Quantum Computing (QC) threatens the cryptographic foundations of Cloud Computing (CC), exposing distributed infrastructures to novel attack vectors. This survey provides comprehensive analysis of quantum-safe cloud security, examining vulnerabilities, transition strategies, and layer-specific countermeasures across nine architectural layers (application, data, runtime, middleware, OS, virtualization, server, storage, networking). We employ STRIDE-based risk assessment aligned with NIST SP 800-30 to evaluate quantum threats through three transition phases: pre-transition (classical cryptography vulnerabilities), hybrid (migration risks), and post-transition (PQC implementation weaknesses including side-channel attacks). Our security framework integrates hybrid cryptographic strategies (algorithmic combiners, dual/composite certificates, protocol-level migration), cryptographic agility, and risk-prioritized mitigation tailored to cloud environments. We benchmark NIST-standardized PQC algorithms for performance and deployment suitability, assess side-channel and implementation vulnerabilities, and analyze quantum-safe strategies from leading CSPs (AWS, Azure, GCP). The survey delivers layer-specific threat taxonomies, likelihood-impact risk matrices, and CSP-informed deployment roadmaps for cloud architects, policymakers, and researchers. We identify six critical research directions: standardization and interoperability, hardware acceleration and performance optimization, AI-enhanced security and threat mitigation, integration with emerging cloud technologies, systemic preparedness and workforce development, and migration frameworks with crypto-agility.

翻译：量子计算（QC）对云计算（CC）的密码学基础构成威胁，使分布式基础设施暴露于新型攻击向量之下。本综述对量子安全的云安全进行了全面分析，考察了九个架构层（应用层、数据层、运行时层、中间件层、操作系统层、虚拟化层、服务器层、存储层、网络层）中的漏洞、过渡策略及分层应对措施。我们采用与NIST SP 800-30相一致的基于STRIDE的风险评估方法，通过三个过渡阶段评估量子威胁：过渡前（经典密码学漏洞）、混合过渡（迁移风险）和过渡后（PQC实现弱点，包括侧信道攻击）。我们的安全框架集成了混合密码策略（算法组合器、双重/复合证书、协议级迁移）、密码敏捷性以及针对云环境定制的风险优先缓解措施。我们对NIST标准化的PQC算法进行了性能和部署适用性基准测试，评估了侧信道及实现漏洞，并分析了主要云服务提供商（AWS、Azure、GCP）的量子安全策略。本综述为云架构师、政策制定者和研究人员提供了分层威胁分类、可能性-影响风险矩阵以及基于CSP实践的部署路线图。我们确定了六个关键研究方向：标准化与互操作性、硬件加速与性能优化、AI增强的安全与威胁缓解、与新兴云技术的集成、系统准备度与人才发展，以及具备密码敏捷性的迁移框架。