The concept of cloud computing is straightforward: you replace
capital-intensive IT assets that must be internally managed with
rented “pay-as-you-go” IT capacity and services at commoditized
prices.
Security is the number-one concern cited by IT managers when
they think about cloud deployments,  according to IDC's research.
Two security issues immediately come to mind:
Remote
access/authentication  and sensitive data protection.
While strong
authentication is required to protect assets from outside world ,
data protection is required to protect assets from dangers within
the cloud.
MACS- Managed Authentication&Crypto Service
provides scalable 2factor/3factor authentication . Its integration
with outsourced Cloud  Platform can be accomplished using
delegated authentication between Enterprise and  Cloud Platform
as  
shown  in the diagram .
This scheme allows the same strong authentication scalability
for the Enterprise and the Cloud . The issue of sensitive data
protection is addressed  by preventing the possibility to decrypt  
any data on the cloud as following :
MACS provides a tool for Enterprise administrators for granulated
authorisation of  specific data files. These  data files are stored
encrypted on Cloud Storage platform. To decrypt  these  files - one  
must perform strong authentication vs. MACS. In addition - the
person will be able to open these data files only if authorised by
MACS tool. Cloud itself is excluded from this authorisation:
  • files stored on cloud will be never decrypted on cloud
  • files stored on cloud will be decrypted only by  group of
    authorised persons on their PCs following their real-time
    strong authentication
  • geographic and time expiration exclusions may apply
  • audit trail of decryption will exists
Solutions :MACS for Cloud Computing
              Gartner:
Cloud computing is picking up
traction with businesses, but before
you jump into the cloud, you should
know the unique security risks it
entails:
Sensitive data processed outside
the enterprise brings with it an
inherent level of risk, because
outsourced services bypass the
"physical, logical and personnel
controls" IT shops exert over
in-house programs. Get as much
information as you can about the
people who manage your data. "Ask
providers to supply specific
information on the hiring and
oversight of privileged
administrators, and the controls
over their access," Gartner says.

            RSA:
Sensitive data in the cloud will
require granular security. For
information in the cloud, sensitive
data will require security at the file
level.