Fog Computing for the Internet of Things: Security and Privacy Issues

The inherent characteristics of Internet of Things (IoT) devices, such as limited storage and computational power, require a new platform to efficiently process data. The concept of fog computing has been introduced as a technology to bridge the gap between remote data centers and IoT devices. Fog computing enables a wide range of benefits, including enhanced security, decreased bandwidth, and reduced latency. These benefits make the fog an appropriate paradigm for many IoT services in various applications such as connected vehicles and smart grids. Nevertheless, fog devices (located at the edge of the Internet) obviously face many security and privacy threats, much the same as those faced by traditional data centers. In this article, the authors discuss the security and privacy issues in IoT environments and propose a mechanism that employs fog to improve the distribution of certificate revocation information among IoT devices for security enhancement. They also present potential research directions aimed at using fog computing to enhance the security and privacy issues in IoT environments.

[1]  Donald. Miner,et al.  MapReduce Design Patterns: Building Effective Algorithms and Analytics for Hadoop and Other Systems , 2012 .

[2]  Marthony Taguinod,et al.  Policy-driven security management for fog computing: Preliminary framework and a case study , 2014, Proceedings of the 2014 IEEE 15th International Conference on Information Reuse and Integration (IEEE IRI 2014).

[3]  Fengyuan Xu,et al.  MobiShare: Flexible privacy-preserving location sharing in mobile online social networks , 2012, 2012 Proceedings IEEE INFOCOM.

[4]  Dan Boneh,et al.  The Case for Prefetching and Prevalidating TLS Server Certificates , 2012, NDSS.

[5]  Marimuthu Palaniswami,et al.  WAKE: Key management scheme for wide-area measurement systems in smart grid , 2013, IEEE Communications Magazine.

[6]  Arwa Alrawais,et al.  Towards More Secure Cardholder Verification in Payment Systems , 2014, WASA.

[7]  Kai Hwang,et al.  Cloudlet Mesh for Securing Mobile Clouds from Intrusions and Network Attacks , 2015, 2015 3rd IEEE International Conference on Mobile Cloud Computing, Services, and Engineering.

[8]  Qun Li,et al.  Security and Privacy Issues of Fog Computing: A Survey , 2015, WASA.

[9]  Kai Hwang,et al.  Cloud Security with Virtualized Defense and Reputation-Based Trust Mangement , 2009, 2009 Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing.

[10]  Xiuzhen Cheng,et al.  A Hybrid Rogue Access Point Protection Framework for Commodity Wi-Fi Networks , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[11]  Mohammad Abdullah Al Faruque,et al.  Energy Management-as-a-Service Over Fog Computing Platform , 2016, IEEE Internet Things J..

[12]  Yingjiu Li,et al.  On the Release of CRLs in Public Key Infrastructure , 2006, USENIX Security Symposium.

[13]  Mohammad Abdullah Al Faruque,et al.  Energy Management-as-a-Service Over Fog Computing Platform , 2015, IEEE Internet of Things Journal.

[14]  Jiguo Yu,et al.  SecureGuard: A Certificate Validation System in Public Key Infrastructure , 2018, IEEE Transactions on Vehicular Technology.

[15]  Arwa Alrawais,et al.  X.509 Check: A Tool to Check the Safety and Security of Digital Certificates , 2015, 2015 International Conference on Identification, Information, and Knowledge in the Internet of Things (IIKI).

[16]  Arwa Alrawais,et al.  A novel verification method for payment card systems , 2015, Personal and Ubiquitous Computing.