An IoT-Oriented Offloading Method with Privacy Preservation for Cloudlet-Enabled Wireless Metropolitan Area Networks

With the development of the Internet of Things (IoT) technology, a vast amount of the IoT data is generated by mobile applications from mobile devices. Cloudlets provide a paradigm that allows the mobile applications and the generated IoT data to be offloaded from the mobile devices to the cloudlets for processing and storage through the access points (APs) in the Wireless Metropolitan Area Networks (WMANs). Since most of the IoT data is relevant to personal privacy, it is necessary to pay attention to data transmission security. However, it is still a challenge to realize the goal of optimizing the data transmission time, energy consumption and resource utilization with the privacy preservation considered for the cloudlet-enabled WMAN. In this paper, an IoT-oriented offloading method, named IOM, with privacy preservation is proposed to solve this problem. The task-offloading strategy with privacy preservation in WMANs is analyzed and modeled as a constrained multi-objective optimization problem. Then, the Dijkstra algorithm is employed to evaluate the shortest path between APs in WMANs, and the nondominated sorting differential evolution algorithm (NSDE) is adopted to optimize the proposed multi-objective problem. Finally, the experimental results demonstrate that the proposed method is both effective and efficient.


Background
A Wireless Metropolitan Area Network (WMAN) is a kind of mobile broadband wireless network, launched as a computer communication network within a city, which provides users with more convenient wireless services [1]. Metropolitan areas have high-density populations, where there are intensive data produced by the mobile devices in people's daily lives. Mobile cloud computing provides a novel paradigm that allows the computing tasks and the data from the mobile devices to be offloaded to the remote cloud for processing and storage through access points (APs) in the WMAN [2]. With the increasing number of mobile devices and the rapid growth of mobile cloud computing

Motivation
Currently, a QoS (Quality of Service) aware cloudlet load balancing method for IoT data in WMAN is proposed [29], but it does not take into consideration the data privacy preservation. As a result, some important IoT data leak easily, causing great loss to users. Therefore, the privacy preservation of the IoT data in cloudlet-based WMAN environments has become an urgent problem. Hence, we consider a separated data offloading for the IoT data which has privacy conflicts. Meanwhile, an IoT-oriented offloading method (IOM) with privacy preservation is proposed to lower the transmission time, save energy consumption and improve the resource utility.

Paper Contributions
The main contributions of this paper include the following: • Construct a systematic model of the resource utilization, the energy consumption and the data transmission time of the cloudlets when offloading the IoT data to the cloudlets. • Adopt the Dijkstra algorithm to calculate the shortest path between AP points in a WMAN in order to reduce the transmission time of data. • Optimize the multi-objective problem model by the nondominated sorting differential evolution (NSDE) algorithm with privacy preservation considered, and finally the optimal offloading strategies are output. • Conduct extensive experimental evaluations and comparison analysis to demonstrate the efficiency and effectiveness of the proposed method.
The rest of the paper is organized as follows. Section 2 introduces the system model and the problem definition. Section 3 proposes an IoT-oriented offloading method with privacy preservation. In Section 4, simulation experiments and a comparison analysis are presented. Section 5 reviews related works. Finally, conclusions and future work are drawn in Section 6.

System Model and Problem Formulation
In this section, we present a system model that closely approximates the cloudlet environment in the WMAN first. Then, three optimized models of IoT data, that is, the transmission time model, the energy consumption model and the resource utilization model, are formed. Some key notations and descriptions used in the paper are listed in Table 1. Table 1. Key notations and descriptions.

C
The cloudlet collection A The AP(Access Point) collection T The computing task collection D The dataset collection of the computing tasks X The data offloading policy collection for T P The number of computing tasks l n (X) The resource utilization rate of the cloudlet c n σ(X) The number of the occupied cloudlets ψ(X) The average of l n (X) TT(X) The propagation delay time of the computing tasks T(X) The average of propagation delay time β P,n (X) The execution time of the task x p in the cloudlet c n ST(X) The maximal execution time of the task in the cloudlet c n E idle V M (X) The energy consumption of the idle VMs (Virtual Machines) E active V M (X) The energy consumption of the active VMs E c (X) The energy consumption of the cloudlets E(X) The total energy consumption

Resource Model
In this paper, we focus on the IoT-oriented data offloading with privacy preservation for the cloudlet-enabled WMAN. We consider a separated data offloading for the IoT data with privacy conflicts to optimize the transmission time, the energy consumption and the resource utilization. Suppose that there are N cloudlets, denoted as C = {c 1 , c 2 , . . . , c N } (each cloudlet has one host), which are deployed in the WMAN. There are M APs, denoted as A = {a 1 , a 2 , . . . , a M }. The cloudlets are connected through the APs, and M > N. P computing tasks that should be offloaded to the cloudlets for processing are donated as T = {t 1 , t 2 , . . . , t P }. The datasets of the computing tasks are donated as D = {d 1 , d 2 , . . . , d P }.
Let X = {x 1 , x 2 , . . . , x P } be the offloading policy for the IoT data of the computing task set T, where x P I ∈ C (p = {1, 2, . . . , P}) is the cloudlet that the computing task t P is offloaded to. Figure 1 shows an example of cloudlet layout in the WMAN. The cloudlets are connected by the APs and deployed in the WMAN. There are seven APs, three physical machines, three cloudlets and three computing tasks in the example. The cloudlet c 1 is connected to the cloudlet c 2 through four APs, named a 1 , a 2 , a 3 and a 4 . If the IoT data of the computing task t 1 has privacy conflicts with the other data, t 1 will be migrated to the cloudlet c 2 for processing, through a 1 , a 2 , a 3 and a 4 . In addition, the cloudlet c 1 is connected to the cloudlet c 3 through three APs, named a 1 , a 6 and a 7 or through APs of a 1 , a 5 , a 6 and a 7 .
Sensors 2018, 18, x FOR PEER REVIEW 4 of 18 three computing tasks in the example. The cloudlet c1 is connected to the cloudlet c2 through four APs, named a1, a2, a3 and a4. If the IoT data of the computing task t1 has privacy conflicts with the other data, t1 will be migrated to the cloudlet c2 for processing, through a1, a2, a3 and a4. In addition, the cloudlet c1 is connected to the cloudlet c3 through three APs, named a1, a6 and a7 or through APs of a1, a5, a6 and a7.

Resource Utilization Model
Compared to the mobile devices, the cloudlets have much greater physical resources including storage resources, computing resources and communication resources. When allocating the cloudlet resources to accommodate the IoT data, the resources are provided in the form of VMs. Assume that a cloudlet owns one physical machine. Let hn be the capacity of the n-th cloudlet cn and let up,n be the requirements of the computing task tP.
The resource utilization is an important part to evaluate the efficiency of the cloudlets. According to the data offloading policy in , the resource utilization of the cloudlet is ( ), which is calculated by where , is a binary variable to judge whether is offloaded on , which is measured by Then, the number of the occupied hosts, denoted as ( ), is calculated by Finally, the average resource utilization of the cloudlet can be calculated by

Data Transmission Model
The IoT data needs to be offloaded to the cloudlet for processing or the conflict data needs to be offloaded to another cloudlet. During the offloading, there is some transmission delay, which may influence the efficiency of the cloudlets. The transmission time for the IoT applications to offload datasets should be taken into account.

Resource Utilization Model
Compared to the mobile devices, the cloudlets have much greater physical resources including storage resources, computing resources and communication resources. When allocating the cloudlet resources to accommodate the IoT data, the resources are provided in the form of VMs. Assume that a cloudlet owns one physical machine. Let h n be the capacity of the n-th cloudlet c n and let u p,n be the requirements of the computing task t P .
The resource utilization is an important part to evaluate the efficiency of the cloudlets. According to the data offloading policy in X, the resource utilization of the cloudlet c n is l n (X), which is calculated by where θ p,n is a binary variable to judge whether t p is offloaded on c n , which is measured by Then, the number of the occupied hosts, denoted as σ(X), is calculated by Finally, the average resource utilization of the cloudlet can be calculated by

Data Transmission Model
The IoT data needs to be offloaded to the cloudlet for processing or the conflict data needs to be offloaded to another cloudlet. During the offloading, there is some transmission delay, which may influence the efficiency of the cloudlets. The transmission time for the IoT applications to offload datasets should be taken into account.
When the computing tasks are in the current cloudlet without offloading, the transmission delay is neglected. When the computing tasks are offloaded from one cloudlet to another, it will pass through multiple APs. Thus the transmission delay is added by the transmission time among APs.
Let N p,q be the number of halfway APs when the computing tasks are offloaded from the cloudlet c p to c q . Then, the transmission delay is calculated by where D p is the data scale of t p . Then, the average data transmission time T(X) can be calculated by

Energy Consumption Model
In this paper, the energy consumption is generated by the cloudlets, the active VMs and the idle VMs. The energy consumption is associated with the execution time of the computing tasks. Let β P,n (X) be the execution time of x p in c n , and it can be calculated by β P,n (X) = I p,n µ p,n ·CPU n , where I p,n is the instruction length of x p in c n , µ p,n is the number of the occupied VMs x p in c n , and CPU n is the running power of the physical machine in the cloudlet c n . The execution time of c n is denoted as ST(X), which is calculated by (β P,n (X) · θ p,n (X)).
During the tracked execution period ST(X), the energy consumption of the active VMs in the cloudlet is denoted as E active V M (X), which is calculated by where η is the power rate for the running VM instances. Before the data offloading, all the VMs are assumed as the idle VMs. When the IoT data are offloaded to the cloudlets for execution, some idle VMs are switched into active VMs. This switch also generates a certain amount of energy consumption. Hence the energy consumption of the initial idle VMs is denoted as E initial V M (X), which is calculated by where τ is the power rate for the idle VM instances.
The process by which an idle VM is changed into an active one also consumes some energy. The energy consumption to switch the situation of VMs is denoted as E switch V M (X), which is calculated by E switch V M (X) = h n − ∑ P p=1 u p,n ·ST(X)·θ p,n (X)·τ. (11) In this way, the energy consumption of the idle VMs in the cloudlet is denoted as E idle V M (X), which is calculated by All the running cloudlets consume the baseline energy during the tracked execution period ST(X). Such baseline energy consumption for the cloudlets is denoted as E C (X), which can be calculated by where ξ is the power rate for the cloudlets. Then, the total energy consumption denoted as E(X) is calculated by

Data Privacy Preservation Model of the Comouting Tasks
The IoT data contained in the computing tasks have different attributes, which may generate privacy conflicts. Putting the IoT data with privacy conflicts on the same cloudlet may make the IoT data be easily attacked by hackers and it will cause data leakage. Hence, the IoT data with privacy conflicts under this condition are offloaded to the other cloudlets for processing.
The privacy conflicts of the datasets are modeled by a graph G = (D, E), where D is the set of datasets and E represents the conflicting relations between two datasets in D. Additionally, d i , d j ∈ E represents that there is a privacy conflict between the datasets d i and d j , which should be offloaded to different cloudlets for processing.
Then, the conflicting datasets of d p are denoted as CD p , which is obtained by Hence, the conflicting collection is obtained by X= {x 1 , x 2 , · · · , x P }, where X = x i x i ∈ CD p , i = 1, 2, · · · , CD p .

An IoT-Oriented Offloading Method with Privacy Preservation
In this section, we mainly encode the IoT-oriented offloading model with data privacy conflicts in the WMAN. We aim to maximize the resource utilization in (4), minimize the data transmission time in (6) and minimize the energy consumption in (14) while satisfying the privacy constraints in (15). The formalized multi-objective problem is optimized by NSDE, and the diversity and convergence of the population are ensured through the mutation and crossover operations. In the individual selection phase, NSDE uses the fast nondominated sorting approach and the crowded-comparison operator to ensure that individuals with the relatively best fitness values in the current population can be preserved for the next generation.

Shortest Path Acquisition of APs in WMAN Based on Dijkstra Algorithm
To estimate the transmission time among the APs, we adopt the Dijkstra algorithm to calculate the shortest path between the APs. In order to reduce the transmission time of IoT data, each AP selects the shortest path for transmission.
In Figure 1, all the computing tasks and the IoT data are uploaded to the APs closest to them and offloaded to the appropriate cloudlet for processing. However, in the WMAN, there may be multiple transmission paths between two APs. In order to reduce the transmission time of data, each AP selects the shortest path for transmission.
Assuming that the transmission rate between the APs is the same, the WMAN can be regarded as a set of undirected unweighted graphs, and each AP is a node on this graph. The Dijkstra algorithm is used to calculate the shortest path between the mobile nodes.

Optimization Problem Model by NSDE
The problem model proposed in this paper is summarized as a constrained multi-objective optimization problem. NSDE is an essential multi-objective optimization algorithm using real number coding whose mutation vector is generated by the parent difference vector and intersects with the parent individual vector to generate a new individual vector. In the parent population and the offspring population, the fast nondominated sorting approach and the crowded-comparison operator are performed, and the individuals with better target values are preserved for the next generation. Compared with other algorithms, it is more effective in solving the approximation of the global optimal solution set in multidimensional space.
In this section, the problem model is real-coded, performing crossover, mutation and selection operations, and the problem is using the fast nondominated sorting approach and the crowded-comparison operator in the selection phase to preserve the individuals with better fitness for the next generation, and through continuous iteration, it is constantly approaching the optimal solution set.
(1) Encoding: A distribution strategy for all the computing tasks uploaded from each AP point is represented by a chromosome, and each gene in the chromosome represents the execution location of the task, which means that the task will be assigned to the corresponding cloudlet for execution. Therefore, the range of values for each gene depends on the number of the cloudlets that are used to perform the computing tasks. Figure 2 shows the value of each gene in a chromosome. Suppose that the n-th task t n will be assigned to M cloudlets for execution. Then, the length of this chromosome X j is N, and each gene will be a real value between 0 and M. However, in the calculation, each real value will be converted into an integer that represents the position of the execution cloudlet. For example, in Figure 2, the second task t 1 has a gene value of 3.2, and adopts the "down rounding" method, so the task t 1 will be assigned to cloudlet 3 for execution. operator are performed, and the individuals with better target values are preserved for the next generation. Compared with other algorithms, it is more effective in solving the approximation of the global optimal solution set in multidimensional space. In this section, the problem model is real-coded, performing crossover, mutation and selection operations, and the problem is using the fast nondominated sorting approach and the crowdedcomparison operator in the selection phase to preserve the individuals with better fitness for the next generation, and through continuous iteration, it is constantly approaching the optimal solution set.
(1) Encoding: A distribution strategy for all the computing tasks uploaded from each AP point is represented by a chromosome, and each gene in the chromosome represents the execution location of the task, which means that the task will be assigned to the corresponding cloudlet for execution. Therefore, the range of values for each gene depends on the number of the cloudlets that are used to perform the computing tasks. Figure 2 shows the value of each gene in a chromosome. Suppose that the n-th task tn will be assigned to M cloudlets for execution. Then, the length of this chromosome Xj is N, and each gene will be a real value between 0 and M. However, in the calculation, each real value will be converted into an integer that represents the position of the execution cloudlet. For example, in Figure 2, the second task t1 has a gene value of 3.2, and adopts the "down rounding" method, so the task t1 will be assigned to cloudlet 3 for execution. (2) Fitness functions and constraints: A chromosome is an individual which represents an offloading strategy for all the computing tasks in the optimization problem. Multiple individuals constitute a population, and NSDE is used to optimize the population. The fitness functions are the criteria for evaluating each individual in the population, and the constraints are the conditions that each individual needs to satisfy during the problem optimization process.
There are three fitness functions for this optimization problem: the average resource utilization of the cloudlet, the data transmission time and the energy consumption, which are calculated by fitness functions (4), (6) and (14), respectively. In this optimization problem, the larger average resource utilization of the cloudlet with the smaller data transmission time and the lower energy consumption contributes to the better individual. Hence, the NSDE comprehensively evaluates all individuals in the population through these three fitness functions, not one or two of them.
However, during the evolution of the population, each individual also needs to meet two (2) Fitness functions and constraints: A chromosome is an individual which represents an offloading strategy for all the computing tasks in the optimization problem. Multiple individuals constitute a population, and NSDE is used to optimize the population. The fitness functions are the criteria for evaluating each individual in the population, and the constraints are the conditions that each individual needs to satisfy during the problem optimization process.
There are three fitness functions for this optimization problem: the average resource utilization of the cloudlet, the data transmission time and the energy consumption, which are calculated by fitness functions (4), (6) and (14), respectively. In this optimization problem, the larger average resource utilization of the cloudlet with the smaller data transmission time and the lower energy consumption contributes to the better individual. Hence, the NSDE comprehensively evaluates all individuals in the population through these three fitness functions, not one or two of them.
However, during the evolution of the population, each individual also needs to meet two constraints: the total number of VMs requested by all the computing tasks on each cloudlet cannot be greater than the maximum number of VMs in the cloudlet, and the privacy preservation of the data is satisfied, which means the conflicting data cannot be offloaded to the same cloudlet.
(3) Initialization: Before the population is initialized, there are several algorithm parameters that need to be determined: the individual length N, which depends on the total number of computing tasks from all APs and each gene in the individual, represents the position of the cloudlet that the task is executed on, which has been introduced in the "Encoding" section; the size of population NP, which is usually set between 5N and 10N, but not less than 4N; additionally, in the evolution of the NSDE, three parameters are used, including the crossover factor CR, the mutation factor F and the mutation strategy, where CR and F mainly determine the optimization ability and the convergence speed of the NSDE. The mutation strategy selected in this paper is "DE/rand/1". After the parameters have been determined, the NSDE will generate a parent population P whose size is NP by initialization. The length of each individual is N, and the value of each gene in the individual is between 0 and M, where N and M represent the number of t computing tasks and cloudlets in the WMAN, respectively.
(4) Mutation and crossover: The mutation operation is performed by randomly selecting three individuals X a , X b and X c from the parent population P, and generating a mutated individual H i by combining the third individual X a with the difference vector of X b and X c , which is scaled according to the variation factor F. The crossover operation generates every gene V i,j of the offspring individual V i by crossing X i,j of the parent individual X i and H i,j of the mutated individual H i , where X i,j , H i,j and V i,j respectively represent the j-th gene of the parent individual X i , the mutated individual H i and the offspring individual V i .
(5) Selection: In the selection phase, based on the three fitness functions (4), (6) and (14), the NSDE performs the fast nondominated sorting approach and the crowded-comparison operator for the population O, which is composed of the parent population P and the offspring individual V i . The multiple nondominated layers L i (i = 0, 1, 2, . . . ) will be generated by the fast nondominated sorting approach, and the individuals in the nondominated layer with the lower nondominated level or the individuals with a better crowding distance in the same nondominated layer are preferentially populated into the parent population P of the next generation until the size of the population P is exactly equal to NP. The method of crowding distance calculation is described as follows: where D j represents the crowding distance, D j U , D j T and D j E represent the crowding distances of the average resource utilization, the data transmission time and the energy consumption, respectively. Besides, in (16), U j , T j and E j represent the objective function values of the average resource utilization, the data transmission time and the energy consumption, respectively, by the j-th offloading strategy X j . (6) Iteration: The NSDE takes the population P generated by performing selection operations as the parent population of the next generation, and combines the population P and the mutation population Q generated by performing mutation and crossover operations into a population whose size is 2NP. The parental population P of the next generation is regenerated by performing the selection operations on the population O. This process iterates until the termination condition is met, and finally the better solutions set S of the optimization problems is obtained.

Experimental Evaluation
In this section, a set of comprehensive simulations and experiments are conducted to evaluate the performance of the proposed IOM method. Specifically, we first introduce the simulation setup, including the simulation parameter settings and the statement of the comparative methods. Then, the influence of different task scales on the performance of the optimization metrics is evaluated.

Simulation Setup
In our simulation, three datasets with different scales of the computing tasks are applied for our experiments, and the number of computing tasks is set to 100, 150 and 200, respectively. The transmission speed of the cloudlets and the power rate of the cloudlets are set to 1200 M/s and 300 W according to [30]. The system decides which data items have conflicts according to the requirement of information security defined by the users or the processing records, which are assumed as the known information in our simulation. The specified parameter settings in this experiment are illustrated in Table 2. To conduct the comparison analysis, we employ another basic offloaded method. The comparative method is briefly expounded as follows.
Benchmark: The task is offloaded to the nearest cloudlet first. If the task to be offloaded requires more resources than the current cloudlet owns or it has data conflicts with the computing tasks offloaded to the current cloudlet already, this task is offloaded to the cloudlet near the current one according to the Dijkstra algorithm. This process is repeated until all the computing tasks are offloaded to the cloudlets.
The methods are implemented under the simulation tools by CloudSim on a PC machine with two Intel Core i7-5500U 2.40 GHz processors and 8 GB RAM. The corresponding evaluation results are depicted in detail in the following sections.

Performance Evaluation of IOM
The proposed IOM is intended to achieve a trade-off between optimizing the resource utilization, shortening the data transmission time and reducing the energy consumption while taking privacy preservation into consideration. We conducted 50 replicates of the experiment in the case of convergence for each task scale, and multiple sets of results were obtained. To identify a relatively optimal solution, simple additive weighting (SAW) and multiple-criteria decision making (MCDM) were used, where the optimal function is measured as follows: where Ψ(X), T(X) and E(X) represent the fitness of the data offloading strategy x i regarding the three objective functions mentioned above, respectively. Ψ max and Ψ min represent the maximum and minimum fitness values for the resource utilization. If Ψ max = Ψ min , let Analogously, T max and T min represent the maximum and minimum fitness for the data transmission time, and if T max = T min , let T max −T min = 1; E max and E min represent the maximum and minimum fitness for the energy consumption, and if E max = E min , let Figure 3 shows the comparison of the utility value of the solutions generated by IOM with different task scales. It is illustrated that when the task scale is 100, 150 or 200, four solutions are generated by IOM. For the solutions generated by IOM, we attempt to obtain the most balanced data offloading strategy by evaluating the utility value given in (17). After statistics and analysis, the solution with the maximum utility value is considered as the most balanced strategy. For instance, in Figure 3a, the final selected strategy is solution 3 because it achieves the highest utility value.

Performance Evaluation of IOM
The proposed IOM is intended to achieve a trade-off between optimizing the resource utilization, shortening the data transmission time and reducing the energy consumption while taking privacy preservation into consideration. We conducted 50 replicates of the experiment in the case of convergence for each task scale, and multiple sets of results were obtained. To identify a relatively optimal solution, simple additive weighting (SAW) and multiple-criteria decision making (MCDM) were used, where the optimal function is measured as follows: where ( ), T(X) and E(X) represent the fitness of the data offloading strategy xi regarding the three objective functions mentioned above, respectively. max and min represent the maximum and minimum fitness values for the resource utilization. If max = min , let  Figure 3 shows the comparison of the utility value of the solutions generated by IOM with different task scales. It is illustrated that when the task scale is 100, 150 or 200, four solutions are generated by IOM. For the solutions generated by IOM, we attempt to obtain the most balanced data offloading strategy by evaluating the utility value given in (17). After statistics and analysis, the solution with the maximum utility value is considered as the most balanced strategy. For instance, in Figure 3a, the final selected strategy is solution 3 because it achieves the highest utility value.

Comparison Analysis
In this subsection, the comparisons of Benchmark and IOM with the same experimental context are analyzed in detail. The resource utilization, the data transmission time and the energy consumption are the main metrics for evaluating the performance of the data offloading methods. In

Comparison Analysis
In this subsection, the comparisons of Benchmark and IOM with the same experimental context are analyzed in detail. The resource utilization, the data transmission time and the energy consumption are the main metrics for evaluating the performance of the data offloading methods. In addition, the number of employed cloudlets is presented to show the resource usage of all the cloudlets for offloading the computing tasks. The corresponding results are shown in Figures 4-8. addition, the number of employed cloudlets is presented to show the resource usage of all the cloudlets for offloading the computing tasks. The corresponding results are shown in Figures 4-8.
(1) Comparison of the number of employed cloudlets: Figure 4 illustrates the number of cloudlets employed by the data offloading methods. The total number of the cloudlets in our experiment is set to 50. As shown in Figure 4, IOM employs fewer cloudlets compared with Benchmark. Furthermore, as the number of the computing tasks increases, the number of the cloudlets employed by IOM increases. (2) Comparison of the resource utilization: After offloading all the computing tasks to the cloudlets via the data offloading methods, the occupation of the VMs is achieved. Figure 5 shows the comparison of the resource utilization of the cloudlets by using Benchmark and IOM with different task scales. The resource utilization is calculated according to the number of occupied cloudlets and the employed VMs in each cloudlet. Fewer employed cloudlets with more employed VMs contribute to a higher resource utilization. It is intuitive from Figure 5 that IOM achieves higher and stable resource utilization. That is, IOM reduces the number of unemployed VMs and wastes less resources than Benchmark.
(3) Comparison of the data transmission time: In Figure 6, we compare the data transmission time of the different data offloading methods. It is intuitive that our proposed method IOM costs more time than Benchmark. With the increase of the task scales, the data transmission time is enlarged. This may be because our proposed method needs more transmission times to realize the goal of optimizing the resource utilization and the energy consumption, which may sacrifice some transmission time on the other hand. (1) Comparison of the number of employed cloudlets: Figure 4 illustrates the number of cloudlets employed by the data offloading methods. The total number of the cloudlets in our experiment is set to 50. As shown in Figure 4, IOM employs fewer cloudlets compared with Benchmark. Furthermore, as the number of the computing tasks increases, the number of the cloudlets employed by IOM increases.
(2) Comparison of the resource utilization: After offloading all the computing tasks to the cloudlets via the data offloading methods, the occupation of the VMs is achieved. Figure 5 shows the comparison of the resource utilization of the cloudlets by using Benchmark and IOM with different task scales. The resource utilization is calculated according to the number of occupied cloudlets and the employed VMs in each cloudlet. Fewer employed cloudlets with more employed VMs contribute to a higher resource utilization. It is intuitive from Figure 5 that IOM achieves higher and stable resource utilization. That is, IOM reduces the number of unemployed VMs and wastes less resources than Benchmark.
(3) Comparison of the data transmission time: In Figure 6, we compare the data transmission time of the different data offloading methods. It is intuitive that our proposed method IOM costs more time than Benchmark. With the increase of the task scales, the data transmission time is enlarged. This may be because our proposed method needs more transmission times to realize the goal of optimizing the resource utilization and the energy consumption, which may sacrifice some transmission time on the other hand.
(4) Comparison of the energy consumption: As outlined in Section 2, the energy consumption is composed of the energy consumption of the active VMs, the energy consumption of the idle VMs, and the energy consumption of the cloudlets. In Figure 7, we compare these three aspects respectively with different task scales. As shown in Figure 7a, both methods achieve the same energy consumption of the active VMs at the same task scale because the same number of VMs are employed by Benchmark and IOM. Figure 7b shows that as the number of computing tasks increases, both methods increase the energy consumption of the idle VMs, but IOM generates less energy of the idle VMs due to less unemployed VMs used compared with Benchmark by occupying fewer cloudlets. Figure 7c indicates that IOM consumes less energy of the cloudlets than the Benchmark. The comparison of energy consumption in Figure 8 shows that IOM has better performance. For example, when the number of computing tasks is 100, IOM achieves a power consumption of less than 3000 W.s, whereas Benchmark generates more than 5000 W.s energy.  (4) Comparison of the energy consumption: As outlined in Section 2, the energy consumption is composed of the energy consumption of the active VMs, the energy consumption of the idle VMs, and the energy consumption of the cloudlets. In Figure 7, we compare these three aspects respectively with different task scales. As shown in Figure 7a, both methods achieve the same energy consumption of the active VMs at the same task scale because the same number of VMs are employed by Benchmark and IOM. Figure 7b shows that as the number of computing tasks increases, both methods increase the energy consumption of the idle VMs, but IOM generates less energy of the idle VMs due to less unemployed VMs used compared with Benchmark by occupying fewer cloudlets. Figure 7c indicates that IOM consumes less energy of the cloudlets than the Benchmark. The comparison of energy consumption in Figure 8 shows that IOM has better performance. For example, when the number of computing tasks is 100, IOM achieves a power consumption of less than 3000 W.s, whereas Benchmark generates more than 5000 W.s energy.

Related Work
With the development of the IoT technology, more IoT data is produced by mobile devices in daily life. Edge cloud computing developed rapidly to solve the transmission delay of the IoT data, providing high-speed processing in cloud service [31]. One of the hot technologies of edge cloud computing is the cloudlet, which is applied to get a shorter response time and reduce the energy consumption of mobile devices by alternating the offloading destinations, compared to the traditional mobile cloud computing paradigm [32][33][34][35]. There have been many studies about cloudlets, which were fully investigated in [36][37][38][39][40][41][42], to name a few.
In [36], the author studied the placement of the cloudlets in a large WMAN, consisting of many wireless APs. In order to realize the resource sharing of mobile users, Hoang et al. [37] used a cloudlet as a semi-Markov decision process (SMDP) to formalize a dynamic optimization problem. The SMDP is converted into a linear programming model to get the best solution. In the optimization model, mobile users need to consider different types of service quality under resource constraints. In [38], the author proposes a Performance-Enhancement Framework of Cloudlet (PEFC) to enhance the service performance of a cloudlet with limited resources. That paper aims to enhance the performance of the cloudlet and improve the experience of cloud service with limited resources. Artail et al. [39] proposed a general solution based on a mobile intelligent device to solve the service delay of the remote cloud. The author considered a cloud network, which distributes within a region and connects to the root server, to ensure resource availability. The framework is applicable to the environment where the cloudlet clients can sense networks and software services. Ciobanu et al. [40] introduced the drop computing paradigm, which proposes the concept of decentralized computing over multilayered networks, combining cloud and wireless technologies over a social crowd formed between mobile and edge devices. Mao et al. [41] jointly optimized task offload scheduling and transmission power allocation for mobile edge computing systems to reduce execution latency and device power consumption. The author proposed a low-complexity suboptimal algorithm to minimize the weighted sum of execution delay and device energy consumption, based on alternating minimization. Although the research on cloudlets is increasing, people often overlook the optimization of resource utilization, transmission delay and energy consumption when taking the privacy protection into account [43][44][45][46].
Current research mainly focuses on the capacitated cloudlets' placement to save energy or encrypt data to prevent data leakage. In [47], the author studied the cloudlet placement and mobile user allocation to the cloudlets in the WMAN. The author also designed a cloudlet placement algorithm, which placed the cloudlet in a user-intensive area of the wireless metropolitan area networks to balance the workload of WMAN. Mahadev et al. [48] introduced GigaSight, which is an internet-scale crowdsourced video content repository with powerful privacy preferences and access

Related Work
With the development of the IoT technology, more IoT data is produced by mobile devices in daily life. Edge cloud computing developed rapidly to solve the transmission delay of the IoT data, providing high-speed processing in cloud service [31]. One of the hot technologies of edge cloud computing is the cloudlet, which is applied to get a shorter response time and reduce the energy consumption of mobile devices by alternating the offloading destinations, compared to the traditional mobile cloud computing paradigm [32][33][34][35]. There have been many studies about cloudlets, which were fully investigated in [36][37][38][39][40][41][42], to name a few.
In [36], the author studied the placement of the cloudlets in a large WMAN, consisting of many wireless APs. In order to realize the resource sharing of mobile users, Hoang et al. [37] used a cloudlet as a semi-Markov decision process (SMDP) to formalize a dynamic optimization problem. The SMDP is converted into a linear programming model to get the best solution. In the optimization model, mobile users need to consider different types of service quality under resource constraints. In [38], the author proposes a Performance-Enhancement Framework of Cloudlet (PEFC) to enhance the service performance of a cloudlet with limited resources. That paper aims to enhance the performance of the cloudlet and improve the experience of cloud service with limited resources. Artail et al. [39] proposed a general solution based on a mobile intelligent device to solve the service delay of the remote cloud. The author considered a cloud network, which distributes within a region and connects to the root server, to ensure resource availability. The framework is applicable to the environment where the cloudlet clients can sense networks and software services. Ciobanu et al. [40] introduced the drop computing paradigm, which proposes the concept of decentralized computing over multilayered networks, combining cloud and wireless technologies over a social crowd formed between mobile and edge devices. Mao et al. [41] jointly optimized task offload scheduling and transmission power allocation for mobile edge computing systems to reduce execution latency and device power consumption. The author proposed a low-complexity suboptimal algorithm to minimize the weighted sum of execution delay and device energy consumption, based on alternating minimization. Although the research on cloudlets is increasing, people often overlook the optimization of resource utilization, transmission delay and energy consumption when taking the privacy protection into account [43][44][45][46].
Current research mainly focuses on the capacitated cloudlets' placement to save energy or encrypt data to prevent data leakage. In [47], the author studied the cloudlet placement and mobile user allocation to the cloudlets in the WMAN. The author also designed a cloudlet placement algorithm, which placed the cloudlet in a user-intensive area of the wireless metropolitan area networks to balance the workload of WMAN. Mahadev et al. [48] introduced GigaSight, which is an internet-scale crowdsourced video content repository with powerful privacy preferences and access control features. The GigaSight architecture is a joint system of VM-based cloudlets that performs video analytics on the edge of the internet, reducing the need for cloudlet ingress bandwidth. Rahman et al. [49] proposed a mobile edge computing framework that provides real-time and location-aware personalized services for a large number of users. According to the new privacy policy paradigm, it can make a secure share of location. The framework uses server-side cloud blending and crowd edge fog computing terminals (FCTs) to switch tasks between FCTs and the cloud, based on network condition, geographic location and available resources. Chen et al. [50] used the flexibility of the cloudlets to create a novel healthcare system. Cloudlet features include privacy protection, data sharing and intrusion detection. In the data collection phase, the author used the Number Theory Research Unit (NTRU) method to encrypt data collected by wearable devices. Then, they proposed a new trust model to help users choose trusted partners to share stored data in the cloudlet and help similar patients to communicate with each other. Finally, in order to protect the medical system from malicious attacks, the author developed a new collaborative intrusion detection system (IDS) method based on cloud networks.
Generally speaking, researchers do not take into consideration the data privacy preservation when optimizing the energy consumption of the cloudlets in the WMAN, or ameliorate the transmission time, energy consumption and resource utility when encrypting data [51][52][53]. Thus, an IoT-oriented offloading method with privacy preservation is proposed in this paper to optimize the transmission time, the energy consumption and the resource utilization when considering data privacy preservation.

Conclusions and Future Work
With the rapid development of IoT technology, the computing tasks of mobile applications have become so complex that it is necessary to offload the computing tasks to the remote cloud. For some applications with low latency requirements, it is necessary to offload the computing tasks to the nearby cloudlets for execution. Meanwhile, we have to be considerate of data conflicts to realize privacy preservation. In order to tackle such problems that have happened in the cloudlet-based WMAN environment, an IoT-oriented offloading method with privacy preservation is proposed in this paper to optimize the transmission time, the energy consumption and the resource utilization. Concretely, the task-offloading strategy with privacy preservation in the WMAN is modeled as a constrained multi-objective optimization problem. In order to reduce the transmission time, the Dijkstra algorithm is adopted to calculate the shortest path among APs in the WMAN. The multi-objective optimization problem is solved by an NSDE algorithm, and finally the best task-offloading strategy in the WMAN is obtained.
In future work, we will attempt to adapt and extend our proposed method to a real-world scenario for cloudlet services in the WMAN environment. Additionally, the privacy preservation strategy will be updated on the basis of the IoT data. At the same time, more attributes of the real-world scenario will be added to confirm the accuracy of our experiment.

Conflicts of Interest:
The authors declare no conflict of interest. The funders had no role in the design of the study; in the collection, analyses, or interpretation of data; in the writing of the manuscript, and in the decision to publish the results.