Cloud computing is a standard architecture for many applications and may employ cloud federation and/or have other types of agreements for large-scale pooling of resources and accesses for Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS). The level of security that cloud computing architecture provides is typically insufficient and often inadequate to protect from risks of intrusion and unauthorized access. If a browser of an authorized user is subverted, all resources of which the authorized user has access to and even resources used by other users in application(s) entrusted to a cloud provider, can be at risk of subversion. This security failure relating to data protection can also affect other customers of the cloud provider when, for example, the cloud provider employs a federated cloud architecture or when the cloud provider does not employ secure and reliable data deletion of previously used resources. For example, some cloud providers remove pointers to data as a method of data deletion instead of overwriting the physical blocks storing the data multiple times. In doing so, the non-deleted data remains on the physical media, and therefore is exposed to intruders.
Accessing clouds from behind application gateways or behind network packet filtering firewalls can reduce unauthorized access, but does not guarantee exclusion of unauthorized access, because risk of subversion through browsers are high. High-volume attacks against valuable sites are increasing faster than cloud computing applications with security that can withstand these attacks.