**4. Results and discussion**

#### **4.1 Preliminary data**

From our point of view, the specific organizations that solve these problems are the organizations of methodological thinking and methodological work, which

#### *A General Systems Approach to Cloud Computing Security Issues DOI: http://dx.doi.org/10.5772/intechopen.92143*

and with all acuteness ran into the problem of the ratio of natural and artificial in the objects of our activity [45, 51]. None of these problems has been resolved within

The seventh point is an increase in the importance and role of organizational and managerial activity in our entire social life. Its effectiveness depends primarily on scientific support. However, traditional sciences do not provide the knowledge necessary for this activity; this is primarily due to the complex, synthetic, or, as they say, complex, the nature of this activity and the analytical, or "abstract," nature of

The eighth point (also especially important) is the appearance of a new type of science, which could roughly be called "complex sciences." These include the sciences serving pedagogy, design, military affairs, management, etc. Now these complex types of practices are served by chaotic agglomerations of knowledge from various scientific disciplines. But the complexity and versatility of this practice, its orientation at the same time both on normative, artificial, and on implementation, natural plans of activity require a theoretical unification and theoretical systemati-

Contemporary situation in general systems theory looks like the same described by G. Schedrovitsky in 1981 ([1], pp. 88-114). Some additions to this domain make it more clear. An article in Wikipedia [59] pays attention to the point that systems theory is the interdisciplinary study of systems. "The goals of systems theory are to model a system's dynamics, constrains, conditions, and to elucidate principles (such as purpose, measure, methods, tools) that can be discerned and applied to other systems at every level of nesting, and in wide range of fields for achieving opti-

Dubrovsky ([60], p. 20) makes endeavor to reinterpret the system approach of G. Schedrovitsky. Zilberman [61] identifies six types of cultural traditions. The Vedanta scheme characterizes the Indian type of tradition (methodological thinking as actually "understanding"), the mimansa scheme is the Tibetan type (conceptual or "substantive" thinking), and the Vaisheshika scheme is the new European type "imaginative," axiological, or historical thinking. Further, the nyaya scheme characterizes the Hellenic type of tradition (organizational, axiomatic, mathematicaltheoretical, formal-logical thinking), the Sankhya scheme—the Chinese type ("projective," "preformative," praxeological thinking), the yoga scheme—the Japanese type (phenomenological, or existential thinking). All these complex calculations, however, are necessary for Zilberman to label or draw another universal picture of world cultures and civilizations, in the manner of Spengler or Toynbee. Here, rather, a method of intercultural interaction is proposed, with the help of which one can describe any system of culture and at the same time not fall into naturocentrism. By modifying the types of philosophical systems, Zilberman focuses on the ideal of complete modalization of all philosophies so that a "sum of philosophy" arises and the true history of this discipline begins. The thread of modal methodology lies in the fact that for the first time it consciously and intentionally refers not to versions of "reality" as unconditionally natural and therefore problematic for consciousness, but to typological thoughts that it improves. In this sense,

zation of artificial and natural knowledge, which cannot be achieved.

the modal methodology plays the role of Philosophia Universalis [61].

From our point of view, the specific organizations that solve these problems are

the organizations of methodological thinking and methodological work, which

the framework of traditional sciences.

*Cloud Computing Security - Concepts and Practice*

traditional scientific disciplines.

mized equifinality."

**4. Results and discussion**

**4.1 Preliminary data**

**46**

should not be identified either with the philosophical proper or with the scientific forms of organization of thinking and activity.

The methodology takes into account the differences and the multiplicity of different positions of the figure in relation to the object; hence, work with different ideas about the same object, including different professional ideas, in this case, knowledge itself and the fact of their multiplicity, are considered as an objective moment in the research situation.

**Figure 1** depicts four squares, we will call them diagonal (a), triagonal (b), quadrogonal (c), and hexagonal (d) images; they depict a form of research organization of a certain set of practices *E*k. By practices, we mean the entire existing set of activities related to the use of cloud computing, as well as ensuring the security of the use of the cloud. These practices are described within the framework of the *S*<sup>k</sup> description languages that cover them. Note that these languages are different, and translation from one language to another is hardly possible. Means and methods, as well as a description of problem areas and their resolution tasks, are provided by a layer of partial applied methodologies (in the figure they are designated as *PM*k). The triagonal image (b) defines the organizational form of the structure of the simplest scientific subject.

In special logical and methodological studies (see, in particular, [62]; pp. 106-190), it was established that in every scientific subject there are at least nine different epistemological units: (1) problems, (2) tasks, (3) "observable facts," (4) "experimental data," (5) the totality of the general knowledge that is built in this scientific subject, (6) ontological schemes and pictures, (7) models, (8) tools (languages, concepts, categories), and (9) methods and techniques. This is a set of basic blocks of a scientific subject.

Our task is to find a solution to the problem of ensuring the security of cloud computing in some unified system language. To this end, we turn to the quadrogonal image, introducing another layer—the general system-structural methodology (in the figure, it is indicated by the letters GM). As part of this add-in, work is underway to design and prospect the system area including as a part PMk, Sk, and Ek. To the extent that the diagonal image is not complete, the same tetragonal image is also not complete. Let us explain how this layer is built. Following the "Principles and basic schemes of organizing systemic structural studies" ([1], pp. 88-114), we turn to the hexagonal image. It adds two more add-ons, which we marked with the letters R and A, methodological reflection, or auto-reflection (metamethodological area) and audit (the type of methodological research by which the layers of practice, descriptions, applied and general methodology are added and adjusted). The problem areas identified in the layer of private methodologies are also accompanied by a general description that includes, in addition to the technical, engineering, and managerial contexts (determined by the practitioners of experiences), a certain general sociocultural context. This is generated by audits at all levels of the methodological organization, from specific practices to the organization of the design and futures of partial methodologies.

We used the kinematic scheme [60] for organizing methodological work in the field of cloud computing security. The kinematics of the scheme lies in the fact that it combines several methodological schemes, both early in appearance and subsequent ones. The scheme by which David Zilberman tries to build a modal methodology as a sum of methodologies (1973) is supplemented by a scheme of thought activity (1980)([1], pp. 281-298), a scheme of organizing a system-structural methodology (1981) ([1], pp. 88-114), and scheme (2016) that we use when working on the theme of Observation and Audit of the Processes in Experiences with Uncertainty [63] and the scheme (2000) when we were working on the topic of Reflexive Control [64]. We also used our ideas about the inclusion of thinking technologies, such as problematization, objectification, self-determination, and

schematization, in this kinematic scheme, which has an enneadic form. Study of the material allows us to focus on the action plan: Step 1—an idea of organization as a platform for the formation of a space of thinking and activity; the formation of platforms and specific phrases of the principles of organization of activity and ontological pictures and vision through them. There we use techniques presented in [34]. Step 2—the process of self-determination and schematization. The layer of thought activity, its formation and occupation, determination of the order of possible interactions, and communications, as well as reflective exit (mutation). The status of the scheme as the basis for determining the understanding of the texts of communication and capturing the meanings that the text carries on itself. Step 3 from positioning and sketching to objectification. Object as a result of the integration of self-determination, problematization, and schematization. An object as it is and a tool for the deployment of an organizational-activity plan. Step 4—from positioning and schematization through retrospection to problematization. Complex reflective transitions. Problematization is included in the text of thought-communication and serves as a basis for developing a picture of the world, the foundations of existence and individuation. Step 5—inverse processes. The impact of problematization on positioning and re-determination, the movement of a positional structure; the impact of problematization on the schematization and construction of tools that capture a thought from a communication text. Step 6—inverse processes. The impact of objectification on positioning and re-determination, the movement of a positional structure; the impact of objectification on the schematization and construction of tools that capture the idea from the text of communication. Step 7 integral view from the modus of the absolute. Relativity of the absolute, translation of culture and reproduction of activity. Norms and as the ultimate types of absolute and as moments that determine the principles of organization of activity and ontological design, respectively. Step 8—a bridge between self-determination in a positional structure (collective) and objectification and individuation.

methodological design and research over the many private methodologies that authors of articles usually use, relying on the experience of generalizing and concretizing system approaches, and, in particular, expanding geographical and historical boundaries, including system generalizations of intercultural studies and philosophical movements. An attempt is made to disassemble the security problem of cloud computing into a certain number of layers, processes, and technologies of thinking, and to reconnect them into a single whole with the character of thinking

*A General Systems Approach to Cloud Computing Security Issues*

*DOI: http://dx.doi.org/10.5772/intechopen.92143*

The application of the methodological schemes of the general methodology allows us to transfer the body of texts of publications devoted to the security of cloud computing from the category of research and engineering to the category of practical, which would help to solve the problem of the relationship of openness of cloud environments and their protection from external and internal threats. We are strengthening the psychological thinking that underlies the agreement between the cloud computing provider and cloud users, design and research thinking based on substantive genetic logic. Its difference from formal logic is that its starting point is the situation that develops as a result of the functioning and development of a certain system of activity, in this case, the use of computing technologies in the cloud, the organization of this industry, and the provision of a normal

The expansion of the Internet of things with the inclusion of neuro prostheses [65] and nano mechanisms in this circle will give the methodological organization of security research a new meaning and additional significance. The transfer of the global economy (both at the planetary and local levels) to new platforms based on the inclusion of digital technologies in them will mean the isolation of the field of computing and the formation on the basis of cloudy and foggy computing of a sphere that needs proper immunity and its maintenance. The program idea of Society 5.0 will also require additional rethinking of the existing practice of

In our opinion, a systematic approach exists only as a unit and a particular organization of the approach "and the corresponding organization of thinking and activity" appear in the representatives of special sciences only because they borrow the means, methods and ontology of methodological methodology and methodological approach. The goal to combine several different objects could be achieved only by using the means and norms of methodology. The expression "system work," therefore, only describes the structure of methodological work and methodology; thus, we can approach the issue of the specifics of the system approach. If we choose a description in the theory of thinking, we will determine the specifics of systemic thinking. But a system approach can also be described in the means of the theory of activity, and then its specificity will be expressed and fixed differently. Thus, here too we must take into account the moment of multiplicity of possible representations. We have presented a figure in which we have reflected the principles of the methodological approach (**Figure 1(d)**), in which we tried to visualize methodological machine for creating the environment of successful decision of the Cloud Computing Security problems, listed in Section 2, "Literature review."

protecting cloud computing from harmful influences

Authors have no conflict of their interests.

and activity.

functioning mode.

**Conflict of interests**

**49**

If the substantive content is constantly kept in mind, and it is with it that we are obliged to constantly touch and shape it, then it is worth using different techniques.

If time is a decisive factor, then there is a middle ground between security and the speed of the cloud's response to a user's request. In other words, protection has its reasonable limit. And so that the attacker does not violate the integrity of the cloud, its normal functioning, a special kind of work is required with a potential client of this kind. Forcing, for example, to write complex programs for passing defense mechanisms, so that these codes can be used in crypto technologies.

#### **4.2 Limitations**

We limited ourselves to a fragment of an array of publications on the topic of cloud computing and ensuring their security. We did not conduct constructive criticism sufficient to decompose these texts into elements, units of a new assembly. The mention of a certain set of points that the authors of the articles draw attention to serves to approach the problem from different angles. This study is intended for practitioners who could better articulate their requirements for ordering a comprehensive methodological study.

We limited ourselves to take in account those works that will be made at Moscow Methodological Circle [34] concerning the systems and methodology [1].

### **5. Conclusions**

An approach we have developed allows us to identify additional problems in this area and outline a program for their development. We try to build a system of

### *A General Systems Approach to Cloud Computing Security Issues DOI: http://dx.doi.org/10.5772/intechopen.92143*

schematization, in this kinematic scheme, which has an enneadic form. Study of the material allows us to focus on the action plan: Step 1—an idea of organization as a platform for the formation of a space of thinking and activity; the formation of platforms and specific phrases of the principles of organization of activity and ontological pictures and vision through them. There we use techniques presented in [34]. Step 2—the process of self-determination and schematization. The layer of thought activity, its formation and occupation, determination of the order of possible interactions, and communications, as well as reflective exit (mutation). The status of the scheme as the basis for determining the understanding of the texts of communication and capturing the meanings that the text carries on itself. Step 3 from positioning and sketching to objectification. Object as a result of the integration of self-determination, problematization, and schematization. An object as it is and a tool for the deployment of an organizational-activity plan. Step 4—from positioning and schematization through retrospection to problematization. Complex reflective transitions. Problematization is included in the text of thought-communication and serves as a basis for developing a picture of the world, the foundations of existence and individuation. Step 5—inverse processes. The impact of problematization on positioning and re-determination, the movement of a positional structure; the impact of problematization on the schematization and construction of tools that capture a thought from a communication text. Step 6—inverse processes. The impact of objectification on positioning and re-determination, the movement of a positional structure; the impact of objectification on the schematization and construction of tools that capture the idea from the text of communication. Step 7 integral view from the modus of the absolute. Relativity of the absolute, translation of culture and reproduction of activity. Norms and as the ultimate types of absolute and as moments that determine the principles of organization of activity and ontological design, respectively. Step 8—a bridge between self-determination in a posi-

*Cloud Computing Security - Concepts and Practice*

tional structure (collective) and objectification and individuation.

**4.2 Limitations**

**5. Conclusions**

**48**

comprehensive methodological study.

If the substantive content is constantly kept in mind, and it is with it that we are obliged to constantly touch and shape it, then it is worth using different techniques. If time is a decisive factor, then there is a middle ground between security and the speed of the cloud's response to a user's request. In other words, protection has its reasonable limit. And so that the attacker does not violate the integrity of the cloud, its normal functioning, a special kind of work is required with a potential client of this kind. Forcing, for example, to write complex programs for passing defense mechanisms, so that these codes can be used in crypto technologies.

We limited ourselves to a fragment of an array of publications on the topic of cloud computing and ensuring their security. We did not conduct constructive criticism sufficient to decompose these texts into elements, units of a new assembly. The mention of a certain set of points that the authors of the articles draw attention to serves to approach the problem from different angles. This study is intended for practitioners who could better articulate their requirements for ordering a

We limited ourselves to take in account those works that will be made at Moscow Methodological Circle [34] concerning the systems and methodology [1].

area and outline a program for their development. We try to build a system of

An approach we have developed allows us to identify additional problems in this

methodological design and research over the many private methodologies that authors of articles usually use, relying on the experience of generalizing and concretizing system approaches, and, in particular, expanding geographical and historical boundaries, including system generalizations of intercultural studies and philosophical movements. An attempt is made to disassemble the security problem of cloud computing into a certain number of layers, processes, and technologies of thinking, and to reconnect them into a single whole with the character of thinking and activity.

The application of the methodological schemes of the general methodology allows us to transfer the body of texts of publications devoted to the security of cloud computing from the category of research and engineering to the category of practical, which would help to solve the problem of the relationship of openness of cloud environments and their protection from external and internal threats. We are strengthening the psychological thinking that underlies the agreement between the cloud computing provider and cloud users, design and research thinking based on substantive genetic logic. Its difference from formal logic is that its starting point is the situation that develops as a result of the functioning and development of a certain system of activity, in this case, the use of computing technologies in the cloud, the organization of this industry, and the provision of a normal functioning mode.

The expansion of the Internet of things with the inclusion of neuro prostheses [65] and nano mechanisms in this circle will give the methodological organization of security research a new meaning and additional significance. The transfer of the global economy (both at the planetary and local levels) to new platforms based on the inclusion of digital technologies in them will mean the isolation of the field of computing and the formation on the basis of cloudy and foggy computing of a sphere that needs proper immunity and its maintenance. The program idea of Society 5.0 will also require additional rethinking of the existing practice of protecting cloud computing from harmful influences

In our opinion, a systematic approach exists only as a unit and a particular organization of the approach "and the corresponding organization of thinking and activity" appear in the representatives of special sciences only because they borrow the means, methods and ontology of methodological methodology and methodological approach. The goal to combine several different objects could be achieved only by using the means and norms of methodology. The expression "system work," therefore, only describes the structure of methodological work and methodology; thus, we can approach the issue of the specifics of the system approach. If we choose a description in the theory of thinking, we will determine the specifics of systemic thinking. But a system approach can also be described in the means of the theory of activity, and then its specificity will be expressed and fixed differently. Thus, here too we must take into account the moment of multiplicity of possible representations. We have presented a figure in which we have reflected the principles of the methodological approach (**Figure 1(d)**), in which we tried to visualize methodological machine for creating the environment of successful decision of the Cloud Computing Security problems, listed in Section 2, "Literature review."

#### **Conflict of interests**

Authors have no conflict of their interests.

**References**

1995. 800 p

NY; 1972

[1] Shchedrovitsky GP. Selected Works. Moscow: School of Cultural Politics;

*DOI: http://dx.doi.org/10.5772/intechopen.92143*

*A General Systems Approach to Cloud Computing Security Issues*

[10] Xu HJ, Zheng X. Security mechanism of dynamic and differentiated protection for

telecommunications services based on cloud computing. International Journal of Security and Networks. 2018;**13**:4. Online publication date: 31 August 2018

[11] Maharajan K, Paramasivan B. Membrane computing inspired protocol to enhance security in cloud network. The Journal of Supercomputing. 2019; **75**(4):2181-2192. DOI: 10.1007/

[12] Meikang Q, Kung S-Y. Guest editor's introduction to the special issue on security and privacy on clouds. IEEE Transactions on Cloud Computing. 2018;**6**(2):301-302. DOI: 10.1109/

[13] Xu J, Liang C, Jain HK, Gu D. Openness and security in cloud

computing services: assessment methods and investment strategies analysis. IEEE Access. 2019;**7**:29038-29050. DOI: 10.1109/ACCESS.2019.2900889

[14] Sajay KR, Babu SS, Vijayalakshmi Y. Enhancing the security of cloud data using hybrid encryption algorithm. Journal of Ambient Intelligence and Humanized Computing. 2019:1-10. DOI:

[15] Hang W, Hu G-Y, Han X, Qiao P, Zhou Z, Feng Z-C, et al. A new BRB Model for cloud security-state prediction based on the large-scale monitoring data. IEEE Access. 2017;**6**:

[16] Babin B, Zheng J. A Preliminary Study On Emerging Cloud Computing Security Challenges. ACM; 2018. DOI:

[17] De DM, Giaretta A, Dragoni N, Bucchiarone A. Cyber-Storms come

10.1007/s12652-019-01403-1

11907-11920. DOI: 10.1109/ ACCEESS.2017.2779599

10.1145/1235

s11227-018-2629-6

TCC.2018.2790672

[2] Trends in General Systems Theory.

[3] Dezani-Ciancaglini M, Montanari U.

programming. In: Proceedings of the 5th Colloquium (Turin, April 6–8, 1982). Berlin/Heidelberg: Springer; 1982

International symposium on

[4] Farnga M. Cloud Security

future.2018.09.017x

Architecture and Implementation. A Practical Approach. Submitted to Prof Friedman. Towson University— Graduate School; 2018. p. 27

[5] Mohammad W, Das AK, Kumar N, Vasidakos AV. Design of secure key management and user identification scheme for fog computing services. Future Generation Computer Systems. 2019;**91**:475-492. DOI: 10.1016/j.

[6] Guan Y, Shao J, Wei G, Xie M. Data security and privacy in fog computing. IEEE Network. 2018;**32**(5):106-111. DOI: 10.1109/MNET.2018.1700250

[7] Abdulrahman A, Deng Y, Wei G, Lin X. Collaborative security in vehicular cloud computing: A game theoretic view. IEEE Network. 2018;

[8] Pinki S, Sengupta J, Suri PK. Survey of intrusion detection techniques and architectures in cloud computing. International Journal of High Performance Computing and Networking. 2019;**13**:2. Online publication date: 22 January 2019

[9] Ibrahim FAM, Hemayed EE. Trusted cloud computing architectures for infrastructure as a service: Survey and systematic literature review. Computers

& Security. 2018;**82**:196-226

**51**

**32**(3):72-77. DOI: 1-.1109/ MNET.2018.1700329
