|
Journal of Information Security Research |
Data and Programming Security Issues in Fog Computing | Pranav Vyas, Dharmendra Patel CMPICA, Charotar University of Science and Technology, Changa, Gujarat & India | Abstract: IOT devices suffer from the drawbacks of limited computational resources at local level. IOT devices are
required to gather and process large quantity of data with limited resources. One solution is to upload data from IOT devices to cloud based systems, which can process data and send results back to devices. This technique suffers from delay in processing and results in delayed response from the cloud in real time scenarios. Another technique to solve the problem is to introduce a middleware processing node also called edge node. The processing of data from edge nodes is known as edge computing or fog computing. In this paper, the authors discuss the security aspects of fog computing. After careful study of
related literature, the authors identified several challenges related to security of data processing at edge nodes. The authors identified challenges such as data security and programming related security. The authors present several solutions to the challenges. | Keywords: IOT, Fog Computing, Edge Computing, Security, Data Security, Programming Security, Data Encryption, Trust Establishment, No-sql Databases, Procedural Language, Markup Language Data and Programming Security Issues in Fog Computing |
DOI:https://doi.org/10.6025/jisr/2019/10/2/67-76 | Full_Text   PDF 215 KB   Download:   6  times | References:[1] Alliance, C. (2011). Security guidance for critical areas of focus in cloud computing v3. 0. Cloud Security Alliance.
[2] Bonomi, F., Milito, R., Zhu, J., Addepalli, S. (2012). Fog computing and its role in the internet of things. Proceedings of the first edition of the MCC workshop on Mobile cloud computing, (p. 13-16).
[3] Dastjerdi, A. V., Buyya, R. (2016). Fog computing: Helping the Internet of Things realize its potential. Computer, 49 (8) 112- 116. (August).
[4] Dinu, D., Perrin, L., Udovenko, A., Velichkov, V., Großschädl, J., Biryukov, A. (2016). Design strategies for ARX with provable bounds: Sparx and LAX. International Conference on the Theory and Application of Cryptology and Information Security, Springer, Berlin, Heidelberg.
[5] Ebrahim, M., Khan, S., Mohani, S. S. (2014). Peer-to-peer network simulators: an analytical review. arXiv preprint arXiv:1405.0400.
[6] Feinstein, L., Schnackenberg, D., Balupari, R., Kindred, D. (2003). Statistical approaches to DDoS attack detection and response. In: IEEE Proceedings of DARPA Information Survivability Conference and Exposition, 1, p. 303-314.
[7] Lopez, Garcia., P., Montresor, A., Epema, D., Datta, A., Higashino, T., Iamnitchi, A., Riviere, E. (2015). Edge-centric Computing: Vision and Challenges. ACM SIGCOMM Computer Communication Review, 45 (5) 37-42.
[8] Gonzalez, N., Miers, C., Redigolo, F., Carvalho, T., Näslund, M., Pourzandi, M. (2012). A Quantitative Analysis of Current Security Concerns and Solutions for Cloud Computing. Journal of Cloud Computing: Advances, Systems and Applications, 1(1), 11.
[9] Hashizume, K., Rosado, D. G., Medina, E. F., Fernandez, E. B. (2013). An analysis of security issues for cloud computing. Journal of Internet Services and Applications, 4 (1) 5.
[10] Ibrahim, M. H. (2016). Octopus: An Edge-Fog Mutual Authentication Scheme. International journal of Network Security, 18 (6) 1089-1101.
[11] Iyengar, J. N., Kumar, N., Kannammal, A. (2013). An enhanced entropy approach to detect and prevent DDoS in cloud environment. International Journal of Communication Networks and Information Security, 5(2), 110-119.
[12] Kalra, S., Sood, S. K. (2015). Secure authentication scheme for IoT and cloud servers. Pervasive and Mobile Computing, 24, 210-223.
[13] Katagi, M., Moriai, S. (2008). Lightweight cryptography for the internet of things. Sony Corporation.
[14] Lee, K., Kim, D., Ha, D., Rajput, U., Oh, H. (2015). On Security and Privacy Issues of Fog Computing supported Internet of Things Environment. IEEE 6th International Conference on the Network of the Future (NOF), (p. 1-3).
[15] Lim, C. H. (1998). Crypton: A new 128-bit block cipher. NIsT AEs Proposal.
[16] Lim, C. H., Korkishko, T. (2005). mCrypton-a lightweight block cipher for security of low-cost RFID tags and sensors. In: Lecture Notes in Computer Science 3786 (p. 243-258).
[17] Luo, S., Lin, Z., Chen, X., Yang, Z., Chen, J. (2011). Virtualization security for cloud computing service.In: IEEE International Conference on Cloud and Service Computing (CSC), (p. 174-179).
[18] Mahalle, P. N., Prasad, N. R., Prasad, R. (2014). Threshold cryptography-based group authentication (TCGA) scheme for the internet of things (IoT). In: 4th International Conference on Wireless Communications, Vehicular Technology, Information Theory and Aerospace & Electronic Systems (VITAE).
[19] Meidan, Y., Bohadana, M., Shabtai, A., Ochoa, M., Tippenhauer, N. O., Guarnizo, J. D., Elovici, Y. (2017). Detection of Unauthorized IoT Devices Using Machine Learning Techniques. Arxiv Preprint arXiv:1709.04647.
[20] Mirkovic, J., Reiher, P. (2004). A taxonomy of DDoS attack and DDoS defense mechanisms. ACM SIGCOMM Computer Communication Review, 34(2), 39-53.
[21] Morrow, B. (2012). BYOD security challenges: control and protect your most sensitive data. Network Security, p. 5-8.
[22] Rittinghouse, J. W., Ransome, J. F. (2016). Cloud computing: implementation, management, and security. CRC Press.
[23] Roman, R., Lopez, J., Mambo, M. (2016). Mobile edge computing, fog et al.: A survey and analysis of security threats and challenges. Future Generation Computer Systems.
[24] Schneier, B., Kelsey, J. (1996). Unbalanced Feistel networks and block cipher design. In: International Workshop on Fast Software Encryption Springer, Berlin, Heidelberg.
[25] Stojmenovic, I., Wen, S. (2014). The Fog Computing Paradigm: Scenarios and Security Issues. In: Federated Conference on Computer Science and Information Systems. doi: 10.15439/2014F503
[26] Stojmenovic, I., Wen, S., Huang, X., Luan, H. (2015). An overview of Fog computing and its security issues. Concurrency and Computation: Practice and Experience, 28 (10), 2991-3005. doi:10.1002/cpe.3485
[27] Vaquero, L. M., Merino, L. R. (2014). Finding your Way in the Fog: Towards a Comprehensive Definition of Fog Computing. ACM SIGCOMM Computer Communication Review, 44 (5) 27-32.
[28] Vissers, T., Somasundaram, T. S., Pieters, L., Govindarajan, K., Hellinckx, P. (2014). DDoS defense system for web services in a cloud environment. Future Generation Computer Systems, 1 (37) 37-45.
[29] Wang, Y., Chen, I.-R., Wang, D.-C. (2015). A Survey of Mobile Cloud Computing Applications: Perspectives and Challenges. Wireless Personal Communications, 80 (4) 1607-1623.
[30] Wang, Y., Uehara, T., Sasaki, R. (2015). Fog Computing:Issues and Challenges in Security and Forensics. In: 39th IEEE Annual International Conference on Computers, Software & Applications.
[31] Weber, R. H. (2010). Internet of Things - New Security and Privacy Challenges. Computer Law and Security Review, 26 (1) 23-30.
[32] Wei, J., Zhang, X., Ammons, Glenn, Bala, V., Ning, P. (2009). Managing security of virtual machine images in a cloud environment. In: Proceedings of the 2009 ACM workshop on Cloud computing security.
[33] Yan, Z., Zhang, P., Vasilakos, A. V. (2014). A survey on trust management for Internet of Things. Journal of Computer Network and Applications, 42, 120-134.
[34] Yi, S., Li, C., Li, Q. (2015). A Survey of Fog Computing: Concepts, Applications and Issues, In: ACM Proceedings of the 2015 Workshop on Mobile Big Data.
[35] Yi, S., Qin, Z., Li, Q. (2015). Security and privacy issues of fog computing: A survey. In: Springer International Conference on Wireless Algorithms, Systems, and Applications. Cham.
[36] Zhao, K., Ge, L. (2013). A Survey on the Internet of Things Security, In: Ninth International Conference on Computational Intelligence and Security. |
|
|
|