SaaS Application Framework Using Information Gateway Enabling Cloud Service with Data Confidentiality

Along with the rapid evolution of cloud computing, outsourcing service has also changed significantly. One of the main concerns for cloud computing is security. In particular, it becomes more important to handle client data securely in such a consulting service. In this paper, we present the design and implementation of Software as a Service (SaaS) application framework using Information Gateway that enables cloud service while maintaining data confidentiality. By setting up Information Gateway in the client environment, the executing location is dynamically controlled according to whether the data contains confidential information or not, and only secured data is routed to the SaaS application in the cloud. Therefore, if the data policy is registered by the client administrator beforehand, the user is able to use the cloud service appropriately without being aware of it. Moreover, we also describe that existing applications can be easily ported into the SaaS application because our framework allows application developers to define complicated routing logic briefly.