Software as a Service is a tool that runs through the Internet that delivers users with admission
to cloud –based software. There are no installation submissions on the organizations
local devices. Instead, the users access a remote cloud network through the web
or an API. Data are stored and analyzed through the software.
Software as a service helps
to break the holdup of purchasing decision as previously, a substantial upfront
investment need to be made in order to get new software. This leads to a more
time – consuming process. With bigger companies, the purchase can be hold for
months. SaaS offers lower startup costs, lower monthly cost and conveys less
risk as companies transfer to new solution. Most SaaS offering includes:
Remote access: It can be access
through Internet login, which allows users to work anytime, and anywhere.
Ongoing maintenance: the
updates and patched are generally done by admin instead of users. (AppDirect,
Platform as a Service is a cloud based offering that allows users to develop, manage and
deliver their applications. Furthermore, users are able to test their own
applications by using a set of prebuild tools.
Through the PaaS model, applications and services are build through
a cloud – based background. PaaS has better flexibility as well as less time
and money consuming to develop. A
framework will be held so that inventors can develop and customize applications
faster. Most PaaS offering includes:
The capability to change, test
and organize applications.
Applications are secured,
maintained and hosted.
The ability to scale software.
Security and privacy:
Securing data is among the biggest concerns
in cloud computing. As cloud computing signifies an advanced computing model,
there is a major doubt of how data at all levels can be protected (e.g host,
application, network, …) The fact that valued business data have to be put
outside of the organization’s security system creates a big concern to the
company as well as the clients. Numerous clients will be affected by the attack
of just one site. Organizations nowadays have to face several requirements in
order to secure the information of each individual, and it is not certain that
whether these requirements will help protecting these information or whether
the organization will violate the regulations as of these new model. (Voorsluys
W, Broberg J, Buyya R, 2011)
In 2014, the once Internet giant – Yahoo had been the victim of the
biggest data breach in the history where 3-billion user account had been affected:
real name, email address, date of birth, telephone numbers had been conceded. (Armerding,
Another big concern about cloud computing is
where application and website hosted on the cloud will be attacked by hackers.
This occurs when a vulnerable part of an application or website is detected and
hackers will change the normal execution. A malicious program will be used to
inject the malware into the cloud. This will lead the hackers to do whatever
they want (e.g: data steals, eavesdropping, … )
One of the most famous forms of cyber attack is SQL. The idea of
this attack is to change the structure of the cloud. The cyber hackers use a
sequence of indecorous code in order to get in charge of the cloud (usually the
target is servers or databases). Also hackers will inject numerous of code to
avoid the login stage and gain access to databases and take control of the
whole systems. (Tejinder, S. M. & Sanjay, J., 2015)
Information breach from inside is as dangerous as cyber attack. The
shared access creates high chances of other people accessing to other people
information. The most famous case of insider attack was create by Vodafone
where 2 millions customer records were invaded. Everything that store in the
cloud will be for anyone to obtain, including private information, data,
rational property if an employees gain access to others cloud. Therefor, security
level of cloud environment is in critical warning owing to insider attack as
cloud admin can be posed by other people or mole to gain access to all data and
steal information. (Stack Tunnel, 2017)
Security and Privacy solution:
Security and privacy problems are widely occur in cloud computing
world. To prevent these problems, administration should generate sequences of
numbers each time a person login.
(2017). Breaking Down the Differences Between SaaS, IaaS, and PaaS –
AppDirect. online Available at: https://www.appdirect.com/blog/breaking-down-the-differences-between-saas-iaas-and-paas
Accessed 30 Dec. 2017.
Voorsluys W, Broberg J, Buyya R. Cloud Computing Principles and
Paradigm, John Wiley and Sons, 2011
T. (2017). The 16 biggest data breaches of the 21st century. online
CSO Online. Available at:
Accessed 30 Dec. 2017.
Tejinder, S. M. & Sanjay, J., 2015. Model to Prevent Websites
From XSS Vulnerabilities.
International Journal of Computer Science and Information
Technologies, 6(2), pp. 1059-1067.
Tunnel. (2017). 10 Critical Risks and Challenges of Cloud Computing |
Stack Tunnel. online Available at:
Accessed 31 Dec. 2017.