Abstract

Our life has been significantly enhanced and improved by a wide range of multifarious software services. Technological advancements and availability of high speed Internet connection has enabled software providers to transform traditional on-premise software deployment model to off-premise centralized deployment model. Providers and users are attracted by the software as a service (SaaS) paradigm due to the appealing features such as pay-as-you-go and optimal hardware utilization it can offer. However, lots of enterprises are still reluctant to move their business into SaaS because of the security concerns. Security issues plaguing the SaaS environment cuts across various areas which could lead to increased attack surface for potential security threats. This article first introduces the architecture of SaaS and highlights its utility and applicability in different environments like cloud computing, mobile cloud computing, software defined network and Internet of things. Then elaborate the SaaS security challenges spanning across data security, application security to SaaS deployment security and how security issues might affect different layers in the SaaS architecture.