Security Terminology Define the following terms: 1. Authentication – ability to identify who it is a. ACL – (access control list) is associated w/ a given resource. Describes groups, users, machines and their permissions associated with that particular resource. i. Token- one time only password key b. CA- certificate of authority- creates certificates -system or entity trusted to generate and distribute digital certificates. Can be privately used or from a 3rd party e-commerce site.
They including the data dictionary management, data store management, security management and also backup and recovery management. A data dictionary is a place where the DBMS stores definitions of the data elements and their metadata. All programs that access the data in the database will work through the DBMS. It uses the data dictionary to look up the required data component structures and relationships, thus the users do not have to code such complex relationships in each program. In addition, any changes made in database structure will be automatically recorded in the data dictionary, thereby freeing the users from having to modify all the programs that access the changed structure.
It is ensured by the firewalls and intrusion detection system (IDS). 3) Data Availability which means data should be available to users when they needed. 4) Data Location and Relocation which means data can be moved from one location to another because cloud providers have contracts with each other, so that they can use each other’s resources. In cloud computing environment, plain text is converted into cipher text by the cloud service provider and get back to the original data by the cloud user. Only the authorised user can access the data.
SSH has 3 main components as shown in figure 1: Transport Layer Protocol that provide confidentiality, integrity and authentication; User Authentication Protocol that authenticate client to the server; Connection Protocol that “multiplexes the encrypted tunnel into several logical channels” . Figure 1: Components of SSH  The main benefits of SSH are: Privacy of data, Integrity of data, Authentication of senders and receivers, authorization to access, forwarding “to encrypt other TCP/IP based sessions” . Privacy of data is maintained by encrypting that data that are transferred over the internet. The key is randomly selected and secretly negotiated between client and server and once the session is over, the key get discarded. Different Encryption algorithm are used such as 3-DES (triple-DES), IDEA, Blowfish.
A fundamental rule in computer security is that security is multi-level. So to truly protect software product registration keys are just a single layer of many. Works Cited  Functions Online, “SHA1,” [Online] Available: http://www.functions-online.com/sha1.html Accessed January 26, 2010.  Cirticom Corp., “ECC Tutorial,” [Online] Available: http://www.certicom.com/index.php/10-introduction. Accessed January 26, 2010.
It provides you with multiple options so as to ensure that one engages with their users at a level. This is something that is only offered by open source content management system.
There are three standard service models: Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS). IaaS is when the cloud providers supply the servers, storage and connectivity domains and charge the clients based on their usage. The PaaS model is when the vendor provides the platform which allows the organization the ability to access applications and services through the Internet. This enables the organization to have a well tested application-hosting environment without having the responsibility and expenses of procuring, deploying and managing the infrastructure. The SaaS model is when the cloud provider has full control over the application, which includes all the relevant competence, updates and maintenance.
Vendors intending to provide SaaS based systems would need to adhere to a certain type of model. This model includes a fully hosted web based user interface which is offered on a SaaS-based business model and lastly the integration of software using the service-oriented architecture model (Göldi, 2007). From a system access point of view it means allowing users to access systems via the web without any special kind of software; using any standard web browser or operating system platform (Deyo, 2008). Each client receives initial access to the same generic or base version of the software and configures it according to their specific business needs for which they will be billed a fixed monthly subscription fee or variable fee based on application usage (Rochwerger et al., 2009) . It then becomes the responsibility of the SaaS vendor to manage and maintain the life-cycle of these application instances for its entire tenant base; included in this management is the back up of databases, the seamless release of updated versions, so as not to interfere with any client customisations or configurations, the security of data and management of the application virtual servers (Rochwerger et al., 2009) .
Web services are applications components that communicate using open XML-based standards and transport protocols to exchange data with calling clients. They are self-containing and self-describing and can be discovered using the Universal Description, Discovery, and Integration (UDDI). They can also be used by other applications and can be published, located, and invoked across the Web. HTTP and XML are the basis for Web services. The Java platform provides the XML and RESTful APIs and tools needed to quickly design, develop, test, and deploy web services and clients that fully interoperate with other web services and clients running on Java-based or non-Java-based platforms.
It allows the user to remember only one password, and if required, use as strong authentication credential just once to securely access all cloud applications. • Speed — Single browser redirect is all it takes to securely sign a user into an application. • Minimizes Help desk calls — Reduction of help desk calls for password resets. • Bring your own Device — where there is increased use of Bring your own Device (BYOD), SAML best fits since multiple accounts can be accessed from anywhere, any time.