A Survey of Security Architectures for Edge Computing-Based IoT
Abstract
:1. Introduction
- We provide an overview and definition of edge computing and its relationship/difference with/from other similar computing models, such as fog computing, cloud computing, cloudlets, and MEC.
- We present attacks and threats of EC-based IoT. Then, we discuss the possible solutions and countermeasures at different network layers and for different security and privacy issues.
- We propose a secure edge computing-based architecture for IoT infrastructure through many research achievements concerning edge computing in IoT and define an application of edge computing in IoT for the architecture.
2. Edge Computing and Related Computing Paradigms
2.1. Cloud Computing
2.2. Mobile Computing
2.3. Mobile Cloud Computing
2.4. Edge Computing
- Improve system performance: the most important advantage of edge computing in IoT is achieving ms-level of data processing. Edge computing reduces the overall delay of the system and the demand for communication bandwidth and improves the overall performance of the system.
- Protect data security and privacy: cloud platform service providers offer a comprehensive system of centralized data security protection solutions to their customers. However, once centralized stored data becomes leaked, it will lead to serious consequences. In contrast, edge computing allows deploying the most appropriate security solutions in the local vicinity, and most of the computation can be performed on the edge of the network, so less data need to be transferred. Therefore, it reduces the risk of data leakage during the transmission and the amount of stored data in the cloud platform; thus, security and privacy risks will be decreased. IoT devices collect a large amount of data that can contain some sensitive information (e.g., global positioning system (GPS) data, streams from cameras/microphones). An application might need this information to run complex analytics in the cloud; it is important to preserve the privacy of sensitive context once the data leaves where it was generated. Using edge computing, the sensitive data can be preprocessed onsite and passed through a first layer of anonymization, and then the privacy complaint data can be sent to the cloud for further analysis.
- Reduce latency: latency in edge computing has been reduced compared with MCC and cloud computing because of the proximity to users. However, if the local computation unit is not powerful enough, the latency in edge computing can be worse than in MCC and cloud computing.
- Reduce operational costs: transferring data directly to the cloud platform requires substantial operational costs for data transmission, good bandwidth, and delay characteristics. In contrast, edge computing can reduce data uploading volume; therefore, data transmission volume, bandwidth consumption, and latency will be reduced, consequently reducing operational costs.
- High service availability: availability of services is also superior in edge computing; there is no waiting time for a centralized platform to provide the services, and there is no limitation of resources, such as in traditional mobile computing. In contrast to MACC (see Section 2.4.2), edge computing contains small data centers, while MACC basically does not require a data center. Therefore, the availability of services is higher in edge computing. In addition, edge computing can form peer-to-peer and cloud computing hybrid models, so it benefits from broader computing capabilities than does MACC [44].
- Be robust to connectivity issues: when part of the computations can be run directly on the edge, applications will not be disrupted by limited or intermittent network connectivity. This is especially beneficial when applications are running on remote locations with poor network coverage. It can also reduce expensive costs related to connectivity technologies, such as cellular technologies.
2.4.1. Cloudlet Computing
2.4.2. Mobile Ad Hoc Cloud Computing
2.4.3. Fog Computing
2.4.4. Multi-Access Edge Computing
2.4.5. Mist Computing
3. Security and Privacy Attacks and Threats in EC-Based IoT
- Node replication: this occurs when adversaries inject a new malicious node into an existing set of nodes by replicating one node’s ID number. Then, attackers will be able to corrupt, steal, or misdirect data packets arriving at the malicious replica. The required access to extract cryptographic shared keys can be obtained by attackers causing severe damage to the system. Moreover, by implementing node revocation protocols, legitimate EC nodes can be revoked by node replicas [33,92]. This attack is considered an active attack [94,95,96].
- If attackers gain illegitimate access to integrated circuits (ICs), they can appear as hardware trojan. Attackers will be able to control the circuit and access data or even software running on these ICs. There are two types of Trojans: (1) internally activated Trojans, which can be activated by satisfying a particular condition inside the Ics; and (2) externally activated Trojans, which can be activated using sensors or antennas that interact with the outside world [33,92].
- Attackers can also camouflage by injecting a fake EC node into the network or attack an authorized node to be able to hide at the edge level. This counterfeit/modified EC node will work as a normal EC node to receive, share, process, store, redirect, or transmit data packets [33,92]. In addition, this node is able to operate in a passive mode and only analyses the traffic. This attack is considered a passive attack [94,96,97].
- Attackers gain unauthorized access and control of the network, taking advantage of corrupted or malicious EC nodes, then inject misleading data packets or can block the delivery of legitimate data packets [92,98,99,100]. This attack can be launched using three different attack methods: (1) insertion, in which the attacker inserts malicious packets (that seem legitimate) in network communication; (2) manipulation, in which the attacker captures packets, then change them; or (3) replication (or replay), in which the previously exchanged packets between two nodes have been captured and replayed by the attacker.
4. Security and Privacy Countermeasures and Solutions in EC-Based IoT
5. Architecture of Edge Computing-Based IoT
- Edge controller layer: this layer collects data from the IoT layer using some edge controllers, performs preliminary threshold judging or data filtering, and transfers control flow from the edge layer or cloud layer to the IoT layer.
- b.
- Edge gateway layer: this layer mostly contains edge gateways. It collects the data from the edge controller layer using wired networks (such as fieldbus, industrial ethernet, industrial optical fiber, etc.) or wireless networks (such as Wi-Fi, Bluetooth, RFID, NB-IoT, LoRa, 5G, etc.), caches the collected data and provides heterogeneous computing. In addition, edge gateways in this layer transfer control flow from the upper layers (edge server layer or cloud layer) to the edge controller layer and manage the equipment in the edge gateway layer or edge controller layer.
- c.
- Edge server layer: the edge server layer has powerful edge servers. This layer performs more complex and critical data processing and based on the data collected from the edge gateway layer by dedicated networks, it creates directional decision instruction. The edge servers in the edge server layer should also have business application management and platform management functions.
- Analytics: case-based reasoning, machine learning algorithms, and artificial intelligence techniques give greater flexibility in data analysis and visualization capabilities that are required by different business units and operating teams; massive analytics that need more resources and time can be performed at the cloud layer.
- Cloud management: using a storage and administration service, physical or virtual segregation of the stored data according to the tenant, or enabling to track the use of the service by the tenant is possible. Moreover, several tenants can use the service. This is a perfect feature even in private cloud management services. The tenants can be different departments or working groups of a public or private organization.
- Authentication: this can be performed using authorization or a distributed transaction, according to [35].
- Knowledge base: virtual organization of agents and support decision systems based on sensor data can develop a social machine [24]. Cloud-based orchestration, which enables the provisioning, monitoring, and updating of connected technological resources, can complement this component.
- APIs: cloud services can be called through a set of applications (with standard methods, e.g., HTTP, RESTful, XML, or SOAP calls [25]). Using these applications, services can become available via a standard web browser or other HTTP client applications.
6. Application of Proposed Architecture
6.1. Major Security Threats and Attacks
7. Discussion
7.1. Major Security Threats and Attacks
8. Challenges of EC-Based IoT
9. Conclusions
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Conflicts of Interest
References
- Mell, P.; Grance, T. The Nist Definition of Cloud Computing; National Institute of Standards and Technology: Gaithersburg, MD, USA, 2011. [Google Scholar]
- Dillon, T.; Wu, C.; Chang, E. Cloud computing: Issues and challenges. In Proceedings of the 2010 24th IEEE International Conference on Advanced Information Networking and Applications (AINA), Perth, WA, Australia, 20–23 April 2010; pp. 27–33. [Google Scholar]
- Peng, M.; Zhang, K. Recent advances in fog radio access networks: Performance analysis and radio resource allocation. IEEE Access 2016, 4, 5003–5009. [Google Scholar] [CrossRef]
- Al-Fuqaha, A.; Guizani, M.; Mohammadi, M.; Aledhari, M.; Ayyash, M. Internet of things: A survey on enabling technologies, protocols, and applications. IEEE Commun. Surv. Tutor. 2015, 17, 2347–2376. [Google Scholar] [CrossRef]
- Chiang, M.; Zhang, T. Fog and IoT: An overview of research opportunities. IEEE Internet Things J. 2016, 3, 854–864. [Google Scholar] [CrossRef]
- Ganz, F.; Puschmann, D.; Barnaghi, P.; Carrez, F. A practical evaluation of information processing and abstraction techniques for the internet of things. IEEE Internet Things J. 2015, 2, 340–354. [Google Scholar] [CrossRef]
- Linthicum, D. Responsive data architecture for the Internet of Things. Computer 2016, 49, 72–75. [Google Scholar] [CrossRef]
- Lin, J.; Yu, W.; Zhang, N.; Yang, X.; Zhang, H.; Zhao, W. A survey on Internet of Things: Architecture, enabling technologies, security and privacy, and applications. IEEE Internet Things J. 2017, 4, 1125–1142. [Google Scholar] [CrossRef]
- Stankovic, J.A. Research directions for the Internet of Things. IEEE Internet Things J. 2014, 1, 3–9. [Google Scholar] [CrossRef]
- Wu, J.; Zhao, W. Design and realization of winternet: From net of things to Internet of Things. ACM Trans. Cyber-Phys. Syst. 2016, 1, 1–12. [Google Scholar] [CrossRef]
- Lin, J.; Yu, W.; Yang, X.; Yang, Q.; Fu, X.; Zhao, W. A real-time en-route route guidance decision scheme for transportation-based cyberphysical systems. IEEE Trans. Veh. Technol. 2017, 66, 2551–2566. [Google Scholar] [CrossRef]
- Yan, Y.; Qian, Y.; Sharif, H.; Tipper, D. A survey on cyber security for smart grid communications. IEEE Commun. Surv. Tutor. 2012, 14, 998–1010. [Google Scholar] [CrossRef]
- Lin, J.; Yu, W.; Yang, X. Towards multistep electricity prices in smart grid electricity markets. IEEE Trans. Parallel Distrib. Syst. 2016, 27, 286–302. [Google Scholar] [CrossRef]
- Mohamed, N.; Al-Jaroodi, J.; Jawhar, I.; Lazarova-Molnar, S.; Mahmoud, S. SmartCityWare: A service-oriented middleware for cloud and fog enabled smart city services. IEEE Access 2017, 5, 17576–17588. [Google Scholar] [CrossRef]
- Mallapuram, S.; Ngwum, N.; Yuan, F.; Lu, C.; Yu, W. Smartcity: The state of the art, datasets, and evaluation platforms. In Proceedings of the 2017 IEEE/ACIS 16th International Conference on Computer and Information Science (ICIS), Wuhan, China, 24–26 May 2017; pp. 447–452. [Google Scholar]
- Ciaetal, M.D. Usingsmartcitydatain5Gself-organizingnetworks. IEEE Internet Things J. 2017, 5, 645–654. [Google Scholar]
- Mao, Y.; You, C.; Zhang, J.; Huang, K.; Letaief, K.B. A survey on mobile edge computing: The communication perspective. IEEE Commun. Surv. Tutor. 2017, 19, 2322–2358. [Google Scholar] [CrossRef]
- Cho, K.; Park, G.; Cho, W.; Seo, J.; Han, K. Performance analysis of device discovery of bluetooth low energy (BLE) networks. Comput. Commun. 2016, 81, 72–85. [Google Scholar] [CrossRef]
- Montori, F.; Bedogni, L.; Di Felice, M.; Bononi, L. Machine-to-machine wireless communication technologies for the internet of things: Taxonomy, comparison and open issues. Pervasive Mob. Comput. 2018, 50, 56–81. [Google Scholar] [CrossRef]
- LoRa-Alliance, A Technical Overview of LoRa and Lo-RaWAN What Is It? Technical Report. Available online: https://lora-developers.semtech.com/uploads/documents/files/LoRa_and_LoRaWAN-A_Tech_Overview-Downloadable.pdf (accessed on 20 November 2018).
- García, O.; Alonso, R.S.; Prieto, J.; Corchado, J.M. Energy efficiency in public buildings through context-aware social computing. Sensors 2017, 17, 826. [Google Scholar] [CrossRef]
- Tang, J. Intelligent Mobile Projects with TensorFlow: Build 10+ Artificial Intelligence Apps Using TensorFlow Mobile and Lite for iOS, Android, and Raspberry Pi; Packt Publishing: Birmingham, UK, 2018. [Google Scholar]
- Das, A.; Patterson, S.; Wittie, M. Edgebench: Benchmarking edge computing platforms. In Proceedings of the 2018 IEEE/ACM International Conference on Utility and Cloud Computing Companion (UCC Companion), Zurich, Switzerland, 17–20 December 2018; pp. 175–180. [Google Scholar]
- González-Briones, A.; Chamoso, P.; Yoe, H.; Corchado, J.M. GreenVMAS: Virtual organization based platform for heating greenhouses using waste energy from power plants. Sensors 2018, 18, 861. [Google Scholar] [CrossRef]
- Alonso, R.S.; Tapia, D.I.; Bajo, J.; García, O.; de Paz, J.F.; Corchado, J.M. Implementing a hardware-embedded reactive agents platform based on a service-oriented architecture over heterogeneous wireless sensor networks. Ad Hoc Netw. 2013, 11, 151–166. [Google Scholar] [CrossRef]
- Khan, W.Z.; Ahmed, E.; Hakak, S.; Yaqoob, I.; Ahmed, A. Edge computing: A survey. Future Gener. Comput. Syst. 2019, 97, 219–235. [Google Scholar] [CrossRef]
- Hsu, R.; Lee, J.; Quek, T.Q.S.; Chen, J. Reconfigurable security: Edge-computing-based framework for IoT. IEEE Netw. 2018, 32, 92–99. [Google Scholar] [CrossRef]
- Sha, K.; Errabelly, R.; Wei, W.; Yang, T.A.; Wang, Z. EdgeSec: Design of an edge layer security service to enhance IoT security. In Proceedings of the 2017 IEEE 1st International Conference on Fog and Edge Computing (ICFEC), Madrid, Spain, 14–17 May 2017; pp. 81–88. [Google Scholar]
- Condry, M.W.; Nelson, C.B. Using smart edge IoT devices for safer, rapid response with industry IoT control operations. Proc. IEEE 2016, 104, 938–946. [Google Scholar] [CrossRef]
- King, J.; Awad, A.I. A distributed security mechanism for resource-constrained IoT devices. Informatica 2016, 40, 663–667. [Google Scholar]
- Yousefpour, A.; Fung, C.; Nguyen, T.; Kadiyala, K.; Jalali, F.; Niakanlahiji, A.; Kong, J.; Jue, J.P. All one needs to know about fog computing and related edge computing paradigms: A complete survey. J. Syst. Archit. 2019, 98, 289–330. [Google Scholar] [CrossRef]
- Roman, R.; Lopez, J.; Mambo, M. Mobile edge computing, Fog et al.: A survey and analysis of security threats and challenges. Future Gener. Comput. Syst. 2018, 78, 680–698. [Google Scholar] [CrossRef]
- Alwarafy, A.; Al-Thelaya, K.A.; Abdallah, M.; Schneider, J.; Hamdi, M. A survey on security and privacy issues in edge-computing-assisted Internet of Things. IEEE Internet Things J. 2020, 8, 4004–4022. [Google Scholar] [CrossRef]
- Qiu, T.; Chi, J.; Zhou, X.; Ning, Z.; Atiquzzaman, M.; Wu, D.O. Edge computing in industrial internet of things: Architecture, advances and challenges. IEEE Commun. Surv. Tutor. 2020, 22, 2462–2488. [Google Scholar] [CrossRef]
- Sittón-Candanedo, I.; Alonso, R.S.; Corchado, J.M.; Rodríguez-González, S.; Casado-Vara, R. A review of edge computing reference architectures and a new global edge proposal. Future Gener. Comput. Syst. 2019, 99, 278–294. [Google Scholar] [CrossRef]
- Vaquero, L.M.; Rodero-Merino, L.; Caceres, J.; Lindner, M. A break in the clouds: Towards a cloud definition. ACM Sigcomm Comput. Commun. Rev. 2008, 39, 50–55. [Google Scholar] [CrossRef]
- OpenFogConsortium, Openfog Reference Architecture for Fog Computing. Available online: https://www.openfogconsortium.org/ra/ (accessed on 15 February 2017).
- Bonomi, F.; Milito, R.; Zhu, J.; Addepalli, S. Fog computing and its role in the internet of things. In Proceedings of the First Edition of the MCC Workshop on Mobile Cloud Computing; ACM: New York, NY, USA, 2012; pp. 13–16. [Google Scholar]
- Satyanarayanan, M. Fundamental challenges in mobile computing. In Proceedings of the Fifteenth Annual ACM Symposium on Principles of Distributed Computing; ACM: New York, NY, USA, 1996; pp. 1–7. [Google Scholar]
- Dinh, H.T.; Lee, C.; Niyato, D.; Wang, P. A survey of mobile cloud computing: Architecture, applications, and approaches. Wirel. Commun. Mob. Comput. 2013, 13, 1587–1611. [Google Scholar] [CrossRef]
- OpenEdgeConsortium, About—The Who, What, and How. Technical Report, OpenEdge Computing. Available online: http://openedgecomputing.org/about.html (accessed on 15 February 2022).
- Reale, A. A Guide to Edge IoT Analytics. Blog, International Business Machines. 2017. Available online: https://www.ibm.com/blogs/internet-of-things/edge-iot-analytics (accessed on 23 February 2017).
- Mach, P.; Becvar, Z. Mobile edge computing: A survey on architecture and computation offloading. IEEE Commun. Surv. Tutor. 2017, 19, 1628–1656. [Google Scholar] [CrossRef]
- Garcia Lopez, P.; Montresor, A.; Epema, D.; Datta, A.; Higashino, T.; Iamnitchi, A.; Barcellos, M.; Felber, P.; Riviere, E. Edge-centric computing: Vision and challenges. ACM SIGCOMM Comput. Commun. Rev. 2015, 45, 37–42. [Google Scholar] [CrossRef]
- What Is Edge Computing? Blog, General Electric. Available online: https://www.ge.com/digital/blog/what-edge-computing (accessed on 15 February 2022).
- Satyanarayanan, M.; Bahl, P.; Caceres, R.; Davies, N. The case for vm-based cloudlets in mobile computing. IEEE Pervasive Comput. 2009, 8, 14–23. [Google Scholar] [CrossRef]
- Bahl, V. The Emergence of Micro Datacenters (Cloudlets) for Mobile Computing. 2015. Available online: https://pdfs.semanticscholar.org/e393/e4f5ffa0fa23a6ea8686c7461463a6bb31b8.pdf (accessed on 13 May 2015).
- Hao, P.; Bai, Y.; Zhang, X.; Zhang, Y. Edgecourier: An edge-hosted personal service for low-bandwidth document synchronization in mobile cloud storage services. In Proceedings of the Second ACM/IEEE Symposium on Edge Computing; ACM: New York, NY, USA, 2017; pp. 1–14. [Google Scholar]
- Cui, Y.; Song, J.; Ren, K.; Li, M.; Li, Z.; Ren, Q.; Zhang, Y. Software defined cooperative offloading for mobile cloudlets. IEEE/ACM Trans. Netw. 2017, 25, 1746–1760. [Google Scholar] [CrossRef]
- Drolia, U.; Martins, R.; Tan, J.; Chheda, A.; Sanghavi, M.; Gandhi, R.; Narasimhan, P. The case for mobile edge-clouds. In Proceedings of the 2013 IEEE 10th International Conference on Ubiquitous Intelligence and Computing and 2013 IEEE 10th International Conference on Autonomic and Trusted Computing, Vietri sul Mare, Italy, 18–21 December 2013; pp. 209–215. [Google Scholar]
- Shi, C.; Lakafosis, V.; Ammar, M.H.; Zegura, E.W. Serendipity: Enabling remote computing among intermittently connected mobile devices. In Proceedings of the thirteenth ACM international symposium on Mobile Ad Hoc Networking and Computing, Hilton Head Island, SC, USA, 11–14 June 2012; pp. 145–154. [Google Scholar]
- Mtibaa, A.; Fahim, A.; Harras, K.A.; Ammar, M.H. Towards resource sharing in mobile device clouds: Power balancing across mobile devices. ACM SIGCOMM Comput. Commun. Rev. 2013, 43, 51–56. [Google Scholar] [CrossRef]
- Mtibaa, A.; Harras, K.A.; Fahim, A. Towards computational offloading in mobile device clouds. In Proceedings of the 2013 IEEE 5th International Conference on Cloud Computing Technology and Science, Bristol, UK, 2–5 December 2013; pp. 331–338. [Google Scholar]
- Nishio, T.; Shinkuma, R.; Takahashi, T.; Mandayam, N.B. Service-oriented heterogeneous resource sharing for optimizing service latency in mobile cloud. In Proceedings of the First International Workshop on Mobile Cloud Computing & Networking, Bengaluru, India, 29 July 2013; pp. 19–26. [Google Scholar]
- Habak, K.; Ammar, M.; Harras, K.A.; Zegura, E. Femto clouds: Leveraging mobile devices to provide cloud service at the edge. In Proceedings of the 2015 IEEE 8th international conference on cloud computing, New York, NY, USA, 27 June–2 July 2015; pp. 9–16. [Google Scholar]
- Liu, F.; Shu, P.; Jin, H.; Ding, L.; Yu, J.; Niu, D.; Li, B. Gearing resource-poor mobile devices with powerful clouds: Architectures, challenges, and applications. IEEE Wirel. Commun. 2013, 20, 14–22. [Google Scholar]
- Yaqoob, I.; Ahmed, E.; Gani, A.; Mokhtar, S.; Imran, M.; Guizani, S. Mobile ad hoc cloud: A survey. Wirel. Commun. Mob. Comput. 2016, 16, 2572–2589. [Google Scholar] [CrossRef]
- Ragona, C.; Granelli, F.; Fiandrino, C.; Kliazovich, D.; Bouvry, P. Energy-efficient computation offloading for wearable devices and smartphones in mobile cloud computing. In Proceedings of the 2015 IEEE Global Communications Conference (GLOBECOM), San Diego, CA, USA, 6–10 December 2015; pp. 1–6. [Google Scholar]
- Zhang, W.; Wen, Y.; Wu, J.; Li, H. Toward a unified elastic computing platform for smartphones with cloud support. IEEE Netw. 2013, 27, 34–40. [Google Scholar] [CrossRef]
- Hubaux, J.-P.; Gross, T.; Le Boudec, J.-Y.; Vetterli, M. Toward self-organized mobile ad hoc networks: The terminodes project. IEEE Commun. Mag. 2001, 39, 118–124. [Google Scholar] [CrossRef]
- Li, Y.; Wang, W. Can mobile cloudlets support mobile applications? In Proceedings of the IEEE INFOCOM 2014-IEEE Conference on Computer Communications, Toronto, ON, Canada, 27 April–2 May 2014; pp. 1060–1068. [Google Scholar]
- Tseng, Y.C.; Ni, S.Y.; Chen, Y.S.; Sheu, J.P. The broadcast storm problem in a mobile ad hoc network. Wirel. Netw. 2002, 8, 153–167. [Google Scholar] [CrossRef]
- Chiang, M.; Ha, S.; Chih-Lin, I.; Risso, F.; Zhang, T. Clarifying fog computing and networking: 10 questions and answers. IEEE Commun. Mag. 2017, 55, 18–20. [Google Scholar] [CrossRef]
- Available online: https://www.cisco.com/c/en/us/solutions/computing/what-is-edge-computing.html#~types-of-edge-computing (accessed on 15 February 2022).
- Acharya, J.; Gaur, S. Edge compression of gps data for mobile iot. In Proceedings of the 2017 IEEE Fog World Congress (FWC), Santa Clara, CA, USA, 30 October–1 November 2017; pp. 1–6. [Google Scholar]
- Zhang, T. Fog Computing Brings New Business Opportunities and Disruptions. IoT-Agenda/Fog-computing-brings-new-business-opportunities-and-disruptions, Blog, TechTarget. Available online: http://internetofthingsagenda.techtarget.com/blog/ (accessed on 15 February 2022).
- Jalali, F.; Hinton, K.; Ayre, R.; Alpcan, T.; Tucker, R.S. Fog computing may help to save energy in cloud computing. IEEE J. Sel. Areas Commun. 2016, 34, 1728–1739. [Google Scholar] [CrossRef]
- Huerta-Canepa, G.; Lee, D. A virtual cloud computing provider for mobile devices. In Proceedings of the 1st ACM Workshop on Mobile Cloud Computing & Services: Social Networks and Beyond; ACM: New York, NY, USA, 2010; pp. 1–5. [Google Scholar]
- Jararweh, Y.; Tawalbeh, L.; Ababneh, F.; Dosari, F. Resource efficient mobile computing using cloudlet infrastructure. In Proceedings of the 2013 IEEE Ninth International Conference on Mobile Ad-hoc and Sensor Networks (MSN), Dalian, China, 11–13 December 2013; pp. 373–377. [Google Scholar]
- Checko, A.; Christiansen, H.L.; Yan, Y.; Scolari, L.; Kardaras, G.; Berger, M.S.; Dittmann, L. Cloud ran for mobile networks technology overview. IEEE Commun. Surv. Tutor. 2015, 17, 405–426. [Google Scholar] [CrossRef]
- Kliazovich, D.; Granelli, F. Distributed protocol stacks: A framework for balancing interoperability and optimization. In Proceedings of the ICC Workshops-2008 IEEE International Conference on Communications Workshops, Beijing, China, 19–23 July 2008; pp. 241–245. [Google Scholar]
- Cheng, J.; Shi, Y.; Bai, B.; Chen, W. Computation offloading in cloud-RAN based mobile cloud computing system. In Proceedings of the 2016 IEEE International Conference on Communications (ICC), Kuala Lumpur, Malaysia, 22–27 May 2016; pp. 1–6. [Google Scholar]
- Hung, S.C.; Hsu, H.; Lien, S.Y.; Chen, K.C. Architecture harmonization between cloud radio access networks and fog networks. IEEE Access 2015, 3, 3019–3034. [Google Scholar] [CrossRef]
- Peng, M.; Yan, S.; Zhang, K.; Wang, C. Fog-computing-based radio access networks: Issues and challenges. IEEE Netw. 2016, 30, 46–53. [Google Scholar] [CrossRef]
- Hu, Y.C.; Patel, M.; Sabella, D.; Sprecher, N.; Young, V. Mobile edge computing–a key technology towards 5G. ETSI White Pap. 2015, 11, 1–16. [Google Scholar]
- Giust, F.; Verin, G.; Antevski, K.; Joey, C.; Fang, Y.; Featherstone, W.; Fontes, F.; Frydman, D.; Li, A.; Manzalini, A.; et al. MEC deployments in 4G and evolution towards 5G. ETSI White Pap. 2018, 24, 1–24. [Google Scholar]
- Kadiyala, K.P.; Cobb, J.A. Inter-as traffic engineering with SDN. In Proceedings of the 2017 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN), Berlin, Germany, 6–8 November 2017; pp. 1–7. [Google Scholar]
- Mirkhanzadeh, B.; Shakeri, A.; Shao, C.; Razo, M.; Tacca, M.; Galimberti, G.M.; Martinelli, G.; Cardani, M.; Fumagalli, A. An SDN-enabled multi-layer protection and restoration mechanism. Opt. Switch. Netw. 2018, 30, 23–32. [Google Scholar] [CrossRef]
- Davies, A. Cisco Pushes IoT Analytics to the Extreme Edge with Mist Computing. Blog, Rethink Research. Available online: http://rethinkresearch.biz/articles/cisco-pushes-iot-analytics-extreme-edge-mist-computing-2 (accessed on 19 December 2014).
- Preden, J.S.; Tammemäe, K.; Jantsch, A.; Leier, M.; Riid, A.; Calis, E. The benefits of self-awareness and attention in fog and mist computing. Computer 2015, 48, 37–45. [Google Scholar] [CrossRef]
- Silva, P.M.P.; Rodrigues, J.; Silva, J.; Martins, R.; Lopes, L.; Silva, F. Using edge-clouds to reduce load on traditional wifi infrastructures and improve quality of experience. In Proceedings of the 2017 IEEE 1st International Conference on Fog and Edge Computing (ICFEC), Madrid, Spain, 14–15 May 2017; pp. 61–67. [Google Scholar]
- Salem, A.; Nadeem, T. Lamen: Leveraging resources on anonymous mobile edge nodes. In Proceedings of the Eighth Wireless of the Students, by the Students, and for the Students Workshop; ACM: New York, NY, USA, 2016; pp. 15–17. [Google Scholar]
- Morabito, R. Virtualization on internet of things edge devices with container technologies: A performance evaluation. IEEE Access 2017, 5, 8835–8850. [Google Scholar] [CrossRef]
- Abdelwahab, S.; Hamdaoui, B.; Guizani, M.; Znati, T. Cloud of things for sensing-as-a-service: Architecture, algorithms, and use case. IEEE Internet Things J. 2016, 3, 1099–1112. [Google Scholar] [CrossRef]
- Jang, M.; Schwan, K.; Bhardwaj, K.; Gavrilovska, A.; Avasthi, A. Personal clouds: Sharing and integrating networked resources to enhance end user experiences. In Proceedings of the IEEE INFOCOM 2014-IEEE Conference on Computer Communications, Toronto, Canada, 27 April–2 May 2014; pp. 2220–2228. [Google Scholar]
- Sathiaseelan, A.; Lertsinsrubtavee, A.; Jagan, A.; Baskaran, P.; Crowcroft, J. Cloudrone: Micro clouds in the sky. In Proceedings of the 2nd Workshop on Micro Aerial Vehicle Networks, Systems, and Applications for Civilian Use; ACM: New York, NY, USA, 2016; pp. 41–44. [Google Scholar]
- Habak, K.; Zegura, E.W.; Ammar, M.; Harras, K.A. Workload management for dynamic mobile device clusters in edge femtoclouds. In Proceedings of the Second ACM/IEEE Symposium on Edge Computing; ACM: New York, NY, USA, 2017; pp. 1–14. [Google Scholar]
- Chang, H.; Hari, A.; Mukherjee, S.; Lakshman, T. Bringing the cloud to the edge. In Proceedings of the 2014 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), Toronto, Canada, 27 April–2 May 2014; pp. 346–351. [Google Scholar]
- Bhardwaj, K.; Shih, M.-W.; Agarwal, P.; Gavrilovska, A.; Kim, T.; Schwan, K. Fast, scalable and secure onloading of edge functions using airbox. In Proceedings of the 2016 IEEE/ACM Symposium on Edge Computing (SEC), Washington, DC, USA, 27–28 October 2016; pp. 14–27. [Google Scholar]
- Villari, M.; Fazio, M.; Dustdar, S.; Rana, O.; Ranjan, R. Osmotic computing: A new paradigm for edge/cloud integration. IEEE Cloud Comput. 2016, 3, 76–83. [Google Scholar] [CrossRef]
- Morshed, A.; Jayaraman, P.P.; Sellis, T.; Georgakopoulos, D.; Villari, M.; Ranjan, R. Deep osmosis: Holistic distributed deep learning in osmotic computing. IEEE Cloud Comput. 2018, 4, 22–32. [Google Scholar] [CrossRef]
- Mosenia, A.; Jha, N.K. A comprehensive study of security of Internet-of-Things. IEEE Trans. Emerg. Top. Comput. 2017, 5, 586–602. [Google Scholar] [CrossRef]
- Yi, S.; Qin, Z.; Li, Q. Security and privacy issues of fog computing: A survey. In Proceedings of the International Conference on Wireless Algorithms, Systems, and Applications, Qufu, China, 10–12 August 2015; pp. 685–695. [Google Scholar]
- Walters, J.P.; Liang, Z.; Shi, W.; Chaudhary, V. Wireless sensor network security: A survey. Secur. Distrib. Grid Mob. Pervasive Comput. 2007, 1, 367–409. [Google Scholar]
- Xie, H.; Yan, Z.; Yao, Z.; Atiquzzaman, M. Data collection for security measurement in wireless sensor networks: A survey. IEEE Internet Things J. 2018, 6, 2205–2224. [Google Scholar] [CrossRef]
- Keerthika, M.; Shanmugapriya, D. Wireless sensor networks: Active and passive attacks-vulnerabilities and countermeasures. Glob. Transit. Proc. 2021, 2, 362–367. [Google Scholar] [CrossRef]
- Butun, I.; Österberg, P.; Song, H. Security of the Internet of Things: Vulnerabilities, attacks, and countermeasures. IEEE Commun. Surv. Tutor. 2019, 22, 616–644. [Google Scholar] [CrossRef]
- Lu, Y.; Xu, L.D. Internet of Things (IoT) cybersecurity research: A review of current research topics. IEEE Internet Things J. 2019, 6, 2103–2115. [Google Scholar] [CrossRef]
- Ni, J.; Lin, X.; Shen, X.S. Toward edge-assisted Internet of Things: From security and efficiency perspectives. IEEE Netw. 2019, 33, 50–57. [Google Scholar] [CrossRef]
- Porambage, P.; Okwuibe, J.; Liyanage, M.; Ylianttila, M.; Taleb, T. Survey on multi-access edge computing for Internet of Things realization. IEEE Commun. Surv. Tuts. 2018, 20, 2961–2991. [Google Scholar] [CrossRef]
- Xiao, Y.; Jia, Y.; Liu, C.; Cheng, X.; Yu, J.; Lv, W. Edge computing security: State of the art and challenges. Proc. IEEE 2019, 107, 1608–1631. [Google Scholar] [CrossRef]
- 100 mb Password Dictionary. 2017. Available online: https://github.com/danielmiessler/SecLists/tree/master/Passwords (accessed on 15 February 2022).
- Hammer-Lahav, E.; Recordon, D.; Hardt, D. The OAuth 1.0 Protocol. In Document RFC 5849; IETF: Fremont, CA, USA, 2010. [Google Scholar]
- Hardt, D. The OAuth 2.0 Authorization Framework. In Document RFC 6749; IETF: Fremont, CA, USA, 2012. [Google Scholar]
- Liu, D.; Yan, Z.; Ding, W.; Atiquzzaman, M. A survey on secure data analytics in edge computing. IEEE Internet Things J. 2019, 6, 4946–4967. [Google Scholar] [CrossRef]
- Kolias, C.; Kambourakis, G.; Stavrou, A.; Voas, J. DDoS in the IoT: Mirai and other botnets. Computer 2017, 50, 80–84. [Google Scholar] [CrossRef]
- Yang, Y.; Wu, L.; Yin, G.; Li, L.; Zhao, H. A survey on security and privacy issues in Internet-of-Things. IEEE Internet Things J. 2017, 4, 1250–1258. [Google Scholar] [CrossRef]
- Zhang, J.; Chen, B.; Zhao, Y.; Cheng, X.; Hu, F. Data security and privacy-preserving in edge computing paradigm: Survey and open issues. IEEE Access 2018, 6, 18209–18237. [Google Scholar] [CrossRef]
- He, D.; Chan, S.; Guizani, M. Security in the Internet of Things supported by mobile edge computing. IEEE Commun. Mag. 2018, 56, 56–61. [Google Scholar] [CrossRef]
- Omoniwa, B.; Hussain, R.; Javed, M.A.; Bouk, S.H.; Malik, S.A. Fog/edge computing-based IoT (FECIoT): Architecture, applications, and research issues. IEEE Internet Things J. 2019, 6, 4118–4149. [Google Scholar] [CrossRef]
- Mukherjee, M.; Matam, R.; Shu, L.; Maglaras, L.; Ferrag, M.A.; Choudhury, N.; Kumar, V. Security and privacy in fog computing: Challenges. IEEE Access 2017, 5, 19293–19304. [Google Scholar] [CrossRef]
- Karakehayov, Z. Using REWARD to detect team black-hole attacks in wireless sensor networks. Proc. Workshop Real-World Wirel. Sens. Netw. 2005, 20, 20–21. [Google Scholar]
- Revathi, B.; Geetha, D. A survey of cooperative black and gray hole attack in MANET. Int. J. Comput. Sci. Manage. Res. 2012, 1, 205–208. [Google Scholar]
- Garcia-Morchon, O.; Kumar, S.; Struik, R.; Keoh, S.; Hummen, R. Security Considerations in the IP-Based Internet of Things. Available online: https://tools.ietf.org/html/draft-garcia-core-security-04 (accessed on 1 February 2016).
- Wallgren, L.; Raza, S.; Voigt, T. Routing attacks and countermeasures in the RPL-based Internet of Things. Int. J. Distrib. Sens. Netw. 2013, 9, 794326. [Google Scholar] [CrossRef]
- Singh, P.V.; Jain, S.; Singhai, J. Hello flood attack and its countermeasures in wireless sensor networks. Int. J. Comput. Sci. 2010, 7, 23. [Google Scholar]
- Douceur, J.R. The Sybil attack. In Peer-to-Peer Systems; Springer: London, UK, 2002; pp. 251–260. [Google Scholar]
- Chen, S.; Jiang, Y.; Wen, H.; Liu, W.; Chen, J.; Lei, W.; Xu, A. A novel terminal security access method based on edge computing for IoT. In Proceedings of the 2018 International Conference on Networking and Network Applications (NaNA), Xi’an, China, 15 October 2018; pp. 394–398. [Google Scholar]
- Hong, K.; Lillethun, D.; Ramachandran, U.; Ottenwälder, B.; Koldehofe, B. Mobile fog: A programming model for large-scale applications on the Internet of Things. In Proceedings of the second ACM SIGCOMM workshop on Mobile cloud computing, Hong Kong, China, 16 August 2013; pp. 15–20. [Google Scholar]
- Cisco Press, Developing Network Security Strategies. 2010. Available online: https://www.ciscopress.com/articles/article.asp?p=1626588&seqNum=2 (accessed on 4 October 2010).
- Yu, W.; Liang, F.; He, X.; Hatcher, W.G.; Lu, C.; Lin, J.; Yang, X. A survey on the edge computing for the Internet of Things. IEEE Access 2018, 6, 6900–6919. [Google Scholar] [CrossRef]
- Wang, T.; Zhang, G.; Liu, A.; Bhuiyan, M.Z.A.; Jin, Q. A secure IoT service architecture with an efficient balance dynamics based on cloud and edge computing. IEEE Internet Things J. 2019, 6, 4831–4843. [Google Scholar] [CrossRef]
- Lin, F.; Zhou, Y.; An, X.; You, I.; Choo, K.R. Fair resource allocation in an intrusion-detection system for edge computing: Ensuring the security of Internet of Things devices. IEEE Consum. Electron. Mag. 2018, 7, 45–50. [Google Scholar] [CrossRef]
- Chekired, D.A.; Khoukhi, L.; Mouftah, H.T. Fog-based distributed intrusion detection system against false metering attacks in smart grid. In Proceedings of the ICC 2019–2019 IEEE International Conference on Communications (ICC), Shanghai, China, 20–24 May 2019; pp. 1–6. [Google Scholar]
- Singh, T.; Aksanli, B. Real-time traffic monitoring and SQL injection attack detection for edge networks. In Proceedings of the 15th ACM International Symposium on QoS and Security for Wireless and Mobile Networks, Miami Beach, FL, USA, 25 November 2019; pp. 29–36. [Google Scholar]
- Esiner, E.; Datta, A. Layered security for storage at the edge: On decentralized multi-factor access control. In Proceedings of the 17th International Conference on Distributed Computing and Networking, Singapore, 4–7 January 2016; p. 9. [Google Scholar]
- Cui, H.; Yi, X.; Nepal, S. Achieving scalable access control over encrypted data for edge computing networks. IEEE Access 2018, 6, 30049–30059. [Google Scholar] [CrossRef]
- Liang, K.; Au, M.H.; Liu, J.K.; Susilo, W.; Wong, D.S.; Yang, G.; Yu, Y.; Yang, A. A secure and efficient cipher text-policy attribute-based proxy re-encryption for cloud data sharing. Future Gener. Comput. Syst. 2015, 52, 95–108. [Google Scholar] [CrossRef]
- Mollah, M.B.; Azad, M.A.K.; Vasilakos, A. Secure data sharing and searching at the edge of cloud-assisted Internet of Things. IEEE Cloud Comput. 2017, 4, 34–42. [Google Scholar] [CrossRef]
- Siegel, J.E.; Kumar, S.; Sarma, S.E. The future Internet of Things: Secure, efficient, and model-based. IEEE Internet Things J. 2018, 5, 2386–2398. [Google Scholar] [CrossRef]
- Ibrahim, M.H. Octopus: An edge-fog mutual authentication scheme. Int. J. Netw. Secur. 2016, 18, 1089–1101. [Google Scholar]
- Mouratidis, H.; Giorgini, P. Security attack testing (SAT): Testing the security of information systems at design time. Inf. Syst. 2007, 32, 1166–1183. [Google Scholar] [CrossRef]
- Du, M.; Wang, K.; Chen, Y.; Wang, X.; Sun, Y. Big data privacy preserving in multi-access edge computing for heterogeneous Internet of Things. IEEE Commun. Mag. 2018, 56, 62–67. [Google Scholar] [CrossRef]
- Wei, W.; Xu, F.; Li, Q. Mobishare: Flexible privacy-preserving location sharing in mobile online social networks. In Proceedings of the 2012 IEEE INFOCOM, Orlando, FL, USA, 25–30 March 2012; pp. 2616–2620. [Google Scholar]
- Jan, M.A.; Zhang, W.; Usman, M.; Tan, Z.; Khan, F.; Luo, E. Smartedge: An end-to-end encryption framework for an edge-enabled smart city application. J. Netw. Comput. Appl. 2019, 137, 1–10. [Google Scholar] [CrossRef]
- Xu, R.; Chen, Y.; Blasch, E.; Chen, G. BlendCAC: A blockchain-enabled decentralized capability-based access control for IoTs. In Proceedings of the 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), Halifax, NS, Canada, 30 July–3 August 2018; pp. 1027–1034. [Google Scholar]
- Kang, J.; Yu, R.; Huang, X.; Wu, M.; Maharjan, S.; Xie, S.; Zhang, Y. Blockchain for secure and efficient data sharing in vehicular edge computing and networks. IEEE Internet Things J. 2019, 6, 4660–4670. [Google Scholar] [CrossRef]
- Gai, K.; Wu, Y.; Zhu, L.; Xu, L.; Zhang, Y. Permissioned blockchain and edge computing empowered privacy-preserving smart grid networks. IEEE Internet Things J. 2019, 6, 7992–8004. [Google Scholar] [CrossRef]
- Ali, A.; Shah, G.A.; Farooq, M.O.; Ghani, U. Technologies and challenges in developing machine-to-machine applications: A survey. J. Netw. Comput. Appl. 2017, 83, 124–139. [Google Scholar] [CrossRef]
- Muller, N.J. Networking A to Z; McGraw-Hill Professional Publishing: New York, NY, USA, 2002; pp. 45–47. [Google Scholar]
- Roberts, C.M. Radio frequency identification (RFID). Comput. Secur. 2006, 25, 18–26. [Google Scholar] [CrossRef]
- Chen, M.; Miao, Y.; Hao, Y.; Hwang, K. NarrowBand Internet of Things (NB-IoT). IEEE Access 2017, 5, 20557–20577. [Google Scholar] [CrossRef]
- Grant, S. 3GPP Low Power Wide Area Technologies-GSMA (White Paper); GSM Association: London, UK, 2016; p. 49. [Google Scholar]
- Standardization of NB-IOT Completed. 3GPP: 2016, p. 1. Available online: https://www.3gpp.org/news-events/1785-nb_iot_complete (accessed on 22 June 2016).
- Huurdeman, A.A. The Worldwide History of Telecommunications; John Wiley & Sons: Hoboken, NJ, USA, 2003; p. 529. [Google Scholar]
- Gohil, A.; Modi, H.; Patel, S.K. 5G technology of mobile communication: A survey. In Proceedings of the 2013 International Conference on Intelligent Systems and Signal Processing (ISSP), Vallabh Vidyanagar, India, 1–2 March 2013; pp. 288–292. [Google Scholar]
- Hoffman, C. What is 5G, and how fast will it be? In How-To Geek Website, How-To Geek LLC. 2019. Available online: https://www.howtogeek.com/340002/what-is-5g-and-how-fast-will-it-be/ (accessed on 15 February 2022).
- Postcapes, IoT Standards & Protocols Guide—2019 Comparisons on Network, Wireless Comms, Security, Industrial. 2019. Available online: https://www.postscapes.com/internet-of-things-protocols/ (accessed on 20 January 2019).
- Benefits of Mobile Ticketing in Public Transport. 2019. Available online: https://www.discoverpassenger.com/2017/01/23/benefits-of-mobile-ticketing/ (accessed on 23 January 2017).
- Juntunen, A.; Luukkainen, S.; Tuunainen, V.K. Deploying NFC technology for mobile ticketing services—Identifcation of critical business model issues. In Proceedings of the 2010 Ninth International Conference on Mobile Business and 2010 Ninth Global Mobility Roundtable (ICMB-GMR), Athens, Greece, 17–19 June 2010; pp. 82–90. [Google Scholar]
- Ghanem, B.; Schneider, J.; Shalaby, M.; Elnily, U. System and Method for Crowd Counting and Tracking. U.S. Patent 9,361,524, 7 June 2016. [Google Scholar]
- Choudhury, T.; Borriello, G.; Consolvo, S.; Haehnel, D.; Harrison, B.; Hemingway, B.; Hightower, J.; Pedja, P.; Koscher, K.; LaMarca, A.; et al. The mobile sensing platform: An embedded activity recognition system. IEEE Pervasive Comput. 2008, 7, 32–41. [Google Scholar] [CrossRef]
- Lester, J.; Choudhury, T.; Borriello, G. A practical approach to recognizing physical activities. In International Conference on Pervasive Computing; Springer: Berlin/Heidelberg, Germany, 2006; Volume 3968, pp. 1–16. [Google Scholar]
- Coskun, D.; Incel, O.D.; Ozgovde, A. Phone position/placement detection using accelerometer: Impact on activity recognition. In Proceedings of the 2015 IEEE Tenth International Conference on Intelligent Sensors, Sensor Networks and Information Processing (ISSNIP), Singapore, 7–9 April 2015; pp. 1–6. [Google Scholar]
- Fang, S.H.; Fei, Y.X.; Xu, Z.; Tsao, Y. Learning transportation modes from smartphone sensors based on deep neural network. IEEE Sens. J. 2017, 17, 6111–6118. [Google Scholar] [CrossRef]
- Hemminki, S.; Nurmi, P.; Tarkoma, S. Accelerometer-based transportation mode detection on smartphones. In Proceedings of the 11th ACM Conference on Embedded Networked Sensor Systems—SenSys’13, Roma, Italy, 11–15 November 2013; ACM Press: New York, NY, USA, 2013; pp. 1–14. [Google Scholar]
- Stenneth, L.; Wolfson, O.; Yu, P.S.; Xu, B. Transportation mode detection using mobile phones and GIS information. In Proceedings of the 19th ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems—GIS ’11, Chicago, IL, USA, 1–4 November 2011; ACM Press: New York, NY, USA, 2011; pp. 54–63. [Google Scholar]
- Ho, B.J.; Martin, P.; Swaminathan, P.; Srivastava, M. From pressure to path: Barometer-based vehicle tracking. In Proceedings of the 2nd ACM International Conference on Embedded Systems for Energy-Efficient Built Environments—BuildSys ’15, Seoul, Korea, 4–5 November 2015; ACM Press: New York, NY, USA, 2015; pp. 65–74. [Google Scholar]
- Nawaz, S.; Mascolo, C. Mining users’ significant driving routes with low-power sensors. In Proceedings of the 12th ACM Conference on Embedded Network Sensor Systems—SenSys ’14, Memphis, TEN, USA, 3–6 November 2014; ACM Press: New York, NY, USA, 2014; pp. 236–250. [Google Scholar]
- Sankaran, K.; Zhu, M.; Guo, X.F.; Ananda, A.L.; Chan, M.C.; Peh, L.S. Using mobile phone barometer for low-power transportation context detection. In Proceedings of the 12th ACM Conference on Embedded Network Sensor Systems—SenSys ’14, Memphis, TEN, USA, 3–6 November 2014; ACM Press: New York, NY, USA, 2014; pp. 191–205. [Google Scholar]
- Vanini, S.; Faraci, F.; Ferrari, A.; Giordano, S. Using barometric pressure data to recognize vertical displacement activities on smartphones. Comput. Commun. 2016, 87, 37–48. [Google Scholar] [CrossRef]
- Won, M.; Mishra, A.; Son, S.H. Hybridbaro: Mining driving routes using barometer sensor of smartphone. IEEE Sens. J. 2017, 17, 6397–6408. [Google Scholar] [CrossRef]
- Won, M.; Zhang, S.; Chekuri, A.; Son, S.H. Enabling energy-efficient driving route detection using built-in smartphone barometer sensor. In Proceedings of the 2016 IEEE 19th International Conference on Intelligent Transportation Systems (ITSC), Rio de Janeiro, Brazil, 1–4 November 2016; pp. 2378–2385. [Google Scholar]
- Gunady, S.; Keoh, S.L. A non-GPS Based location tracking of public buses using bluetooth proximity beacons. In Proceedings of the 2019 IEEE 5th World Forum on Internet of Things (WF-IoT), Limerick, Ireland, 15–18 April 2019; pp. 606–611. [Google Scholar]
- Narzt, W.; Mayerhofer, S.; Weichselbaum, O.; Haselböck, S.; Höfler, N. Bluetooth low energy as enabling technology for Be-In/Be-Out systems. In Proceedings of the 2016 13th IEEE Annual Consumer Communications Networking Conference (CCNC), Las Vegas, NV, USA, 9–12 January 2016; pp. 423–428. [Google Scholar]
- Sarkar, C.; Treurniet, J.J.; Narayana, S.; Prasad, R.V.; de Boer, W. SEAT: Secure energy-efficient automated public transport ticketing system. IEEE Trans. Green Commun. Netw. 2018, 2, 222–233. [Google Scholar] [CrossRef]
- Tuveri, G.; Garau, M.; Sottile, E.; Pintor, L.; Gravellu, M.; Atzori, L.; Meloni, I. Automating ticket validation: A key strategy for fare clearing and service planning. In Proceedings of the 2019 6th International Conference on Models and Technologies for Intelligent Transportation Systems (MT-ITS), Kraków, Poland, 5–7 June 2019; pp. 1–10. [Google Scholar]
- Wieczorek, B.; Poniszewska-Maranńda, A. Be in/Be out model for intelligent transport in SmartCity approach. In Proceedings of the 17th International Conference on Advances in Mobile Computing & Multimedia (MoMM2019); Association for Computing Machinery: New York, NY, USA, 2019; pp. 226–230. [Google Scholar]
- Jain, V.; Khurana, Y.; Kharbanda, M.; Mehta, K. Be a ticket-beacon based ticketing system. Recent Pat. Comput. Sci. 2019, 12, 611–619. [Google Scholar]
- Yu, M.C.; Yu, T.; Wang, S.C.; Lin, C.J.; Chang, E.Y. Big data small footprint: The design of a low-power classifier for detecting transportation modes. Proc. VLDB Endow. 2014, 7, 1429–1440. [Google Scholar] [CrossRef]
- Hoseini-Tabatabaei, S.A.; Gluhak, A.; Tafazolli, R. A survey on smartphone-based systems for opportunistic user context recognition. ACM Compuing Surv. CSUR 2013, 45, 1–51. [Google Scholar] [CrossRef]
- Alam, T. Middleware implementation in cloud-MANET mobility model for internet of smart devices. Arxiv Prepr. 2019, arXiv:1902.09744. [Google Scholar] [CrossRef]
- Alam, T.; Benaida, M. CICS: Cloud–internet communication security framework for the internet of smart devices. Int. J. Interact. Mob. Technol. Ijim 2018, 12. [Google Scholar] [CrossRef]
- Ronen, E.; Flynn, C.O.; Shamir, A.; Weingarten, A.O. IoT Goes nuclear: Creating a ZigBee chain reaction. In Proceedings of the 2017 IEEE Symposium on Security and Privacy (SP), San Jose, CA, USA, 22–24 May 2017; pp. 195–212. [Google Scholar]
- Kifer, D.; Machanavajjhala, A. No free lunch in data privacy. In Proceedings of the 2011 ACM SIGMOD International Conference on Management of Data; ACM: New York, NY, USA, 2011; pp. 193–204. [Google Scholar]
- Haeberlen, A.; Pierce, B.C.; Narayan, A. Differential privacy under fire. In Proceedings of the 20th USENIX Security Symposium (USENIX Security 11), San Francisco, CA, USA, 8–12 August 2011; USENIX Association: Berkeley, CA, USA, 2011; p. 33. [Google Scholar]
- Lee, S.; Shih, M.W.; Gera, P.; Kim, T.; Kim, H.; Peinado, M. Inferring fine-grained control flow inside SGX enclaves with branch shadowing. In Proceedings of the 26th USENIX Security Symposium (USENIX Security 17), Vancouver, BC, Canada, 16–18 August 2017; USENIX Association: Berkeley, CA, USA, 2017; pp. 557–574. [Google Scholar]
- Felt, A.P.; Chin, E.; Hanna, S.; Song, D.; Wagner, D. Android permissions demystified. In Proceedings of the 18th ACM conference on Computer and Communications Security, New York, NY, USA, 17–21 October 2011; pp. 627–638. [Google Scholar]
- Tian, Y.; Zhang, N.; Lin, Y.H.; Wang, X.; Ur, B.; Guo, X.; Tague, P. SmartAuth: User-centered authorization for the Internet of Things. In Proceedings of the 26th USENIX Security Symposium (USENIX Security 17), Vancouver, BC, Canada, 16–18 August 2017; USENIX Association: Berkeley, CA, USA, 2017; pp. 361–378. [Google Scholar]
Against | ||||||||
---|---|---|---|---|---|---|---|---|
Confidentiality | Integrity | Availability | Accountability | Nonrepudiation | Trust | Privacy | ||
Attacks and threats | Solutions | |||||||
Malicious injections | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | 18 |
Node replication | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
Hardware Trojans | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | 4, 5, 6 |
Camouflage | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | 4, 5, 6, 11 |
Corrupted or malicious EC nodes | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | 4, 5, 6, 11 |
Injecting fraudulent packets | ✓ | ✓ | ✓ | ✓ | 10, 11 | |||
Side-channel attacks | ✓ | ✓ | ✓ | 6 | ||||
Jamming attacks | ✓ | ✓ | ✓ | ✓ | 2, 8, 10, 11 | |||
Denial-of-service (DoS) attacks | ✓ | ✓ | ✓ | ✓ | 1, 2, 8, 10, 11 | |||
Physical attacks/tampering | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | 6 |
Eavesdropping or sniffing | ✓ | ✓ | ✓ | 11 | ||||
Routing information attacks | ✓ | ✓ | ✓ | ✓ | ✓ | 9 | ||
Forgery attacks | ✓ | ✓ | ✓ | ✓ | 10, 11 | |||
Unauthorized control access | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | 10, 14 |
Integrity attacks against machine learning | ✓ | ✓ | 19 | |||||
Replay attack or freshness attacks | ✓ | ✓ | ✓ | ✓ | 10, 11 | |||
Insufficient/inessential logging attacks | ✓ | ✓ | ✓ | ✓ | 18 | |||
Nonstandard frameworks and inadequate testing | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | 18 |
Solutions and Countermeasures | ID | Explanation | |
---|---|---|---|
Packet filters | 1 | Accept or deny packets from particular addresses or services by setting up routers, firewalls, or servers [120]. | |
Firewalls | 2 | Apply a set of rules at the boundary between two or more networks and specify which traffic is allowed and which is denied. | |
Physical security | 3 | Limits access to key resources by keeping the resources behind a locked door and/or protected from natural and human-made disasters, intentional and unintentional misuses of equipment, hackers, competitors, and terrorist and biohazard events by keeping resources behind a locked and protected place [120]. | |
Countermeasures for malicious hardware/software injection | Side-channel signal analysis | 4 | By implementing timing, power, and spatial temperature testing analysis and by detecting unusual behaviors of nodes/devices, detecting hardware Trojans and malicious firmware/software installed on IoT EC nodes/devices. |
Trojan activation methods | 5 | Compares the outputs, behavior, and side-channel leakages of Trojan-inserted versus Trojan-free circuits in order to detect and model malicious attacks | |
Circuit modification or replacing | 6 | This countermeasure includes: (a) tamper-preventing and/or self-destruction; (b) minimizing information leakage; and (c) PUF into the circuit hardware. | |
Policy-based mechanisms | 7 | Ensure that standard rules are not breached; this way, they can detect any violation of policies, and they can detect any abnormal requests to the EC nodes [92]. | |
Securing firmware update | 8 | The network’s firmware can be updated reliably, either remotely or directly. Both methods should have authentication and integrity to ensure secure updates [92]. | |
Reliable routing protocols | 9 | A table of trusted nodes for sharing sensitive and private information will be created by EC nodes [8,92,98]. | |
Intrusion detection system (IDS) | 10 | Mitigates security threats using: (1) monitoring network operations and communication links; (2) reporting suspicious activities; and (3) detecting routing attacks and blackhole attacks. | |
Cryptographic schemes | 11 | Strong and efficient encryption countermeasure strategies that secure communication protocols against different attacks. | |
Depatterning data transmissions | 12 | Prevent side-channel attacks by intentionally inserting fake packets that change the traffic pattern [92,105,108]. | |
Decentralization | 13 | To ensure anonymity, this mechanism distributes sensitive information among EC nodes in a way that no node has complete knowledge of the information [105]. | |
Authorization | 14 | Prevents responses to requests originated by attackers or malicious EC nodes. It inspects if an entity can access, control, modify, or share the data [8,92,108,111]. | |
Authentication | 15 | An action of verifying user identities who request certain services. | |
Accounting (auditing) | 16 | Collects network activity data to effectively analyze the security of a network and to respond to security incidents. | |
Information flooding | 17 | Prevents intruders from detecting and tracking the location of the information source [98]. | |
Prior testing | 18 | A behavioral test of the components of the EC network. Conducted prior to the actual operation; performed by applying special inputs, pilot, and/or token signals to the network and monitoring their outputs. | |
Outlier detection | 19 | Attacks against machine learning methods inject data outliers into the training data set. These kinds of attacks are drastically mitigated by statistical data analytics methods [98,105]. | |
Secure data aggregation | 20 | In this scheme, individual devices encrypt their data independently using homomorphic encryption schemes, then send the encrypted data to the EC nodes. EC nodes will aggregate all data, compute the multiplication of individual data, and send the aggregated results to the central cloud servers. | |
Secure data deduplication | 21 | Allows the intermediaries to detect the replicate data without learning any knowledge about the data. | |
Secure data analysis | 22 | Partitioning functionality execution across edge nodes/devices and the cloud enables individuals that locally and independently train their models and only share their trained models to keep their original data and respective private training set. | |
Combining EC and blockchain technologies | 23 | A blockchain provides a trusted, reliable, and secure foundation for information transactions and data regulation between various operating network edge entities based on a consensus mechanism. |
Fundamental Principles | Definition |
---|---|
Confidentiality | To ensure that information is only available or disclosed to unauthorized individuals, entities, or processes |
Integrity | To ensure that information is accurate and complete without any manipulation by unauthorized people |
Availability | To ensure that information and services are accessible and usable when requested by an authorized entity |
Accountability | An individual is responsible for proper authority for their actions |
Nonrepudiation | To be able to prove the occurrence of a claimed event or action |
Trust | To be able to provide confidence to others of the qualifications, capabilities, and reliability of that entity to perform specific tasks and fulfill assigned responsibilities |
Privacy | To ensure that the confidentiality of, and access to, certain information is protected |
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. |
© 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Fazeldehkordi, E.; Grønli, T.-M. A Survey of Security Architectures for Edge Computing-Based IoT. IoT 2022, 3, 332-365. https://doi.org/10.3390/iot3030019
Fazeldehkordi E, Grønli T-M. A Survey of Security Architectures for Edge Computing-Based IoT. IoT. 2022; 3(3):332-365. https://doi.org/10.3390/iot3030019
Chicago/Turabian StyleFazeldehkordi, Elahe, and Tor-Morten Grønli. 2022. "A Survey of Security Architectures for Edge Computing-Based IoT" IoT 3, no. 3: 332-365. https://doi.org/10.3390/iot3030019
APA StyleFazeldehkordi, E., & Grønli, T.-M. (2022). A Survey of Security Architectures for Edge Computing-Based IoT. IoT, 3(3), 332-365. https://doi.org/10.3390/iot3030019