Open Access  Subscription or Fee Access

Cloud computing is clearly one of today‟s most enticing technology areas to its cost-efficiency and flexibility. It‟s a future computing, there is a growing trend of using cloud services for ever growing storage and data processing needs. However, adopting a cloud computing paradigm may have positive as well as negative effects on the security of service consumers. This paper primarily aims to highlight the major security challenges existing in current cloud computing service provider giving Software as a Service (SaaS). We also describe some elements of our vision. The core issue is that with the advent of the cloud, the cloud provider also has some control of the cloud user‟s data. We aim to provide tools supporting the current capabilities of the cloud while limiting cloud provider control of data and enabling all cloud users to benefit from cloud data through enhanced business intelligence.

Cloud Computing, Cloud Service Provider, Security Challenges, Authentication.

R. Buyya, C. S. Yeo, and S. Venugopal, “Market-Oriented Cloud Computing: Vision, Hype, and Reality for Delivering IT Servicesas Computing Utilities,” Proceedings of the 10th IEEE International Conference on High Performance Computing and Communications,p. 9, August 2008. [Online]. Available: http://arxiv.org/abs/0808.3558

SLA Management Team, SLA Management Handbook, 4th ed. Enterprise Perspective, 2004.

G. Frankova, Service Level Agreements: Web Services and Security, ser.Lecture Notes in Computer Science. Berlin, Heidelberg: Springer BerlinHeidelberg, 2007, vol. 4607.

P. Patel, A. Ranabahu, and A. Sheth, “ServiceLevel Agreement in Cloud Computing,” CloudWorkshops at OOPSLA09, 2009. [Online]. Available:http://knoesis.wright.edu/aboutus/visitors/summer2009/PatelReport.pdf

D. Nurmi, R. Wolski, C. Grzegorczyk, G. Obertelli, S. Soman,L. Youseff, and D. Zagorodnov, “The Eucalyptus Open-Source Cloud-Computing System,” Cluster Computing and the Grid, IEEE International Symposium on, vol. 0, pp. 124–131, 2009.

T. Mather, S. Kumaraswamy, and S. Latif, Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance, 1st ed., 2009. [Online]. Available: http://books.google.com/books?id=BHazecOuDLYC&pgis=1

R. Kanneganti and P. Chodavarapu, SOA Security. Manning Publications, 2008. [Online]. Available: http://www.amazon.com/SOASecurity-Ramarao-Kanneganti/dp/1932394680

M. McIntosh and P. Austel, “XML signature element wrapping attacksand countermeasures,” Workshop On Secure Web Services, 2005.

M. Jensen, J. Schwenk, N. Gruschka, and L. Lo Iacono, On Technical Security Issues in Cloud Computing. IEEE, 2009.

B. D. Payne, “Xenaccess.” [Online]. Available: http://doc.xenaccess.org/

M. Jensen, J. Schwenk, N. Gruschka, and L. Lo Iacono, On Technical Security Issues in Cloud[12].Greg Boss, Padma Malladi, Denis Quan, Linda Legregni, Harold Hall, “Cloud Computing”, http://www.ibm.com/developerswork/websphere/zones/hip ods/library.html, October 2007, pp. 4-4

“Service Level Agreement Definition and contents”, http://www.service-level-agreement.net, accessed on March 10, 2009.

“Cloud security alliance: Security guidance for critical areas of focus in cloud computing v2.1,” Dec 2009. Available at: www.cloudsecurityalliance.org.

“Wesam Dawoud, Ibrahim Takouna, Christoph Meinel Infrastructure as a Service Security,

Tripathi, A.; Mishra, A.; IT Div., Gorakhpur Centre, Gorakhpur, India “Cloud Computing Security Considerations”, Signal Processing, Communications and Computing (ICSPCC), 2011 IEEE International Conference.

UNDERSTANDING The Cloud Computing Stack SaaS, Paas, IaaS, © Diversity Limited, 2011 Non-commercial reuse with attribution permitted.

Laura Smith on “ A health care community cloud takes shape”http://searchcio.techtarget.com/news/2240026119/a-health-care-community-cloud-takes-shape