Research On Security Problems Of SaaS Enterprise Cloud Services

In2006, the concept of cloud computing was first proposed by Google CEO EricSchmidt, which is rapidly becoming a hot research field of computer science. Variouslarge IT companies are added to the line of developing cloud computing technologyand setting up cloud computing products (i.e. cloud services). Currently the mostwidely used cloud service are Ali cloud mailboxes, Apple’s iCloud, and cloud officeapplications Google Docs. Cloud computing has revolutionized the traditional way todeploy and access in enterprise hardware and software, and integrated a large-scaleinfrastructure and management resources, which is effectively reducing the user’sservice overhead.With the development of cloud computing technology and the widely used ofcloud computing technology of major IT companies, people increasingly payattention to the security of cloud-based services. A survey shows that the primaryfactor that makes potential users of cloud services hesitant to use the services is thesecurity, which means security is hindering the development of cloud services. Asthe main consumer of paid cloud services, the research of security of SaaS enterprisecloud services is critical. SaaS enterprise level cloud services, such as online officesoftware and online enterprise customer relationship management services, face togreater security risks. Because of its two levels user mode-enterprise as a first-classuser apply for resources from the cloud service provider, and then allocate to thesecond level user after splitting-internal staff, these two levels users are required torecord on its personalized configuration information, and record the changes ofinternal staff and corporate data, so the managing of cloud services will furtherincrease and the potential security risks too. While current researches on security issues in cloud environments are too many,but there is no comprehensive study on the security of SaaS enterprise cloud services.The reason is that there is no systematical research of SaaS enterprise itself, includingits service features and service model. This article will study in-depth for SaaSenterprise cloud services, and establish a security relationship model, and design asecurity analysis system. Thus we can achieve to generate security solutionsautomatically and evaluate the influence of hazard, so it can shorten the time ofsolving problems, and locate the relevant users more accurately, and save manpowerfor suppliers.This paper firstly describes the background knowledge of cloud computing,which is the theoretical basis for further research. Then we analyze the SaaSenterprise cloud services and its security issues. By analyzing the service process ofSaaS enterprise cloud services and general operations, we find its difference with theother cloud services. We summarize the feature of SaaS enterprise cloud service andestablish the general application architecture. From the general to the particular, westepwise analyze the highlights security issues of SaaS enterprise cloud service.According to the position of security issues, the issues to be described are divided intothree categories, and eventually we establish a unified security relationship model.Then implement solutions recommendation algorithm and hazard assessmentalgorithm. We focus on the user experience, and use past experience to set up asecurity issues knowledge base and a solution knowledge base. We guide the userssolve the problem autonomously as much as possible, or provide a most likelysolution to suppliers.