The present invention relates generally to the field of cloud computing and enterprises on premise applications, and more specifically to the security of one or more applications in a cloud computing setting.
In this era of complex cloud applications, security is becoming increasingly crucial. Cloud application providers ensure that applications available are secure as a service via the cloud (e.g., SaaS) by specifying, designing, implementing, testing and maintaining the appropriate application security measures in the production environment. Every application has a security component which is role or permissions based. For large operations on the cloud, security considerations become more complex for users to understand. A security administrator needs to determine the exact permission to be given to the users for required operations.
Application security encompasses measures taken throughout the code's life-cycle to prevent gaps in the security policy of an application or the underlying system vulnerabilities through flaws in the design, development, deployment, upgrade, or maintenance of the application. Applications only control the kind of resources granted to them, and not which resources are granted to them. Application security determines the use of these resources by the users of the application.