The invention discloses a cloud data security protection method, and belongs to the field of data security. The cloud data security protection method comprises the steps that the leakage protection to cloud data is achieved through data leakage protection; through cloud multi-tenant data security isolation, the leakage prevention of multi-tenant data is achieved, and the problem that a service provider manager views, interpolates and deletes user sensitive data without being authorized is solved; the self-security of a server host is promoted through cloud host security enhancement measures; malicious attack detection, service unified authorization and access control, service request identification and service parameter security check of data services are conducted through a service firewall suite, the security protection to big data is achieved, and the problem of user privacy leakage is solved. Compared with the prior art, according to the cloud data security protection method, all-dimensional security protection to the cloud data can be achieved from four levels, namely, the operation system level, the logical storage level, the data level and the data service level, and the cloud data security protection method has good application and popularization value.