SecFlow: Adaptive Security-Aware Workflow Management System in Multi-Cloud Environments

In this paper, we propose an architecture for a security-aware workflow management system (WfMS) we call SecFlow in answer to the recent developments of combining workflow management systems with Cloud environments and the still lacking abilities of such systems to ensure the security and privacy of cloud-based workflows. The SecFlow architecture focuses on full workflow life cycle coverage as, in addition to the existing approaches to design security-aware processes, there is a need to fill in the gap of maintaining security properties of workflows during their execution phase. To address this gap, we derive the requirements for such a security-aware WfMS and design a system architecture that meets these requirements. SecFlow integrates key functional components such as secure model construction, security-aware service selection, security violation detection, and adaptive response mechanisms while considering all potential malicious parties in multi-tenant and cloud-based WfMS.Comment: 16 pages, 6 figure

Enhancing Workflow Security in Multi-cloud Environments Through Monitoring and Adaptation upon Cloud Service and Network Security Violations

Cloud computing has emerged as a crucial solution for handling data- and compute-intensive workflows, offering scalability to address dynamic demands. However, ensuring the secure execution of workflows in the untrusted multi-cloud environment poses significant challenges, given the sensitive nature of the involved data and tasks. The lack of comprehensive approaches for detecting attacks during workflow execution, coupled with inadequate measures for reacting to security and privacy breaches has been identified in the literature. To close this gap, in this work, we propose an approach that focuses on monitoring cloud services and networks to detect security violations during workflow executions. Upon detection, our approach selects the optimal adaptation action to minimize the impact on the workflow. To mitigate the uncertain cost associated with such adaptations and their potential impact on other tasks in the workflow, we employ adaptive learning to determine the most suitable adaptation action. Our approach is evaluated based on the performance of the detection procedure and the impact of the selected adaptations on the workflows.</p

Security and Privacy Concerns in Cloud-based Scientific and Business Workflows: A Systematic Review

Today, the number of data-intensive and compute-intensive applications like business and scientific workflows has dramatically increased, which made cloud computing more popular in the matter of delivering a large amount of computing resources on demand. On the other hand, security is a critical issue affecting the wide adoption of cloud technologies, especially for workflows that are mostly dealing with sensitive data and tasks. In this paper, we carry out a review of the state-of-the-art on how security and privacy concerns in scientific and business workflows in cloud environments are being addressed and identify the limitations and gaps in the current body of knowledge in this area. In this extensive literature review, we first present a classification of the state-of-the-art security solutions organized according to the phases of the workflow life cycle they target. Based on our findings, we provide a detailed review and classification of the most relevant available literature focusing on the execution, monitoring, and adaptation phases of workflows. Finally, we present a list of open research issues related to the security of cloud-based workflows and discuss them

Security and Privacy Concerns in Cloud-based Scientific and Business Workflows:A Systematic Review

Today, the number of data-intensive and compute-intensive applications like business and scientific workflows has dramatically increased, which made cloud computing more popular in the matter of delivering a large amount of computing resources on demand. On the other hand, security is a critical issue affecting the wide adoption of cloud technologies, especially for workflows that are mostly dealing with sensitive data and tasks. In this paper, we carry out a review of the state-of-the-art on how security and privacy concerns in scientific and business workflows in cloud environments are being addressed and identify the limitations and gaps in the current body of knowledge in this area. In this extensive literature review, we first present a classification of the state-of-the-art security solutions organized according to the phases of the workflow life cycle they target. Based on our findings, we provide a detailed review and classification of the most relevant available literature focusing on the execution, monitoring, and adaptation phases of workflows. Finally, we present a list of open research issues related to the security of cloud-based workflows and discuss them