Security and Privacy Concerns in Cloud-based Scientific and Business Workflows: A Systematic Review

Today, the number of data-intensive and compute-intensive applications like business and scientific workflows has dramatically increased, which made cloud computing more popular in the matter of delivering a large amount of computing resources on demand. On the other hand, security is a critical issue affecting the wide adoption of cloud technologies, especially for workflows that are mostly dealing with sensitive data and tasks. In this paper, we carry out a review of the state-of-the-art on how security and privacy concerns in scientific and business workflows in cloud environments are being addressed and identify the limitations and gaps in the current body of knowledge in this area. In this extensive literature review, we first present a classification of the state-of-the-art security solutions organized according to the phases of the workflow life cycle they target. Based on our findings, we provide a detailed review and classification of the most relevant available literature focusing on the execution, monitoring, and adaptation phases of workflows. Finally, we present a list of open research issues related to the security of cloud-based workflows and discuss them.