Biblio

Fog computing plays a critical role in the provisioning of computing tasks in the context of Internet of Things (IoT) services. However, the security of IoT services against breaches and attacks relies heavily on the security of fog resources, which must be properly implemented and managed. Increasing security investments and integrating the security aspect into the core processes and operations of fog computing including resource management will increase IoT service protection as well as the trustworthiness of fog service providers. However, this requires careful modeling of the security requirements of IoT services as well as theoretical and experimental evaluation of the tradeoff between security and performance in fog infrastructures. To this end, this paper explores a new model for fog resource allocation according to security and Quality of Service (QoS). The problem is modeled as a multi-objective linear optimization problem and solved using conventional, off-the-shelf optimizers by applying the preemptive method. Specifically, two objective functions were defined: one representing the satisfaction of the security design requirements of IoT services and another that models the communication delay among the different virtual machines belonging to the same service request, which might be deployed on different intermediary fog nodes. The simulation results show that the optimization is efficient and achieves the required level of scalability in fog computing. Moreover, a tradeoff needs to be pondered between the two criteria during the resource allocation process.

The Fog is an emergent computing architecture that will support the mobility and geographic distribution of Internet of Things (IoT) nodes and deliver context-aware applications with low latency to end-users. It forms an intermediate layer between IoT devices and the Cloud. However, Fog computing brings many requirements that increase the cost of security management. It inherits the security and trust issues of Cloud and acquires some of the vulnerable features of IoT that threaten data and application confidentiality, integrity, and availability. Several existing solutions address some of the security challenges following adequate adaptation, but others require new and innovative mechanisms. These reflect the need for a Fog architecture that provides secure access, efficient authentication, reliable and secure communication, and trust establishment among IoT devices and Fog nodes. The Fog might be more convenient to deploy decentralized authentication solutions for IoT than the Cloud if appropriately designed. In this short survey, we highlight the Fog security challenges related to IoT security requirements and architectural design. We conduct a comparative study of existing Fog architectures then perform a critical analysis of different authentication schemes in Fog computing, which confirms some of the fundamental requirements for effective authentication of IoT devices based on the Fog, such as decentralization, less resource consumption, and low latency.

Fog computing architecture allows the end-user devices of an Internet of Things (IoT) application to meet their latency and computation requirements by offloading tasks to a fog node in proximity. This fog node in turn may offload the task to a neighboring fog node or the cloud-based on an optimal node selection policy. Several such node selection policies have been proposed that facilitate the selection of an optimal node, minimizing delay and energy consumption. However, one crucial assumption of these schemes is that all the networked fog nodes are authorized part of the fog network. This assumption is not valid, especially in a cooperative fog computing environment like a smart city, where fog nodes of multiple applications cooperate to meet their latency and computation requirements. In this paper, we propose a secure task-offloading framework for a distributed fog computing environment based on smart-contracts on the blockchain. The proposed framework allows a fog-node to securely offload tasks to a neighboring fog node, even if no prior trust-relation exists. The security analysis of the proposed framework shows how non-authenticated fog nodes are prevented from taking up offloading tasks.

Cloud computing has established itself as an alternative IT infrastructure and service model. However, as with all logically centralized resource and service provisioning infrastructures, cloud does not handle well local issues involving a large number of networked elements (IoTs) and it is not responsive enough for many applications that require immediate attention of a local controller. Fog computing preserves many benefits of cloud computing and it is also in a good position to address these local and performance issues because its resources and specific services are virtualized and located at the edge of the customer premise. However, data security is a critical challenge in fog computing especially when fog nodes and their data move frequently in its environment. This paper addresses the data protection and the performance issues by 1) proposing a Region-Based Trust-Aware (RBTA) model for trust translation among fog nodes of regions, 2) introducing a Fog-based Privacy-aware Role Based Access Control (FPRBAC) for access control at fog nodes, and 3) developing a mobility management service to handle changes of users and fog devices' locations. The implementation results demonstrate the feasibility and the efficiency of our proposed framework.