Next Article in Journal
A Systematic Modelling Procedure to Design Agent-Oriented Control to Coalition of Capabilities—In the Context of I4.0 as Virtual Assets (AAS)
Next Article in Special Issue
Click Fraud in Digital Advertising: A Comprehensive Survey
Previous Article in Journal
Reinforcing SLA Consensus on Blockchain
Previous Article in Special Issue
Requirements Elicitation for an Assistance System for Complexity Management in Product Development of SMEs during COVID-19: A Case Study
 
 
Review

Cloud-Based Business Process Security Risk Management: A Systematic Review, Taxonomy, and Future Directions

1
Department of Computer Science, Federal University of Agriculture, Abeokuta 2240, Nigeria
2
Department of Computer Science and Communication, Ostfold University College, 1783 Halden, Norway
3
School of ICT, Nelson Mandela University, Port Elizabeth 6031, South Africa
4
Department of Software Engineering, Kaunas University of Technology, 51368 Kaunas, Lithuania
*
Authors to whom correspondence should be addressed.
Academic Editor: George Angelos Papadopoulos
Computers 2021, 10(12), 160; https://doi.org/10.3390/computers10120160
Received: 19 October 2021 / Revised: 15 November 2021 / Accepted: 23 November 2021 / Published: 26 November 2021
(This article belongs to the Special Issue Feature Paper in Computers)
Despite the attractive benefits of cloud-based business processes, security issues, cloud attacks, and privacy are some of the challenges that prevent many organizations from using this technology. This review seeks to know the level of integration of security risk management process at each phase of the Business Process Life Cycle (BPLC) for securing cloud-based business processes; usage of an existing risk analysis technique as the basis of risk assessment model, usage of security risk standard, and the classification of cloud security risks in a cloud-based business process. In light of these objectives, this study presented an exhaustive review of the current state-of-the-art methodology for managing cloud-based business process security risk. Eleven electronic databases (ACM, IEEE, Science Direct, Google Scholar, Springer, Wiley, Taylor and Francis, IEEE cloud computing Conference, ICSE conference, COMPSAC conference, ICCSA conference, Computer Standards and Interfaces Journal) were used for the selected publications. A total of 1243 articles were found. After using the selection criteria, 93 articles were selected, while 17 articles were found eligible for in-depth evaluation. For the results of the business process lifecycle evaluation, 17% of the approaches integrated security risk management into one of the phases of the business process, while others did not. For the influence of the results of the domain assessment of risk management, three key indicators (domain applicability, use of existing risk management techniques, and integration of risk standards) were used to substantiate our findings. The evaluation result of domain applicability showed that 53% of the approaches had been testing run in real-time, thereby making these works reusable. The result of the usage of existing risk analysis showed that 52.9% of the authors implemented their work using existing risk analysis techniques while 29.4% of the authors partially integrated security risk standards into their work. Based on these findings and results, security risk management, the usage of existing security risk management techniques, and security risk standards should be integrated with business process phases to protect against security issues in cloud services. View Full-Text
Keywords: business process; cloud computing; security risk management; business process lifecycle; security standards business process; cloud computing; security risk management; business process lifecycle; security standards
Show Figures

Figure 1

MDPI and ACS Style

Abioye, T.E.; Arogundade, O.T.; Misra, S.; Adesemowo, K.; Damaševičius, R. Cloud-Based Business Process Security Risk Management: A Systematic Review, Taxonomy, and Future Directions. Computers 2021, 10, 160. https://doi.org/10.3390/computers10120160

AMA Style

Abioye TE, Arogundade OT, Misra S, Adesemowo K, Damaševičius R. Cloud-Based Business Process Security Risk Management: A Systematic Review, Taxonomy, and Future Directions. Computers. 2021; 10(12):160. https://doi.org/10.3390/computers10120160

Chicago/Turabian Style

Abioye, Temitope Elizabeth, Oluwasefunmi Tale Arogundade, Sanjay Misra, Kayode Adesemowo, and Robertas Damaševičius. 2021. "Cloud-Based Business Process Security Risk Management: A Systematic Review, Taxonomy, and Future Directions" Computers 10, no. 12: 160. https://doi.org/10.3390/computers10120160

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop