【 摘 要 】

Today, the number of data-intensive and compute-intensive applications like business and scientific workflows has dramatically increased, which made cloud computing more popular because of its ability to deliver a large number of computing resources on-demand. Security is a critical issue affecting the wide adoption of cloud technologies, especially for workflows that are mostly dealing with sensitive data and tasks. In this paper, we carry out a review of the state-of-the-art on how security and privacy concerns in scientific and business workflows in cloud environments are being addressed and identify the limitations and gaps in the current body of knowledge in this area. In this extensive literature review, we first present the state-of-the-art security solutions organized according to the phases of the workflow life cycle they target for both business and scientific workflows. The analysis shows that most of the existing literature focuses on the modeling and execution phases, while the monitoring and adaptation phases are not covered adequately by a scarce amount of publications thus leaving a huge gap in the body of knowledge relevant to detection, prevention of and reaction to security violations in cloud-based workflows.& COPY; 2023 The Author(s). Published by Elsevier B.V. This is an open access article under the CC BY license (http://creativecommons.org/licenses/by/4.0/).

【 授权许可】

Free