Cloud computing is clearly one of today‟s most
enticing technology areas to its cost-efficiency and flexibility.
There is a growing trend of using cloud services for ever growing storage and data processing needs. However, adopting a cloud computing paradigm may have positive as well as negative effects on the security of service consumers. This paper primarily aims to highlight the major security challenges existing in current cloud
computing Service Provider Software as a Service (SaaS). We also describe some elements of our vision. The core issue is that with the advent of the cloud, the cloud provider also has some control of the cloud users data. We aim to provide tools supporting the current capabilities of the cloud while limiting cloud provider control of data and enabling all cloud users to benefit from cloud data through enhanced business intelligence.

R. Buyya, C. S. Yeo, and S. Venugopal, “Market-Oriented

CloudComputing: Vision, Hype, and Reality for Delivering IT

Servicesas Computing Utilities,” Proceedings of the 10th IEEE

InternationalConference on High Performance Computing and

Communications,p. 9, August 2008. [Online]. Available:

http://arxiv.org/abs/0808.3558

SLA Management Team, SLA Management Handbook, 4th ed.

EnterprisePerspective, 2004.

G. Frankova, Service Level Agreements: Web Services and Security,

ser.Lecture Notes in Computer Science. Berlin, Heidelberg: Springer

BerlinHeidelberg, 2007, vol. 4607.

P. Patel, A. Ranabahu, and A. Sheth, “ServiceLevel Agreement in

Cloud Computing,” CloudWorkshops at OOPSLA09, 2009. [Online].

Available:

http://knoesis.wright.edu/aboutus/visitors/summer2009/PatelReport.pd

f

D. Nurmi, R. Wolski, C. Grzegorczyk, G. Obertelli, S. Soman,L.

Youseff, and D. Zagorodnov, “The Eucalyptus Open-Source Cloud-

Computing System,” Cluster Computing and the Grid, IEEE

InternationalSymposium on, vol. 0, pp. 124–131, 2009.

T. Mather, S. Kumaraswamy, and S. Latif, Cloud Security and

Privacy: An Enterprise Perspective on Risks and Compliance, 1st ed.,

[Online].

Available:http://books.google.com/books?id=BHazecOuDLYC&pgis

=1

R. Kanneganti and P. Chodavarapu, SOA Security.

ManningPublications, 2008. [Online]. Available:

http://www.amazon.com/SOASecurity-Ramarao-

Kanneganti/dp/1932394680

M. McIntosh and P. Austel, “XML signature element wrapping

attacksand countermeasures,” Workshop On Secure Web Services,

M. Jensen, J. Schwenk, N. Gruschka, and L. Lo Iacono, On Technical

Security Issues in Cloud Computing. IEEE, 2009.

B. D. Payne, “Xenaccess.” [Online]. Available:

http://doc.xenaccess.org/

M. Jensen, J. Schwenk, N. Gruschka, and L. Lo Iacono, On Technical

Security Issues in Cloud Computing. IEEE, 2009.

Greg Boss, Padma Malladi, Denis Quan, Linda Legregni, Harold Hall,

“Cloud Computing”,

http://www.ibm.com/developerswork/websphere/zones/hip

ods/library.html, October 2007, pp. 4-4

“Service Level Agreement Definition and contents”,

http://www.service-level-agreement.net, accessed on March 10, 2009.

“Cloud security alliance: Security guidance for critical areas of focus

in cloud computing v2.1,” Dec 2009. Available at:

www.cloudsecurityalliance.org.

“Wesam Dawoud, Ibrahim Takouna, Christoph Meinel Infrastructure

as a Service Security,

Tripathi, A.; Mishra, A.; IT Div., Gorakhpur Centre, Gorakhpur, India

“Cloud Computing Security Considerations”, Signal Processing,

Communications and Computing (ICSPCC), 2011 IEEE International

Conference.

UNDERSTANDING The Cloud Computing Stack SaaS, Paas, IaaS,

© Diversity Limited, 2011 Non-commercial reuse with attribution

permitted.

Laura Smith on “ A health care community cloud takes shape”

http://searchcio.techtarget.com/news/2240026119/a-health-carecommunity-

cloud-takes-shape