| Abstract |
The rise in security threats faced by organizations has resulted in increased attention towards cloud adoption in organizations and cloud security research. To address these concerns, it is crucial to establish trust between application users and cloud services by exploring the gap of cloud security challenges and opportunities in the cybersecurity context. Due to the growing interest in this topic, a comprehensive and updated review of existing literature is much needed. This paper thoroughly examines the current landscape of cloud security, grounded in an extensive systematic literature review of 1,324 research papers, through the lens of a Design Science Research artifact typology rooted in the Information Systems domain. The paper makes significant technological contributions to the field of cloud security, by categorizing findings into four artifact types: constructs, models, methods, and instantiations. These categories are examined across multiple levels of cloud architecture, including data management, identity and access, application and software, host and virtualization, as well as privacy, trust, and compliance. The proposed research framework is adopted to further analyze the challenges that organizations face in securing their cloud-based systems against threats such as data breaches, unauthorized access, and cyberattacks. In addition, the review explores the potential opportunities for enhancing cloud security through the integration of advanced technologies such as blockchain, zero trust, multi-cloud architecture, machine learning and artificial intelligence, in various domains such as healthcare, IoT, and smart cities. By providing a critical analysis of the current state of cloud security, this review paper offers valuable insights into the challenges and opportunities associated with securing cloud-based systems in the cybersecurity era. © 2025 Elsevier Ltd |
