Today, the number of data-intensive and compute-intensive applications like business and scientific workflows has dramatically increased, which made cloud computing more popular in the matter of delivering a large amount of computing resources on demand. On the other hand, security is a critical issue affecting the wide adoption of cloud technologies, especially for workflows that are mostly dealing with sensitive data and tasks. In this paper, we carry out a review of the state-of-the-art on how security and privacy concerns in scientific and business workflows in cloud environments are being addressed and identify the limitations and gaps in the current body of knowledge in this area. In this extensive literature review, we first present a classification of the state-of-the-art security solutions organized according to the phases of the workflow life cycle they target. Based on our findings, we provide a detailed review and classification of the most relevant available literature focusing on the execution, monitoring, and adaptation phases of workflows. Finally, we present a list of open research issues related to the security of cloud-based workflows and discuss them.
翻译:今天,诸如商业和科学工作流程等数据密集型和计算密集型应用软件的数量急剧增加,使云计算在按需提供大量计算资源方面更受欢迎;另一方面,安全是影响广泛采用云技术的一个关键问题,特别是对于主要处理敏感数据和任务的工作流程而言,安全是影响广泛采用云技术的关键问题;在本文件中,我们审查了云环境中科学和商业工作流程中安全和隐私问题的最新处理方式,并查明了该领域现有知识体系中的局限性和差距;在本次广泛的文献审查中,我们首先介绍了按照工作周期目标阶段组织的最新安全解决方案的分类;根据我们的调查结果,我们详细审查和分类了现有最相关的文献,重点是工作流程的执行、监测和适应阶段;最后,我们提出了与云源工作流程安全有关的公开研究问题清单,并讨论了这些问题。