A Survey on Security Issues and Attacks of Fog Computing

Authors

  • Ramsha Qureshi Department: Department of Computer Science, COMSATS University Islamabad
  • Muhammad Asad Department of Computer Science and Engineering, Air University Multan Campus, Pakistan
  • Saima Tunio Faculty of Information Technology, Beijing University of Technology, Beijing 100124, China
  • Sirajuddin Qureshi Faculty of Information Technology, Beijing University of Technology, Beijing 100124, China
  • Mughees Ahmed Department of Computer Science and Engineering, Air University Multan Campus, Pakistan
  • Ali Ghulam Information Technology Centre, Sindh Agriculture University, Tandojam, Sindh, Pakistan.

DOI:

https://doi.org/10.21015/vtse.v11i1.1309

Abstract

There is a link between the cloud and the Internet of Things (IoT). The layer that makes up the dispersed network environment is exactly what it is. Cloud computing is brought out to the edge of the network through the type of networking topology referred as fog computing. Users can benefit greatly from fog computing. Fog's primary role, similar to cloud computing, is to allow people mobility. Fog computing is becoming more and more popular, whereas at the same time, security dangers are growing every day. Users' identification & verification are crucial. The fact of fog computing cannot effectively utilize the security and privacy solutions provided by cloud computing must be emphasized. The risks, issues, and solutions linked to security in fog computing are outlined throughout this study. The poll then includes information on ongoing research projects as well as open security and safety concerns for fog computing.

References

T. H. Luan, L. Gao, Z. Li, Y. Xiang, G. Wei, and L. Sun, “Fogcomputing: Focusing on mobile users at the edge,” arXiv preprintar, vol. 3, no. 1, pp. 11, March 2015.

S. Zhang, C. Zhu, J. K. O. Sin, and P. K. T. Mok, “A novel ultrathin elevated channel low-temperature poly-Si TFT,” IEEE Electron Device Lett., vol. 20, pp. 569–571, Nov. 1999. DOI: https://doi.org/10.1109/55.798046

S. Khan, S. Parkinson, and Y. Qin, “Fog computing security a review

of current applications and security solutions,” Journal of Cloud Computing, vol. 6, no. 1, p. 19, 2017.

F. Buccafurri, G. Lax, A. R.-2019 F. International, and undefined 2019, “Exploiting Digital Identity for Mobility in Fog Computing,” ieeexplore.ieee.org,vol. 6, no. 3, pp. 13-16, June 2019.

L. Yang, J. Cao, Y. Yuan, T. Li, … A. H.-A. S., and undefined 2013, “A framework for partitioning and execution of data stream applications in mobile cloud computing,” dl.acm.org., vol. 40, no. 4, March 2013. DOI: https://doi.org/10.1145/2479942.2479946

Novak, E., & Li, Q. (2014, April). Near-pri: Private, proximity based location sharing. In IEEE INFOCOM 2014-IEEE Conference on Computer Communications (). IEEE. DOI: https://doi.org/10.1109/INFOCOM.2014.6847922

F. Bonomi, R. Milito, J. Zhu, and S. Addepalli, “Fog computing and itsrole in the internet of things,” in Proceedings of the first edition of the MCC workshop on Mobile cloud computing. ACM, 2012, pp. 13–16 FLEXChip Signal Processor (MC68175/D), Motorola, 1996. DOI: https://doi.org/10.1145/2342509.2342513

Alrawais, A., Alhothaily, A., Hu, C., & Cheng, X. (2017). Fog computing for the internet of things: Security and privacy issues. IEEE Internet Computing, 21(2), 34-42.

Luan, T. H., Gao, L., Li, Z., Xiang, Y., Wei, G., & Sun, L. (2015). Fog computing: Focusing on mobile users at the edge. arXiv preprint arXiv:1502.01815.

C. Dsouza, G.-J. Ahn, and M. Taguinod, “Policy-driven security management for fog computing: Preliminary framework and a case study,”in Proceedings of the 2014 IEEE 15th International Conference on Information Reuse and Integration (IEEE IRI 2014). IEEE 2014, pp,16,23. DOI: https://doi.org/10.1109/IRI.2014.7051866

X. Cheng, “Fog Computing for the Internet of Things: Security and Privacy Issues NormaChain: A supervision friendly blockchain-based secure digital payment system View project,” vol. 21, no. 2, pp. 34-42, 2017. DOI: https://doi.org/10.1109/MIC.2017.37

Y. Law, M. Palaniswami, … G. K.-I. C., and undefined 2013, “WAKE: Key management scheme for wide-area measurement systems in smart grid,” ieeexplore.ieee.org, vol. 51, no. 1, 2014, pp. 34–41.

F. Buccafurri, G. Lax, A. R.-2019 F. International, and undefined 2019, “Exploiting Digital Identity for Mobility in Fog Computing,” ieeexplore.ieee.org. In 2019 Fourth International Conference on Fog and Mobile Edge Computing (FMEC) (pp. 155-160).

M. Mukherjee, R. Matam, L. Shu, … L. M.-I., and undefined 2017, “Security and privacy in fog computing: Challenges,” ieeexplore.ieee.org, 5, 19293-19304. DOI: https://doi.org/10.1109/ACCESS.2017.2749422

A. Manzoor, A. Wahid, M. S.-… on I. of Things, and undefined 2017, “Secure Login Using Multi-Tier Authentication Schemes in Fog Computing,” researchgate.net, vol. 11,no. 3, 2017. DOI: https://doi.org/10.4108/eai.26-3-2018.154382

R. Huang, Y. Sun, C. Huang, G. Zhao, and Y. Ma, A Survey on Fog Computing, vol. 11637 LNCS., pp. 685–695 Springer International Publishing, 2019.

P. Hu, H. Ning, T. Qiu, H. Song, Y. Wang, and X. Yao, “Security

and privacy preservation scheme of face identification and resolution

framework using fog computing in internet of things,” IEEE Internet of

Things Journal, vol. 4, no. 5, pp. 1143–1155, 2017. DOI: https://doi.org/10.1109/JIOT.2017.2659783

M. H. Ibrahim, “Octopus: An edge-fog mutual authentication scheme.”

IJ Network Security, vol. 18, no. 6, pp. 1089–1101, 2016. DOI: https://doi.org/10.1016/S1353-4858(16)30060-5

S. Smalley and R. Craig. Security enhanced (se) android:

Bringing flexible mac to android. In NDSS, 2013.

S. Yu, C. Wang, K. Ren, and W. Lou. Achieving secure,

scalable, and fine-grained data access control in cloud

computing. In INFOCOM, 2010.

C. Dsouza, G.-J. Ahn, and M. Taguinod. Policy-driven

security management for fog computing: Preliminary

framework and a case study. In IRI. IEEE, 2014.

Lysyanskaya, A., Rivest, R. L., Sahai, A., & Wolf, S. (1999, August). Pseudonym systems. In International Workshop on Selected Areas in Cryptography (pp. 184-199). Springer, Berlin, Heidelberg.

D. Beli. National Identification and Authentication System. [Online].

NIST. Guidelines for smart grid cyber security (NIST 7628), 2010. (Available from: Http://csrc.nist.gov/publications/

PubsNISTIRs.html) [Accessed on 2 April 2015]

R. Lu, X. Liang, S. Member, X. Li, X. Lin, and X. Shen, “IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS 1 EPPA: An Efficient and Privacy-Preserving Aggregation Scheme for Secure Smart Grid Communications,” 2012; 23(9):1621–1631. DOI: https://doi.org/10.1109/TPDS.2012.86

Lysyanskaya, A., Rivest, R. L., Sahai, A., & Wolf, S. (1999, August). Pseudonym systems. In International Workshop on Selected Areas in Cryptography (pp. 184-199). Springer, Berlin, Heidelberg. DOI: https://doi.org/10.1007/3-540-46513-8_14

X. Huang, R. Yu, J. Kang, N. Wang, … S. M.-I., and undefined 2016, “Software defined networking with pseudonym systems for secure vehicular clouds,” ieeexplore.ieee.org, 4, 3522-3534. DOI: https://doi.org/10.1109/ACCESS.2016.2560902

S. Bao, Y. Cao, A. Lei, P. Asuquo, … H. C.-I., and undefined 2019, “Pseudonym Management Through Blockchain: Cost-Efficient Privacy Preservation on Intelligent Transportation Systems,” ieeexplore.ieee.org, 5,40-45.

H. Noroozi, M. Khodaei, and P. Papadimitratos, “VPKIaaS: Towards Scaling Pseudonymous Authentication for Large Mobile Systems, 4,33-32.”

S. Kunal, A. Saha, and R. Amin, “An overview of cloud‐fog computing: Architectures, applications with security challenges,” Secur. Priv., vol. 2, no. 4, Jul. 2019.

Y. Law, M. Palaniswami, G. K.-I. C., and undefined 2013, “WAKE: Key management scheme for wide-area measurement systems in smart grid,” ieeexplore.ieee.org, Mag., vol. 51, no. 1, pp. 34_41, Jan. 2013. DOI: https://doi.org/10.1109/MCOM.2013.6400436

T. H. Luan, L. Gao, Z. Li, Y. Xiang, G. Wei, and L. Sun, “Fog

computing: Focusing on mobile users at the edge,” arXiv preprint

arXiv:1502.01815, 2015. S. Khan, S. Parkinson, and Y. Qin, “Fog computing security a review of current applications and security solutions,” Journal of Cloud Computing, vol. 6, no. 1, p. 19, 2017 DOI: https://doi.org/10.1186/s13677-017-0090-3

S. Ruj, M. Stojmenovic, and A. Nayak, "Decentralized access control with anonymous authentication of data stored in clouds," IEEE Transactions on Parallel and Distributed Systems, vol. 25, no. 2, pp. 384–394, Feb. 2014. DOI: https://doi.org/10.1109/TPDS.2013.38

M. Almorsy, J. Grundy, and I. Müller, “An Analysis of the Cloud Computing Security Problem,” , vol. 02, no. 08, pp. 427–429,Sep. 2016.

Sonali Khairnar ., "FOG COMPUTING: A NEW CONCEPT TO MINIMIZE THE ATTACKS AND TO PROVIDE SECURITY IN CLOUD COMPUTING ENVIRONMENT," International Journal of Research in

Engineering and Technology, vol. 03, no. 09, pp. 124–127, Sep. 2014. DOI: https://doi.org/10.15623/ijret.2014.0309018

Raut, Rajashri, et al. "Fog Computing Using Advance security in Cloud." International Journal of Engineering Research and Technology. Vol. 3. No. 2 (February-2014). ESRSA Publications, 2014.

.

Arbat Rashmi Vinod ., "HINDERING DATA THEFT ATTACK THROUGH FOG COMPUTING," International Journal of Research in Engineering and Technology, vol. 03, no. 09, pp. 427–429, Sep. 2014. DOI: https://doi.org/10.15623/ijret.2014.0309067

T. of Use and P. Policy, "Security as A service – cloud security provider," 2010. [Online]. Available:

https://www.alertlogic.com/. Accessed: Feb. 10, 2017.

S. Roschke, F. Cheng, and C. Meinel, “Intrusion detection in the cloud,” in 8th IEEE International Symposium on Dependable, Autonomic and Secure Computing, DASC 2009, 2009, pp. 729–734. DOI: https://doi.org/10.1109/DASC.2009.94

Charanya, R., et al. "Levels of security issues in cloud computing." International Journal of Engineering and Technology 5.2 (2013): 1912-20.

A. L. A and R. Kavitha, “A Study on Cloud and Fog Computing Security Issues and Solutions,” vol. 4, no. 03, pp. 17–22, 2017.

N. H. Motlagh, M. Bagaa, and T. Taleb, ``UAV-based IoT platform: A crowd surveillance use case,'' IEEE Commun. Mag., vol. 55, no. 2, pp. 128_134, Feb. 2017. DOI: https://doi.org/10.1109/MCOM.2017.1600587CM

C. Perera, A. Zaslavsky, P. Christen, and D. Georgakopoulos, ``Context aware computing for the Internet of Things: A survey,'' IEEE Commun. Surveys Tuts., vol. 16, no. 1, pp. 414_454, 1st Quart., 2014. DOI: https://doi.org/10.1109/SURV.2013.042313.00197

G. D. Abowd, A. K. Dey, P. J. Brown, N. Davies, M. Smith, and P. Steggles, ``Towards a better understanding of context and context-awareness,'' in Proc. 1st Int. Symp. Handheld Ubiquitous Comput. (HUC), Sep. 1999,pp. 304_307. DOI: https://doi.org/10.1007/3-540-48157-5_29

S. Anwar et al., ``From intrusion detection to an intrusion response system: Fundamentals, requirements, and future directions,'' MDPI Algorithms, vol. 10, no. 2, pp. 1_24, Mar. 2017. DOI: https://doi.org/10.3390/a10020039

M. S. Hossain and G. Muhammad, ``Cloud-assisted industrial Internet of Things (IIoT)_Enabled framework for health monitoring,'' Comput.Netw., vol. 101, pp. 192_202, Jun. 2016. DOI: https://doi.org/10.1016/j.comnet.2016.01.009

P. Viola and M. J. Jones, ``Robust real-time face detection,'' Int. J. Comput. Vis., vol. 57, no. 2, pp. 137_154, May 2004. DOI: https://doi.org/10.1023/B:VISI.0000013087.49260.fb

S. Sridhar, R. Sathishkumar, and G. F. Sudha, ``Adaptive halftoned visual cryptography with improved quality and security,'' Multimedia Tools Appl.,vol. 76, no. 1, pp. 815_834, Jan. 2017. DOI: https://doi.org/10.1007/s11042-015-3066-7

C.-N. Yang, J.-K. Liao, and D.-S. Wang, ``New privilege-based visual cryptography with arbitrary privilege levels,'' J. Vis. Commun. Image Represent., vol. 42, pp. 121_131, Jan. 2017. DOI: https://doi.org/10.1016/j.jvcir.2016.10.014

Y.-W. Chow, W. Susilo, G. Yang, J. G. Phillips, I. Pranata, and A. M. Barmawi, ``Exploiting the error correction mechanism in QR codes for secret sharing,'' in Proc. Austral. Conf. Inf. Secur. Privacy, 2016, pp. 409_425. DOI: https://doi.org/10.1007/978-3-319-40253-6_25

A. Rani and B ``An image copyright protection scheme by encrypting secret data with the host image,'' Multimedia Tools Appl.,vol. 75, pp. 1027_1042, Jan. 2016. DOI: https://doi.org/10.1007/s11042-014-2344-0

Downloads

Published

2023-02-26

How to Cite

Qureshi, R., Asad, M., Tunio, S., Qureshi, S., Ahmed, M., & Ghulam, A. (2023). A Survey on Security Issues and Attacks of Fog Computing. VFAST Transactions on Software Engineering, 11(1), 1–11. https://doi.org/10.21015/vtse.v11i1.1309

Issue

Vol. 11 No. 1 (2023): January-March

Section

Articles

License

Authors who publish with this journal agree to the following terms:

  1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License (CC-By) that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
  2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
  3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).

                                      

This work is licensed under a Creative Commons Attribution  License CC BY