See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/333117926

CLOUD COMPUTING SERVICE MODELS: A COMPARATIVE STUDY

Article in IEEE Network · March 2016

CITATIONS READS
23 14,750

2 authors:

Qahtan M. Shallal Mohammad Ubaidullah Bokhari

Southern Technical University -Iraq Aligarh Muslim University
13 PUBLICATIONS 128 CITATIONS 58 PUBLICATIONS 647 CITATIONS

SEE PROFILE SEE PROFILE

All content following this page was uploaded by Qahtan M. Shallal on 06 July 2019.

The user has requested enhancement of the downloaded file.

 2016 3 International Conference on Computing for Sustainable Global Development , 16 - 18 March, 2016
Bharati Vidyapeeth's Institute of Computer Applications and Management (BVICAM), New Delhi (INDIA)

&ORXG&RPSXWLQJ6HUYLFH0RGHOV$&RPSDUDWLYH
6WXG\

Mohammad UbaidullahBokhari QahtanMakkiShallal YahyaKordTamandani
Dept. of Computer Science, Dept. of Computer Science, Dept. of Computer Science,
Aligarh Muslim University Aligarh Muslim University Aligarh Muslim University
Aligarh, INDIA Aligarh, INDIA Aligarh, INDIA
Email ID: mubokhari.cs@amu.ac.in Email ID: qahtan.mekki@yahoo.com Email ID: Yahya.kord@gmail.com

$EVWUDFW²FORXGFRPSXWLQJVWLOOVXIIHURIPDQ\VHFXULW\LVVXHV PC [5]. This is mean the licensed applications which been

WKDWUHTXLUHGWKHUHVHDUFKHUVWRIRFXVRQLWWRPDNHWKHXVHUVIXOO\ provided to clients are running on cloud’s infrastructure
WUXVW RQ LW ,Q WKLV SDSHU ZH H[SODLQ WKH VHFXULW\ LVVXHV ZKLFK through the interface of thin/thick client such as Google
DWWDFKHG WR HDFK VHUYLFH PRGHOV 6RIWZDUH DV D VHUYLFH 6DD6  chrome, internet explorer and many others. Software-as-a-
3ODWIRUP DV D VHUYLFH 3DD6  DQG ,QIUDVWUXFWXUH DV D VHUYLFH
,DD6 )XUWKHUPRUHDFRPSDUDWLYHVWXG\KDVEHHQSUHVHQWHGIRU
service is a service where the actual development of software
WKHWKUHHVHUYLFHPRGHOVWRHYDOXDWHWKHLUSHUIRUPDQFHZLWKUDQJ and applications takes place on the platforms provided by the
RIVSHFLILFIDFWRUVVXFKDVFKDUDFWHULVWLFV7\SLFDOOHYHORIFRQWURO PAAS layer. SaaS layer is mainly concerned with end users
JUDQWHGWRFORXGFRQVXPHUSURYLGHUDQGFRQVXPHUDFWLYLWLHV because end users can access and use these applications which
 were made by cloud providers [6] [7]. The management and
.H\ZRUGVFORXGFRPSXWLQJ6DD63DD6,DD6FKDUDFWHULVWLFV control of the infrastructure will be under the provider
responsibility, only limit number of customers would have their
I. INTRODUCTION own configurations [8] [9], the set of predefine configuration
Cloud computing is a technology in which hardware and options will be used to customize the applications [10] [5].
software resources such as special applications, CPU, Storage SaaS model is classified as a best way to get the light weight
and many other are provided to users as a service in basis of applications such as Microsoft word, Microsoft access, media
pay as you use and through the internet, these resources has the player and so on. The problem here is the slow of network is
ability of automatic scaled up and down according to the causing dead the time of processing the data for heavy weight
client’s demand. The cloud computing technology has many applications such as 3D games [8]. The cost of SaaS
features such as pay as you use, high scalable, easy to access, applications is different from one application to another, some
lowering business risks and maintenance expenses, reducing providers charge the client a flat rate irrespective of the usage,
operating cost [1][2]. In 1960 John McCarthy guest in the whereas the other is charging the client according to usage [11].
future the computing facilities will be deliver as a service to
clients such as utility (electricity, water, gas) [3]. In 1990 the
‘’cloud’’ has been presented in form of ATM networks. In
2006, Eric Schmidt who is Google’s CEO providing service via
internet by the use the word to depict the business model. So
from 2006, cloud computing became famous and interested to
marketing terms to represent a lot of various ideas [4]. This
study deeply explain the three type of service models in cloud
computing which are Software as a service SaaS, Platform as a
service PaaS and Infrastructure as a service IaaS.
II. CLOUD COMPUTING SERVICE MODELS
There are three models of service in cloud which are Fig. 1. Cloud-computing: the three layers of generic model
software as a service (SaaS), platform as a service (PaaS) and
infrastructure as a service (IaaS), figure (1.1) is explain the & $GYDQWDJHVRI6DD6WHFKQRORJ\
three service models. There are many advantages of using SaaS model such as
[11][12][13]:
% 6RIWZDUHDVDVHUYLFH 6DD6 
 5HYLHZRI6DD6WHFKQRORJ\ x Reduce the application software licensing cost.
It is a model which allow the clients to use and rent the x SaaS is handover the application to clients in basis of
applications from the provider without install it on their own one-to-many, so one application could be run by many

978-9-3805-4421-2/16/$31.00 2016
c IEEE 890
 2016 3 International Conference on Computing for Sustainable Global Development , 16 - 18 March, 2016

clients in same time. identity of user. The identity is linked to the domain, but is not
x The applications provider will be responsible to control fixed due to the possibility of changing employees at any time
and limit the use of applications. or changing their positions. The approach of user centric gives
x It remove the need of infrastructure. Because it is use the the user a maximum control over their digital identities
infrastructure of cloud itself. [16][18].
x The applications of SaaS model can be configure by API,
but it cannot be fully customize.   6QLIILQJ RI GDWD RQ WKH 1HWZRUN Cloud will process the
x Secure socket layer (SSL) used in SaaS model. sensitive information of client by SaaS application and then
store processed information in SaaS vendor. The clients must
' 6HFXULW\RI6DD6WHFKQRORJ\ transfer their data over the network. Hence, these information
For appropriate security, the client in SaaS model is relying on need to protect from network attackers. So the security
the provider of service. The security challenges of SaaS are weakness of networks will lead the malicious to sniff the
mostly similar to the security challenges of web application packets of data. There is possibilityof hijack the active sessions.
[14]. The security issues in SaaS model is explained as below: This needs strong techniques of encoding such as TLS and SSL
 6HFXULW\RIWKHGDWDTo retrieve or store data in cloud, user to secure the data over the network [16][19]. 
need to transmit them through internet. Thus an effective  $XWKHQWLFDWLRQDXWKRUL]DWLRQDQGLGHQWLW\PDQDJHPHQWThe
techniques of encryption must be applied to data for secure authentication and identity management are very important in
them and some other techniques must be used to ensure the cloud computing. The process of verify the identification of
authorization and authentication for control the access to data eligible users and protecting these credentials are issue part of
[15][16]. authorization and authentication in cloud. Service hijacking and
 /RFDOLW\RIWKHGDWDWhen the service provider get our data, account involves manipulation the vulnerabilities of software
immediately will distribute many copies of them into many and data where attackers acquire credentials and unauthorized
cloud data centers which located in different countries, so the access has obtain to data centers and application servers
client does not aware where his data is locate. Moreover, each [20][16]. Such type of unauthorized access is having impact on
country has its legislations to data. Hence, the client is not able the issues of availability, confidentiality and integrity of
to recognize which legislations will be applied to his data. This services and data. Furthermore, the harmful insiders which
issue is still unclear in cloud computing [17][16].  include dishonest administrators will affect hardly on the
  'DWD 3ULYDF\ Privacy is refer to prohibit the unauthorized security of organizations. The present mechanisms of
user to access the sensitive data. Cloud computing is allowing authentication probably are not useful in the environments of
the data of different users to be shred in same infrastructure, cloud as the customers no longer would be able to get access a
these data could be belongs to multimedia, health records, single controlled system or belong to. Also the unauthorized
small organization, big organization and many more. So, the access may occurred through the vulnerabilities of web
privacy question will be appear when the data got accessed by browser. By using a constraints on the IDs of user the
other users. This will lead to privacy issues. Dropping the management of identity is responsible to identify the individual
privacy results to data leakage. To accomplish the privacy, users uniquely and handling their own accessibilities. The
strong data encryption, giving user ID and password for each problems will possibly appear because of the replicated IDs,
user, biometric verification, key fobs/soft tokens, two-factor this need to be managed to secure the data of user [16].
authentication, One Time Password and security tokens must  :HEDSSOLFDWLRQVHFXULW\Attacks are targeting the services,
be considered [16]. software and applications which are commonly in web. Both
 ,QWHJULW\RIWKHGDWDIt means that the data should be same SaaS and web applications are providing a good service to end
as it is during entire cycle of life. Only the authorized user is users. By using automated tools the threats can attacks the web
able to change his own data. So, it must not changeable by applications. Usually attackers are use the web to steal the
unauthorized user during the transmission or in provider’s data sensitive data of particular computer. The major threats for web
centers. The main threats to data integrity are manipulation and applications which been documented by Open Web Application
data loss and malicious computation. The integrity of data can Security Project (OWASP) are: SQL injection, Cross-Site
be accomplished by executing Meta data and check sums of the Scripting hits, Denial of Service, Buffer Overflows anomalies,
files. Redundancies or backups must be apply to restore the Session Hijacking and Insufficient transport layer security
data which been effected to its original state [16]. [16][21].
 'DWDLVRODWLRQThe infrastructures of cloud such as storage,   9XOQHUDELOLW\ LQ YLUWXDOL]DWLRQ Virtualization is used to
servers and so on are shared by many organizations, which is fully utilize the resources of IT such as network, processor and
put the particular data of organization in risk. Thus, the user storage to avail and reduce the IT resources cost. The existing
will be having doubt on the ability of provider to apply a proper Virtual Machine Monitor (VMM) does not support a perfect
isolation of his data from the other users [16].  separation for the physical machines. The most popular threats
in virtualization are: Virtualization Capacity Planning, Virtual
  $FFHVVLELOLW\ RI GDWD Cloud requires a proper control for Machine Threat,Vm Sprawl, Hypervisor Threat, Virtual
central access of user where every user need to use any service Infrastructure, Virtual Network Threat, Virtualization Backup
provider is restricted by the entitlement information and And Recovery, and Vm Stall [22][16].

2016 International Conference on Computing for Sustainable Global Development (INDIACom) 891
 $YDLODELOLW\SaaS must ensure the services are available to developers can work on same application.
users 24/7. By doing a proper and continuous maintenance for x Flexibility: customers are able to control on the tools
both software and hardware resources, the availability will be which are installed along with their platforms, and
guaranteed. Also its substantial to keep the current along with have the ability of create new platform to fit on their
all necessary improvements of system, giving good enough special requirements.
bandwidth of communication and avoiding the blockage '6HFXULW\RI3DD6WHFKQRORJ\
appearance are extremely important. When the issues of The security issue in PaaS is a big concern and will be
hardware occurred the network intrusions, RAID, attacks of distributed to the responsibility of both developer and provider,
denial-of-service, failover and redundancy can result to major the developer will be responsible to secure his applications
consequences. Quick recovery for the disaster is primary. For themselves, whereas the provider is responsible to secure the
connections disruption or data loss the protection must apply, development environment and computing platform [26][14].
even for the actions which are unexpected which can include There are many security issues associated to PaaS model such
fire and natural disaster. To prevent the loss of data from these as:
occurrences, copies of backup must be distribute to many other  7KLUGSDUW\UHODWLRQVKLSVDQGZHEKRVWHGGHYHORSPHQWWRROV
locations to be saved as well as waterproof and fireproof safe PaaS is serving third party web services Mashups to clients.
[16][23].  Mashups is web application or pages which combines the
  %DFNXS There are some drawbacks when we use the necessary elements from more than one resources to be a single
provider of cloud backup which can included as following [16]: unit [27][16]. Hence, the model of PaaS will be having same
x The issues of latency: especially when willing to back- security issues which belong to Mashups such as network and
up a large size of data. data security [16]. 
x Safeguard the data by handover it to the third parties:   /RFN ,Q RI 3$$6 9HQGRU The vendors of PaaS are able to
when the data is not encrypted so they need to do control over the application framework and storage which used
encrypt backups before send to them. by applications, what eventually occurs towards the
x Users generally are relying on the backup of cloud organizations which need from the infrastructure to operate
provider, are users aware of what happened if the their apps [16].
provider stop giving the services to them.   5DSLG FKDQJH RI DSSOLFDWLRQ The developers are facing
difficulty for construct a secure applications which are going to
' 3ODWIRUPDVDVHUYLFH 3DD6  be hosted in cloud. The quick change of application in cloud
'5HYLHZRI3DD6WHFKQRORJ\ will impact on System Development Life Cycle (SDLC) and
It is provide a proper environment or platform in which the security [28][16]. The developers must be aware of
developer can develop the applications and software to deploy continuously doing upgrade to their applicationin order to keep
them through the internet without any need for install or the changes for their applications. Also, the developers must be
manage the development environment [10][24]. PaaS is aware of the legal issues of data which will be stored in
allowing the customer to rent virtualized servers and attached different locations and different rules [16].
services for execute available applications or develop and test   'LVDVWHU DQG EXVLQHVV VWDELOLW\ DUUDQJHPHQW There are
the new one [25]. The customer does not control over the many doubts in this issues which are related to platform of
cloud’s infrastructure such as servers, networks, storage or OS,
whereas the customer has the control over the deployed cloud computing. Developers does not know what will happens
applications and their configurations [8]. The cost of service if the service shutdown due to many reasons. Also they do not
will be determined according to: data transfer per GB, usage know who will be responsible to fix the problem. Moreover,
per hour, I/O requests per million, storage use per GB and the organization does not know how this outage will impact on
datastorage requests per thousand [2]. the ability of organization to conduct its business [16]. 
  6HFXULW\ RI XQGHUO\LQJ LQIUDVWUXFWXUH The developers in
'$GYDQWDJHVRI3DD6WHFKQRORJ\
PaaS model cannot access to the cloud’s core layers. Thus, the
There are many advantages of using PaaS models such as responsibility of cloud service provider is to secure the
[25][12][13]: application services and underlying infrastructure. SaaS
x Increase the flexibility for the development process applications are created by the help of development tools which
and decrease the server storage overhead. provided by PaaS model. The developers are not pretty sure
x Streamlined version deployment. regarding the development tools security which been provided
x The security is provided, containing data security, by provider of PaaS, despite the developers are having control
recovery and backup. on their applications [16] [29].
x Reduce the cost by rent the physical and removing the
need of expert people to manage the infrastructure.

x Adaptability, that mean it has the ability to change if
the circumstances are altered. ( ,QIUDVWUXFWXUHDV$6HUYLFH ,DD6 
x PaaS is working on basis of one-to-many, so many
(5HYLHZRI,DD6WHFKQRORJ\

892 2016 International Conference on Computing for Sustainable Global Development (INDIACom)
 2016 3 International Conference on Computing for Sustainable Global Development , 16 - 18 March, 2016

It is provide the virtual infrastructure and raw hardware which

can be create, manage and destroy storage, and VMs via web   $WWDFNV LQ 9LUWXDOL]DWLRQ By the help of virtualization the
based service [7][24]. IaaS model is a result for the evolution of users can use the physical resources to create new layer such as
virtual private server which been already known since many network resources, storage device, server or OS to operate their
years back [9]. The provider of IaaS is supplying the client with applications. As the virtualization have advantages, it is also
virtual server along with one or more CPU executing several have disadvantages by allowing the attacker to gain access to
choice of operating [5][10]. The VM might be rent either for an physical machine [32][16]. by considering all attacks type, the
hour or it could be rented as long as it need. The infrastructure Virtualized environments are weaker than normal
resources are able to scale up and down according to client’s infrastructures. Furthermore, two boundaries will be for VMs,
demand and will be billed depend on the amount, duration, and which are virtual and physical. Also virtual machine of
additional services which been used by client form the VM. malicious can be migrated to another host to compromise it
Some providers are allowing the virtual instances to be [16].
connected to the company’s network through virtual private   :HDN 6/$V SLA will assures the QOS acceptance level
network (VPN) to make the network of the company appear as from the provider to customers, the SLA explains the definition
a one big scalable IT infrastructure [9]. The provider is of contract, monitoring, enhancement and negotiation of
responsible for operate, hosting and maintain the infrastructure resources [33][16]. Negotiation and contract definition is
in order to serve the client [24][25]. The client is able to control important to have knowledge on the responsibilities and
over the IP address, CPU, Memory, storage, deployed benefits for every party. The absence of standardization in the
applications, OS and some limit number of selected cloud-based services will cause to absence of clarity in SLA
components of the networking. The cost of use is agreements which offered by various providers, it certainly will
predominantly similar to the structure of PaaS [2][24][25]. impact on the security as well as expose the client to many
vulnerabilities [16].
($GYDQWDJHVRI,DD6WHFKQRORJ\
 6KDUHGUHVRXUFHV9XOQHUDELOLW\One server is able to share
There are many advantages of using IaaS models such as many resources such as I/O, memory, CPU and many other
[25][12][13]: resources to various VMs based on it. These shared resources
x The client able to increase or decrease the might lead to breach for other VM [16]. The malicious VM
infrastructure on demand. may decide to go over communication with the other VMs via
x The client able to execute a virtual machine due to shared memory. By using hidden channels, any two of VMs
providing virtualization as a service. can be communicated by pass a way of all the laws which
x Network as a service are provided, which includes the defined by the VMM security module [34][16]. The malicious
load balancing, hardware for routers and firewalls. Virtual Machine is able to monitor the resources which are
x Reducing the cost of human resources and hardware. shared without really being pointed out through the act of its
x Reducing ROI risk and low obstacles to entry. VMM, due to this hole the attacker can gain the information of
x Automated scaling and streamlined. other VMs [16].
 /LIHF\FOHRI9LUWXDOPDFKLQHThere is possibility of VMs to
(6HFXULW\RI,DD6WHFKQRORJ\ be suspended, off or on by the code of malicious [16]. It is very
The developer in IaaS model have much control on the security difficult to detect the malware, they can threat the VMs even if
as well as there are no holes of security in virtualization they were offline because the virtual machine could possibly be
manager [30][14]. As an addition, in theory the virtual instantiated by using an image which could have a malicious
machines may possibly be able to direct those type of issues but code [35][16]. These malicious code and images can possibly
also in practice you can still find several problems of security. be injected with the other VMs in the process of creation [16].
Another factor would be the data reliability which have stored  'DWD/RVVDQG/HDNDJHMany individual users can share the
inside the hardware of provider. As a result of getting larger data by using IaaS in public cloud. Particular user is not sure
virtualization of ‘everything’ in the society of information, who, how and from where attacker will gain access to his data.
keeping the maximum control on data to the data owner These issues can be avoided or reduced by applying a strong
irrespective of the physical location of it will come to be a topic techniques to protecting the data, authorization and
of the most interest. In order to accomplish maximum level of authentication [16].
security and trust on the resource of cloud, many different
III. COMPARATIVE STUDY
techniques should be applied [31][14]. The client is responsible
for controlling the security that relevant to IT system including We make a comparative study between the three models of
the data, applications and operating system [14]. There are service SaaS, PaaS and IaaS according to theoretical papers
many security threats to IaaS, we are going to mention some of base on many factors as we listed in the table below
them as below: [5][7][25][36].

2016 International Conference on Computing for Sustainable Global Development (INDIACom) 893
 TABLE I.  COMPARISON TABLE AMONG THE THREE MODELS OF SERVICES SAAS, PAAS AND IAAS
   
0RGHO   
 6DD6PRGHO 3DD6PRGHO ,DD6PRGHO
)DFWRUV

x Users are provided with x Users are provided with a x Users are provided with
applications that are platform for developing virtualized hardware and
accessible anytime and from applications hosted in the storage on top of which they
anywhere, these applications Cloud. can build their infrastructure
are provided in one-to-many x Services to develop Test x Allows for dynamic/self
mechanism. Deploy host and maintain scaling.
x Access via web to applications in the same x It has alterable cost, utility
commercial software. development environment. pricing model.
x User does not need to x Web based user interface x Ability to provide single
manage the software such as creation tools help to modify, hardware to many users.
upgrade and patches. create, deploy and test x Supported OS and Platform
x Application Programming different UI scenarios. independent.
Interfaces is giving the x Same development x The costs are less due to the
ability the different pieces of application could be utilize share of infrastructure.
software to be integrated by many users. x (SLA) Service level
x SLAs. x Web service and database are agreements.
&KDUDFWHULVWLFV x UI powered by “thin client” integrated with PaaS via x Pay as you go.
 applications. common standards. x Applications/frameworks.
x Stateless and loosely x Support for development
coupled. team collaboration.
x Modular. x Tools available to handle
x Semantic interoperability. billing and subscription
x Centralized Hosting / management.
Delivery. x User interface is
x Uniform Platform for Customizable
Delivery. /Programmable.
x Open Collaboration / x Database Customizations are
Sharing. unlimited.
x Solid Workflow
engine/capabilities.
x Flexible “services-enabled”
integration model.
x It is consumes cloud
infrastructure;
7\SLFDOOHYHORIFRQWUROJUDQWHG Usage and usage-related
Limited administrative Full administrative
WRFORXGFRQVXPHU configuration
Test, develop, manage and deploy Configure and setup bare
&RQVXPHUDFWLYLWLHV User and configures cloud service cloud based solutions and cloud infrastructure, install, manage and
services monitor any required software
Pre-configure platform and
provision underlying
infrastructure, middleware and Manage and provision the storage,
Manage, maintain and implement
other required IT resources as physical processing, hosting and
3URYLGHUDFWLYLWLHV cloud service monitor usage by
requisite monitor usage by networking the required monitor
consumer of cloud
consumer of cloud usage by the consumer of cloud

Email, CRM, website testing, Service and application test, Virtual machine, operating system,
Virtual desktop, Wiki, Blog, development, integration and message queue, network, storage,
6HUYLFHV
automation deployment CPU, memory, backup service

Saleforce.com, Google documents,

Clarizen.com, project Google AppEngine, Microsoft
management, Facebook.com, Amazon EC2 and S3, Gogrid,
Azure, Yahoo developer Network,
9HQGRUV Gmail, Hotmail, Quicken online, RACKSPACE, IBM BlueHouse,
MSFT, Heroku, Engine Yard,
Netsuite, , IBM® Linode, VMWare
force.com

894 2016 International Conference on Computing for Sustainable Global Development (INDIACom)
 2016 3 International Conference on Computing for Sustainable Global Development , 16 - 18 March, 2016
Bharati Vidyapeeth's Institute of Computer Applications and Management (BVICAM), New Delhi (INDIA)
IV. CONCLUSION
In this paper we examined the three service models of cloud [17].Birk, Dominik, and Christoph Wegener. "Technical issues of forensic
investigations in cloud computing environments." Systematic
computing (SaaS, PaaS, IaaS). The paper has focused on the Approaches to Digital Forensic Engineering (SADFE), 2011 IEEE
security issues of each model, advantages associated to them Sixth International Workshop on. IEEE, 2011.
and comparative study has been done among them. This [18].Pinnaka, Chaitanya. "Quantification of User Privacy Loss." (2012).
[19].InamulHaq, Muhammad. "The major security challenges to cloud
comparative study assisted the clients of cloud to determine computing." (2013).
what the kind of service’s characteristics they need, as well [20].Bhadoria, Robin Singh. "Security Architecture for Cloud
as the risks type which attached to each model. In spite of Computing." Handbook of Research on Securing Cloud-Based
there are many advantages attached to each model also there Databases with Biometric Applications(2014): 47.
[21].Brooks, Tyson, et al. "Secure the edge? Understanding the risk
are many security, SLA and privacy issues attached to each towards wireless grids Edgeware technology." International Journal of
model which are scare the users to shift his own work to Internet Technology and Secured Transactions 8 5.3 (2014): 191-222.
cloud computing. Moreover, cloud computing is located in a [22].Shi, Weidong, et al. "Architectural support of multiple hypervisors
over single platform for enhancing cloud computing
specific location which users does not know where it is, the security." Proceedings of the 9th conference on Computing Frontiers.
user is send/receive the data through the internet and the ACM, 2012.
users use same infrastructure to store and process their data. [23].denUijl, Maarten, JorisHulstijn, and Fred van Ipenburg. "An
Then integrated solution should be suitable for every integrated platform for supply chain transparency: a case in the cocoa
industry." (2013).
vulnerabilities to make users having faith on the technology. [24].J. Gibson, R. Rondeau, D. Eveleigh, and T. Qing, “Benefits and
Furthermore, there are security issues attached to network challenges of three cloud computing service models,” Comput. Asp.
connection between user and cloud computing, the network Soc. Networks, pp. 198–205, 2012.
attacker can get, snoop or alter data during transmission. [25].S. Khurana and A. G. Verma, “Comparison of Cloud Computing
Service Modelsௗ: SaaS ,PaaS , IaaS,” Int. J. Electron. Commun.
Technol., vol. 7109, pp. 29–32, 2013.
REFERENCES [26].Bacon, Jean, et al. "Information flow control for secure cloud
[1]. Kesan, J. P., Hayes, C. M., & Bashir, M. N. Information Privacy and computing."Network and Service Management, IEEE Transactions
Data Control in Cloud Computing: Consumers, Privacy Preferences, on 11.1 (2014): 76-89.
and Market Efficiency. Wash. & Lee L. Rev., 70, 341. 2013. [27].Marston, Sean, et al. "Cloud computing—The business
[2]. Z. Mahmood, “Cloud Computing: Characteristics and deployment perspective." Decision Support Systems 51.1 (2011): 176-189.
approaches,” Proc. - 11th IEEE Int. Conf. Comput. Inf. Technol. CIT, [28].Markov, Georgi A. Towards an industrial ALM (Application
pp. 121–126, 2011. Lifecycle) Tool Integration. Diss. Blekinge Institute of Technology,
[3]. Buyya, Rajkumar, Christian Vecchiola, and S. 2011.
ThamaraiSelvi. Mastering cloud computing: foundations and [29].Marston, Sean, et al. "Cloud computing—The business
applications programming. Newnes, 2013. perspective." Decision Support Systems 51.1 (2011): 176-189.
[4]. Weinhardt, Christof, et al. "Cloud computing–a classification, [30].Subashini, Subashini, and V. Kavitha. "A survey on security issues in
business models, and research directions." Business & Information service delivery models of cloud computing." Journal of network and
Systems Engineering 1.5 (2009): 391-399. computer applications 34.1 (2011): 1-11.
[5]. D. Rani and M. T. C. S. E. Student, “A Comparative Study of [31].Felter, Wes, et al. "An updated performance comparison of virtual
SaaS , PaaS and IaaS in Cloud Computing,” vol. 4, no. 6, pp. 458– machines and linux containers." technology 28 (2014): 32.
461, 2014. [32].Moreno-Vozmediano, Rafael, Rubén S. Montero, and Ignacio M.
[6]. ON, T. F. Cyber Security and Reliability in a Digital Cloud. 2013. Llorente. "IaaS cloud architecture: From virtualized datacenters to
[7]. A. M. MayankaKatyal, “A Comparative Study of Load Balancing federated cloud infrastructures." Computer 12 (2012): 65-72.
Algorithms in Cloud Computing Environment,” Int. J. Distrib. [33].B. Kepes, “Understanding the Cloud Computing Stack SaaS, Paas,
Cloud Comput., vol. 1, no. 2, p. 14, 2013. IaaS,” pp. 1–20, 2013.
[8]. O. P. Karada, A. Pipliya, P. Thakur, and N. Kamdar, “Analytical [34].Futral, William, and James Greene. Intel® Trusted Execution
Survey Model on Consumption of Cloud Service Models,” pp. 46–50, Technology for Server Platforms: A Guide to More Secure
Datacenters. Apress, 2013.
2011. [35].Fernandez, Eduardo B., Raul Monge, and Keiko Hashizume.
[9]. C. N. Höfer and G. Karagiannis, “Cloud computing services: "Building a security reference architecture for cloud
Taxonomy and comparison,” J. Internet Serv. Appl., vol. 2, no. 2, pp. systems." Requirements Engineering(2015): 1-25.
81–94, 2011. [36].Erl, T., Puttini, R., &Mahmood, Z. Cloud Computing: Concepts,
[10].[10] Kavis, M. J. Architecting the cloud: Design decisions for cloud Technology, & Architecture. Pearson Education. , 2013. 
computing service models (SaaS, PaaS, AND IaaS). John Wiley &
Sons. 2014.
[11].G. Kulkarni, P. Chavan, H. Bankar, K. Koli, and V. Waykule, “A New
Approach to Software as Service Cloud,” 2012 7th Int. Conf.
Telecommun. Syst. Serv. Appl., pp. 196–199, 2012.
[12]. L. Tim Mather, SubraKumaraswamy, “Cloud Privacy and Security,”
Gov. An Int. J. Policy Adm., p. 336, 2009.
[13].M. Computing, D. Thakral, and M. Singh, “Virtualization in cloud
computing 1,” vol. 3, no. 5, pp. 1262–1273, 2014.
[14].R. Article, “SECURITY CHALLENGES IN DIFFERENT
DELIVERY MODEL SPECIFICALLY SaaS,” 2015.
[15].Yu, Shucheng, Wenjing Lou, and KuiRen. "Data Security in
Cloud." Handbook on Securing Cyber-Physical Critical
Infrastructure (2012): 389.
[16].G. Kalpana, P. V Kumar, and R. V Krishnaiah, “A brief Survey on
Security Issues in Cloud and its service models,” vol. 4, no. 6, pp.
457–463, 2015.

2016 International Conference on Computing for Sustainable Global Development (INDIACom) 895

View publication stats