Page 748 - Cloud computing: From paradigm to operation
P. 748
XaaS 3
8.1.3.3 Data integrity
Data including system data and user data, such as logs and configuration data, require the SaaS application
environment to support integrity mechanisms to prevent them from unauthorized tampering in
transmission, during processing or out of occupation.
System log and application log are required not to be modified. In this case, when either fault or misuse
occurs, CSP and malicious software are prevented from concealing trace by modifying logs.
SaaS application may require CSCs to configure it on demand. The configuration data, such as configuration
file, is also required to not be modified without authorization.
In the SaaS application environment, users' data is stored in the cloud which is managed by CSP. In this case,
the verification of data integrity becomes a remarkable security requirement. Moreover, it is required to
verify the integrity of massive data.
8.1.3.4 Data reliability
To support data reliability, the SaaS application environment is required to support data backup or
redundancy mechanisms to ensure that tenants can access the data even if part of the cloud storage nodes
lose efficacy.
Hosted data are required to implement a multiple-site backup; otherwise, the data will be completely
ineffective. The SaaS application environment is required to have the ability to fully recover data and restore
the data in time as well as keep data synchronism to ensure the consistency of multiple copies.
8.1.3.5 Data traceability and control
The SaaS application environment is required to ensure that physical location of data comply with the
applicable law and local regulations, and with any restrictions in the legal agreements. The SaaS application
environment is required to provide methods for CSCs to specify their data storage locations and verify that
their data are appropriately placed.
Major concerns in a shared and virtualized infrastructure include not only loss of control by users over their
data, but also locating data and controlling its whole life cycle. At any given time, the SaaS application
environment is required to know exactly where both system data and user data are stored and processed,
and provide verification of data location for CSCs. Both during and after usage, it shall not be possible for
unauthorized third parties (including other CSPs) to trace the movement of the data.
8.1.4 Security assessment and audit
When underlying resources are changed, cracked or worked improperly, the SaaS application environment
is required to be triggered to initiate security assessment procedure to evaluate whether or not specified
security services or their applied security policies are affected, and indications or instructions are suggested
to provide if they cannot satisfy predetermined conditions. An authorized party should be delegated to verify
that the SaaS application environment complies with the applicable security requirements. Security
assessment or security audit could be performed by CSC, CSP or a third party (CSN), and security certification
could be performed by an authorized third party (CSN).
Independent trusted third parties should be used to provide reliable, independent and neutral security
assessments or security audit.
8.1.5 Security hardening
The SaaS application environment aims mainly at offering secure service oriented multi-tenant development,
deployment and an execution environment for SaaS applications. Security features of SaaS applications are
in some cases insufficient or not well developed. The SaaS application environment is required to retrieve
and verify those deficient security features of the SaaS applications, and provide differentiated security
hardening mechanisms to enhance SaaS applications according to those deficient security features in order
to meet the security requirements of different tenants in different contexts. The security features of
740
