A systematic review of security threats and countermeasures in SaaS

Autor: Víctor Morales-Rocha, Miguel Ángel Díaz de León Guillén, Luis Felipe Fernández Martínez
Rok vydání: 2020
Předmět:
Zdroj: Journal of Computer Security. 28:635-653
ISSN: 1875-8924
0926-227X
DOI: 10.3233/jcs-200002
Popis: Among the service models provided by the cloud, the software as a service (SaaS) model has had the greatest growth. This service model is an attractive option for organizations, as they can transfer part or all of their IT functions to a cloud service provider. However, there is still some uncertainty about deciding to carry out a migration of all data to the cloud, mainly due to security concerns. The SaaS model not only inherits the security problems of a traditional application, but there are unique attacks and vulnerabilities for a SaaS architecture. Additionally, some of the attacks in this environment are more devastating due to nature of shared resources in the SaaS model. Some of these attacks and vulnerabilities are not yet well known to software designers and developers. This lack of knowledge has negative consequences as it can expose sensitive data of users and organizations. This paper presents a rigorous systematic review using the SALSA framework to know the threats, attacks and countermeasures to mitigate the security problems that occur in a SaaS environment. As part of the results of this review, a classification of threats, attacks and countermeasures in the SaaS environment is presented.
Databáze: OpenAIRE
Externí odkaz:
Nepřihlášeným uživatelům se plný text nezobrazuje