With the Software as a Service (SaaS) model, you can reduce IT costs because you no longer need to support multiple platforms and versions. However, because data and processes are housed externally, security is a top priority in SaaS architecture. In this article you learn various application-level security requirements of J2EE-based multi-tenant SaaS applications and mechanisms to address these requirements.