solve the traditional timestamp problem that requires a credible third-party provider.This system could guarantee the accuracy, security, and scalability of cloud storage.
Feng et al. 46 proposed a blockchain-based privacy protection scheme based on zero-knowledge proof combined with smart contracts for secure data sharing between data owners and cloud service providers.This scheme stores sensitive data encrypted in the cloud and maintains the hash and digital signature in the blockchain.By combining zero-knowledge proof and smart contracts, they aim at the availability of data between the owner and the requester to protect data privacy.Although in their use case, full data traceability is important, for a fully anonymous data-sharing system the data must be untraceable.Moreover, this model is still in the research phase and has not yet been implemented.
Sukhodolskiy et al. 47 provided the distributed ledger, based on the blockchain to protect the privacy of cryptographic operations such as key generation and access policy assignment.Files are stored in the cloud after being encrypted by the attribute encryption scheme on the user device and the cloud file location, access policies, and additional owner information are recorded in the blockchain, thanks to a smart contract.The system provides all security-significant immutable event logs.Still, these works only consider single-cloud aspects and do not concern themselves with the decentralized sharing of resources across multiple clouds.
Wang et al. 48designed a cloud-assisted consortium blockchain-based framework to store and share electronic health data and maintain privacy using searchable encryption and proxy re-encryption.They defined block and transaction structure implemented primitive cryptographic protocols to store data securely and used public-key encryption with keyword search to ensure data security.Public key encryption with joint keyword search allows data users to search a document containing multiple keywords on a public key encryption setting.Also, only the authorized DR can decrypt the target ciphertext using their private key with the correct file location and keyword.This scheme however cannot be fully efficient as it involves a semi-trusted part which affects the overall security of the architecture and it requires more processing time due to the involvement of proxy servers.mobile devices, and integrates blockchain and cloud storage technologies to collect and share data from dynamic personal health.Instead of storing original data in a blockchain, only raw data metadata is kept in a blockchain, which would overcome the size limitation of large data storage in a blockchain.However, no mechanism to verify the accuracy and integrity of personal health records returned from cloud servers, especially when a user wishes to verify the accuracy and integrity of encrypted personal health records returned from the server cloud, it is necessary to interact frequently with the cloud server, which makes the scheme inefficient in practice.
Wang and Song 57 introduced a new attribute-based record-sharing scheme for medical data systems in addition to the signature concept.They used signature-based verification to verify encrypted data and provide access authorization.For the encryption of medical data, they combined attribute-based encryption (ABE) and identity-based encryption (IBE) with a signature algorithm.They further used identity based signatures (IBS) to implement the digital signatures.However, the limitation of this work is that their scheme suffers from significant computational overhead on the user side.

Summary and open research problems:
Various strategies have been developed to improve the security of data stored in cloud environments, addressing challenges such as scalability, privacy concerns, regulatory compliance, and interoperability with existing systems.For example, blockchain-based cloud data sharing combines the principles of blockchain technology (smart contracts, Merkle tree (MT), advanced cryptography techniques, consensus processes, transparency through synchronized data, decentralization to eliminate single points of failure, efficiency through automation via smart contracts, etc.), to enable secure, transparent and efficient sharing of data stored in cloud environments.Additionally, blockchain services can provide cloud users with full control over their outsourced data, allowing them to determine how to share and protect their information, thereby providing value to users.By employing these shared data security enhancement techniques, users can ensure more reliable and efficient data communication, making them well-suited for real-world applications.However, further optimization is needed to address research gaps, including accounting for smart contract vulnerabilities such as bugs, coding errors, and malicious exploits, leading to unauthorized access.Although blockchain offers promising potential as a transparent communications architecture, it faces challenges related to scalability issues when processing a large volume of transactions, data leakage (smart contracts poorly configured or insecure storage mechanisms), unauthorized access, data breaches, and tampering with data shared in the cloud.Exploring existing storage architectures to identify beneficial concepts and implementing them to overcome these challenges in a cloud environment is an active research area for networking experts to explore.Additionally, collaboration between cybersecurity experts, and blockchain developers is essential to mitigate risks and build trust in cloud data sharing based on blockchain technology.

Blockchain-enhanced authentication and access control
Access control refers to the restriction of activities of legitimate users and authorization 31 is the key technology to protect users' personal and business data in the cloud.Access control management is the fundamental part of trust-based cloud computing.However, centralized access control policies usually require a third-party management center, which can lead to risks of privacy leakage or hacker attacks, such as a single point of failure.
Thanks to the decentralized ledger technology used by the blockchain, all security-related operations are preserved without modification, which makes it possible to overcome security and trust problems and control access well.
As a result, Lin et al. 58 proposed a blockchain-based system for secure mutual authentication to enforce granular access control policies, which provides privacy and security guarantees such as anonymous authentication, audibility, and privacy through using a smart contract.The data is signed with the attribute-based signature (ABS) algorithm to be authenticated anonymously.In addition, the entire application process is carried out through interaction with smart contracts.
Xinlong et al. 59 propose a blockchain-based verifiable user data access control policy for secure storage of big data in the cloud which was analyzed based on the design of a data exchange network between systems that use cloud computing.Although this model allows data to be controlled and detected securely without any risk to its confidentiality using smart contracts, there is no mechanism to identify nodes and the risk of a single point of failure.
Yang et al. 60 proposed a blockchain-based multi-authority attribute-based encryption scheme that enables access control of medical data in a cloud environment.The scheme relies on policy masking technology to protect data privacy.They achieved distributed attribute management and computation of different authorities using Shamir secret sharing and smart contracts.Analysis of this scheme shows that it reduces the computational cost and eliminates the single-point bottleneck problem of traditional ciphertext policy attribute-based encryption (CP-ABE) schemes.
Yang et al 61 used blockchain smart contracts and differential privacy technology to store, verify, and adaptively allocate privacy budget consumption based on data owner requirements, to allow the data owner to control the anonymization process.The amount of noise produced in the obfuscation process represents the privacy budget.Data sharing ends once the privacy budget is exhausted.
Han et al. 62 implemented a flexible and privacy-preserving framework for searchable encryption on Ethereum by orienting blockchain and attribute-based encryption, which enables granular access control.This framework manipulated access control via smart contracts, significantly reducing communication costs.However, they used a centralized trusted third party for key management, which makes their solution semi-reliable.
In Reference 48, the authors proposed a blockchain-based electronic health data sharing system, while security and privacy were maintained by using proxy-based re-encryption and proof-of-trust consensus mechanism.authorization (PoAuth).In this scheme, the cloud server is used for data storage and applies the consortium blockchain so that data integrity and scalability are guaranteed.However, the proposed approach does not deal with the process of mutual authentication and key agreement and cannot fully guarantee the owner's data ownership due to the data provider uploading the data to the cloud server instead of the owner.
In Reference 44, authors designed a decentralized storage system by combining interplanetary file system (IPFS), Ethereum blockchain, and attribute-based encryption (ABE) technologies.In this method, the authors aim to overcome the risks of centralized storage, that is, leakage of sensitive data and a single point of failure.In the proposed framework, before storing data in IPFS, a data owner distributes a secret key to users and encrypts their data according to a predefined access policy to achieve fine-grained access control over cloud data.Smart contracts were designed to implement keyword research in decentralized storage systems.Shared data can be stored in cloud storage, while metadata can be kept securely on the blockchain for sharing.However, if this solution is applied in the internet of things (IoT) scenario, it will not work efficiently due to increased computational overhead.
For secure data sharing, Qin et al. 63 proposed a blockchain-based multi-authority access control scheme, which leverages the consortium blockchain to establish trust between multiple attribute authorities.To avoid a single point of failure, it introduces the Shamir secret sharing scheme and blockchain authority and realizes joint management of each attribute by multiple authorities.Moreover, it builds trust between multiple authorities by using smart contracts to calculate tokens for managed qualities across multiple management domains.The use of smart contracts thus reduces the communication and calculation costs on the side of the data users.However, blockchain technology helped establish trust between multiple network entities and contributed to a secure and auditable record of the access control procedure.
Furthermore, Yang et al. 64 proposed a blockchain-based access control framework, named AuthPrivacyChain, to address the problem that sensitive data is easily tampered with or leaked by hackers or internal cloud managers due to a mechanism of centralized access control in the cloud.
By using the decentralized nature of the blockchain, all transaction-related permissions are posted by the user on the blockchain, enhancing the privacy and security of data applications, which can effectively resist internal and external attacks.However, among the shortcomings of this work is that the experimental results show that only legal users can access the resources, but this paper performed only limited performance testing and compared to two benchmark models.
Chen et al. 65 proposed an integrated framework based on blockchain and cloud storage, to manage and share patients' medical data, and to ensure the safe storage and sharing of data.In addition, they used blockchain as a storage supply chain in which all operations are verified, immutable, and accountable and introduced a service framework for sharing medical records, which protects medical data management applications without violating privacy policies.
The authors of Reference 66 proposed a decentralized and secure blockchain-based architecture to provide access control and user revocation methods in the cloud storage system using the CP-ABE algorithm.The proposed methodology uses the key generation scheme based on two authorities, to solve the single point of failure problem.Access policy details related to keys and users are generated by data owners and authorities in a distributed manner using the blockchain framework (smart contract), while the data is stored in the cloud.However, this solution ensured the privacy of outsourced data by preventing users from accessing the data without the proper credentials.
Zhu et al. 67 proposed an access control system based on a distributed ledger (blockchain) that can effectively check user behavior.The designed system exploits the concept of smart contracts for electronic medical record management and uses elliptic curve cryptography to encrypt health data before storing it in the cloud.To eliminate network congestion, the cloud helps back up medical data while the smart contracts used ensure the privacy of EMRs using cryptographic and access control features.However, they suffer from many drawbacks, such as the need for more processing time due to the involvement of proxy servers and the involvement of a semi-trusted party which affects the overall security of the architectures.

Summary and open research problems:
The integration of blockchain and cloud has notably overcome the limitations of traditional cloud storage.Thanks to blockchain, all security-related operations are kept unchanged, which eliminates access control issues.Introducing strategies such as using smart contracts to automatically record and execute authentication and access control policies, attribute-based signature algorithm (ABS) to authenticate nodes anonymously, Shamir secret sharing system To avoid a single point of failure, has significantly improved access control management.These policies enable effective communication between cloud service providers and users.For example, the decentralized and immutable nature of blockchain technology allows the data owner to have full control over their data without the risk of a one-off outage, while smart contracts ensure automatic access management as well as the detection and sanctioning of bad behavior in cloud computing environments.
By adopting these integration methods, access control management can be carried out securely, ensuring transparent data exchange to cloud resources and improved communication efficiency.However, the solutions mentioned above have some limitations that need to be addressed.
For example, public blockchain networks may struggle to handle the volume of authentication requests generated by cloud users at scale, which degrades network performance and can introduce latency into the authentication process.Additionally, exploitation of smart contract security vulnerabilities can lead to unauthorized access or manipulation of authentication mechanisms.Therefore, future research should address these limitations and optimize the proposed solutions to improve the efficiency and scalability of the authentication and access control mechanism in cloud environments.

Blockchain-enhanced data auditing and integrity
Traditional data integrity auditing techniques used to store data in a cloud computing environment are centralized, which faces huge security risks and vulnerabilities of the central audit server due to the point of a single failure.Blockchain technology is becoming a potential solution due to its properties of immutability and irreversibility which offers a new approach to this problem.Many researchers have endeavored to use blockchain to verify and audit data integrity.
To monitor semi-reliable TPAs, Zhang et al. 71 addressed the challenges of the integrity of user data kept on external cloud storage and asked them to publish their audit logs on the blockchain, to help users monitor untrusted TPAs.Cloud service providers may cover incidents of data corruption to protect the agency's reputation or delete certain data.This data may not have been processed to reduce storage costs.Although these schemes solve the centralization problem of traditional approaches, they are only suitable for single-cloud enabling environments, that is, they increase the additional overhead caused by data duplication.Periodic auditing systems are necessary to prevent possible data tampering.
Li et al. 68 has developed a blockchain-based behavioral auditing framework that records user operations on files and stores file metadata with blockchain and protects data integrity in the cloud through auditing.They also used a proxy node to efficiently search for specific blocks and speed up the querying of block data, since the cloud environment and devices do not fully trust each other.Additionally, to verify integrity, the data owner had to download the entire file and could not afford to require verification from time to time.
Du et al. 75 proposed a storage audit design in decentralized storage networks (DSNs) based on blockchain and zero-knowledge proof to ensure the integrity of outsourced data.The data owner and storage provider reach a consensus on the performance of a storage contract, through a negotiation phase, and the data is audited against the negotiated outcomes specified by the agreed smart contract.After the data has been outsourced to the storage provider, the storage provider is required to calculate the audit proof for the challenge and submit the proof to the blockchain on time.They used smart contracts to manage the negotiation between the customer and the service provider and to perform the auditing process.
Kun et al. 73 have implemented private blockchain-based data validation to solve the security problem caused by using untrusted TPA.Unlike traditional blockchain, which stores data such as financial transactions or smart contracts in the block body, in their approach, each block body stores records formed by a Merkle tree, while the en-block head retains the summary calculated by the previous block, but their solution does not support dynamic verification and requires building and deploying a private blockchain, which is very difficult in practice.
Chen et al. 76 proposed a decentralized public audit system for blockchain-based cloud storage.In their approach, the audit task was assigned to multiple CSPs, and blockchain technology was used to record the audit process.However, they used the structure of the electronic voting system to realize the statistics of the audit results of multiple CSPs through a smart contract, and they assigned the same audit tasks to multiple CSPs and counted the audit results.independent.But, they used a centralized trusted third party for key management, which makes their solution semi-reliable.
Miao et al. 74 use zero-knowledge proof and PoW consensus mechanism during the auditing process to protect user privacy to solve the problem that the cloud server can guess the challenge messages in advance.This scheme could withstand auditor dithering and the risk that a malicious cloud server may guess the challenge messages before the audit time in which the challenge message is generated based on the latest successive block hashes.Therefore, a TPA does not know any additional information about the user's data.
Zhenpeng et al. 77 have implemented a data integrity audit scheme that uses blockchain instead of third-party auditors to ensure data audit reliability.Unlike the traditional binary hash tree, whose structure is linear and a large number of hash operations makes the processing speed unsatisfactory (which generates a large amount of storage overhead), they used a hash tree Quad Merkle that improves compute and storage efficiency.Additionally, to get a faster picture of data integrity, they have deployed smart contracts on the blockchain that allow for automatic verification of auditing activities.However, the client generates a quadruple Merkle hash tree using the data block signatures after encrypting the data, then it sends the root to the blockchain for storage and sends the data encrypted with the Merkle hash tree to the cloud for storage.

Summary and open research problems:
The use of blockchain offers innovative solutions to strengthen user audit and trust and ensure data protection in cloud environments, addressing challenges such as the use of an untrusted third party, the listener framing, and the risk of a malicious cloud server.For example, various reliable auditing techniques are used, such as the Quad Merkle hash tree which improves computing and storage efficiency to ensure the integrity of outsourced data.Additionally, blockchain enables full traceability of data audit activities, ensuring transparency and trust in decentralized data management.Using these data auditing enhancement techniques, blockchain can provide more effective access control management, which builds trust between CSPs and users without any third parties.However, further optimization is needed to address research gaps, including scalability, cost, interoperability, sensitive data protection, and key management.Like most software today, integrity auditing fails to properly balance data sharing and audit security.Additionally, using blockchain can be expensive due to transaction fees and may experience scalability issues when processing a large volume of transactions, which can lead to delays in verifying transactions, compromising thus the responsiveness of the systems audit.DISCUSSION AND COMPARATIVE ANALYSIS In this section, we explain the main comparative results of the solutions described in the previous section.Table 7 shows us the characteristics used to evaluate the level of trust and security of the different solutions in the literature, namely confidentiality, integrity, authentication, access control, the process of sharing the key encryption, and auditing to trust the cloud service provider.Based on previous investigations, we have found that the integration of blockchain and cloud has the following main advantages: Since blockchain is a reliable distributed database, it can be used to store important data generated by different applications with transactions to ensure data integrity and it can also be used to store file metadata.However, using the characteristics of the smart contract, the cloud computing management mechanism can be run automatically, and the blockchain can be used for resource planning, resource distribution, transactions, tracking, auditing, identity management, access control, and authentication.We can further use the cloud to improve the efficiency and performance of the blockchain by using the cloud to store the original data while the blockchain stores the key information, and so forth.On the other hand, as shown in Figure 6, the research orientation of the selected studies shows that several solutions do not take into account some of these characteristics (i.e., no solution satisfies all the evaluation criteria).However, cloud consumers' concerns about information security have caused them to rethink before using cloud services.For this, it is very important to ensure good key management, audit data integrity, and ensure data confidentiality and good access control management.
Figure 7 represents the percentage of satisfaction with the solutions in terms of confidentiality, integrity, auditing, authentication, data access control, and key sharing process regarding the use of blockchain in cloud computing.As shown in the figure, 95% respond to integrity issues, 64% respond to access control issues, and 55%, 50%, and 45% respond to privacy, auditing, and key sharing issues, respectively.However, we observe that only 18% of the proposed solutions elaborate on authentication and identity verification issues.
Assessment of the level of trust and security for each solution.
F I G U R E 7 Comparison of solutions meeting each security criteria.
(Ethereum, Hyperledger, etc.) that allow users to create decentralized applications to manage access control to their data without any trusted third party.The graph clearly indicates that Ethereum platforms constitute the largest section in terms of platforms used as shown in Figure 9.
Although blockchain and cloud integration offer many benefits, it also presents security challenges or vulnerabilities that must be overcome and considered when designing and implementing integrated solutions.To overcome these problems, several authors have worked on cryptographic methods to increase the reliability of data sharing in cloud environments using blockchain technology.These innovative methods make it possible to guarantee the integrity, access control, auditing, confidentiality, and security of data stored and exchanged in the cloud.To meet the growing demands for privacy and security in cloud computing, the authors have created robust solutions by combining blockchain capabilities, such as immutability, transparency, decentralization, and traceability, advanced cryptography techniques.After reviewing many articles on cloud integration with blockchain, it has been observed that these articles have certain advantages and limitations.It is therefore important to carefully consider the various gaps identified in the articles examined during this survey, namely the problems of managing access control between the cloud and the users, the latency problems when processing a large number of transactions, the scalability problem, and the vulnerabilities of smart contracts.According to our study, identifying these gaps provides a better understanding of study limitations and potential biases, thereby enabling a more nuanced interpretation of new lines of research by highlighting areas where additional efforts are needed to fill existing gaps.For example, developers and researchers can use machine learning algorithms to monitor transactions and activities on the blockchain in real time, detecting anomalies that may indicate attempted fraud or compromise.These algorithms aim to strengthen the security and integrity of transactions by leveraging the capabilities of artificial intelligence to analyze and identify suspicious behavior on the blockchain.

RESEARCH CHALLENGES
Based on the review above, we realize that there is still a long way to go before blockchain technology can be applied to cloud data storage.To meet the requirements needed to integrate blockchain into cloud computing, it is important to address the challenges of authentication, scalability, network security, data integrity, verifiable computation, and low latency. 78Figure 10 illustrates the main challenges of this study.
1. Cloud data access control challenge: Using blockchain to provide access control to data stored in the cloud can create a potential loophole (pseudo-anonymity), where the flow of transactions could be tracked to obtain the real identity of cloud users or other relevant 79 information due to the public nature of the blockchain network.Thus, there are security vulnerabilities in the implementation of smart contracts to solve more serious crimes such as identity theft and data theft, 80 which can compromise security in the architecture of cloud data storage based on smart contracts as in References 81,70.For this, researchers are trying to increase the security and reduce the energy consumption of these algorithms because consensus algorithms are a major factor in determining the performance of the blockchain. 82Thus, it is very important to ensure secure access management to control participant access to data stored in the cloud.

Cloud storage consensus optimization challenge:
Although blockchain technology has great potential for handling access control requests in a cloud environment, it can also cause latency issues due to the use of consensus protocols.However, several issues still need to be addressed regarding the development of consensus protocols, as they consume a significant number of computational resources and energy in realistic transactions, resulting in poor system performance and long latency.The objective is to build consensus structures to improve the efficiency of the access management system and secure storage in the cloud in order to save time and money and manage competitors while ensuring scalability, execution, and a higher level of identity, confidentiality, and protection. 83 Scalability challenge: According to Reference 84, scalability remains blockchain's biggest challenge.Due to the growing number of cloud users, several transactions are increasing day by day in the blockchain, which presents additional scalability issues in terms of improving overload capabilities.Rapid elasticity, one of the main characteristics of cloud computing, requires instantaneous scalability of resources, and therefore blockchain is unlikely to work optimally with cloud computing.Many small transactions could be delayed as miners prefer transactions with higher transaction fees.However, this kind of difficulty could lead to increased computing requirements for the entire blockchain system.So it is important to fix the scalability issue.80,85 4. User resource computing power challenge: Blockchain data for cloud user devices is generally computationally constrained, which inhibits the adoption of cryptographic methods.86 Among the performance and security issues is that a large portion of blockchains deploy public critical F I G U R E 10 Main challenges.
cryptosystems based on asymmetric algorithms like ECC, which complicates the overall process of selecting appropriate cryptographic methods.
However, it is worth researching energy-efficient quantum security techniques to maintain data security.Moreover, how to design an efficient data structure that supports dynamic data operations is an important research topic in blockchain-based data storage schemes.

Cloud user authentication challenge:
In traditional centralized cloud systems, user identity data is controlled by a third-party authority, therefore, user verification, authorization, and accountability are also implemented and guaranteed by a centralized authority.With a decentralized blockchain network, identities collaborating and managing flexibly can also face significant challenges.In a blockchain network, anyone can connect to the network and users can obtain an address without presenting their real identity and apply it for any identity authentication.Since users do not provide their true identity to interact with the cloud application and other users, this increases the potential for impersonation. 87 some cloud applications, an actual identity-based user authentication mechanism is needed to control participant access and ensure transactions comply with regulatory requirements.Considering the need for decentralized identity management with accountability and privacy protection is a research gap and an important future research direction.
6. Latency challenge: Nowadays, medical systems are increasingly using cloud computing to store their data.If a patient wants to connect to the cloud, transaction latency represents the time it takes for a blockchain to process a transaction with the cloud.Since all blockchain systems require some time to establish confirmed transactions and consensus, this could aggravate the integration of blockchains into healthcare applications, which must respond to actions and information received simultaneously.Addressing network latency 88 requires that researchers can ensure that proposed or tested designs improve their performance and efficiency to accommodate the increasing volume of transactions that can be projected with the additional implementation blockchain systems. 89 Cloud reputation challenge: Credit ratings can be a good yardstick to assess the reputation of a communications service provider.90 A CSP will receive a specified number of points if they provide legitimate cloud services; otherwise, his points will be deducted.This way, DOs can choose CSPs with high credit ratings to outsource their data for high security.Designing a CSP reputation evaluation mechanism in the cloud schema is a promising direction.
In summary, there is no easy approach to achieving the fusion of the concept of decentralization and the security methods of blockchain technology.It's an environment that still has a lot of work to do.

CONCLUSION
Cloud computing is widely used to process data quickly and offer on-demand services on a pay-as-you-go approach.But nowadays, the exponential growth of data over time significantly influences the complexity of data management.This necessitates implementing effective data management strategies, including storage, backup, and recovery policies, to guarantee data availability and security.Blockchain is one of the newest emerging technologies that is beginning to extend its applicability beyond the realm of cloud computing.It is believed that integrating cloud with blockchain technology can alleviate these security concerns and improve the development and deployment of decentralized applications with high security and efficient network management.So there are many algorithms in all fields to improve cloud computing data security.This study systematically examines cloud data storage methods, critical infrastructure access control issues, cloud security requirements, key security policies associated with the use of untrusted CSPs, and the benefits of integrating blockchain with cloud services.The studies reviewed in this article are promising, but more work is needed for cloud data management and access control.Some evaluation measures are followed in different solutions in the literature to evaluate the level of trust and security.Therefore an investigation was carried out on the different techniques used, the evaluation parameters, and the limitations of the studies examined, which need to be improved.Therefore, we analyzed and compared various solutions to assess the benefits and drawbacks of existing cloud computing solutions concerning the evaluated security parameters.Based on our comprehensive investigation, it becomes evident that certain security aspects require more attention in the cloud domain, notably smart contract security, key management, privacy concerns, and latency issues.Consequently, we propose many possible future directions to stimulate research in this promising area.Moreover, it is imperative to consider various critical factors, including scalability issues when processing a large number of transactions, privacy risks due to the transparent nature of blockchain, risks related to exploiting contract vulnerabilities in smart devices, and the high cost of blockchain transaction fees in terms of access control.We believe that the main results of this investigation will provide theoretical support and practical guidance to researchers and cloud users.

2 .
We define a new classification of blockchain applications in cloud systems.We identify four categories based on their security services: privacy, data sharing, authentication and access control, audit, and data integrity.A critical analysis and open research issues are given at the end of each category to clarify the usefulness of blockchain for each of them.Our classification could help academics and industry improve their understanding of this emerging research area.

F I G U R E 2
Flow diagram of the search process for the article.

Figure 8
Figure 8 represents the classifications of the types of platforms used in the cloud since 2018, we have provided you with a graph illustrating the annual analysis of articles published in digital libraries.Some of the main advantages that blockchain offers to cloud services are the platforms

F I G U R E 8
Year-wise analysis of the use of different blockchain platforms in cloud computing.F I G U R E 9 The distribution of blockchain platforms in existing studies.The results are obtained by quantitative statistics based on their number of appearances in the literature.
Inclusion and exclusion criteria.
TA B L E 4 Comparison of the most popular blockchain platforms.
TA B L E 5 Blockchain consensus algorithm.