{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,24]],"date-time":"2026-03-24T17:55:58Z","timestamp":1774374958605,"version":"3.50.1"},"reference-count":102,"publisher":"Springer Science and Business Media LLC","issue":"7","license":[{"start":{"date-parts":[[2025,7,31]],"date-time":"2025-07-31T00:00:00Z","timestamp":1753920000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2025,7,31]],"date-time":"2025-07-31T00:00:00Z","timestamp":1753920000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100001871","name":"Funda\u00e7\u00e3o para a Ci\u00eancia e a Tecnologia","doi-asserted-by":"publisher","award":["UIDB\/50008\/2020"],"award-info":[{"award-number":["UIDB\/50008\/2020"]}],"id":[{"id":"10.13039\/501100001871","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001871","name":"Funda\u00e7\u00e3o para a Ci\u00eancia e a Tecnologia","doi-asserted-by":"publisher","award":["UIDB\/50008\/2020"],"award-info":[{"award-number":["UIDB\/50008\/2020"]}],"id":[{"id":"10.13039\/501100001871","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001871","name":"Funda\u00e7\u00e3o para a Ci\u00eancia e a Tecnologia","doi-asserted-by":"publisher","award":["UIDB\/50008\/2020"],"award-info":[{"award-number":["UIDB\/50008\/2020"]}],"id":[{"id":"10.13039\/501100001871","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001871","name":"Funda\u00e7\u00e3o para a Ci\u00eancia e a Tecnologia","doi-asserted-by":"publisher","award":["UIDB\/50008\/2020"],"award-info":[{"award-number":["UIDB\/50008\/2020"]}],"id":[{"id":"10.13039\/501100001871","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001871","name":"Funda\u00e7\u00e3o para a Ci\u00eancia e a Tecnologia","doi-asserted-by":"publisher","award":["UIDB\/50008\/2020"],"award-info":[{"award-number":["UIDB\/50008\/2020"]}],"id":[{"id":"10.13039\/501100001871","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100007689","name":"Universidade de Aveiro","doi-asserted-by":"crossref","id":[{"id":"10.13039\/100007689","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Cluster Comput"],"published-print":{"date-parts":[[2025,9]]},"abstract":"<jats:title>Abstract<\/jats:title>\n          <jats:p>This systematic review examines serverless security mechanisms proposed between 2018 and 2024, categorizing them into a layered security model comprising runtime, network, function, orchestration, and data. The proposed model provides a structured framework to analyze serverless-specific threats and protective measures that can be used in future works to better contextualize the threat scope of new protection techniques. Our findings reveal notable advancements in serverless security but highlight persistent gaps, such as function-level observability or data lifecycle protection. In addition to cataloging existing mechanisms, we identify key research directions and share all review data to facilitate future studies. This work advances the understanding of serverless security and offers a foundation for developing more robust protective measures.<\/jats:p>","DOI":"10.1007\/s10586-025-05371-4","type":"journal-article","created":{"date-parts":[[2025,7,31]],"date-time":"2025-07-31T12:59:51Z","timestamp":1753966791000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["A systematic review on security mechanisms for serverless computing"],"prefix":"10.1007","volume":"28","author":[{"given":"Pedro","family":"Escaleira","sequence":"first","affiliation":[]},{"given":"Vitor A.","family":"Cunha","sequence":"additional","affiliation":[]},{"given":"Jo\u00e3o P.","family":"Barraca","sequence":"additional","affiliation":[]},{"given":"Diogo","family":"Gomes","sequence":"additional","affiliation":[]},{"given":"Rui L.","family":"Aguiar","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,7,31]]},"reference":[{"issue":"5","key":"5371_CR1","doi-asserted-by":"publisher","first-page":"76","DOI":"10.1145\/3406011","volume":"64","author":"J Schleier-Smith","year":"2021","unstructured":"Schleier-Smith, J., Sreekanti, V., Khandelwal, A., Carreira, J., Yadwadkar, N.J., Popa, R.A., et al.: What serverless computing is and should become: the next phase of cloud computing. Commun. ACM 64(5), 76\u201384 (2021). https:\/\/doi.org\/10.1145\/3406011","journal-title":"Commun. ACM"},{"issue":"5","key":"5371_CR2","doi-asserted-by":"publisher","first-page":"8","DOI":"10.1109\/MIC.2018.053681358","volume":"22","author":"E van Eyk","year":"2018","unstructured":"van Eyk, E., Toader, L., Talluri, S., Versluis, L., Uta, A., Iosup, A.: Serverless is more: from PaaS to present cloud computing. IEEE Internet Comput. 22(5), 8\u201317 (2018). https:\/\/doi.org\/10.1109\/MIC.2018.053681358","journal-title":"IEEE Internet Comput."},{"issue":"10s","key":"5371_CR3","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3508360","volume":"54","author":"Z Li","year":"2022","unstructured":"Li, Z., Guo, L., Cheng, J., Chen, Q., He, B., Guo, M.: The serverless computing survey: a technical primer for design architecture. ACM Comput. Surv. 54(10s), 1\u201334 (2022). https:\/\/doi.org\/10.1145\/3508360","journal-title":"ACM Comput. Surv."},{"issue":"11s","key":"5371_CR4","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3510611","volume":"54","author":"H Shafiei","year":"2022","unstructured":"Shafiei, H., Khonsari, A., Mousavi, P.: Serverless computing: a survey of opportunities, challenges, and applications. ACM Comput. Surv. 54(11s), 1\u201332 (2022). https:\/\/doi.org\/10.1145\/3510611","journal-title":"ACM Comput. Surv."},{"key":"5371_CR5","unstructured":"Podjarny, G., Tal, L.: Serverless Security. O\u2019Reilly Media I, editor. Available from: https:\/\/www.oreilly.com\/library\/view\/serverless-security\/9781492082538\/ (2019)"},{"issue":"2","key":"5371_CR6","doi-asserted-by":"publisher","first-page":"166","DOI":"10.1109\/MNET.005.2100335","volume":"37","author":"X Li","year":"2023","unstructured":"Li, X., Leng, X., Chen, Y.: Securing serverless computing: challenges, solutions, and opportunities. IEEE Netw. 37(2), 166\u2013173 (2023). https:\/\/doi.org\/10.1109\/MNET.005.2100335","journal-title":"IEEE Netw."},{"issue":"1","key":"5371_CR7","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1186\/s13677-022-00347-w","volume":"11","author":"E Marin","year":"2022","unstructured":"Marin, E., Perino, D., Di Pietro, R.: Serverless computing: a security perspective. J. Cloud Comput. 11(1), 69 (2022). https:\/\/doi.org\/10.1186\/s13677-022-00347-w","journal-title":"J. Cloud Comput."},{"key":"5371_CR8","unstructured":"OWASP: OWASP Top 10: Serverless Interpretation. OWASP (2017) Available from: https:\/\/owasp.org\/www-pdf-archive\/OWASP-Top-10-Serverless-Interpretation-en.pdf"},{"key":"5371_CR9","doi-asserted-by":"publisher","unstructured":"Escaleira, P.: A systematic review on security mechanisms for serverless computing. Zenodo. Available from: https:\/\/doi.org\/10.5281\/zenodo.14750202","DOI":"10.5281\/zenodo.14750202"},{"issue":"1","key":"5371_CR10","doi-asserted-by":"publisher","first-page":"39","DOI":"10.1186\/s13677-021-00253-7","volume":"10","author":"HB Hassan","year":"2021","unstructured":"Hassan, H.B., Barakat, S.A., Sarhan, Q.I.: Survey on serverless computing. J. Cloud Comput. 10(1), 39 (2021). https:\/\/doi.org\/10.1186\/s13677-021-00253-7","journal-title":"J. Cloud Comput."},{"issue":"5","key":"5371_CR11","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3579643","volume":"32","author":"J Wen","year":"2023","unstructured":"Wen, J., Chen, Z., Jin, X., Liu, X.: Rise of the planet of serverless computing: a systematic review. ACM Trans. Softw. Eng. Methodol. 32(5), 1\u201361 (2023). https:\/\/doi.org\/10.1145\/3579643","journal-title":"ACM Trans. Softw. Eng. Methodol."},{"key":"5371_CR12","doi-asserted-by":"publisher","first-page":"299","DOI":"10.1016\/j.future.2021.10.020","volume":"128","author":"GAS Cassel","year":"2022","unstructured":"Cassel, G.A.S., Rodrigues, V.F., da Rosa, Righi R., Bez, M.R., Nepomuceno, A.C., Andr\u00e9 da Costa, C.: Serverless computing for internet of things a systematic literature review. Future Generat. Computer Syst. 128, 299\u2013316 (2022). https:\/\/doi.org\/10.1016\/j.future.2021.10.020","journal-title":"Future Generat. Computer Syst."},{"issue":"5","key":"5371_CR13","doi-asserted-by":"publisher","first-page":"126","DOI":"10.1109\/MWC.001.2000466","volume":"28","author":"R Xie","year":"2021","unstructured":"Xie, R., Tang, Q., Qiao, S., Zhu, H., Yu, F.R., Huang, T.: When serverless computing meets edge computing: architecture, challenges, and open issues. IEEE Wireless Commun. 28(5), 126\u2013133 (2021). https:\/\/doi.org\/10.1109\/MWC.001.2000466","journal-title":"IEEE Wireless Commun."},{"key":"5371_CR14","unstructured":"Jonas, E., Schleier-Smith, J., Sreekanti, V., Tsai, C.C., Khandelwal, A., Pu, Q., et\u00a0al.: Cloud Programming Simplified: A Berkeley View on Serverless Computing. CoRR. (2019) arXiv:1902.03383"},{"key":"5371_CR15","unstructured":"CNCF: CNCF WG-Serverless Whitepaper v1.0 (2018). Available from: https:\/\/github.com\/cncf\/wg-serverless\/blob\/master\/whitepapers\/serverless-overview\/cncf_serverless_whitepaper_v1.0.pdf"},{"key":"5371_CR16","doi-asserted-by":"crossref","unstructured":"Manner, J.: A structured literature review approach to define serverless computing and function as a service. In: 2023 IEEE 16th International Conference on Cloud Computing (CLOUD). IEEE; 2023. p. 516\u2013522. Available from: https:\/\/ieeexplore.ieee.org\/document\/10255020\/","DOI":"10.1109\/CLOUD60044.2023.00068"},{"key":"5371_CR17","doi-asserted-by":"publisher","unstructured":"Chandramouli, R.: Security strategies for microservices-based application systems. Gaithersburg, MD: National Institute of Standards and Technology. NIST Special Publication (SP) 800-204 (2019). Available from: https:\/\/doi.org\/10.6028\/NIST.SP.800-204","DOI":"10.6028\/NIST.SP.800-204"},{"key":"5371_CR18","doi-asserted-by":"crossref","unstructured":"Yarygina, T., Bagge, A.H.: Overcoming security challenges in microservice architectures. In: 2018 IEEE Symposium on Service-Oriented System Engineering (SOSE). IEEE. p. 11\u201320 (2018) Available from: https:\/\/ieeexplore.ieee.org\/document\/8359144\/","DOI":"10.1109\/SOSE.2018.00011"},{"key":"5371_CR19","doi-asserted-by":"publisher","DOI":"10.1136\/bmj.n71","author":"MJ Page","year":"2021","unstructured":"Page, M.J., McKenzie, J.E., Bossuyt, P.M., Boutron, I., Hoffmann, T.C., Mulrow, C.D., et al.: The PRISMA 2020 statement: an updated guideline for reporting systematic reviews. BMJ (2021). https:\/\/doi.org\/10.1136\/bmj.n71","journal-title":"BMJ"},{"key":"5371_CR20","unstructured":"ReLiS Project.: ReLiS. [software]. Available from: https:\/\/relis.iro.umontreal.ca\/"},{"key":"5371_CR21","unstructured":"Agache, A., Brooker, M., Florescu, A., Iordache, A., Liguori, A., Neugebauer, R., et\u00a0al.: Firecracker: Lightweight virtualization for serverless applications. Proceedings of the 17th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2020. p. 419\u2013434 (2020). Available from: https:\/\/www.usenix.org\/conference\/nsdi20\/presentation\/agach"},{"key":"5371_CR22","doi-asserted-by":"crossref","unstructured":"Alzayat, M., Mace, J., Druschel, P., Garg, D.: Groundhog: Efficient Request Isolation in FaaS. In: Proceedings of the Eighteenth European Conference on Computer Systems. New York, p. 398\u2013415 (2023). Available from: https:\/\/dl.acm.org\/doi\/10.1145\/3552326.3567503","DOI":"10.1145\/3552326.3567503"},{"key":"5371_CR23","unstructured":"Song, J., Kim, B., Kwak, M., Lee, B., Seo, E., Jeong, J.: A secure, fast, and resource-efficient serverless platform with function REWIND. 2024 USENIX Annual Technical Conference (USENIX ATC 24). (2024) p. 597\u2013613. Available from: https:\/\/www.usenix.org\/conference\/atc24\/presentation\/song"},{"key":"5371_CR24","doi-asserted-by":"publisher","unstructured":"Mainas, C., Plakas, I., Ntoutsos, G., Nanos, A.: Sandboxing functions for efficient and secure multi-tenant serverless deployments. In: Proceedings of the 2nd Workshop on SErverless Systems, Applications and MEthodologies. New York (2024). p. 25\u201331. Available from: https:\/\/doi.org\/10.1145\/3642977.3652096","DOI":"10.1145\/3642977.3652096"},{"key":"5371_CR25","doi-asserted-by":"publisher","unstructured":"Parola, F., Qi, S., Narappa, A.B., Ramakrishnan, K.K., Risso, F.: SURE: Secure unikernels make serverless computing rapid and efficient. In: Proceedings of the ACM Symposium on Cloud Computing. New York(2024). p. 668\u2013688. Available from: https:\/\/doi.org\/10.1145\/3698038.3698558","DOI":"10.1145\/3698038.3698558"},{"issue":"3","key":"5371_CR26","doi-asserted-by":"publisher","first-page":"153808","DOI":"10.1007\/s11704-019-9096-y","volume":"15","author":"W Zheng","year":"2021","unstructured":"Zheng, W., Wu, Y., Wu, X., Feng, C., Sui, Y., Luo, X., et al.: A survey of Intel SGX and its applications. Front. Computer Sci. 15(3), 153808 (2021). https:\/\/doi.org\/10.1007\/s11704-019-9096-y","journal-title":"Front. Computer Sci."},{"key":"5371_CR27","doi-asserted-by":"publisher","unstructured":"Paju, A., Javed, M.O., Nurmi, J., Savim\u00e4ki, J., McGillion, B., Brumley, B.B.: SoK: A Systematic review of TEE usage for developing trusted applications. In: Proceedings of the 18th International Conference on Availability, Reliability and Security. New York, (2023). p. 1\u201315. Available from: https:\/\/doi.org\/10.1145\/3600160.3600169","DOI":"10.1145\/3600160.3600169"},{"key":"5371_CR28","unstructured":"W3C: WebAssembly. [software]. Available from: https:\/\/webassembly.org\/"},{"key":"5371_CR29","doi-asserted-by":"publisher","first-page":"451","DOI":"10.1007\/978-3-030-01701-9_25","volume-title":"Security and Privacy in Communication Networks","author":"W Qiang","year":"2018","unstructured":"Qiang, W., Dong, Z., Jin, H.: Se-Lambda: securing privacy-sensitive serverless applications using SGX enclave. In: Beyah, R., Chang, B., Li, Y., Zhu, S. (eds.) Security and Privacy in Communication Networks, pp. 451\u2013470. Springer, NY (2018)"},{"key":"5371_CR30","doi-asserted-by":"publisher","unstructured":"Goltzsche, D., Nieke, M., Knauth, T., Kapitza, R.: AccTEE: A WebAssembly-based Two-way Sandbox for Trusted Resource Accounting. Middleware 2019-Proceedings of the 2019 20th International Middleware Conference. p. 123\u2013135 (2019). https:\/\/doi.org\/10.1145\/3361525.3361541","DOI":"10.1145\/3361525.3361541"},{"key":"5371_CR31","doi-asserted-by":"publisher","unstructured":"Alder, F., Asokan, N., Kurnikov, A., Paverd, A., Steiner, M.: S-FaaS: Trustworthy and accountable function-as-a-service using Intel SGX. In: Proceedings of the ACM Conference on Computer and Communications Security. New York, p. 185\u2013199 (2019). Available from: https:\/\/doi.org\/10.1145\/3338466.3358916","DOI":"10.1145\/3338466.3358916"},{"key":"5371_CR32","doi-asserted-by":"publisher","unstructured":"Li, T., Chen, Y., Yu, D., Zhang, Y., Lagaisse, B.: Enhancing effective bidirectional isolation for function fusion in serverless architectures. In: Proceedings of the 25th International Middleware Conference. New York, NY, USA: ACM. p. 1\u20137 (2024). Available from: https:\/\/doi.org\/10.1145\/3652892.3654778","DOI":"10.1145\/3652892.3654778"},{"key":"5371_CR33","doi-asserted-by":"publisher","unstructured":"Holmes, B., Waterman, J., Williams, D.: SEVeriFast: Minimizing the root of trust for fast startup of SEV microVMs. In: Proceedings of the 29th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 2. New York, NY, USA: ACM. p. 1045\u20131060 (2024). Available from: https:\/\/doi.org\/10.1145\/3620665.3640424","DOI":"10.1145\/3620665.3640424"},{"issue":"1","key":"5371_CR34","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3632954","volume":"21","author":"J Park","year":"2024","unstructured":"Park, J., Kang, S., Lee, S., Kim, T., Park, J., Kwon, Y., et al.: Hardware-hardened sandbox enclaves for trusted serverless computing. ACM Trans. Archit. Code Optim. 21(1), 1\u201325 (2024). https:\/\/doi.org\/10.1145\/3632954","journal-title":"ACM Trans. Archit. Code Optim."},{"key":"5371_CR35","unstructured":"AMD: AMD SEV-SNP: Strengthening VM Isolation with Integrity Protection and More; 2020. Available from: https:\/\/www.amd.com\/content\/dam\/amd\/en\/documents\/epyc-business-docs\/solution-briefs\/amd-secure-encrypted-virtualization-solution-brief.pdf"},{"key":"5371_CR36","doi-asserted-by":"publisher","unstructured":"Trach, B., Oleksenko, O., Gregor, F., Bhatotia, P., Fetzer, C.: CLEMMYS: Towards secure remote execution in FaaS. SYSTOR 2019 - Proceedings of the 12th ACM International Systems and Storage Conference. p. 44\u201354 (2019). https:\/\/doi.org\/10.1145\/3319647.3325835","DOI":"10.1145\/3319647.3325835"},{"key":"5371_CR37","doi-asserted-by":"publisher","unstructured":"Gjerdrum, A.T., Johansen, H.D., Brenna, L., Johansen, D.: Diggi: A secure framework for hosting native cloud functions with minimal trust. Proceedings - 1st IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2019. p. 18\u201327 (2019). https:\/\/doi.org\/10.1109\/TPS-ISA48467.2019.00012","DOI":"10.1109\/TPS-ISA48467.2019.00012"},{"key":"5371_CR38","doi-asserted-by":"publisher","unstructured":"Brenner, S., Kapitza, R.: Trust more, serverless. In: Proceedings of the 12th ACM International Conference on Systems and Storage. New York, p. 33\u201343 (2019). Available from: https:\/\/doi.org\/10.1145\/3319647.3325825","DOI":"10.1145\/3319647.3325825"},{"key":"5371_CR39","doi-asserted-by":"publisher","unstructured":"Li, M., Xia, Y., Chen, H.: Confidential serverless made efficient with plug-in enclaves. Proceedings - International Symposium on Computer Architecture. 2021, pp. 306\u2013318. (2021). https:\/\/doi.org\/10.1109\/ISCA52012.2021.00032","DOI":"10.1109\/ISCA52012.2021.00032"},{"key":"5371_CR40","unstructured":"Zhao, S., Xu, P., Chen, G., Zhang, M., Zhang, Y., Lin, Z.: Reusable enclaves for confidential serverless computing. In: 32nd USENIX Security Symposium, USENIX Security 2023. vol.\u00a06. USENIX Association p. 4015\u20134032 (2023). Available from: https:\/\/www.usenix.org\/conference\/usenixsecurity23\/presentation\/zhao-shixuan"},{"key":"5371_CR41","doi-asserted-by":"publisher","unstructured":"Zhu, Y., Li, P., Bai, Y., Huang, Y., Wang, S., Wang, X., et\u00a0al.: EnTurbo: Accelerate confidential serverless computing via parallelizing enclave startup procedure. In: Proceedings of the 61st ACM\/IEEE Design Automation Conference. New York, p. 1\u20136 (2024). Available from: https:\/\/doi.org\/10.1145\/3649329.3658492","DOI":"10.1145\/3649329.3658492"},{"key":"5371_CR42","unstructured":"Waterman, A.: Design of the RISC-V Instruction Set Architecture (2016). Available from: https:\/\/www2.eecs.berkeley.edu\/Pubs\/TechRpts\/2016\/EECS-2016-1.pdf"},{"key":"5371_CR43","unstructured":"Feng, E., Lu, X., Du, D., Yang, B., Jiang, X., Xia, Y., et\u00a0al.: Scalable memory protection in the PENGLAI enclave. In: 15th USENIX Symposium on Operating Systems Design and Implementation (OSDI 2021). USENIX Association. p. 275\u2013294 (2021). Available from: https:\/\/www.usenix.org\/conference\/osdi21\/presentation\/feng"},{"key":"5371_CR44","doi-asserted-by":"publisher","unstructured":"Du, D., Yang, B., Xia, Y., Chen, H.: Accelerating extra dimensional page walks for confidential computing. In: 56th Annual IEEE\/ACM International Symposium on Microarchitecture. New York, NY, USA: ACM p. 654\u2013669 (2023). Available from: https:\/\/doi.org\/10.1145\/3613424.3614293","DOI":"10.1145\/3613424.3614293"},{"key":"5371_CR45","doi-asserted-by":"crossref","unstructured":"Byrne, A., Pang, Y., Zou, A., Nadgowda, S., Coskun, A.K.: MicroFaaS: Energy-efficient serverless on bare-metal single-board computers. In: 2022 Design, Automation & Test in Europe Conference & Exhibition (DATE). IEEE p. 754\u2013759 (2022). Available from: https:\/\/ieeexplore.ieee.org\/document\/9774688\/","DOI":"10.23919\/DATE54114.2022.9774688"},{"key":"5371_CR46","unstructured":"Kafka Project.: Apache Kafka. [software]. Available from: https:\/\/kafka.apache.org\/"},{"key":"5371_CR47","doi-asserted-by":"publisher","unstructured":"Alpernas K, Flanagan C, Fouladi S, Ryzhyk L, Sagiv M, Schmitz T, et\u00a0al. Secure serverless computing using dynamic information flow control. Proceedings of the ACM on Programming Languages. 2018 2(OOPSLA):1\u201326. https:\/\/doi.org\/10.1145\/3276488","DOI":"10.1145\/3276488"},{"key":"5371_CR48","doi-asserted-by":"publisher","unstructured":"Sankaran, A., Datta, P., Bates, A.: Workflow integration alleviates identity and access management in serverless computing. In: Annual Computer Security Applications Conference. New York, NY, USA: ACM; p. 496\u2013509 (2020). Available from: https:\/\/doi.org\/10.1145\/3427228.3427665","DOI":"10.1145\/3427228.3427665"},{"key":"5371_CR49","doi-asserted-by":"publisher","unstructured":"Datta, P., Kumar, P., Morris, T., Grace, M., Rahmati, A., Bates, A.: Valve: securing function workflows on serverless computing platforms. In: Proceedings of The Web Conference 2020. New York, p. 939\u2013950 (2020). Available from: https:\/\/doi.org\/10.1145\/3366423.3380173","DOI":"10.1145\/3366423.3380173"},{"key":"5371_CR50","doi-asserted-by":"publisher","unstructured":"Hedin D, Sabelfeld A. A perspective on information-flow control. NATO Science for Peace and Security Series - D: Information and Communication Security. 2012;33: Softwa:319 \u2013 347. https:\/\/doi.org\/10.3233\/978-1-61499-028-4-319","DOI":"10.3233\/978-1-61499-028-4-319"},{"key":"5371_CR51","unstructured":"Jegan, D.S., Wang, L., Bhagat, S., Swift, M.: Guarding serverless applications with Kalium. In: 32nd USENIX Security Symposium, USENIX Security 2023. vol.\u00a06 p. 4087\u20134104 (2023). Available from: https:\/\/www.usenix.org\/conference\/usenixsecurity23\/presentation\/jegan"},{"key":"5371_CR52","doi-asserted-by":"crossref","unstructured":"Morabito, G., Sicari, C., Carnevale, L., Galletta, A., Modica, G.D., Villari, M.: Securing serverless workflows on the cloud edge continuum. In: 2023 IEEE\/ACM 23rd International Symposium on Cluster, Cloud and Internet Computing Workshops (CCGridW). IEEE. p. 118\u2013124 (2023). Available from: https:\/\/ieeexplore.ieee.org\/document\/10181202\/","DOI":"10.1109\/CCGridW59191.2023.00032"},{"key":"5371_CR53","unstructured":"Hardt, D.: The OAuth 2.0 Authorization Framework. RFC Editor. RFC 6749. Available from: https:\/\/www.rfc-editor.org\/info\/rfc6749"},{"key":"5371_CR54","unstructured":"Jones, M.B., Bradley, J., Sakimura, N.: JSON Web Token (JWT). RFC Editor. RFC 7519. Available from: https:\/\/www.rfc-editor.org\/info\/rfc7519"},{"key":"5371_CR55","unstructured":"Datta, P., Polinsky, I., Inam, M.A., Bates, A., Enck, W.: ALASTOR: Reconstructing the provenance of serverless intrusions. In: Proceedings of the 31st USENIX Security Symposium, Security 2022. p. 2443\u20132460 (2022). Available from: https:\/\/www.usenix.org\/conference\/usenixsecurity22\/presentation\/datta"},{"key":"5371_CR56","doi-asserted-by":"crossref","unstructured":"Ashkenazi, A., Grolman, E., Elyashar, A., Mimran, D., Brodt, O., Elovici, Y., et\u00a0al.: SMART: serverless module analysis and recognition technique for managed applications. In: 2024 IEEE 24th International Symposium on Cluster, Cloud and Internet Computing (CCGrid). IEEE. p. 442\u2013452 (2024). Available from: https:\/\/ieeexplore.ieee.org\/document\/10701367\/","DOI":"10.1109\/CCGrid59990.2024.00057"},{"key":"5371_CR57","doi-asserted-by":"crossref","unstructured":"Garg, S., Dilip Thakur, M.S., A, R.M., Maddali, L.P., Ramachandran, V.: PrivFlow: Secure and privacy preserving serverless workflows on cloud. In: 2023 IEEE\/ACM 23rd International Symposium on Cluster, Cloud and Internet Computing (CCGrid). IEEE. p. 447\u2013458 (2023). Available from: https:\/\/ieeexplore.ieee.org\/document\/10171483\/","DOI":"10.1109\/CCGrid57682.2023.00049"},{"key":"5371_CR58","doi-asserted-by":"publisher","unstructured":"Polinsky, I., Datta, P., Bates, A., Enck, W.: GRASP: hardening serverless applications through graph reachability analysis of security policies. In: Proceedings of the ACM on Web Conference 2024. New York, NY, USA: ACM p. 1644\u20131655 (2024). Available from:  https:\/\/doi.org\/10.1145\/3589334.3645436","DOI":"10.1145\/3589334.3645436"},{"key":"5371_CR59","doi-asserted-by":"crossref","unstructured":"Sabbioni, A., Mazzocca, C., Colajanni, M., Montanari, R., Corradi, A.: A fully decentralized architecture for access control verification in serverless environments. In: 2022 IEEE Symposium on Computers and Communications (ISCC). IEEE p. 1\u20136 (2022). Available from: https:\/\/ieeexplore.ieee.org\/document\/9912764\/","DOI":"10.1109\/ISCC55528.2022.9912764"},{"key":"5371_CR60","doi-asserted-by":"publisher","unstructured":"Hou, K., Lin, S., Chen, Y., Yegneswaran, V.: QFaaS: accelerating and securing serverless cloud networks with QUIC. In: Proceedings of the 13th Symposium on Cloud Computing. New York, NY, USA: ACM p. 240\u2013256 (2022). Available from: https:\/\/doi.org\/10.1145\/3542929.3563458","DOI":"10.1145\/3542929.3563458"},{"issue":"6","key":"5371_CR61","doi-asserted-by":"publisher","first-page":"3587","DOI":"10.1007\/s11831-022-09708-9","volume":"29","author":"M Jangjou","year":"2022","unstructured":"Jangjou, M., Sohrabi, M.K.: A comprehensive survey on security challenges in different network layers in cloud computing. Arch. Comput. Methods Eng. 29(6), 3587\u20133608 (2022). https:\/\/doi.org\/10.1007\/s11831-022-09708-9","journal-title":"Arch. Comput. Methods Eng."},{"key":"5371_CR62","doi-asserted-by":"publisher","unstructured":"Aktypi, A., Karnikis, D., Vasilakis, N., Rasmussen, K.: Themis: A secure decentralized framework for microservice interaction in serverless computing. In: Proceedings of the 17th International Conference on Availability, Reliability and Security. New York, p. 1\u201311 (2022). Available from: https:\/\/doi.org\/10.1145\/3538969.3538983","DOI":"10.1145\/3538969.3538983"},{"key":"#cr-split#-5371_CR63.1","doi-asserted-by":"crossref","unstructured":"Cicconetti, C., Conti, M., Passarella, A.: QKD-Secure ETSI MEC. In: 2022 IEEE 15th Workshop on Low Temperature Electronics (WOLTE). IEEE","DOI":"10.1109\/WOLTE55422.2022.9882872"},{"key":"#cr-split#-5371_CR63.2","unstructured":"p. 1-4 (2022). Available from: https:\/\/ieeexplore.ieee.org\/document\/9882872\/"},{"key":"5371_CR64","doi-asserted-by":"crossref","unstructured":"Cicconetti, C., Conti, M., Lella, E., Noviello, P., Paduanelli, G.D., Passarella, A., et\u00a0al.: A Prototype for QKD-secure serverless computing with ETSI MEC. In: 2023 IEEE International Conference on Smart Computing (SMARTCOMP). IEEE. p. 189\u2013190 (2023). Available from: https:\/\/ieeexplore.ieee.org\/document\/10207658\/","DOI":"10.1109\/SMARTCOMP58114.2023.00043"},{"key":"5371_CR65","doi-asserted-by":"crossref","unstructured":"Cicconetti, C., Conti, M., Passarella, A.: Secure computation offloading with ETSI MEC+QKD. In: 2024 24th International Conference on Transparent Optical Networks (ICTON). IEEE p. 1\u20134 (2024). Available from: https:\/\/ieeexplore.ieee.org\/document\/10648156\/","DOI":"10.1109\/ICTON62926.2024.10648156"},{"key":"5371_CR66","doi-asserted-by":"publisher","first-page":"100737","DOI":"10.1016\/j.iot.2023.100737","volume":"22","author":"G Morabito","year":"2023","unstructured":"Morabito, G., Sicari, C., Ruggeri, A., Celesti, A., Carnevale, L.: Secure-by-design serverless workflows on the edge-cloud continuum through the osmotic computing paradigm. Internet Things 22, 100737 (2023). https:\/\/doi.org\/10.1016\/j.iot.2023.100737","journal-title":"Internet Things"},{"key":"5371_CR67","doi-asserted-by":"publisher","unstructured":"Nakata, Y., Matsubara, K., Matsumoto, R.: Concentrated isolation for container networks toward application-aware sandbox tailoring. In: Proceedings of the 14th IEEE\/ACM International Conference on Utility and Cloud Computing. New York, p. 1\u201310 (2021). Available from: https:\/\/doi.org\/10.1145\/3468737.3494092","DOI":"10.1145\/3468737.3494092"},{"key":"5371_CR68","doi-asserted-by":"publisher","unstructured":"Byrne, A., Nadgowda, S., Coskun, A.K.: ACE: Just-in-time serverless software component discovery through approximate concrete execution. In: Proceedings of the 2020 Sixth International Workshop on Serverless Computing. New York, p. 37\u201342 (2020). Available from: https:\/\/doi.org\/10.1145\/3429880.3430098","DOI":"10.1145\/3429880.3430098"},{"key":"5371_CR69","doi-asserted-by":"crossref","unstructured":"Xi, Z., Zhang, B., Ma, Y., He, C., Wang, Y.: The MDSC paradigm design for serverless computing defense. In: Li X, editor. Third International Conference on Artificial Intelligence and Computer Engineering (ICAICE 2022). SPIE. p.\u00a078 (2023). Available from: https:\/\/www.spiedigitallibrary.org\/conference-proceedings-of-spie\/12610\/2671158\/The-MDSC-paradigm-design-for-serverless-computing-defense\/10.1117\/12.2671158.full","DOI":"10.1117\/12.2671158"},{"issue":"6","key":"5371_CR70","doi-asserted-by":"publisher","first-page":"192","DOI":"10.23919\/JCC.fa.2021-0635.202406","volume":"21","author":"Z Shuai","year":"2024","unstructured":"Shuai, Z., Yunfei, G., Hongchao, H., Wenyan, L., Yawen, W.: ATSSC: an attack tolerant system in serverless computing. China Commun. 21(6), 192\u2013205 (2024). https:\/\/doi.org\/10.23919\/JCC.fa.2021-0635.202406","journal-title":"China Commun."},{"key":"5371_CR71","doi-asserted-by":"crossref","unstructured":"Escaleira, P., Cunha, V.A., Barraca, J.P., Gomes, D., Aguiar, R.L.: MoFaaS: A moving target defense approach to fortify functions as a service. In: 2024 IEEE Symposium on Computers and Communications (ISCC). IEEE. p. 1\u20137 (2024). Available from: https:\/\/ieeexplore.ieee.org\/document\/10733628\/","DOI":"10.1109\/ISCC61673.2024.10733628"},{"key":"5371_CR72","doi-asserted-by":"publisher","first-page":"340","DOI":"10.1016\/j.jss.2018.12.013","volume":"149","author":"P Leitner","year":"2019","unstructured":"Leitner, P., Wittern, E., Spillner, J., Hummer, W.: A mixed-method empirical study of Function-as-a-service software development in industrial practice. J. Syst. Softw. 149, 340\u2013359 (2019). https:\/\/doi.org\/10.1016\/j.jss.2018.12.013","journal-title":"J. Syst. Softw."},{"key":"5371_CR73","unstructured":"Eismann, S., Scheuner, J., van Eyk, E., Schwinger, M., Grohmann, J., Herbst, N., et\u00a0al.: A Review of Serverless Use Cases and their Characteristics. CoRR. (2020). arXiv:2008.11110"},{"key":"5371_CR74","doi-asserted-by":"publisher","first-page":"102843","DOI":"10.1016\/j.jisa.2021.102843","volume":"60","author":"D Kelly","year":"2021","unstructured":"Kelly, D., Glavin, F.G., Barrett, E.: Denial of wallet-defining a looming threat to serverless computing. J. Inf. Sec. Appl. 60, 102843 (2021). https:\/\/doi.org\/10.1016\/j.jisa.2021.102843","journal-title":"J. Inf. Sec. Appl."},{"key":"5371_CR75","doi-asserted-by":"publisher","unstructured":"Shen, J., Zhang, H., Geng, Y., Li, J., Wang, J., Xu, M.: Gringotts: Fast and accurate internal denial-of-wallet detection for serverless computing. In: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security. New York, p. 2627\u20132641 (2022). Available from: https:\/\/doi.org\/10.1145\/3548606.3560629","DOI":"10.1145\/3548606.3560629"},{"key":"5371_CR76","doi-asserted-by":"publisher","unstructured":"Kharbanda, S., Fonseca, P.: Always-on recording framework for serverless computations: opportunities and challenges. In: Proceedings of the 1st Workshop on SErverless Systems, Applications and MEthodologies. New York, p. 41\u201349 (2023). Available from: https:\/\/doi.org\/10.1145\/3592533.3592810","DOI":"10.1145\/3592533.3592810"},{"key":"5371_CR77","unstructured":"Bocci, A., Forti, S., Ferrari, G.L., Brogi, A.: Placing FaaS in the Fog, securely. In: CEUR Workshop Proceedings. vol. 2940. p. 166\u2013179 (2021). Available from: https:\/\/ceur-ws.org\/Vol-2940\/paper15.pdf"},{"key":"5371_CR78","doi-asserted-by":"crossref","unstructured":"Bocci, A., Forti, S., Ferrari, G.L., Brogi, A.: Type, pad, and place: Avoiding data leaks in Cloud-IoT FaaS orchestrations. In: 2022 22nd IEEE International Symposium on Cluster, Cloud and Internet Computing (CCGrid). IEEE. p. 798\u2013805 (2022). Available from: https:\/\/ieeexplore.ieee.org\/document\/9826027\/","DOI":"10.1109\/CCGrid54584.2022.00094"},{"key":"5371_CR79","doi-asserted-by":"publisher","unstructured":"Bocci A, Forti S, Ferrari GL, Brogi A. Declarative Secure Placement of FaaS Orchestrations in the Cloud-Edge Continuum. Electronics (Switzerland). 2023;12(6). https:\/\/doi.org\/10.3390\/electronics12061332","DOI":"10.3390\/electronics12061332"},{"key":"5371_CR80","doi-asserted-by":"publisher","first-page":"107242","DOI":"10.1016\/j.infsof.2023.107242","volume":"161","author":"B Sigurleifsson","year":"2023","unstructured":"Sigurleifsson, B., Ahmed, N., Verdet, A., Hamdaqa, M., Sabri, M., Pelletier, I.: An approach for modeling the operational requirements of FaaS applications for optimal deployment. Inf. Softw. Technol. 161, 107242 (2023). https:\/\/doi.org\/10.1016\/j.infsof.2023.107242","journal-title":"Inf. Softw. Technol."},{"issue":"6","key":"5371_CR81","doi-asserted-by":"publisher","first-page":"94","DOI":"10.1109\/MITP.2023.3333071","volume":"25","author":"GD Palma","year":"2023","unstructured":"Palma, G.D., Giallorenzo, S., Mauro, J., Trentin, M., Zavattaro, G.: Formally verifying function scheduling properties in serverless applications. IT Prof. 25(6), 94\u201399 (2023). https:\/\/doi.org\/10.1109\/MITP.2023.3333071","journal-title":"IT Prof."},{"issue":"7","key":"5371_CR82","doi-asserted-by":"publisher","first-page":"5645","DOI":"10.1109\/JIOT.2020.3031550","volume":"8","author":"B Kim","year":"2021","unstructured":"Kim, B., Heo, S., Lee, J., Jeong, S., Lee, Y., Kim, H.: Compiler-assisted semantic-aware encryption for efficient and secure serverless computing. IEEE Internet Things J. 8(7), 5645\u20135656 (2021). https:\/\/doi.org\/10.1109\/JIOT.2020.3031550","journal-title":"IEEE Internet Things J."},{"key":"5371_CR83","doi-asserted-by":"publisher","unstructured":"Zha, C., Xu, Z., Xing, J., Yin, H.: Loft: An architecture for lifetime management of privacy data in service cooperation. In: Ubiquitous Security. Springer Nature Singapore; 2024. p. 255\u2013273. Available from: https:\/\/doi.org\/10.1007\/978-981-97-1274-8_17","DOI":"10.1007\/978-981-97-1274-8_17"},{"issue":"1","key":"5371_CR84","doi-asserted-by":"publisher","first-page":"2","DOI":"10.1007\/s10723-021-09579-7","volume":"20","author":"A Ruggeri","year":"2022","unstructured":"Ruggeri, A., Celesti, A., Fazio, M., Villari, M.: An innovative blockchain-based orchestrator for osmotic computing. J. Grid Comput. 20(1), 2 (2022). https:\/\/doi.org\/10.1007\/s10723-021-09579-7","journal-title":"J. Grid Comput."},{"key":"5371_CR85","unstructured":"OpenFaaS Project: OpenFaaS. [software]. Available from: https:\/\/www.openfaas.com\/"},{"key":"5371_CR86","unstructured":"Apache OpenWhisk Project: Apache OpenWhisk. [software]. Available from: https:\/\/openwhisk.apache.org\/"},{"key":"5371_CR87","unstructured":"OpenWolf Project: OpenWolf. [software]. Available from: https:\/\/github.com\/christiansicari\/OpenWolfh"},{"key":"5371_CR88","doi-asserted-by":"publisher","unstructured":"Tian, D.J., Choi, J.I., Hernandez, G., Traynor, P., Butler, K.R.B.: A practical intel SGX setting for linux containers in the cloud. In: Proceedings of the Ninth ACM Conference on Data and Application Security and Privacy. New York, p. 255\u2013266 (2019). Available from: https:\/\/doi.org\/10.1145\/3292006.3300030","DOI":"10.1145\/3292006.3300030"},{"issue":"5","key":"5371_CR89","doi-asserted-by":"publisher","first-page":"711","DOI":"10.1109\/TC.2020.2995638","volume":"70","author":"L Coppolino","year":"2021","unstructured":"Coppolino, L., D\u2019Antonio, S., Formicola, V., Mazzeo, G., Romano, L.: VISE: combining intel SGX and homomorphic encryption for cloud industrial control systems. IEEE Trans. Computers 70(5), 711\u2013724 (2021). https:\/\/doi.org\/10.1109\/TC.2020.2995638","journal-title":"IEEE Trans. Computers"},{"issue":"6","key":"5371_CR90","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3291047","volume":"51","author":"S Pinto","year":"2019","unstructured":"Pinto, S., Santos, N.: Demystifying Arm TrustZone. ACM Comput. Surv. 51(6), 1\u201336 (2019). https:\/\/doi.org\/10.1145\/3291047","journal-title":"ACM Comput. Surv."},{"issue":"9","key":"5371_CR91","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3652597","volume":"56","author":"PC Cheng","year":"2024","unstructured":"Cheng, P.C., Ozga, W., Valdez, E., Ahmed, S., Gu, Z., Jamjoom, H., et al.: Intel TDX demystified: a top-down approach. ACM Comput. Surv. 56(9), 1\u201333 (2024). https:\/\/doi.org\/10.1145\/3652597","journal-title":"ACM Comput. Surv."},{"issue":"23","key":"5371_CR92","doi-asserted-by":"publisher","first-page":"33127","DOI":"10.1007\/s11042-021-11751-w","volume":"81","author":"AK Singh","year":"2022","unstructured":"Singh, A.K., Gupta, R.: A privacy-preserving model based on differential approach for sensitive data in cloud environment. Multimedia Tools Appl. 81(23), 33127\u201333150 (2022). https:\/\/doi.org\/10.1007\/s11042-021-11751-w","journal-title":"Multimedia Tools Appl."},{"key":"5371_CR93","doi-asserted-by":"publisher","first-page":"57143","DOI":"10.1109\/ACCESS.2022.3174679","volume":"10","author":"NF Syed","year":"2022","unstructured":"Syed, N.F., Shah, S.W., Shaghaghi, A., Anwar, A., Baig, Z., Doss, R.: Zero trust architecture (ZTA): a comprehensive survey. IEEE Access 10, 57143\u201357179 (2022). https:\/\/doi.org\/10.1109\/ACCESS.2022.3174679","journal-title":"IEEE Access"},{"key":"5371_CR94","doi-asserted-by":"publisher","unstructured":"Ohm, M., Plate, H., Sykosch, A., Meier, M.: Backstabber\u2019s knife collection: a review of open source software supply chain attacks. In: Detection of Intrusions and Malware, and Vulnerability Assessment. Springer International Publishing. p. 23\u201343 (2020). Available from: https:\/\/doi.org\/10.1007\/978-3-030-52683-2_2","DOI":"10.1007\/978-3-030-52683-2_2"},{"key":"5371_CR95","doi-asserted-by":"publisher","first-page":"46561","DOI":"10.1109\/ACCESS.2023.3273895","volume":"11","author":"M Mehmood","year":"2023","unstructured":"Mehmood, M., Amin, R., Muslam, M.M.A., Xie, J., Aldabbas, H.: Privilege escalation attack detection and mitigation in cloud using machine learning. IEEE Access 11, 46561\u201346576 (2023). https:\/\/doi.org\/10.1109\/ACCESS.2023.3273895","journal-title":"IEEE Access"},{"key":"5371_CR96","unstructured":"Hutchins, E.M., Cloppert, M.J., Amin, R.M.: Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains (2011). Available from: https:\/\/www.lockheedmartin.com\/content\/dam\/lockheed-martin\/rms\/documents\/cyber\/LM-White-Paper-Intel-Driven-Defense.pdf"},{"key":"5371_CR97","unstructured":"Strom, B.E., Applebaum, A., Miller, D.P., Nickels, K.C., Pennington, A.G., Thomas, C.B.: MITRE ATT &CK: Design and Philosophy. The MITRE Corporation; 2020. Available from: https:\/\/attack.mitre.org\/docs\/ATTACK_Design_and_Philosophy_March_2020.pdf"},{"key":"5371_CR98","unstructured":"European Parliament & Council: Regulation (EU) 2016\/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95\/46\/EC (General Data Protection Regulation) (Text with EEA relevance). Available from: http:\/\/data.europa.eu\/eli\/reg\/2016\/679\/2016-05-04"},{"key":"5371_CR99","unstructured":"California State Legislature: AB-375 Privacy: personal information: businesses. California Assembly Bill No. 375, Chapter 55. Available from: https:\/\/leginfo.legislature.ca.gov\/faces\/billTextClient.xhtml?bill_id=201720180AB375"},{"key":"5371_CR100","doi-asserted-by":"publisher","unstructured":"Task, Joint, Force: Security and Privacy Controls for Information Systems and Organizations. Gaithersburg, MD: National Institute of Standards and Technology,: NIST Special Publication (SP) 800\u201353. Available from: (2020). https:\/\/doi.org\/10.6028\/NIST.SP.800-53r5","DOI":"10.6028\/NIST.SP.800-53r5"},{"key":"5371_CR101","unstructured":"International Organization for Standardization: Information security, cybersecurity and privacy protection \u2014 Information security management systems \u2014 Requirements. ISO\/IEC Standard. Available from: https:\/\/www.iso.org\/standard\/27001"}],"container-title":["Cluster Computing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10586-025-05371-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10586-025-05371-4\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10586-025-05371-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,9]],"date-time":"2025-09-09T17:41:54Z","timestamp":1757439714000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10586-025-05371-4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,7,31]]},"references-count":102,"journal-issue":{"issue":"7","published-print":{"date-parts":[[2025,9]]}},"alternative-id":["5371"],"URL":"https:\/\/doi.org\/10.1007\/s10586-025-05371-4","relation":{},"ISSN":["1386-7857","1573-7543"],"issn-type":[{"value":"1386-7857","type":"print"},{"value":"1573-7543","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,7,31]]},"assertion":[{"value":"27 January 2025","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"28 March 2025","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"25 April 2025","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"31 July 2025","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare no competing interests.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"465"}}