一个新的框架,以确定网络安全挑战和机遇的组织数字化转型在云

IF 6.8 2区 计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS Computers & Security Pub Date : 2025-04-01 Epub Date: 2025-01-16 DOI:10.1016/j.cose.2025.104339
Xueping Liang, Yilin Xu
{"title":"一个新的框架,以确定网络安全挑战和机遇的组织数字化转型在云","authors":"Xueping Liang,&nbsp;Yilin Xu","doi":"10.1016/j.cose.2025.104339","DOIUrl":null,"url":null,"abstract":"<div><div>The rise in security threats faced by organizations has resulted in increased attention towards cloud adoption in organizations and cloud security research. To address these concerns, it is crucial to establish trust between application users and cloud services by exploring the gap of cloud security challenges and opportunities in the cybersecurity context. Due to the growing interest in this topic, a comprehensive and updated review of existing literature is much needed. This paper thoroughly examines the current landscape of cloud security, grounded in an extensive systematic literature review of 1,324 research papers, through the lens of a Design Science Research artifact typology rooted in the Information Systems domain. The paper makes significant technological contributions to the field of cloud security, by categorizing findings into four artifact types: constructs, models, methods, and instantiations. These categories are examined across multiple levels of cloud architecture, including data management, identity and access, application and software, host and virtualization, as well as privacy, trust, and compliance. The proposed research framework is adopted to further analyze the challenges that organizations face in securing their cloud-based systems against threats such as data breaches, unauthorized access, and cyberattacks. In addition, the review explores the potential opportunities for enhancing cloud security through the integration of advanced technologies such as blockchain, zero trust, multi-cloud architecture, machine learning and artificial intelligence, in various domains such as healthcare, IoT, and smart cities. By providing a critical analysis of the current state of cloud security, this review paper offers valuable insights into the challenges and opportunities associated with securing cloud-based systems in the cybersecurity era.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"151 ","pages":"Article 104339"},"PeriodicalIF":6.8000,"publicationDate":"2025-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A novel framework to identify cybersecurity challenges and opportunities for organizational digital transformation in the cloud\",\"authors\":\"Xueping Liang,&nbsp;Yilin Xu\",\"doi\":\"10.1016/j.cose.2025.104339\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>The rise in security threats faced by organizations has resulted in increased attention towards cloud adoption in organizations and cloud security research. To address these concerns, it is crucial to establish trust between application users and cloud services by exploring the gap of cloud security challenges and opportunities in the cybersecurity context. Due to the growing interest in this topic, a comprehensive and updated review of existing literature is much needed. This paper thoroughly examines the current landscape of cloud security, grounded in an extensive systematic literature review of 1,324 research papers, through the lens of a Design Science Research artifact typology rooted in the Information Systems domain. The paper makes significant technological contributions to the field of cloud security, by categorizing findings into four artifact types: constructs, models, methods, and instantiations. These categories are examined across multiple levels of cloud architecture, including data management, identity and access, application and software, host and virtualization, as well as privacy, trust, and compliance. The proposed research framework is adopted to further analyze the challenges that organizations face in securing their cloud-based systems against threats such as data breaches, unauthorized access, and cyberattacks. In addition, the review explores the potential opportunities for enhancing cloud security through the integration of advanced technologies such as blockchain, zero trust, multi-cloud architecture, machine learning and artificial intelligence, in various domains such as healthcare, IoT, and smart cities. By providing a critical analysis of the current state of cloud security, this review paper offers valuable insights into the challenges and opportunities associated with securing cloud-based systems in the cybersecurity era.</div></div>\",\"PeriodicalId\":51004,\"journal\":{\"name\":\"Computers & Security\",\"volume\":\"151 \",\"pages\":\"Article 104339\"},\"PeriodicalIF\":6.8000,\"publicationDate\":\"2025-04-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computers & Security\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0167404825000288\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"2025/1/16 0:00:00\",\"PubModel\":\"Epub\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404825000288","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"2025/1/16 0:00:00","PubModel":"Epub","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

摘要

组织面临的安全威胁的增加导致组织对云采用和云安全研究的关注增加。为了解决这些问题,通过探索网络安全背景下云安全挑战和机遇的差距,在应用程序用户和云服务之间建立信任至关重要。由于对该主题的兴趣日益浓厚,因此非常需要对现有文献进行全面和更新的综述。本文通过植根于信息系统领域的设计科学研究工件类型学的视角,在对1324篇研究论文进行广泛系统的文献综述的基础上,全面考察了云安全的现状。本文通过将发现分为四种工件类型:构造、模型、方法和实例,对云安全领域做出了重大的技术贡献。这些类别在云架构的多个层次上进行检查,包括数据管理、身份和访问、应用程序和软件、主机和虚拟化,以及隐私、信任和遵从性。采用拟议的研究框架是为了进一步分析组织在保护其基于云的系统免受数据泄露、未经授权访问和网络攻击等威胁方面面临的挑战。此外,该报告还探讨了通过集成区块链、零信任、多云架构、机器学习和人工智能等先进技术,在医疗保健、物联网和智慧城市等各个领域增强云安全的潜在机会。通过对云安全现状的批判性分析,本文对网络安全时代与保护基于云的系统相关的挑战和机遇提供了有价值的见解。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
A novel framework to identify cybersecurity challenges and opportunities for organizational digital transformation in the cloud
The rise in security threats faced by organizations has resulted in increased attention towards cloud adoption in organizations and cloud security research. To address these concerns, it is crucial to establish trust between application users and cloud services by exploring the gap of cloud security challenges and opportunities in the cybersecurity context. Due to the growing interest in this topic, a comprehensive and updated review of existing literature is much needed. This paper thoroughly examines the current landscape of cloud security, grounded in an extensive systematic literature review of 1,324 research papers, through the lens of a Design Science Research artifact typology rooted in the Information Systems domain. The paper makes significant technological contributions to the field of cloud security, by categorizing findings into four artifact types: constructs, models, methods, and instantiations. These categories are examined across multiple levels of cloud architecture, including data management, identity and access, application and software, host and virtualization, as well as privacy, trust, and compliance. The proposed research framework is adopted to further analyze the challenges that organizations face in securing their cloud-based systems against threats such as data breaches, unauthorized access, and cyberattacks. In addition, the review explores the potential opportunities for enhancing cloud security through the integration of advanced technologies such as blockchain, zero trust, multi-cloud architecture, machine learning and artificial intelligence, in various domains such as healthcare, IoT, and smart cities. By providing a critical analysis of the current state of cloud security, this review paper offers valuable insights into the challenges and opportunities associated with securing cloud-based systems in the cybersecurity era.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
Computers & Security
Computers & Security 工程技术-计算机:信息系统
CiteScore
12.40
自引率
7.10%
发文量
365
审稿时长
10.7 months
期刊介绍: Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.
期刊最新文献
A Multi-Frequency Temporal Spatio-Transformer for adversarially robust IoT intrusion detection Debapt: Ontology-driven multi-agent debate for APT adversary profile construction from cyber threat intelligence CoolTest: Randomness test suited for small data volumes ODHD: On-Demand Helper Data generation for reliable NVM-free key derivation from SRAM PUF From Systematic Threat Search to pentesting: Industrial Control Systems threat models
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1