1. access control 2. Attack harm detection 3. Non repudiation 4. Interity !. "ecurity Auditin #. $hysical $rotection %. $ri&acy and con'dentiality (. reco&ery ). $rosecution a* Access control Characteri+es the point to which a system restricts its resources access only to its authorised outsiders who can ,e prorams- ser&ices- actual humans- de&ices applications- framents or &arious other systems. Access control may,e summarised as mi.ture of authori+ation- identi'cation and authentication- the purpose of all ,ein the super&ision and manaement of a certain le&els of permissions allowed to those entities that can pro&e their identity and permitted access to e.plain pri&ileed o&er desinated resources. ,* Attack /arm0detection Ascertains e.tent of tried or successful attacks in terms of them ,ein noti'ed- detected and recorded. "olutions can ,e dormant a&oidance and detection throuh employment of 'lter structures. 1e, ,rowser cloud access presents a &ariety of security threats. "er&ices dependent on /22$ and 345 are suscepti,le to 6o" attacks employment. "afe mechanism which handles 'ltration and detection of malinant re7uests is dependent on incorporation of a 'lter tree. 8N689 system which is a se7uel to cloud protector is more e7uipped in dealin with mitiation and detection of 6o" attacks. c* Non repudiation It:s the pre&ention of denial of reardin any facet of the transaction ,y any two parties su,;ect to the interaction. 2hey do incorporate employment of $<I and pu,lic key e.chane sinatures or certi'cates. Information security is uaranteed in "aa" applications throuh the "aa" Application "ecurity 4odel which is used 6ecentralised Information Control. 2rust code is used in incorporation of ensurin data is deli&ered to the correct user at the correct address of propaation. /omomorphic distri,ution &eri'cation protocol has ,een recommended ,y many researches as a solution to non=repudiation attempts. d* Interity 4ake system more safe and secure aainst deli,erate and illeitimate e.ploitation or harm. Interity can ,e classi'ed into- software interity- hardware interity- data interity and personnel interity. Common way of ful'llin re7uirements is introduction of contracts in the form of "er&ice 5e&el Areements ,etween cloud ser&ice pro&ider and user. "er&ice 5e&el Areements comprises of cloud infrastructure alon with other certain ,enchmarks. >ne important infrastructural notion associated with the cloud en&ironment is the concept of &irtuali+ation which is actually a representation of the &irtual ha,itat instead of speci'ed physical machine. ?ene'ts of &irtuali+ation are security scala,ility and cost e@ecti&e. 6ata interity is supported ,y the concept of the &irtual machine fork. 6ata encryption durin transmission or storae is also &ia,le for interity checks. >ne solution suests two di@erent cryptoraphic techni7ues for software and hardware sides in order to preser&e data interity. Another recommends the use of the homomorphic distri,ution &eri'cation protocol to ascertain data interity and security which in principal relies on the employment of the cyclic error correction code to ensure data interity. e* "ecurity Auditin Analysis of security associated occurrences allow for usae- &ulnera,ility and status auditin of security methods ,y security sta@ mem,ers. "ecurity auditin is linked to the dynamic &eri'cation approach which is in comparison to the auditin in principal is linked is linked to the dynamic &eri'cation approach which in comparison to the static approaches is con&entional ac7uired ,y o&erseein system e.ecutions con'rmin and scrutini+in its compliance aainst a certain set of standards. 6espite e.istence of auditin standards the introduction of cloud applica,le auditin standards is still in 7uestion. "olution calls for the hih performance ,atch auditin protocol for e.terior third party auditors who are crucial in terms of data security and interity assurance for cloud ser&ice users. An additional approach proposes a three layered framework- the introduction of a new lanuae for the e.pression of rules related to the monitorin and a 'nite state machine scheme for the impro&isation of monitorin enines. f* $hysical $rotection 9efers to the e.tent to which a system will o to protect itself and its constituents from attacks. 2erm physical attacks include natural disasters e. earth 7uakes and damae caused ,y natural occurrences alon with stealin of hardware or machines ,y attackers or intruders. All such natural disasters and frauds are considered part of the "er&ice 5e&el Areements ,etween the ser&ice pro&ider and the user. Insurance terms should ,e introduced for ,oth the ser&ice pro&ider and the user to deal with such scenarios. * $ri&acy and con'dentiality 6etermines e.tent to which illeitimate parties are refrained from accessin pri&ate data and information. $roposals ha&e ,een made on implementation of access control methods to ensure con'dentiality of sensiti&e information and data. h* 9eco&ery 9efers to the e.tent to which corrupted- lost unintentionally mishandled or corrupted data sements miht ,e partly or fully retrie&ed. Cloud ser&ice pro&ider and users miht ,e su,;ected to instantaneous reco&ery or miht ,e presented as an optional ser&ice. Auditin models with roll ,ack solutions also help in facilitation of data reco&ery solutions. i* $rosecution 4iht ha&e two meanins when it comes to cloud computin en&ironment the 'rst ,ein the capacity and ;urisdictional authori+ation of law administration to prosecute- in&estiate and sei+e systems which are deemed responsi,le for ,reakin the law and second ,ein the power to indict malicious or suspicious conduct and users inside the cloud the en&ironment