SlideShare a Scribd company logo
1 of 3
Download to read offline
International Journal of Trend in Scientific Research and Development (IJTSRD)
Volume 4 Issue 6, September-October 2020 Available Online: www.ijtsrd.com e-ISSN: 2456 – 6470
@ IJTSRD | Unique Paper ID – IJTSRD33379 | Volume – 4 | Issue – 6 | September-October 2020 Page 423
Security Issues on SAAS Model of Cloud Computing
Vikas Kumar1, Ms. Deepali Shahane2
1Student, 2Assistant Professor,
1,2Bharati Vidyapeeth Institute of Management and Information Technology, Navi Mumbai, Maharashtra, India
ABSTRACT
Cloud computing nowadays, In IT trade has become unsecure. Its impact on
various business application is threat for our organization. Multiple options
that create cloud computing enticing have simply defiance the prevailing
security system; however, they uncover new security problems. This paper
provides an information about challenges and issues that we face while using
cloud software’s or applications.
KEYWORDS: Cloud Computing, Insecurity in SAAS, ancient Security Issues
How to cite this paper: Vikas Kumar | Ms.
Deepali Shahane "Security IssuesonSAAS
Model of Cloud Computing" Published in
International Journal
of Trend in Scientific
Research and
Development (ijtsrd),
ISSN: 2456-6470,
Volume-4 | Issue-6,
October 2020,
pp.423-425, URL:
www.ijtsrd.com/papers/ijtsrd33379.pdf
Copyright © 2020 by author(s) and
International JournalofTrendinScientific
Research and Development Journal. This
is an Open Access article distributed
under the terms of
the Creative
CommonsAttribution
License (CC BY 4.0)
(http://creativecommons.org/licenses/by
/4.0)
1. INTRODUCTION
Many experts and researcherwrittenaboutcloudcomputing
and they believe that it’s a revolutionary change in the
history of internet. Consistent with Gartner [1], cloud
computing can be describe as - a form of computinginwhich
different web based application are used by the client who
make use of web technologies. consistent withtheSercombe
[2] and National Institute of Standards & Technology [3],
Cloud computing include SAAS (software as a service) and
more three cloud delivery model. Software as a service in
which service provider host the application within its
datacenter and provide license to users for using this
application over internet. The main aim of this paper is to
focus on the security issues of cloud delivery model.
2. MISTAKES AND REALITY
Now cloud computing proved that cloud based application
are most advance and revolutionaryinitiativeininformation
technology. cloud based applicationareavailableatverylow
cost and easy to use, but on the other hand we think that it
breach our personal data. Many businesses depend on their
service provider who host web applicationandprovidetheir
confidential data to service provider which encourage the
data breaching.
3. SECURITY ISSUES IN SAAS
In SAAS concept, business completely depend on service
provider and think that service provider takes all
precautions to protect their data, but instead businesses
must ensure the right security measures [4]. According to
the definition of SAAS, when client move from old
application to new application. Then, he need to ensure
about new application safety measures and condition
instead of focusing on application replacement [2]. Client
Data is available on database whichishost bytheapplication
vendor. Service provider can use private server or can use
public server for to deploy their application (e.g Google or
Amazon etc.) Sometimes service provider store data on
different server to maintain availability of data which
challenge the security of data.
Figure 1: Security problems in field of SaaS by Kannan
Subbiah [22]
IJTSRD33379
International Journal of Trend in Scientific Research and Development (IJTSRD) @ www.ijtsrd.com eISSN: 2456-6470
@ IJTSRD | Unique Paper ID – IJTSRD33379 | Volume – 4 | Issue – 6 | September-October 2020 Page 424
3.1. Former Security Challenges
Some Old communication security challengesalsoappliedto
cloud computing. Cloud computing generate some new
security threat, but some old security problems also affect
cloud computing.
3.1.1. Validation
Validating credential system for corporate use is very
essential and need some update to meet security
requirements. Some task are become very hard to perform
because system is present on cloud.
3.1.2. Availableness
The availability of data at the time of need played very
crucial role in cloud computing. Service provider mainly
focus on availability of data. To ensure Fetchinganddelivery
of data should be faster, service provider store data on
different server and also maintain speed of internet.
3.1.3. Information privacy
Information privacy can be define as the precaution of
unapproved leak of information. Privacy in terms of cloud
computing refer to copy rights of essential information or
any pictures etc. [10]. SAAS include fetching and delivery of
data from cloud server through internet which is host bythe
service provider. Fetching and deliver of data may include
text, videos, pictures etc.
3.1.4. Virtual Machine Concern
Virtualization is temporary revolutionary change in
information technology. As virtualization increasing day by
day generating more threat to data privacy [6]. Different
machines used for virtualization may have vulnerable, as
exemplified by [7] Such unsecure machine can affect the all
users in terms of data privacy. One of the most usable
elements of a cloud is virtualization.However,thisgenerates
major security risks & problems. At same time different
applications running on same machine which is theexample
of virtualization.
3.2. CHALLENGES IN CLOUD COMPUTING
3.2.1. Network Privacy
When fetching and delivery of data takes place takes place
between user and vendor through internet network that
network must be secured as per latest terms and condition.
This network must include encryption techniques.Thiskind
of techniques include security protocol which encrypt data
between browser and server like SSL (Secure Socket Layer
Security) and TSL (Transport Socket Layer Security) [8].
However, many unauthorized user can steal data if network
is weak or unsecure.
3.2.2. Resource spot
When users registered with provider for particular web
application without even knowing where the machines are
located for that particular services. As we already know
about that different countries have different laws for cyber-
crime. [9]. Many standards or policies are published by
European union in the interest of customers to protect
customer privacy in information technology under
95/46/EC [10]. Different countries have different rules
which is not applied on other country and does not
guarantee the security of data for that particular country.
3.2.3. SAAS model standards
To make stability between users and provider there are
some standards in cloud computing. Standards that created
for the welfare of both customer and provider, Following
standards are listed in the field of cloud computing list as
follows IEEE Cloud Model Usual Study cluster [11], ITU
Cloud Computing Focus cluster [12], Cloud Safety Alliance
(CSA), Distributed ManagementTask Force[13],andStorage
Networking trade Association [14].
3.2.4. Fetching of Data
Fetching of data from cloud server in different organization
has different security standards. In particular organization
different data restrictions are applied to different level of
employee. [15]. These standards are made to protect any
unsecure access of data [16]. The Cloud model policies must
be mature to accept the policies of particularorganizationas
per security concern.
3.2.5. Internet application privacy
SAAS is a encrypted format that place on network. When
users request data from cloud the request is encrypted and
travel through secure network to destination. Server send
encrypted reply to users. Any malicious user can stealdataif
data is travel through unsecure network. Most important
requirement of saas is internet [17]. The encrypted dataasa
service resides within the cloud while not moorage with the
particular users. When data is requested by particular user
then available data within the cloud modified and sent to
user [18]. All this process of data encryption and decryption
challenge data privacy.
3.2.6. Information Security Concern
Multiple organizations and businesses data are available on
cloud at same time if any attack to cloud environmentthenit
put all the organizations data at risk [20].
3.2.7. Cloud Security Agreement (CSA)
CSA contract contain multiple standards for the welfare of
both client and provider which include quality of service,On
time delivery, Security of Data etc. When Company or
Organization sign cloud security agreement they need to go
through entire agreement for security reasons. Otherwise
incomplete knowledge about agreement can leadtosecurity
threat.
4. CURRENT SECURITY SOLUTIONS
There are many researcher doing research for the security of cloud computing. Multiple organizations or business want to
invent new security policies and standards in the area of cloud computing. There are multiple organization that allow the
individual to take part in the discussion of cloud security on existing and future solution. [5].
International Journal of Trend in Scientific Research and Development (IJTSRD) @ www.ijtsrd.com eISSN: 2456-6470
@ IJTSRD | Unique Paper ID – IJTSRD33379 | Volume – 4 | Issue – 6 | September-October 2020 Page 425
Sr. No. Security Fields Existing/Future Solutions
1 Validations ➢ Two Methods Validations.
2 Accessibility ➢ Data Distribution.
3 Information privacy ➢ Attribute primarily based Proxy Re-encryption.
4 Virtual Machine Safety
➢ Keep updating your physical machine
➢ Analysis on Virtual Machine Safety.
5 Data Privacy ➢ Data Privacy Threat managing Structure.
6 Internet Safety ➢ Encrypted Web Safety for between user and provider.
7 Web Application policies
➢ Adoption of some old communication policies.
➢ Enhancement from data security point of view.
8 Requesting or exchanging information on cloud
➢ Multiple request handling.
➢ Managing information request structure.
9 Protection of saas services ➢ Antivirus for online services.
Table 1: Current solutions accessible in the area of cloud computing
5. CONCLUSION
Undoubtedly, cloud computing prove that it has numerous
advantage, but on other side some problems need solution.
At current stage IT sector more dependent on cloud based
application, then also many issues remain untouched on
which need to be sorted. Many changes require in Cloud
security agreement for the welfare of users and provider. As
well as there is need of some cloud security global policies
which will applied to all over the world.
REFERENCES
[1] Heiser J. (2009) what you want to grasp concerning
cloud computing security and compliance, Gartner,
Research, ID Number: G00168345.
[2] Seccombe A.., HuttonA,MeiselA,WindelA,Mohammed
A, Licciardi A, (2009). Security steering for crucial
areas of focus in cloud computing, v2.1 Cloud Security
Alliance, 25 p
[3] Mell P, Grance T (2011) The National Institute of
Standards and Technology definition of Cloud
Computing. NIST, Special Publication 800–
[4] Choudhary V. (2007). A coding system as a service:
implications for investment in coding system
development. In: International conference on system
sciences, 2007, p. 209.
[5] Cloud Security Alliance. Security steering for crucial
areas of focus in cloud computing Version2.1.(2009),
http://www.cloudsecurityalliace.org/guidance/cs
aguide.pdf
[6] Amazon. Amazon Elastic reason Cloud (EC2).
[7] Secunia. Xen multiple vulnerabilities; 2011
[8] Amazon. Amazon Elastic reason Cloud (EC2), 2010
/http://www.amazon.com/ ec2/S
[9] Soft layer. Service Level Agreement and MasterService
Agreement, 2009 http://www.softlayer.com/sla.html
[10] World organization. Directive 95/46/EC of the
European Parliament and of the council of twenty-four
Gregorian calendar month 1995 on the protection of
individuals with connectednessthemethodofpersonal
data and on the free movement of such data; 1995.
[11] IEEE CCSSG. IEEE Cloud Computing traditional Study
cluster
[12] ITU, 2013. Cloud Computing Focus cluster.
[13] DTMF, 2013.Distributed Management Task Force.
.[Accessed: Jan 2013]
[14] SNIA. (2013).Storage networkingbusinessAssociation.
[15] Kormann D, Rubin A. (2000) Risks of the passport
single sign-on protocol. Computer Networks 2000;
thirty 3 (16) : 51–8.
[16] Blaze M, FeFeigenbaum J, Ioannidis J, Keromytis AD.
The role of trust management in distributed systems
security, secure net programming, problemsformobile
and distributed objects. Berlin: Springer-Verlag;
1999.p.185–210
[17] Zalewski M. Browsers security handbook, 2009
/http://code.google.com/p/browsersec/S.
[18] Subashini S, Kavitha V. A survey on security problems
in commission delivery models of cloud computing. J
Network Comput Appl (2010),
DOI:10.1016/j.jnca.2010.07.006
[19] OWASP. (2010) The 10 most crucial internet
application Security risks
https://www.owasp.org/index.php/Category:OWASP_
Top_Ten_Project
[20] Claude Bernard Golden. Shaping non-public clouds,
2009/http://www.cio.com/article/492695/Defining_P
rivate_Clouds_Part_One
[21] Raj H, Nathuji R, Singh A, England P. Resource
management for isolation increased cloud services. In:
Proceedings of the 2009 ACM workshop on cloud
computing security, Chicago, Illinois, USA, 2009P.
[22] SecurityIssues.https://pt.slideshare.net/goldsun/saas-
challenges-security-concerns-11054493/18

More Related Content

More from ijtsrd

The Impact of Educational Background and Professional Training on Human Right...
The Impact of Educational Background and Professional Training on Human Right...The Impact of Educational Background and Professional Training on Human Right...
The Impact of Educational Background and Professional Training on Human Right...ijtsrd
 
A Study on the Effective Teaching Learning Process in English Curriculum at t...
A Study on the Effective Teaching Learning Process in English Curriculum at t...A Study on the Effective Teaching Learning Process in English Curriculum at t...
A Study on the Effective Teaching Learning Process in English Curriculum at t...ijtsrd
 
The Role of Mentoring and Its Influence on the Effectiveness of the Teaching ...
The Role of Mentoring and Its Influence on the Effectiveness of the Teaching ...The Role of Mentoring and Its Influence on the Effectiveness of the Teaching ...
The Role of Mentoring and Its Influence on the Effectiveness of the Teaching ...ijtsrd
 
Design Simulation and Hardware Construction of an Arduino Microcontroller Bas...
Design Simulation and Hardware Construction of an Arduino Microcontroller Bas...Design Simulation and Hardware Construction of an Arduino Microcontroller Bas...
Design Simulation and Hardware Construction of an Arduino Microcontroller Bas...ijtsrd
 
Sustainable Energy by Paul A. Adekunte | Matthew N. O. Sadiku | Janet O. Sadiku
Sustainable Energy by Paul A. Adekunte | Matthew N. O. Sadiku | Janet O. SadikuSustainable Energy by Paul A. Adekunte | Matthew N. O. Sadiku | Janet O. Sadiku
Sustainable Energy by Paul A. Adekunte | Matthew N. O. Sadiku | Janet O. Sadikuijtsrd
 
Concepts for Sudan Survey Act Implementations Executive Regulations and Stand...
Concepts for Sudan Survey Act Implementations Executive Regulations and Stand...Concepts for Sudan Survey Act Implementations Executive Regulations and Stand...
Concepts for Sudan Survey Act Implementations Executive Regulations and Stand...ijtsrd
 
Towards the Implementation of the Sudan Interpolated Geoid Model Khartoum Sta...
Towards the Implementation of the Sudan Interpolated Geoid Model Khartoum Sta...Towards the Implementation of the Sudan Interpolated Geoid Model Khartoum Sta...
Towards the Implementation of the Sudan Interpolated Geoid Model Khartoum Sta...ijtsrd
 
Activating Geospatial Information for Sudans Sustainable Investment Map
Activating Geospatial Information for Sudans Sustainable Investment MapActivating Geospatial Information for Sudans Sustainable Investment Map
Activating Geospatial Information for Sudans Sustainable Investment Mapijtsrd
 
Educational Unity Embracing Diversity for a Stronger Society
Educational Unity Embracing Diversity for a Stronger SocietyEducational Unity Embracing Diversity for a Stronger Society
Educational Unity Embracing Diversity for a Stronger Societyijtsrd
 
Integration of Indian Indigenous Knowledge System in Management Prospects and...
Integration of Indian Indigenous Knowledge System in Management Prospects and...Integration of Indian Indigenous Knowledge System in Management Prospects and...
Integration of Indian Indigenous Knowledge System in Management Prospects and...ijtsrd
 
DeepMask Transforming Face Mask Identification for Better Pandemic Control in...
DeepMask Transforming Face Mask Identification for Better Pandemic Control in...DeepMask Transforming Face Mask Identification for Better Pandemic Control in...
DeepMask Transforming Face Mask Identification for Better Pandemic Control in...ijtsrd
 
Streamlining Data Collection eCRF Design and Machine Learning
Streamlining Data Collection eCRF Design and Machine LearningStreamlining Data Collection eCRF Design and Machine Learning
Streamlining Data Collection eCRF Design and Machine Learningijtsrd
 
Cyber Ethics An Introduction by Paul A. Adekunte | Matthew N. O. Sadiku | Jan...
Cyber Ethics An Introduction by Paul A. Adekunte | Matthew N. O. Sadiku | Jan...Cyber Ethics An Introduction by Paul A. Adekunte | Matthew N. O. Sadiku | Jan...
Cyber Ethics An Introduction by Paul A. Adekunte | Matthew N. O. Sadiku | Jan...ijtsrd
 
Algorithm of Minds AoM Algorithms That Control You
Algorithm of Minds AoM Algorithms That Control YouAlgorithm of Minds AoM Algorithms That Control You
Algorithm of Minds AoM Algorithms That Control Youijtsrd
 
Rural Tourism Post COVID 19 Perspectives and Possibilities
Rural Tourism Post COVID 19 Perspectives and PossibilitiesRural Tourism Post COVID 19 Perspectives and Possibilities
Rural Tourism Post COVID 19 Perspectives and Possibilitiesijtsrd
 
The Pleistocene Delta of the Old Al Balatah River System, Northeastern Libya ...
The Pleistocene Delta of the Old Al Balatah River System, Northeastern Libya ...The Pleistocene Delta of the Old Al Balatah River System, Northeastern Libya ...
The Pleistocene Delta of the Old Al Balatah River System, Northeastern Libya ...ijtsrd
 
Effects of Anglophone Crisis on the Mental Health of Teachers in Bui Division...
Effects of Anglophone Crisis on the Mental Health of Teachers in Bui Division...Effects of Anglophone Crisis on the Mental Health of Teachers in Bui Division...
Effects of Anglophone Crisis on the Mental Health of Teachers in Bui Division...ijtsrd
 
A Review Article on “Structural Audit and Rehabilitation of Old Building in B...
A Review Article on “Structural Audit and Rehabilitation of Old Building in B...A Review Article on “Structural Audit and Rehabilitation of Old Building in B...
A Review Article on “Structural Audit and Rehabilitation of Old Building in B...ijtsrd
 
One Bharat, One Democracy Fostering Unity Amidst Diversity
One Bharat, One Democracy Fostering Unity Amidst DiversityOne Bharat, One Democracy Fostering Unity Amidst Diversity
One Bharat, One Democracy Fostering Unity Amidst Diversityijtsrd
 
Collective Bargaining and Employee Prosocial Behaviour in the Hospitality Sec...
Collective Bargaining and Employee Prosocial Behaviour in the Hospitality Sec...Collective Bargaining and Employee Prosocial Behaviour in the Hospitality Sec...
Collective Bargaining and Employee Prosocial Behaviour in the Hospitality Sec...ijtsrd
 

More from ijtsrd (20)

The Impact of Educational Background and Professional Training on Human Right...
The Impact of Educational Background and Professional Training on Human Right...The Impact of Educational Background and Professional Training on Human Right...
The Impact of Educational Background and Professional Training on Human Right...
 
A Study on the Effective Teaching Learning Process in English Curriculum at t...
A Study on the Effective Teaching Learning Process in English Curriculum at t...A Study on the Effective Teaching Learning Process in English Curriculum at t...
A Study on the Effective Teaching Learning Process in English Curriculum at t...
 
The Role of Mentoring and Its Influence on the Effectiveness of the Teaching ...
The Role of Mentoring and Its Influence on the Effectiveness of the Teaching ...The Role of Mentoring and Its Influence on the Effectiveness of the Teaching ...
The Role of Mentoring and Its Influence on the Effectiveness of the Teaching ...
 
Design Simulation and Hardware Construction of an Arduino Microcontroller Bas...
Design Simulation and Hardware Construction of an Arduino Microcontroller Bas...Design Simulation and Hardware Construction of an Arduino Microcontroller Bas...
Design Simulation and Hardware Construction of an Arduino Microcontroller Bas...
 
Sustainable Energy by Paul A. Adekunte | Matthew N. O. Sadiku | Janet O. Sadiku
Sustainable Energy by Paul A. Adekunte | Matthew N. O. Sadiku | Janet O. SadikuSustainable Energy by Paul A. Adekunte | Matthew N. O. Sadiku | Janet O. Sadiku
Sustainable Energy by Paul A. Adekunte | Matthew N. O. Sadiku | Janet O. Sadiku
 
Concepts for Sudan Survey Act Implementations Executive Regulations and Stand...
Concepts for Sudan Survey Act Implementations Executive Regulations and Stand...Concepts for Sudan Survey Act Implementations Executive Regulations and Stand...
Concepts for Sudan Survey Act Implementations Executive Regulations and Stand...
 
Towards the Implementation of the Sudan Interpolated Geoid Model Khartoum Sta...
Towards the Implementation of the Sudan Interpolated Geoid Model Khartoum Sta...Towards the Implementation of the Sudan Interpolated Geoid Model Khartoum Sta...
Towards the Implementation of the Sudan Interpolated Geoid Model Khartoum Sta...
 
Activating Geospatial Information for Sudans Sustainable Investment Map
Activating Geospatial Information for Sudans Sustainable Investment MapActivating Geospatial Information for Sudans Sustainable Investment Map
Activating Geospatial Information for Sudans Sustainable Investment Map
 
Educational Unity Embracing Diversity for a Stronger Society
Educational Unity Embracing Diversity for a Stronger SocietyEducational Unity Embracing Diversity for a Stronger Society
Educational Unity Embracing Diversity for a Stronger Society
 
Integration of Indian Indigenous Knowledge System in Management Prospects and...
Integration of Indian Indigenous Knowledge System in Management Prospects and...Integration of Indian Indigenous Knowledge System in Management Prospects and...
Integration of Indian Indigenous Knowledge System in Management Prospects and...
 
DeepMask Transforming Face Mask Identification for Better Pandemic Control in...
DeepMask Transforming Face Mask Identification for Better Pandemic Control in...DeepMask Transforming Face Mask Identification for Better Pandemic Control in...
DeepMask Transforming Face Mask Identification for Better Pandemic Control in...
 
Streamlining Data Collection eCRF Design and Machine Learning
Streamlining Data Collection eCRF Design and Machine LearningStreamlining Data Collection eCRF Design and Machine Learning
Streamlining Data Collection eCRF Design and Machine Learning
 
Cyber Ethics An Introduction by Paul A. Adekunte | Matthew N. O. Sadiku | Jan...
Cyber Ethics An Introduction by Paul A. Adekunte | Matthew N. O. Sadiku | Jan...Cyber Ethics An Introduction by Paul A. Adekunte | Matthew N. O. Sadiku | Jan...
Cyber Ethics An Introduction by Paul A. Adekunte | Matthew N. O. Sadiku | Jan...
 
Algorithm of Minds AoM Algorithms That Control You
Algorithm of Minds AoM Algorithms That Control YouAlgorithm of Minds AoM Algorithms That Control You
Algorithm of Minds AoM Algorithms That Control You
 
Rural Tourism Post COVID 19 Perspectives and Possibilities
Rural Tourism Post COVID 19 Perspectives and PossibilitiesRural Tourism Post COVID 19 Perspectives and Possibilities
Rural Tourism Post COVID 19 Perspectives and Possibilities
 
The Pleistocene Delta of the Old Al Balatah River System, Northeastern Libya ...
The Pleistocene Delta of the Old Al Balatah River System, Northeastern Libya ...The Pleistocene Delta of the Old Al Balatah River System, Northeastern Libya ...
The Pleistocene Delta of the Old Al Balatah River System, Northeastern Libya ...
 
Effects of Anglophone Crisis on the Mental Health of Teachers in Bui Division...
Effects of Anglophone Crisis on the Mental Health of Teachers in Bui Division...Effects of Anglophone Crisis on the Mental Health of Teachers in Bui Division...
Effects of Anglophone Crisis on the Mental Health of Teachers in Bui Division...
 
A Review Article on “Structural Audit and Rehabilitation of Old Building in B...
A Review Article on “Structural Audit and Rehabilitation of Old Building in B...A Review Article on “Structural Audit and Rehabilitation of Old Building in B...
A Review Article on “Structural Audit and Rehabilitation of Old Building in B...
 
One Bharat, One Democracy Fostering Unity Amidst Diversity
One Bharat, One Democracy Fostering Unity Amidst DiversityOne Bharat, One Democracy Fostering Unity Amidst Diversity
One Bharat, One Democracy Fostering Unity Amidst Diversity
 
Collective Bargaining and Employee Prosocial Behaviour in the Hospitality Sec...
Collective Bargaining and Employee Prosocial Behaviour in the Hospitality Sec...Collective Bargaining and Employee Prosocial Behaviour in the Hospitality Sec...
Collective Bargaining and Employee Prosocial Behaviour in the Hospitality Sec...
 

Recently uploaded

Practical Research 1: Lesson 8 Writing the Thesis Statement.pptx
Practical Research 1: Lesson 8 Writing the Thesis Statement.pptxPractical Research 1: Lesson 8 Writing the Thesis Statement.pptx
Practical Research 1: Lesson 8 Writing the Thesis Statement.pptxKatherine Villaluna
 
The Singapore Teaching Practice document
The Singapore Teaching Practice documentThe Singapore Teaching Practice document
The Singapore Teaching Practice documentXsasf Sfdfasd
 
Practical Research 1 Lesson 9 Scope and delimitation.pptx
Practical Research 1 Lesson 9 Scope and delimitation.pptxPractical Research 1 Lesson 9 Scope and delimitation.pptx
Practical Research 1 Lesson 9 Scope and delimitation.pptxKatherine Villaluna
 
How to Make a Field read-only in Odoo 17
How to Make a Field read-only in Odoo 17How to Make a Field read-only in Odoo 17
How to Make a Field read-only in Odoo 17Celine George
 
How to Add a New Field in Existing Kanban View in Odoo 17
How to Add a New Field in Existing Kanban View in Odoo 17How to Add a New Field in Existing Kanban View in Odoo 17
How to Add a New Field in Existing Kanban View in Odoo 17Celine George
 
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptxClinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptxraviapr7
 
How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17Celine George
 
Human-AI Co-Creation of Worked Examples for Programming Classes
Human-AI Co-Creation of Worked Examples for Programming ClassesHuman-AI Co-Creation of Worked Examples for Programming Classes
Human-AI Co-Creation of Worked Examples for Programming ClassesMohammad Hassany
 
AUDIENCE THEORY -- FANDOM -- JENKINS.pptx
AUDIENCE THEORY -- FANDOM -- JENKINS.pptxAUDIENCE THEORY -- FANDOM -- JENKINS.pptx
AUDIENCE THEORY -- FANDOM -- JENKINS.pptxiammrhaywood
 
UKCGE Parental Leave Discussion March 2024
UKCGE Parental Leave Discussion March 2024UKCGE Parental Leave Discussion March 2024
UKCGE Parental Leave Discussion March 2024UKCGE
 
Maximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdf
Maximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdfMaximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdf
Maximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdfTechSoup
 
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptxSandy Millin
 
HED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdfHED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdfMohonDas
 
In - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptxIn - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptxAditiChauhan701637
 
The basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxThe basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxheathfieldcps1
 
General views of Histopathology and step
General views of Histopathology and stepGeneral views of Histopathology and step
General views of Histopathology and stepobaje godwin sunday
 
Patient Counselling. Definition of patient counseling; steps involved in pati...
Patient Counselling. Definition of patient counseling; steps involved in pati...Patient Counselling. Definition of patient counseling; steps involved in pati...
Patient Counselling. Definition of patient counseling; steps involved in pati...raviapr7
 

Recently uploaded (20)

Practical Research 1: Lesson 8 Writing the Thesis Statement.pptx
Practical Research 1: Lesson 8 Writing the Thesis Statement.pptxPractical Research 1: Lesson 8 Writing the Thesis Statement.pptx
Practical Research 1: Lesson 8 Writing the Thesis Statement.pptx
 
The Singapore Teaching Practice document
The Singapore Teaching Practice documentThe Singapore Teaching Practice document
The Singapore Teaching Practice document
 
Practical Research 1 Lesson 9 Scope and delimitation.pptx
Practical Research 1 Lesson 9 Scope and delimitation.pptxPractical Research 1 Lesson 9 Scope and delimitation.pptx
Practical Research 1 Lesson 9 Scope and delimitation.pptx
 
How to Make a Field read-only in Odoo 17
How to Make a Field read-only in Odoo 17How to Make a Field read-only in Odoo 17
How to Make a Field read-only in Odoo 17
 
How to Add a New Field in Existing Kanban View in Odoo 17
How to Add a New Field in Existing Kanban View in Odoo 17How to Add a New Field in Existing Kanban View in Odoo 17
How to Add a New Field in Existing Kanban View in Odoo 17
 
Finals of Kant get Marx 2.0 : a general politics quiz
Finals of Kant get Marx 2.0 : a general politics quizFinals of Kant get Marx 2.0 : a general politics quiz
Finals of Kant get Marx 2.0 : a general politics quiz
 
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptxClinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptx
 
How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17
 
Personal Resilience in Project Management 2 - TV Edit 1a.pdf
Personal Resilience in Project Management 2 - TV Edit 1a.pdfPersonal Resilience in Project Management 2 - TV Edit 1a.pdf
Personal Resilience in Project Management 2 - TV Edit 1a.pdf
 
Human-AI Co-Creation of Worked Examples for Programming Classes
Human-AI Co-Creation of Worked Examples for Programming ClassesHuman-AI Co-Creation of Worked Examples for Programming Classes
Human-AI Co-Creation of Worked Examples for Programming Classes
 
AUDIENCE THEORY -- FANDOM -- JENKINS.pptx
AUDIENCE THEORY -- FANDOM -- JENKINS.pptxAUDIENCE THEORY -- FANDOM -- JENKINS.pptx
AUDIENCE THEORY -- FANDOM -- JENKINS.pptx
 
UKCGE Parental Leave Discussion March 2024
UKCGE Parental Leave Discussion March 2024UKCGE Parental Leave Discussion March 2024
UKCGE Parental Leave Discussion March 2024
 
Maximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdf
Maximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdfMaximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdf
Maximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdf
 
Prelims of Kant get Marx 2.0: a general politics quiz
Prelims of Kant get Marx 2.0: a general politics quizPrelims of Kant get Marx 2.0: a general politics quiz
Prelims of Kant get Marx 2.0: a general politics quiz
 
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
 
HED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdfHED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdf
 
In - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptxIn - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptx
 
The basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxThe basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptx
 
General views of Histopathology and step
General views of Histopathology and stepGeneral views of Histopathology and step
General views of Histopathology and step
 
Patient Counselling. Definition of patient counseling; steps involved in pati...
Patient Counselling. Definition of patient counseling; steps involved in pati...Patient Counselling. Definition of patient counseling; steps involved in pati...
Patient Counselling. Definition of patient counseling; steps involved in pati...
 

Security Issues on SAAS Model of Cloud Computing

  • 1. International Journal of Trend in Scientific Research and Development (IJTSRD) Volume 4 Issue 6, September-October 2020 Available Online: www.ijtsrd.com e-ISSN: 2456 – 6470 @ IJTSRD | Unique Paper ID – IJTSRD33379 | Volume – 4 | Issue – 6 | September-October 2020 Page 423 Security Issues on SAAS Model of Cloud Computing Vikas Kumar1, Ms. Deepali Shahane2 1Student, 2Assistant Professor, 1,2Bharati Vidyapeeth Institute of Management and Information Technology, Navi Mumbai, Maharashtra, India ABSTRACT Cloud computing nowadays, In IT trade has become unsecure. Its impact on various business application is threat for our organization. Multiple options that create cloud computing enticing have simply defiance the prevailing security system; however, they uncover new security problems. This paper provides an information about challenges and issues that we face while using cloud software’s or applications. KEYWORDS: Cloud Computing, Insecurity in SAAS, ancient Security Issues How to cite this paper: Vikas Kumar | Ms. Deepali Shahane "Security IssuesonSAAS Model of Cloud Computing" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-4 | Issue-6, October 2020, pp.423-425, URL: www.ijtsrd.com/papers/ijtsrd33379.pdf Copyright © 2020 by author(s) and International JournalofTrendinScientific Research and Development Journal. This is an Open Access article distributed under the terms of the Creative CommonsAttribution License (CC BY 4.0) (http://creativecommons.org/licenses/by /4.0) 1. INTRODUCTION Many experts and researcherwrittenaboutcloudcomputing and they believe that it’s a revolutionary change in the history of internet. Consistent with Gartner [1], cloud computing can be describe as - a form of computinginwhich different web based application are used by the client who make use of web technologies. consistent withtheSercombe [2] and National Institute of Standards & Technology [3], Cloud computing include SAAS (software as a service) and more three cloud delivery model. Software as a service in which service provider host the application within its datacenter and provide license to users for using this application over internet. The main aim of this paper is to focus on the security issues of cloud delivery model. 2. MISTAKES AND REALITY Now cloud computing proved that cloud based application are most advance and revolutionaryinitiativeininformation technology. cloud based applicationareavailableatverylow cost and easy to use, but on the other hand we think that it breach our personal data. Many businesses depend on their service provider who host web applicationandprovidetheir confidential data to service provider which encourage the data breaching. 3. SECURITY ISSUES IN SAAS In SAAS concept, business completely depend on service provider and think that service provider takes all precautions to protect their data, but instead businesses must ensure the right security measures [4]. According to the definition of SAAS, when client move from old application to new application. Then, he need to ensure about new application safety measures and condition instead of focusing on application replacement [2]. Client Data is available on database whichishost bytheapplication vendor. Service provider can use private server or can use public server for to deploy their application (e.g Google or Amazon etc.) Sometimes service provider store data on different server to maintain availability of data which challenge the security of data. Figure 1: Security problems in field of SaaS by Kannan Subbiah [22] IJTSRD33379
  • 2. International Journal of Trend in Scientific Research and Development (IJTSRD) @ www.ijtsrd.com eISSN: 2456-6470 @ IJTSRD | Unique Paper ID – IJTSRD33379 | Volume – 4 | Issue – 6 | September-October 2020 Page 424 3.1. Former Security Challenges Some Old communication security challengesalsoappliedto cloud computing. Cloud computing generate some new security threat, but some old security problems also affect cloud computing. 3.1.1. Validation Validating credential system for corporate use is very essential and need some update to meet security requirements. Some task are become very hard to perform because system is present on cloud. 3.1.2. Availableness The availability of data at the time of need played very crucial role in cloud computing. Service provider mainly focus on availability of data. To ensure Fetchinganddelivery of data should be faster, service provider store data on different server and also maintain speed of internet. 3.1.3. Information privacy Information privacy can be define as the precaution of unapproved leak of information. Privacy in terms of cloud computing refer to copy rights of essential information or any pictures etc. [10]. SAAS include fetching and delivery of data from cloud server through internet which is host bythe service provider. Fetching and deliver of data may include text, videos, pictures etc. 3.1.4. Virtual Machine Concern Virtualization is temporary revolutionary change in information technology. As virtualization increasing day by day generating more threat to data privacy [6]. Different machines used for virtualization may have vulnerable, as exemplified by [7] Such unsecure machine can affect the all users in terms of data privacy. One of the most usable elements of a cloud is virtualization.However,thisgenerates major security risks & problems. At same time different applications running on same machine which is theexample of virtualization. 3.2. CHALLENGES IN CLOUD COMPUTING 3.2.1. Network Privacy When fetching and delivery of data takes place takes place between user and vendor through internet network that network must be secured as per latest terms and condition. This network must include encryption techniques.Thiskind of techniques include security protocol which encrypt data between browser and server like SSL (Secure Socket Layer Security) and TSL (Transport Socket Layer Security) [8]. However, many unauthorized user can steal data if network is weak or unsecure. 3.2.2. Resource spot When users registered with provider for particular web application without even knowing where the machines are located for that particular services. As we already know about that different countries have different laws for cyber- crime. [9]. Many standards or policies are published by European union in the interest of customers to protect customer privacy in information technology under 95/46/EC [10]. Different countries have different rules which is not applied on other country and does not guarantee the security of data for that particular country. 3.2.3. SAAS model standards To make stability between users and provider there are some standards in cloud computing. Standards that created for the welfare of both customer and provider, Following standards are listed in the field of cloud computing list as follows IEEE Cloud Model Usual Study cluster [11], ITU Cloud Computing Focus cluster [12], Cloud Safety Alliance (CSA), Distributed ManagementTask Force[13],andStorage Networking trade Association [14]. 3.2.4. Fetching of Data Fetching of data from cloud server in different organization has different security standards. In particular organization different data restrictions are applied to different level of employee. [15]. These standards are made to protect any unsecure access of data [16]. The Cloud model policies must be mature to accept the policies of particularorganizationas per security concern. 3.2.5. Internet application privacy SAAS is a encrypted format that place on network. When users request data from cloud the request is encrypted and travel through secure network to destination. Server send encrypted reply to users. Any malicious user can stealdataif data is travel through unsecure network. Most important requirement of saas is internet [17]. The encrypted dataasa service resides within the cloud while not moorage with the particular users. When data is requested by particular user then available data within the cloud modified and sent to user [18]. All this process of data encryption and decryption challenge data privacy. 3.2.6. Information Security Concern Multiple organizations and businesses data are available on cloud at same time if any attack to cloud environmentthenit put all the organizations data at risk [20]. 3.2.7. Cloud Security Agreement (CSA) CSA contract contain multiple standards for the welfare of both client and provider which include quality of service,On time delivery, Security of Data etc. When Company or Organization sign cloud security agreement they need to go through entire agreement for security reasons. Otherwise incomplete knowledge about agreement can leadtosecurity threat. 4. CURRENT SECURITY SOLUTIONS There are many researcher doing research for the security of cloud computing. Multiple organizations or business want to invent new security policies and standards in the area of cloud computing. There are multiple organization that allow the individual to take part in the discussion of cloud security on existing and future solution. [5].
  • 3. International Journal of Trend in Scientific Research and Development (IJTSRD) @ www.ijtsrd.com eISSN: 2456-6470 @ IJTSRD | Unique Paper ID – IJTSRD33379 | Volume – 4 | Issue – 6 | September-October 2020 Page 425 Sr. No. Security Fields Existing/Future Solutions 1 Validations ➢ Two Methods Validations. 2 Accessibility ➢ Data Distribution. 3 Information privacy ➢ Attribute primarily based Proxy Re-encryption. 4 Virtual Machine Safety ➢ Keep updating your physical machine ➢ Analysis on Virtual Machine Safety. 5 Data Privacy ➢ Data Privacy Threat managing Structure. 6 Internet Safety ➢ Encrypted Web Safety for between user and provider. 7 Web Application policies ➢ Adoption of some old communication policies. ➢ Enhancement from data security point of view. 8 Requesting or exchanging information on cloud ➢ Multiple request handling. ➢ Managing information request structure. 9 Protection of saas services ➢ Antivirus for online services. Table 1: Current solutions accessible in the area of cloud computing 5. CONCLUSION Undoubtedly, cloud computing prove that it has numerous advantage, but on other side some problems need solution. At current stage IT sector more dependent on cloud based application, then also many issues remain untouched on which need to be sorted. Many changes require in Cloud security agreement for the welfare of users and provider. As well as there is need of some cloud security global policies which will applied to all over the world. REFERENCES [1] Heiser J. (2009) what you want to grasp concerning cloud computing security and compliance, Gartner, Research, ID Number: G00168345. [2] Seccombe A.., HuttonA,MeiselA,WindelA,Mohammed A, Licciardi A, (2009). Security steering for crucial areas of focus in cloud computing, v2.1 Cloud Security Alliance, 25 p [3] Mell P, Grance T (2011) The National Institute of Standards and Technology definition of Cloud Computing. NIST, Special Publication 800– [4] Choudhary V. (2007). A coding system as a service: implications for investment in coding system development. In: International conference on system sciences, 2007, p. 209. [5] Cloud Security Alliance. Security steering for crucial areas of focus in cloud computing Version2.1.(2009), http://www.cloudsecurityalliace.org/guidance/cs aguide.pdf [6] Amazon. Amazon Elastic reason Cloud (EC2). [7] Secunia. Xen multiple vulnerabilities; 2011 [8] Amazon. Amazon Elastic reason Cloud (EC2), 2010 /http://www.amazon.com/ ec2/S [9] Soft layer. Service Level Agreement and MasterService Agreement, 2009 http://www.softlayer.com/sla.html [10] World organization. Directive 95/46/EC of the European Parliament and of the council of twenty-four Gregorian calendar month 1995 on the protection of individuals with connectednessthemethodofpersonal data and on the free movement of such data; 1995. [11] IEEE CCSSG. IEEE Cloud Computing traditional Study cluster [12] ITU, 2013. Cloud Computing Focus cluster. [13] DTMF, 2013.Distributed Management Task Force. .[Accessed: Jan 2013] [14] SNIA. (2013).Storage networkingbusinessAssociation. [15] Kormann D, Rubin A. (2000) Risks of the passport single sign-on protocol. Computer Networks 2000; thirty 3 (16) : 51–8. [16] Blaze M, FeFeigenbaum J, Ioannidis J, Keromytis AD. The role of trust management in distributed systems security, secure net programming, problemsformobile and distributed objects. Berlin: Springer-Verlag; 1999.p.185–210 [17] Zalewski M. Browsers security handbook, 2009 /http://code.google.com/p/browsersec/S. [18] Subashini S, Kavitha V. A survey on security problems in commission delivery models of cloud computing. J Network Comput Appl (2010), DOI:10.1016/j.jnca.2010.07.006 [19] OWASP. (2010) The 10 most crucial internet application Security risks https://www.owasp.org/index.php/Category:OWASP_ Top_Ten_Project [20] Claude Bernard Golden. Shaping non-public clouds, 2009/http://www.cio.com/article/492695/Defining_P rivate_Clouds_Part_One [21] Raj H, Nathuji R, Singh A, England P. Resource management for isolation increased cloud services. In: Proceedings of the 2009 ACM workshop on cloud computing security, Chicago, Illinois, USA, 2009P. [22] SecurityIssues.https://pt.slideshare.net/goldsun/saas- challenges-security-concerns-11054493/18