TAIYAB KHAN -,SHAKIR ALI IDRISI -,SAQUIB KHAN -

DOI: https://doi.org/10.36948/ijfmr.2024.v06i04.24821

2024-07-20

International Journal For Multidisciplinary Research

Abstract:This document In the rapidly evolving landscape of cloud computing, Software as a Service (SaaS) has emerged as a dominant model for delivering software applications over the internet. However, this model introduces significant security and privacy challenges. This research paper delves into these issues, highlighting the unique risks associated with SaaS platforms. The study explores common vulnerabilities such as data breaches, unauthorized access, data loss, and identity theft, which are exacerbated by the centralized nature of SaaS solutions where data is stored on remote servers managed by service providers. To address these challenges, the paper underscores the importance of robust security measures, including encryption, access controls, and secure software development practices. Additionally, it emphasizes the necessity for SaaS providers to adopt advanced privacy protection techniques like data anonymization and differential privacy to meet user expectations and comply with stringent legal regulations such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Through a comprehensive review of literature and analysis of current SaaS security practices, the research identifies critical risks and provides strategic recommendations for enhancing security and privacy in SaaS environments. By integrating multiple layers of security throughout the software development lifecycle, enforcing strict access management protocols, and ensuring compliance with regulatory standards, SaaS providers can significantly mitigate risks and safeguard sensitive user data. The findings of this study highlight the imperative for continuous improvement in SaaS security strategies to keep pace with emerging threats and technological advancements. Ultimately, by prioritizing security and privacy, SaaS providers can not only protect their users but also gain a competitive edge in the increasingly crowded market of cloud services.

Rashmi Rai,G.Sahoo,S.Mehfuz

DOI: https://doi.org/10.5121/ijccsa.2013.3401

2013-09-10

Abstract:Cloud computing, undoubtedly, has become the buzzword in the IT industry today. Looking at the potential impact it has on numerous business applications as well as in our everyday life, it can certainly be said that this disruptive technology is here to stay. Many of the features that make cloud computing attractive, have not just challenged the existing security system, but have also revealed new security issues. This paper provides an insightful analysis of the existing status on cloud computing security issues based on a detailed survey carried by the author. It also makes an attempt to describe the security challenges in Software as a Service (SaaS) model of cloud computing and also endeavors to provide future security research directions.

Distributed, Parallel, and Cluster Computing,Cryptography and Security

S. Subashini,V. Kavitha

DOI: https://doi.org/10.1016/j.jnca.2010.07.006

IF: 7.574

2011-01-01

Journal of Network and Computer Applications

Abstract:Cloud computing is a way to increase the capacity or add capabilities dynamically without investing in new infrastructure, training new personnel, or licensing new software. It extends Information Technology’s (IT) existing capabilities. In the last few years, cloud computing has grown from being a promising business concept to one of the fast growing segments of the IT industry. But as more and more information on individuals and companies are placed in the cloud, concerns are beginning to grow about just how safe an environment it is. Despite of all the hype surrounding the cloud, enterprise customers are still reluctant to deploy their business in the cloud. Security is one of the major issues which reduces the growth of cloud computing and complications with data privacy and data protection continue to plague the market. The advent of an advanced model should not negotiate with the required functionalities and capabilities present in the current model. A new model targeting at improving features of an existing model must not risk or threaten other important features of the current model. The architecture of cloud poses such a threat to the security of the existing technologies when deployed in a cloud environment. Cloud service users need to be vigilant in understanding the risks of data breaches in this new environment. In this paper, a survey of the different security risks that pose a threat to the cloud is presented. This paper is a survey more specific to the different security issues that has emanated due to the nature of the service delivery models of a cloud computing system.

computer science, interdisciplinary applications, software engineering, hardware & architecture

Salman Iqbal,Laiha Mat Kiah,Nor Badrul Anuar,Babak Daghighi,Ainuddin Wahid Abdul Wahab,Suleman Khan,Miss Laiha Mat Kiah

DOI: https://doi.org/10.1002/sec.1585

IF: 1.968

2016-08-30

Security and Communication Networks

Abstract:Abstract Cloud computing represents the most recent enterprise trend in information technology and refers to the virtualization of computing resources that are available on demand. Cloud computing saves cost and time for businesses. Moreover, this computing process reflects a radical technological revolution in how companies develop, deploy, and manage enterprise applications over the Internet. Virtualized cloud computing mainly offers cloud‐computing delivery models such as software as a service, platform as a service, and infrastructure as a service. Security and privacy are presently considered critical factors in the adaptation of any cloud‐service delivery model. Cloud computing leverages several technologies; in the process, this model can inherit potential security threats. Thus far, security issues in cloud computing have rarely been addressed at the service delivery level. Key security concerns include Web application security, network security, data security, integration, vulnerabilities in the virtualized environment, and physical security. The aim of this research is to comprehensively present the security threats with respect to their cloud service deliver models. This study also determines how service delivery models differ from existing enterprise applications, classify these models, and investigate the inherent security challenges. This study primarily focuses on the security concerns of each layer of the cloud‐service delivery model, as well as on existing solutions and approaches. In addition, countermeasures to potential security threats are also presented for each cloud model. Copyright © 2016 John Wiley & Sons, Ltd.

computer science, information systems,telecommunications

WeiTek Tsai,XiaoYing Bai,Yu Huang

DOI: https://doi.org/10.1007/s11432-013-5050-z

2014-03-12

Science China Information Sciences

Abstract:Software-as-a-service (SaaS) has received significant attention recently as one of three principal components of cloud computing, and it often deals with applications that run on top of a platform-as-a-service (PaaS) that in turn runs on top of infrastructure-as-a-service (IaaS). This paper provides an overview of SaaS including its architecture and major technical issues such as customization, multi-tenancy architecture, redundancy and recovery mechanisms, and scalability. Specifically, a SaaS system can have architecture relating to a database-oriented approach, middleware-oriented approach, service-oriented approach, or PaaS-oriented approach. Various SaaS customization strategies can be used from light customization with manual coding to heavy customization where the SaaS system and its underlying PaaS systems are customized together. Multi-tenancy architecture is an important feature of a SaaS and various trade-offs including security isolation, performance, and engineering effort need to be considered. It is important for a SaaS system to have multi-level redundancy and recovery mechanisms, and the SaaS system needs to coordinate these with the underlying PaaS system. Finally, SaaS scalability mechanisms include a multi-level architecture with load balancers, automated data migration, and software design strategies.

computer science, information systems,engineering, electrical & electronic

DuJian,LuJing,WuDong,LiHuiping,LiJie

IF: 3.5

2013-01-01

Journal of Systems and Software

Abstract:This paper proposes a model with which to analyze the user acceptance of Software as a Service (SaaS). To develop this model, empirical surveys were conducted through four rounds of questionnaires ...

Li-na YE,Lan-fen LIN

DOI: https://doi.org/10.3969/j.issn.1000-3428.2010.22.096

2010-01-01

Abstract:Aiming at the problems of lack finances for the medium and small enterprises and imperfection for the enterprise informationization,this paper analyses the application of Computer Aided Process Planning(CAPP) service for the medium and small enterprises,combines with characteristics of multi-user,configurable and high efficiency for Software-as-a-Service(SaaS) architecture,and presents a design of CAPP service based on SaaS.It offers the more convenient way of accessing the CAPP knowledge,standardizes the CAPP flow,promotes cooperation in the enterprises and enterprises process of informationization.

Lakshmi Sirisha Revadi,Xi Zheng,Yupeng Jiang

DOI: https://doi.org/10.48550/arXiv.1812.03660

IF: 6.4588

2018-12-10

Human-Computer Interaction

Abstract:Software as a Service (SaaS) is well established as an effective model for the development, deployment and customization of software. As it continues to gain more momentum in the IT industry, many user experience challenges and issues are being reported by the experts and end users.

Annanda Rath,Bojan Spasic,Nick Boucart,Philippe Thiran

DOI: https://doi.org/10.3390/computers8020034

2019-05-03

Computers

Abstract:The Cloud is fast becoming a popular platform for SaaS, a popular software delivery model. This is because the Cloud has many advantages over the traditional private infrastructure, such as increased flexibility, no maintenance, less management burden, easy access and easy to share information. However, there are many concerns around issues like system security, communication security, data security, privacy, latency and availability. In addition, when designing and developing Cloud SaaS application, these security issues need to be addressed in order to ensure regulatory compliance, security and trusted environment for Cloud SaaS users. In this paper, we explore the security patterns for Cloud SaaS. We work on the patterns covering different security aspects from system and data security to privacy. Our goal is to produce the security best practices and security knowledge documentation that SaaS developer can use as a guideline for developing Cloud SaaS applications from the ground up. In addition to that, we also provide a case study of security patterns and solutions in AWS and Azure.

Usman Aijaz,Mohammed Abubakar,Aditya Reddy,Abuzar .,Alok C Pujari

DOI: https://doi.org/10.46610/joscnds.2024.v01i01.005

2024-04-26

Abstract:Cloud computing has completely transformed how businesses handle, store, and process data and applications. However, using cloud services brings several security issues that need to be resolved to guarantee the availability, confidentiality, and integrity of critical data. This abstract overviews vital aspects of cloud computing security and highlights emerging trends and research directions. Essential challenges of cloud computing security include ensuring data privacy and confidentiality, maintaining data integrity and trustworthiness, and addressing compliance with regulatory requirements. Identity and access management (IAM) remains a critical area, focusing on enhancing authentication mechanisms and access controls to mitigate the risks of unauthorized access and insider threats. Additionally, active research areas include securing cloud orchestration and management platforms, resilience and availability of cloud services, and addressing the unique security considerations of cloud native technologies. Interdisciplinary collaboration between researchers, industry practitioners, and policymakers is essential to develop innovative security solutions and best practices for cloud computing environments. By addressing these challenges and advancing the state of the art in cloud security, organizations can leverage the benefits of cloud computing while mitigating associated risks and ensuring the protection of sensitive data and resources. In summary, this review paper provides a holistic understanding of cloud computing security, offering insights into current practices, challenges, and future directions for ensuring the confidentiality, integrity, and availability of cloud based systems and data.

Rohit Bhadauria,Rituparna Chaki,Nabendu Chaki,Sugata Sanyal

DOI: https://doi.org/10.48550/arXiv.1109.5388

2013-05-21

Abstract:Cloud Computing holds the potential to eliminate the requirements for setting up of high-cost computing infrastructure for the IT-based solutions and services that the industry uses. It promises to provide a flexible IT architecture, accessible through internet for lightweight portable devices. This would allow many-fold increase in the capacity or capabilities of the existing and new software. In a cloud computing environment, the entire data reside over a set of networked resources, enabling the data to be accessed through virtual machines. Since these data centers may lie in any corner of the world beyond the reach and control of users, there are multifarious security and privacy challenges that need to be understood and taken care of. Also, one can never deny the possibility of a server breakdown that has been witnessed, rather quite often in the recent times. There are various issues that need to be dealt with respect to security and privacy in a cloud computing scenario. This extensive survey paper aims to elaborate and analyze the numerous unresolved issues threatening the Cloud computing adoption and diffusion affecting the various stake-holders linked to it.

Cryptography and Security

Wajid Hassan,Te-Shun Chou,Xiaoming Li,Patrick Appiah-Kubi,Omar Tamer,Tamer Omar

DOI: https://doi.org/10.11591/ijict.v8i3.pp162-183

2019-12-01

Abstract:The emergence of cloud computing has changed perception of all regarding software delivery, development models and infrastructure. Cloud computing has a potential of providing elastic, easily manageable, powerful and cost effective solutions. The rapid transition to cloud computing has fueled concerns on the security issues. The migration of the user’s data and applications in a shared environment of a cloud, where there is a collocation of several users increases security related concerns. Several research efforts have been made in evaluating challenges related to security faced by the cloud computing environments, a number of solutions of such problems have also been proposed. Integrated security solutions should be devised to deal with the increasing security risks. In this paper, a detailed cloud computing survey, key services and concepts are being presented. This paper attempts to evaluate various security threats to cloud computing and a number of security solutions have also been discussed. Furthermore, a brief view of the cloud security regulatory bodies and compliance have also been presented. Despite the research efforts in cloud security field, there are still some open research problems and challenges which are discussed in this paper.

Robail Yasrab

DOI: https://doi.org/10.48550/arXiv.1804.04731

2018-04-13

Abstract:Cloud computing has brought a revolution in the field of information technology and improving the efficiency of computational resources. It offers computing as a service enabling huge cost and resource efficiency. Despite its advantages, certain security issues still hinder organizations and enterprises from it being adopted. This study mainly focused on the security of Platform-as-a-Service (PaaS) as well as the most critical security issues that were documented regarding PaaS infrastructure. The prime outcome of this study was a security model proposed to mitigate security vulnerabilities of PaaS. This security model consists of a number of tools, techniques and guidelines to mitigate and neutralize security issues of PaaS. The security vulnerabilities along with mitigation strategies were discussed to offer a deep insight into PaaS security for both vendor and client that may facilitate future design to implement secure PaaS platforms.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Dr. Satinderjeet Singh

DOI: https://doi.org/10.46431/mejast.2022.5220

2022-01-01

Middle East Journal of Applied Science & Technology

Abstract:The cloud is a network of virtual computers that are linked together and may exhibit and offer computational capabilities continuously depending on certain Service Level Agreements (SLAs) that have been agreed between the parties to a contract between the clients and the internet provider. Cloud computing has several benefits, including endless computational resources, cheap cost, security controls, hypervisor protection, instantaneous elasticity, high throughput, and fault-tolerant solutions with increased performance. Since cloud computing is a comparatively recent computing model, there exists a lot of uncertainty about how well confidentiality of all levels, including host, network, data levels, and implementation, can be achieved. As a result, there still are important obstacles to cloud computing adoption. These constraints include security issues concerning privacy, compliance, and legal issues. When databases and software applications are moved from the cloud to large data centers, data management becomes a major challenge. Numerous security issues may develop while using cloud computing, including issues with privacy and control, virtualization and accessibility issues, confidentiality, management of credentials and identities, authentication of responding devices, and authenticity. In this paper, an effort is made to offer a comprehensive review of data security and threats in cloud computing.

Yunusa Simpa Abdulsalam,Mustapha Hedabou

DOI: https://doi.org/10.3390/fi14010011

2021-12-27

Future Internet

Abstract:Advances in the usage of information and communication technologies (ICT) has given rise to the popularity and success of cloud computing. Cloud computing offers advantages and opportunities for business users to migrate and leverage the scalability of the pay-as-you-go price model. However, outsourcing information and business applications to the cloud or a third party raises security and privacy concerns, which have become critical in adopting cloud implementation and services. Researchers and affected organisations have proposed different security approaches in the literature to tackle the present security flaws. The literature also provides an extensive review of security and privacy issues in cloud computing. Unfortunately, the works provided in the literature lack the flexibility in mitigating multiple threats without conflicting with cloud security objectives. The literature has further focused on only highlighting security and privacy issues without providing adequate technical approaches to mitigate such security and privacy threats. Conversely, studies that offer technical solutions to security threats have failed to explain how such security threats exist. This paper aims to introduce security and privacy issues that demand an adaptive solution approach without conflicting with existing or future cloud security. This paper reviews different works in the literature, taking into account its adaptiveness in mitigating against future reoccurring threats and showing how cloud security conflicts have invalidated their proposed models. The article further presents the security threats surrounding cloud computing from a user perspective using the STRIDE approach. Additionally, it provides an analysis of different inefficient solutions in the literature and offers recommendations in terms of implementing a secure, adaptive cloud environment.

Hamed Tabrizchi,Marjan Kuchaki Rafsanjani

DOI: https://doi.org/10.1007/s11227-020-03213-1

IF: 3.3

2020-02-28

The Journal of Supercomputing

Abstract:Cloud computing has gained huge attention over the past decades because of continuously increasing demands. There are several advantages to organizations moving toward cloud-based data storage solutions. These include simplified IT infrastructure and management, remote access from effectively anywhere in the world with a stable Internet connection and the cost efficiencies that cloud computing can bring. The associated security and privacy challenges in cloud require further exploration. Researchers from academia, industry, and standards organizations have provided potential solutions to these challenges in the previously published studies. The narrative review presented in this survey provides cloud security issues and requirements, identified threats, and known vulnerabilities. In fact, this work aims to analyze the different components of cloud computing as well as present security and privacy problems that these systems face. Moreover, this work presents new classification of recent security solutions that exist in this area. Additionally, this survey introduced various types of security threats which are threatening cloud computing services and also discussed open issues and propose future directions. This paper will focus and explore a detailed knowledge about the security challenges that are faced by cloud entities such as cloud service provider, the data owner, and cloud user.

.Dr. Aakriti Sharma,,

DOI: https://doi.org/10.55041/ijsrem31596

2024-04-25

INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT

Abstract:Cloud computing has revolutionized the way businesses operate, offering unprecedented scalability, flexibility, and cost-efficiency. However, alongside its numerous benefits, cloud computing also presents significant security challenges. This research paper aims to provide a comprehensive comparison of cloud security issues, examining the common threats, vulnerabilities, and mitigation strategies across various cloud deployment models and service types. Through a systematic review of existing literature and case studies, this paper highlights the evolving landscape of cloud security, identifies key challenges, evaluates current solutions, and outlines future directions for research and practice in the field.

Jerry Gao,Xiaoying Bai,W. T. Tsai,Tadahiro Uehara

DOI: https://doi.org/10.1109/sose.2013.98

2013-01-01

Abstract:With the fast advance of cloud computing, developing software-as-a-service (SaaS) is becoming a hot topic in cloud computing and engineering. Due to new features of SaaS applications, SaaS testing becomes an interesting hot topic for both industry and research communities. Although there are a number of published papers discussing cloud testing, there is a lack of research papers addressing new issues, challenges, and needs in SaaS testing. This paper provides a tutorial to discuss SaaS testing, including its concepts, focuses and objective, test process, test environments, and requirements. Moreover, the paper discusses the special SaaS features, and examines the related issues and challenges and needs in SaaS testing.

Farrukh Shahzad

DOI: https://doi.org/10.1016/j.procs.2014.08.053

2014-01-01

Procedia Computer Science

Abstract:The evolution of cloud computing has revolutionized how the computing is abstracted and utilized on remote third party infras- tructure. It is now feasible to try out novel ideas over the cloud with no or very low initial cost. Cloud computing is attractive to companies and organizations as it eliminates the requirement for them to plan ahead for provisioning, and allows them to start with small resources and increase gradually as the service demand rises. There are challenges in adopting cloud computing; but with obstacles, we have opportunities for research in several aspects of cloud computing. One of the main issue is the data security and privacy of information stored and processed at the cloud service provider's systems. In this work, We surveyed several research work on cloud computing related to security challenges and privacy issues. The primary goal of this paper is to provide a better understanding of the security challenges of cloud computing and identify approaches and solutions which have been proposed and adopted by the cloud service industry.