After the concept of cloud computing proposed by Eric Schmidt who was the chief executive
officer of Google in 2006, this field has become a hot topic in the field of computer science, and
every large information technology company is joining the queue of developing the technologies
and services of the cloud computing. In order to make the computing resource, memory space and
information service are available to the users according to their requirements, cloud computing
uses the multitenant model, which requires the related technologies must solve the sharing and
isolation problem of the data which belongs to different users and provide services which can be
customized for different users.
SaaS enterprise cloud services can be considered as a kind of complex cloud services, and the
general operations of this kind of cloud service mainly include: 1) The enterprises request for
resources from the providers of cloud services; 2) The providers of cloud services record the
personalized configuration information which includes custom functions, data models,
commercial rules, and so on; 3) After the success of application, the access authorities of resource
are set by enterprise, which allocates the resource to the internal workers; 4) Those resources can
be set authorities by the workers further, and can be customized based on personalized
configuration.
For example, there are different production modes, influence ranges, solution methods, etc. We
must take a suitable method, which can describe the information of security problems for the post
processing and control the complexity of security problem model, to preliminarily deal with the
security problems. So, we classify the security problems in cloud services to modularly process
them, which can simplify and unify different kinds of description information of security problems.
The security problems in cloud service can be divided into three kinds: the security of data storage,
the security of data transmission and the security of application. The enterprise users even do not
now the location of their data and the security strategies of encryption methods etc. And the
providers of cloud services provide services for many enterprise users at the same time, so it is
also an important security problem of data storage to ensure that the boundary of resources is clear
between the enterprises or between the internal users in enterprises. The sources of security
problems are various, and the SaaS providers can acquire the security problems from users, bottom
providers or self-testing. So, it is very important to select the most serious security problems and
judging wrong problem reports from a huge number of security problem reports, and the selected
security problems should be solved firstly.
REFERENCES
1. Kang, C., & Wei-Min, Z. (2009). Cloud computing: system instances and current research.
2. Di, S., Kondo, D., & Cappello, F. (2014). Characterizing and modeling cloud applications/jobs on
a Google data center. The Journal of Supercomputing, 69(1), 139-160.
3. Abbadi, I. M., & Ruan, A. (2013). Towards trustworthy resource scheduling in clouds. IEEE
Transactions on Information Forensics and Security, 8(6), 973-984.
4. Liang, Q., Wang, Y. Z., & Zhang, Y. H. (2013). Resource virtualization model using hybrid-graph
representation and converging algorithm for cloud computing. International Journal of Automation
and Computing, 10(6), 597-606.
5. Ro, C. (2015). Modeling and analysis of memory virtualization in cloud computing. Cluster
computing, 18(1), 177-185.
6. Barham, P., Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., ... & Warfield, A. (2003,
October). Xen and the art of virtualization. In ACM SIGOPS operating systems review (Vol. 37,
No. 5, pp. 164-177). ACM.
7. Patel, A., Taghavi, M., Bakhtiyari, K., & JúNior, J. C. (2013). An intrusion detection and
prevention system in cloud computing: A systematic review. Journal of network and computer
applications, 36(1), 25-41.
8. Tan, C., Liu, K., & Sun, L. (2013). A design of evaluation method for SaaS in cloud
computing. Journal of Industrial Engineering and Management (JIEM), 6(1), 50-72.
9. Cusumano, M. A. (2010). Cloud computing and SaaS as new computing platforms. Commun.
ACM, 53(4), 27-29
10. Subashini, S., & Kavitha, V. (2011). A survey on security issues in service delivery models of
cloud computing. Journal of network and computer applications, 34(1), 1-11
11. Dorey, P. G., & Leite, A. (2011). Commentary: Cloud computing–A security problem or
solution?. information security technical report, 16(3-4), 89-96.