Security Challenges\" Please respond to the following: Distributed applications and cloud computing have become a viable option within the LAN-to- WAN Domain. Discuss the primary challenges related to maintaining the security of both applications and data in such an environment. Describe the controls that are needed to ensure the security of distributed applications and data. Identify the auditing approach that you believe is best suited to this arrangement. Provide a rationale for your response. No plagiarism please. Solution Challenges in Distributed applications : 1) Computational problems:- Those kind of problems which cannot be resolved within a specific amount of time on a single computer. 2) Scalability:- The system has to remain effective enough so that it can handle the increase in the number of resources and users. 3) Security:- In Distributed applications, the possible threats could be the information leakage, integrity violation, DoS(Denial Of Services) , illegitimate usage of the system. 4) Concurrency:- The shared access to the resources should be handled properly. Challenges in Cloud computing : 1) Security & Privacy:- The fact that the organization\'s data will reside outside the organization\'s firewall really raises a serious concern. Various types of attacks including hacking may affect multiple clients even if only one site is attacked.These risks has to be mitigated by using proper security applications, encrypted file-systems, using a proper storage devices to track unsual activity across the servers . 2) Loss of control over sensitive data:- The sensitive data that are stored in the servers has to be properly controlled. 3) Reliability and Availability:- The frequent outages has to be avoided here. It is very important to monitor the activity of servers using monitoring tool. The controls that are essential to prevent security threats in distributed applications and data include: 1) The control should protect data and integrity of system in case of invalid operation on secured data:- In case, a user tries to enter invalid data into the system, the control should protect the system from such operations. 2) Unauthorized invocations should be rejected by security control. 3) Efficient protection against unauthorized users:- Unauthorized access request by non-system users should be rejected by the control. The auditing approach should firstly start by ensuring data integrity that is associated with application. Control should specify the operation that can be invoked only by authorized person while rejecting access to unauthorized users when the data resources are accessed. Irrespective of operation, control should select only that user which can be allowed access while restricting others non-system users. Rules should be strictly followed by control and on the basis of defined rules, users access should be granted or denied..