Three types of services are provided by Cloud model which are SaaS, IaaS and PaaS. In each of these there are different types of security issues depending upon the usage of model.
SaaS (Software as a service): provides on-demand applications such as emailing, software conferencing and applications of business, for example, ERP, CRM and SCM (Ju et al, 2010). There is lesser control of SaaS users on security and raises concern regarding security application, multiple tenancy, and security of data not enabled and issues of accessibility.
PaaS (Platform as a service) helps in facilitating cloud based application deployment without the purchase cost and helps maintain the layers underlying the system inclusive of hardware’s and software’s. The dependency of PaaS is on secure network and reliable network with security in web browsers (Ju et al, 2010). However issues such as relationships with third party in the model further make it difficult for users. Life cycle development is another issue as from the application development perspective; building complicated applications with security hosting the cloud are difficult. The applications speed of change within the cloud in turn influences not only the system life cycle of development but also its security.
IaaS (Infrastructure as a service) provides resource pools such as through servers, storage’s, networking systems and other resources of computing in the virtualized system form which is generally accessed through the web. All applications of cloud computing are run by the users who are given its complete entitlement and complete control. Better control is obtained through this model to the users of cloud but the underlying considerations of computing, networking and storing the infrastructure which is controlled through the providers of cloud (Zhao et al, 2009). These leads majorly towards issues of virtualization which allows the users to develop share and even migrate their virtual machinery in order to gain access to the system but the introduction of cyber attacks is creating a problem to the layers of this model. Also, in the environments of IaaS, an image of virtual memory is responsible for pre-packaging the templates of software that contain file based configuration used for creating the VMs. Therefore, such images are significant for the complete cloud security. However, malicious users also have the capability of storing images that consist of bad coding into repositories of people that compromises the cloud system users.