(IJCSIS) International Journal of Computer Science and Information Security,Vol. 11, No. 9, September 2013
The paper is summarized as follows: Section II describes various cloud security issues from different aspects and alsoimplemented solution models to some of the security concerns. Section III summarizes these issues and the implemented solutionsin tabular form. Section IV outlines the conclusion.
ECURITY ISSUES FROM DIFFERENT
Cloud security issues are categorized by many ways. In this section we have analyzed various security issues from differentaspects. Formerly security issues like Privileged user access, Regulatory compliance, location of Data, segregation of Data,Recovery, Investigative support, Long term viability were enlisted for the SLA . Cloud service provider provides different kindof services that includes software as a service (SAAS), Infrastructure as a service (IAAS), Platform as a service (PAAS),according to S. Subashini, V. Kavitha  the security issues related to these service models were analyzed. Pengfei you et al. described the cloud security issues related to Data security, virtualization security and application security. Data is particularlyimportant to the cloud, Deyan Chen and Hong Zhao  described the cloud issues with respect to Data cycle related issues in .In this paper analysis of some of the implemented solution models provided for some of the security issues has also been done.Cryptography keys and poilicy related solution model has been described by Yang Tang, john C.S. Lui , the solution model
based on shamir’s secret sharing algorithms and multi cloud
s are described in . Different security issues fromdifferent aspects are described as follows:
SLA Cloud Security Issues
B. Reddy Kandukuri et al  described the meaning of SLA (Service Level Agreement). SLA is the legal agreement betweenthe two communicating parties mainly Client and service provider. Firstly they explained about the contents of typical SLA like itmust include what will be the service measuring parameters, what will be done in case of any disaster or problem occurs withinthe system, it includes what are the customer duties and responsibilities and it must also include how the termination of servicestakes place. Authors suggested some security issues that should also be included in typical SLA. According to them aStandardized SLA must include Privileged user access, Regulatory compliance, location of Data, segregation of Data, Recovery,Investigative support, Long term viability as shown in Fig 2.
Figure 2: SLA includes these cloud security issues: Privileged user access, Regulatory compliance, Data location, Data segregation, Recovery, Investigativesupport, Long term viability.
Cloud provider must go through security certifications i.e. regulatory compliance. According to them data location is wherethe data is stored as customers do not know where there data is getting stored and how the data is being processed in cloud, cloud provider must obey so
me legal privacy laws requirement of customer’s data. They explained data segregation as: cloud consists of
many customers, it contains data of many clients at the same storage place so it must include some boundaries they suggestedencryption as one of the solution for data segregation. From their point of view, recovery is a method by which in case of disaster clients data can be recovered it includes replication of data, data backup of data. At last they accounted that the cloud services aremandatory for long term viability.
Cloud Service Model related Security issues
S. Subashini, V. Kavitha  analyzed different security issues related to nature of service delivery models of cloud computingas shown in the figure 3. According to them, the main security issues related to the software as a service models are as follows:Security of Data, Security of Network, Locality of Data, Integrity of Data, Data segregation, Data Access, Authentication andauthorization, Data Confidentiality,
Data breaches, Virtualization vulnerability, backup of data. They explained data security as
Security of client’s personnel sensitive data
on the cloud, so cloud provider must provide additional security features apart fromdefault one that is used in traditional systems; it involves strong encryption techniques for data security.
SLA must include these security issues:Privileged user accessRegulatorycomplianceData locationDatasegregationRecoveryInvestigativesupportLong termviability
118 http://sites.google.com/site/ijcsis/ISSN 1947-5500