THE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGESIJNSA Journal
The Internet of Things (IoT) brings connectivity to about every objects found in the physical space. It
extends connectivity to everyday objects. From connected fridges, cars and cities, the IoT creates
opportunities in numerous domains. However, this increase in connectivity creates many prominent
challenges. This paper provides a survey of some of the major issues challenging the widespread adoption
of the IoT. Particularly, it focuses on the interoperability, management, security and privacy issues in the
IoT. It is concluded that there is a need to develop a multifaceted technology approach to IoT security,
management, and privacy.
WEARABLE TECHNOLOGY DEVICES SECURITY AND PRIVACY VULNERABILITY ANALYSISIJNSA Journal
Wearable Technology also called wearable gadget, is acategory of technology devices with low processing
capabilities that can be worn by a user with the aim to provide information and ease of access to the master
devices its pairing with. Such examples are Google Glass and Smart watch. The impact of wearable
technology becomes significant when people start their invention in wearable computing, where their
mobile devices become one of the computation sources. However, wearable technology is not mature yet in
term of device security and privacy acceptance of the public. There exists some security weakness that
prompts such wearable devices vulnerable to attack. One of the critical attack on wearable technology is
authentication issue. The low processing due to less computing power of wearable device causethe
developer's inability to equip some complicated security mechanisms and algorithm on the device.In this
study, an overview of security and privacy vulnerabilities on wearable devices is presented.
Malware threat analysis techniques and approaches for IoT applications: a reviewjournalBEEI
Internet of things (IoT) is a concept that has been widely used to improve business efficiency and customer’s experience. It involves resource constrained devices connecting to each other with a capability of sending data, and some with receiving data at the same time. The IoT environment enhances user experience by giving room to a large number of smart devices to connect and share information. However, with the sophistication of technology has resulted in IoT applications facing with malware threat. Therefore, it becomes highly imperative to give an understanding of existing state-of-the-art techniques developed to address malware threat in IoT applications. In this paper, we studied extensively the adoption of static, dynamic and hybrid malware analyses in proffering solution to the security problems plaguing different IoT applications. The success of the reviewed analysis techniques were observed through case studies from smart homes, smart factories, smart gadgets and IoT application protocols. This study gives a better understanding of the holistic approaches to malware threats in IoT applications and the way forward for strengthening the protection defense in IoT applications.
In cloud computing IT (Information Technology) related resources like infrastructure, platform and software can be utilized using web based tools and application through internet. Here Organizations are moving to the cloud computing some faster than others. However, moving to the cloud presents the organization with a number of risks to assess. Information security is the most critical risk for many organizations. This is because the intellectual property, trade secrets, personally identifiable information,
or other sensitive information can be powered by protecting information. This paper classified cloud
security based on the three service models of cloud computing SaaS, PaaS and IaaS. Attributes for each
type of security has also identified and briefly described here. We compared securities provided in different
services by world's best known cloud service providing companies such as Amazon AWS, Google App Engine, Windows Azure etc. considering cloud security category. Furthermore, we included recommendations for organizations who have decided to move their data into the cloud, but confused to choose the best service provider for their organization regarding information security.
A Novel Security Approach for Communication using IOTIJEACS
The Internet of Things (IOT) is the arrangement of physical articles or "things" introduced with equipment, programming, sensors, and framework accessibility, which enables these things to accumulate and exchange data. Here outlining security convention for the Internet of Things, and execution of this relating security convention on the inserted gadgets. This convention will cover the honesty of messages and verification of every customer by giving a productive confirmation component. By this venture the protected correspondence is executed on implanted gadgets.
Comprehensive survey on security problems and key technologies of the interne...RSIS International
Internet of things (IoT) is a collection of many
interconnected objects, services, humans, and devices that can
communicate, share data, and information to achieve a common
goal in different areas and applications. The vision of IoT is to
enable devices to collaborate with each other on the Internet. IoT
security focuses on authentication and access control protocols.
IoT security is the area with protection connected devices and
networks. There are many key challenges in designing a secure
IoT: Privacy, Authentication, Access Control, Trust,
Confidentiality, Mobile Security, etc. Attacks on IoT security
devices are physical attacks, side channel attacks, cryptanalysis
attacks, software attacks, network attacks. This paper describes
Security Problems of IoT, Security issues and Key Technologies
of IoT.
THE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGESIJNSA Journal
The Internet of Things (IoT) brings connectivity to about every objects found in the physical space. It
extends connectivity to everyday objects. From connected fridges, cars and cities, the IoT creates
opportunities in numerous domains. However, this increase in connectivity creates many prominent
challenges. This paper provides a survey of some of the major issues challenging the widespread adoption
of the IoT. Particularly, it focuses on the interoperability, management, security and privacy issues in the
IoT. It is concluded that there is a need to develop a multifaceted technology approach to IoT security,
management, and privacy.
WEARABLE TECHNOLOGY DEVICES SECURITY AND PRIVACY VULNERABILITY ANALYSISIJNSA Journal
Wearable Technology also called wearable gadget, is acategory of technology devices with low processing
capabilities that can be worn by a user with the aim to provide information and ease of access to the master
devices its pairing with. Such examples are Google Glass and Smart watch. The impact of wearable
technology becomes significant when people start their invention in wearable computing, where their
mobile devices become one of the computation sources. However, wearable technology is not mature yet in
term of device security and privacy acceptance of the public. There exists some security weakness that
prompts such wearable devices vulnerable to attack. One of the critical attack on wearable technology is
authentication issue. The low processing due to less computing power of wearable device causethe
developer's inability to equip some complicated security mechanisms and algorithm on the device.In this
study, an overview of security and privacy vulnerabilities on wearable devices is presented.
Malware threat analysis techniques and approaches for IoT applications: a reviewjournalBEEI
Internet of things (IoT) is a concept that has been widely used to improve business efficiency and customer’s experience. It involves resource constrained devices connecting to each other with a capability of sending data, and some with receiving data at the same time. The IoT environment enhances user experience by giving room to a large number of smart devices to connect and share information. However, with the sophistication of technology has resulted in IoT applications facing with malware threat. Therefore, it becomes highly imperative to give an understanding of existing state-of-the-art techniques developed to address malware threat in IoT applications. In this paper, we studied extensively the adoption of static, dynamic and hybrid malware analyses in proffering solution to the security problems plaguing different IoT applications. The success of the reviewed analysis techniques were observed through case studies from smart homes, smart factories, smart gadgets and IoT application protocols. This study gives a better understanding of the holistic approaches to malware threats in IoT applications and the way forward for strengthening the protection defense in IoT applications.
In cloud computing IT (Information Technology) related resources like infrastructure, platform and software can be utilized using web based tools and application through internet. Here Organizations are moving to the cloud computing some faster than others. However, moving to the cloud presents the organization with a number of risks to assess. Information security is the most critical risk for many organizations. This is because the intellectual property, trade secrets, personally identifiable information,
or other sensitive information can be powered by protecting information. This paper classified cloud
security based on the three service models of cloud computing SaaS, PaaS and IaaS. Attributes for each
type of security has also identified and briefly described here. We compared securities provided in different
services by world's best known cloud service providing companies such as Amazon AWS, Google App Engine, Windows Azure etc. considering cloud security category. Furthermore, we included recommendations for organizations who have decided to move their data into the cloud, but confused to choose the best service provider for their organization regarding information security.
A Novel Security Approach for Communication using IOTIJEACS
The Internet of Things (IOT) is the arrangement of physical articles or "things" introduced with equipment, programming, sensors, and framework accessibility, which enables these things to accumulate and exchange data. Here outlining security convention for the Internet of Things, and execution of this relating security convention on the inserted gadgets. This convention will cover the honesty of messages and verification of every customer by giving a productive confirmation component. By this venture the protected correspondence is executed on implanted gadgets.
Comprehensive survey on security problems and key technologies of the interne...RSIS International
Internet of things (IoT) is a collection of many
interconnected objects, services, humans, and devices that can
communicate, share data, and information to achieve a common
goal in different areas and applications. The vision of IoT is to
enable devices to collaborate with each other on the Internet. IoT
security focuses on authentication and access control protocols.
IoT security is the area with protection connected devices and
networks. There are many key challenges in designing a secure
IoT: Privacy, Authentication, Access Control, Trust,
Confidentiality, Mobile Security, etc. Attacks on IoT security
devices are physical attacks, side channel attacks, cryptanalysis
attacks, software attacks, network attacks. This paper describes
Security Problems of IoT, Security issues and Key Technologies
of IoT.
Trust based Mechanism for Secure Cloud Computing Environment: A Surveyinventionjournals
Ubiquitous computing has revolutionized interaction of humans and machines. Cloud computing has been mainly used for storing data and various computational purposes. It has changed the face of using the internet. But, as we know every technology has its pros and cons. Securing cloud environment is the most challenging issue for the researchers and developers. Main aspects which cloud security should cover are authentication, authorization, data protection etc. Establishing trust between cloud service providers (CSP) is the biggest challenge, when someone is discussing about cloud security. Trust is a critical factor which mainly depends on perception of reputation and self-assessment done by both user and CSP. The trust model can act as security strength evaluator and ranking service for cloud application and services. For establishing trust relationship between two parties, mutual trust mechanism is reliable, as it does verification from both sides. There are various trust models which mainly focuses on securing one party i.e., they validate either user or service node. In this survey paper, the study of various trust models and their various parameters are discussed.
Cloud computing is a distributed computing system that offers managed, scalable and secured and high available computation resources and software as a service. Mobile computing is the combination of the heterogeneous domains like Mobile computing, Cloud computing & wireless networks.This paper mainly discusses the literature review on Cloud and the Mobile cloud computing. Here in this paper we analyse existing security challenges and issues involved in the cloud computing and Mobile cloud environment. This paper identifies key issues, which are believed to have long-term significance in cloud computing & mobile cloud security and privacy, based on documented problems and exhibited weaknesses.
SECURITY& PRIVACY THREATS, ATTACKS AND COUNTERMEASURES IN INTERNET OF THINGSIJNSA Journal
The idea to connect everything to anything and at any point of time is what vaguely defines the concept of
the Internet of Things (IoT). The IoT is not only about providing connectivity but also facilitating
interaction among these connected things. Though the term IoT was introduced in 1999 but has drawn
significant attention during the past few years, the pace at which new devices are being integrated into the
system will profoundly impact the world in a good way but also poses some severe queries about security
and privacy. IoT in its current form is susceptible to a multitudinous set of attacks. One of the most
significant concerns of IoT is to provide security assurance for the data exchange because data is
vulnerable to some attacks by the attackers at each layer of IoT. The IoT has a layered structure where
each layer provides a service. The security needs vary from layer to layer as each layer serves a different
purpose. This paper aims to analyze the various security and privacy threats related to IoT. Some attacks
have been discussed along with some existing and proposed countermeasures.
VPN usage across the world has increased due to the COVID-19 pandemic. With companies trying to lay
the course through this unfamiliar state, corporations had to implement a Business Continuity Plan which
included several elements to maintain a scalable and robust VPN connection. During this time of
uncertainty, best practices need to be deployed by corporations and government entities more than ever.
The purpose of this study is to highlight the necessary path SD Telecom would take to ensure a secure,
reliable network during global traffic surge. Specific VPN solutions, access needs, and eligibility
requirements vary based on the end user.
Ensemble of Probabilistic Learning Networks for IoT Edge Intrusion Detection IJCNCJournal
This paper proposes an intelligent and compact machine learning model for IoT intrusion detection using an ensemble of semi-parametric models with Ada boost. The proposed model provides an adequate realtime intrusion detection at an affordable computational complexity suitable for the IoT edge networks. The proposed model is evaluated against other comparable models using the benchmark data on IoT-IDS and shows comparable performance with reduced computations as required.
Today, in the world of communication, connected systems is growing at a rapid pace. To accommodate this growth the need for computational power and storage is also increasing at a similar rate. Companies are investing a large amount of resources in buying, maintaining and ensuring availability of the system to their customers. To mitigate these issues, cloud computing is playing a major role [1]. The underlying concept of cloud computing dates back to the ‘50s but the term entering into widespread usage can be traced to 2006 when Amazon.com announced the Elastic Compute Cloud. In this paper, we will discuss about cloud security approaches. We have used the term “CloudDrain” to define data leakage in case of security compromise.
Securing mobile cloud using finger print authenticationIJNSA Journal
Mobile cloud computing becomes part of mobile users daily life transactions. Mobile devices with Internet
capabilities have increased the use of mobile clouding computing. Due to hardware limitations in mobile
devices, these devices can't install and run applications require heavy CPU processing or extensive
memory. Cloud computing allows mobile users to synchronize their data with remote storage and utilize
applications require heavy CPU processing or extensive memory such as Microsoft Office or Adobe
Photoshop, as they run in a desktop computer.
The mobile device is one of the fasted growing technologies that is widely used in a diversifying sector.
Mobile devices are used for everyday life, such as personal information exchange – chatting, email,
shopping, and mobile banking, contributing to information security threats. Users' behavior can influence
information security threats. More research is needed to understand users' threat avoidance behavior and
motivation. Using Technology threat avoidance theory (TTAT), this study assessed factors that influenced
mobile device users' threat avoidance motivations and behaviors as it relates to phishing attacks.
A survey on cloud security issues and techniquesijcsa
Today, cloud computing is an emerging way of computing in computer science. Cloud computing is a set of
resources and services that are offered by the network or internet. Cloud computing extends various
computing techniques like grid computing, distributed computing. Today cloud computing is used in both
industrial field and academic field. Cloud facilitates its users by providing virtual resources via internet. As
the field of cloud computing is spreading the new techniques are developing. This increase in cloud
computing environment also increases security challenges for cloud developers. Users of cloud save their
data in the cloud hence the lack of security in cloud can lose the user’s trust.
In this paper we will discuss some of the cloud security issues in various aspects like multi-tenancy,
elasticity, availability etc. the paper also discuss existing security techniques and approaches for a secure
cloud. This paper will enable researchers and professionals to know about different security threats and
models and tools proposed.
Fog Computing:The Justifying Insider Data Stealing Attacks in the CloudIJSRD
Cloud computing allows us for share and access our personal and business data. With this technology the communication becomes faster. But when a user share his personal data, he will start worrying about the security. Existing data security paradigms such as encryption have failed in protect data theft attacks, especially those committed by an insider to the cloud service provider. To overcome this problem, We propose a different approach for providing the security for data in the cloud by using offensive decoy technology(ODT). In this Technic we observe data access in the cloud and detect anomalous data access patterns. When unofficial access is found and then verified using challenge questions, we launch a deception attack by returning large amounts of decoy information to the attacker. This protects against the illegal use of the user’s real data. Experiments conducted in a local file setting provide indication that this approach may provide extraordinary levels of user data security in a Cloud environment.
In the past decade, internet of things (IoT) has been a
focus of research. Security and privacy are the key issues for IoT
applications, and still face some enormous challenges. In order to
facilitate this emerging domain, we in brief review the research
progress of IoT, and pay attention to the security. By means of
deeply analyzing the security architecture and features, the
security requirements are given. On the basis of these, we discuss
the research status of key technologies including encryption
mechanism, communication security, protecting sensor data and
cryptographic algorithms, and briefly outline the challenges.
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGIJNSA Journal
In the IoT scenario, things at the edge can create significantly large amounts of data. Fog Computing has recently emerged as the paradigm to address the needs of edge computing in the Internet of Things (IoT) and Industrial Internet of Things (IIoT) applications. In a Fog Computing environment, much of the processing would take place closer to the edge in a router device, rather than having to be transmitted to the Fog. Authentication is an important issue for the security of fog computing since services are offered to massive-scale end users by front fog nodes.Fog computing faces new security and privacy challenges besides those inherited from cloud computing. Authentication helps to ensure and confirms a user's identity. The existing traditional password authentication does not provide enough security for the data and there have been instances when the password-based authentication has been manipulated to gain access into the data. Since the conventional methods such as passwords do not serve the purpose of data security, research worksare focused on biometric user authentication in fog computing environment. In this paper, we present biometric smartcard authentication to protect the fog computing environment.
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGIJNSA Journal
In the IoT scenario, things at the edge can create significantly large amounts of data. Fog Computing has recently emerged as the paradigm to address the needs of edge computing in the Internet of Things (IoT) and Industrial Internet of Things (IIoT) applications. In a Fog Computing environment, much of the processing would take place closer to the edge in a router device, rather than having to be transmitted to the Fog. Authentication is an important issue for the security of fog computing since services are offered to massive-scale end users by front fog nodes.Fog computing faces new security and privacy challenges besides those inherited from cloud computing. Authentication helps to ensure and confirms a user's identity. The existing traditional password authentication does not provide enough security for the data and there have been instances when the password-based authentication has been manipulated to gain access into the data. Since the conventional methods such as passwords do not serve the purpose of data security, research worksare focused on biometric user authentication in fog computing environment. In this paper, we present biometric smartcard authentication to protect the fog computing environment.
Trust based Mechanism for Secure Cloud Computing Environment: A Surveyinventionjournals
Ubiquitous computing has revolutionized interaction of humans and machines. Cloud computing has been mainly used for storing data and various computational purposes. It has changed the face of using the internet. But, as we know every technology has its pros and cons. Securing cloud environment is the most challenging issue for the researchers and developers. Main aspects which cloud security should cover are authentication, authorization, data protection etc. Establishing trust between cloud service providers (CSP) is the biggest challenge, when someone is discussing about cloud security. Trust is a critical factor which mainly depends on perception of reputation and self-assessment done by both user and CSP. The trust model can act as security strength evaluator and ranking service for cloud application and services. For establishing trust relationship between two parties, mutual trust mechanism is reliable, as it does verification from both sides. There are various trust models which mainly focuses on securing one party i.e., they validate either user or service node. In this survey paper, the study of various trust models and their various parameters are discussed.
Cloud computing is a distributed computing system that offers managed, scalable and secured and high available computation resources and software as a service. Mobile computing is the combination of the heterogeneous domains like Mobile computing, Cloud computing & wireless networks.This paper mainly discusses the literature review on Cloud and the Mobile cloud computing. Here in this paper we analyse existing security challenges and issues involved in the cloud computing and Mobile cloud environment. This paper identifies key issues, which are believed to have long-term significance in cloud computing & mobile cloud security and privacy, based on documented problems and exhibited weaknesses.
SECURITY& PRIVACY THREATS, ATTACKS AND COUNTERMEASURES IN INTERNET OF THINGSIJNSA Journal
The idea to connect everything to anything and at any point of time is what vaguely defines the concept of
the Internet of Things (IoT). The IoT is not only about providing connectivity but also facilitating
interaction among these connected things. Though the term IoT was introduced in 1999 but has drawn
significant attention during the past few years, the pace at which new devices are being integrated into the
system will profoundly impact the world in a good way but also poses some severe queries about security
and privacy. IoT in its current form is susceptible to a multitudinous set of attacks. One of the most
significant concerns of IoT is to provide security assurance for the data exchange because data is
vulnerable to some attacks by the attackers at each layer of IoT. The IoT has a layered structure where
each layer provides a service. The security needs vary from layer to layer as each layer serves a different
purpose. This paper aims to analyze the various security and privacy threats related to IoT. Some attacks
have been discussed along with some existing and proposed countermeasures.
VPN usage across the world has increased due to the COVID-19 pandemic. With companies trying to lay
the course through this unfamiliar state, corporations had to implement a Business Continuity Plan which
included several elements to maintain a scalable and robust VPN connection. During this time of
uncertainty, best practices need to be deployed by corporations and government entities more than ever.
The purpose of this study is to highlight the necessary path SD Telecom would take to ensure a secure,
reliable network during global traffic surge. Specific VPN solutions, access needs, and eligibility
requirements vary based on the end user.
Ensemble of Probabilistic Learning Networks for IoT Edge Intrusion Detection IJCNCJournal
This paper proposes an intelligent and compact machine learning model for IoT intrusion detection using an ensemble of semi-parametric models with Ada boost. The proposed model provides an adequate realtime intrusion detection at an affordable computational complexity suitable for the IoT edge networks. The proposed model is evaluated against other comparable models using the benchmark data on IoT-IDS and shows comparable performance with reduced computations as required.
Today, in the world of communication, connected systems is growing at a rapid pace. To accommodate this growth the need for computational power and storage is also increasing at a similar rate. Companies are investing a large amount of resources in buying, maintaining and ensuring availability of the system to their customers. To mitigate these issues, cloud computing is playing a major role [1]. The underlying concept of cloud computing dates back to the ‘50s but the term entering into widespread usage can be traced to 2006 when Amazon.com announced the Elastic Compute Cloud. In this paper, we will discuss about cloud security approaches. We have used the term “CloudDrain” to define data leakage in case of security compromise.
Securing mobile cloud using finger print authenticationIJNSA Journal
Mobile cloud computing becomes part of mobile users daily life transactions. Mobile devices with Internet
capabilities have increased the use of mobile clouding computing. Due to hardware limitations in mobile
devices, these devices can't install and run applications require heavy CPU processing or extensive
memory. Cloud computing allows mobile users to synchronize their data with remote storage and utilize
applications require heavy CPU processing or extensive memory such as Microsoft Office or Adobe
Photoshop, as they run in a desktop computer.
The mobile device is one of the fasted growing technologies that is widely used in a diversifying sector.
Mobile devices are used for everyday life, such as personal information exchange – chatting, email,
shopping, and mobile banking, contributing to information security threats. Users' behavior can influence
information security threats. More research is needed to understand users' threat avoidance behavior and
motivation. Using Technology threat avoidance theory (TTAT), this study assessed factors that influenced
mobile device users' threat avoidance motivations and behaviors as it relates to phishing attacks.
A survey on cloud security issues and techniquesijcsa
Today, cloud computing is an emerging way of computing in computer science. Cloud computing is a set of
resources and services that are offered by the network or internet. Cloud computing extends various
computing techniques like grid computing, distributed computing. Today cloud computing is used in both
industrial field and academic field. Cloud facilitates its users by providing virtual resources via internet. As
the field of cloud computing is spreading the new techniques are developing. This increase in cloud
computing environment also increases security challenges for cloud developers. Users of cloud save their
data in the cloud hence the lack of security in cloud can lose the user’s trust.
In this paper we will discuss some of the cloud security issues in various aspects like multi-tenancy,
elasticity, availability etc. the paper also discuss existing security techniques and approaches for a secure
cloud. This paper will enable researchers and professionals to know about different security threats and
models and tools proposed.
Fog Computing:The Justifying Insider Data Stealing Attacks in the CloudIJSRD
Cloud computing allows us for share and access our personal and business data. With this technology the communication becomes faster. But when a user share his personal data, he will start worrying about the security. Existing data security paradigms such as encryption have failed in protect data theft attacks, especially those committed by an insider to the cloud service provider. To overcome this problem, We propose a different approach for providing the security for data in the cloud by using offensive decoy technology(ODT). In this Technic we observe data access in the cloud and detect anomalous data access patterns. When unofficial access is found and then verified using challenge questions, we launch a deception attack by returning large amounts of decoy information to the attacker. This protects against the illegal use of the user’s real data. Experiments conducted in a local file setting provide indication that this approach may provide extraordinary levels of user data security in a Cloud environment.
In the past decade, internet of things (IoT) has been a
focus of research. Security and privacy are the key issues for IoT
applications, and still face some enormous challenges. In order to
facilitate this emerging domain, we in brief review the research
progress of IoT, and pay attention to the security. By means of
deeply analyzing the security architecture and features, the
security requirements are given. On the basis of these, we discuss
the research status of key technologies including encryption
mechanism, communication security, protecting sensor data and
cryptographic algorithms, and briefly outline the challenges.
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGIJNSA Journal
In the IoT scenario, things at the edge can create significantly large amounts of data. Fog Computing has recently emerged as the paradigm to address the needs of edge computing in the Internet of Things (IoT) and Industrial Internet of Things (IIoT) applications. In a Fog Computing environment, much of the processing would take place closer to the edge in a router device, rather than having to be transmitted to the Fog. Authentication is an important issue for the security of fog computing since services are offered to massive-scale end users by front fog nodes.Fog computing faces new security and privacy challenges besides those inherited from cloud computing. Authentication helps to ensure and confirms a user's identity. The existing traditional password authentication does not provide enough security for the data and there have been instances when the password-based authentication has been manipulated to gain access into the data. Since the conventional methods such as passwords do not serve the purpose of data security, research worksare focused on biometric user authentication in fog computing environment. In this paper, we present biometric smartcard authentication to protect the fog computing environment.
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGIJNSA Journal
In the IoT scenario, things at the edge can create significantly large amounts of data. Fog Computing has recently emerged as the paradigm to address the needs of edge computing in the Internet of Things (IoT) and Industrial Internet of Things (IIoT) applications. In a Fog Computing environment, much of the processing would take place closer to the edge in a router device, rather than having to be transmitted to the Fog. Authentication is an important issue for the security of fog computing since services are offered to massive-scale end users by front fog nodes.Fog computing faces new security and privacy challenges besides those inherited from cloud computing. Authentication helps to ensure and confirms a user's identity. The existing traditional password authentication does not provide enough security for the data and there have been instances when the password-based authentication has been manipulated to gain access into the data. Since the conventional methods such as passwords do not serve the purpose of data security, research worksare focused on biometric user authentication in fog computing environment. In this paper, we present biometric smartcard authentication to protect the fog computing environment.
ABSTRACT
Cloud computing promises to significantly change the way we use computers and access and store our personal and business information. With these new computing and communications paradigms arise new data security challenges. Existing data protection mechanisms such as encryption have failed in preventing data theft attacks, especially those perpetrated by an insider to the cloud provider.
For securing user data from such attacks a new paradigm called fog computing can be used. Fog Computing is a paradigm that extends Cloud computing and services to the edge of the network. Similar to Cloud, Fog provides data, compute, storage, and application services to end-users. The motivation of Fog computing lies in a series of real scenarios, such as Smart Grid, smart traffic lights in vehicular networks and software defined network This technique can monitor the user activity to identify the legitimacy and prevent from any unauthorized user access. Here we have discussed this paradigm for preventing misuse of user data and securing information.
CONCLUSION
This proposal of monitoring data access patterns by profiling user behavior to determine if and when a malicious insider illegitimately accesses someone’s documents in a Cloud service. Decoy documents stored in the Cloud alongside the user’s real data also serve as sensors to detect illegitimate access. Once unauthorized data access or exposure is suspected, and later verified, with challenge questions for instance, this inundate the malicious insider with bogus information in order to dilute the user’s real data. Such preventive attacks that rely on disinformation technology could provide unprecedented levels of security in the Cloud and in social networks.
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...ijccsa
The introduction of Internet of Things (IoT) applications into daily life has raised serious privacy concerns
among consumers, network service providers, device manufacturers, and other parties involved. This paper
gives a high-level overview of the three phases of data collecting, transmission, and storage in IoT systems
as well as current privacy-preserving technologies. The following elements were investigated during these
three phases:(1) Physical and data connection layer security mechanisms(2) Network remedies(3)
Techniques for distributing and storing data. Real-world systems frequently have multiple phases and
incorporate a variety of methods to guarantee privacy. Therefore, for IoT research, design, development,
and operation, having a thorough understanding of all phases and their technologies can be beneficial. In
this Study introduced two independent methodologies namely generic differential privacy (GenDP) and
Cluster-Based Differential privacy ( Cluster-based DP) algorithms for handling metadata as intents and
intent scope to maintain privacy and security of IoT data in cloud environments. With its help, we can
virtual and connect enormous numbers of devices, get a clearer understanding of the IoT architecture, and
store data eternally. However, due of the dynamic nature of the environment, the diversity of devices, the
ad hoc requirements of multiple stakeholders, and hardware or network failures, it is a very challenging
task to create security-, privacy-, safety-, and quality-aware Internet of Things apps. It is becoming more
and more important to improve data privacy and security through appropriate data acquisition. The
proposed approach resulted in reduced loss performance as compared to Support Vector Machine (SVM) ,
Random Forest (RF) .
Internet of Things (IoT) is becoming an emerging trend superseding other technologies and researchers considered it as the future of internet. As now the connectivity to the World Wide Web is becoming highly available cost is drastically decreasing so everyone can afford the technology. As Internet of Things provides a great opportunity to develop an important industrial systems and applications with the help of various kind of sensors that can sense out the environment using number of devices that is connected to the internet, usage of IoT is drastically increasing and becoming a common thing. With this sky-rocketed usage and the demand, Communication and storing of the information faces serious security issues as the security of IoT devices become just an afterthought when manufacturing most of the devices. This study tries to summarize this IoT security issues in terms of primary information security concepts confidentiality, integrity and availability with regards to its architecture.
Internet of Things (IoT) plays a vital role in our
day to day life and normally used in our houses, in industry,
schools and in hospitals which implemented outside to manage
and control for taking report the changes in location prevent
from dangers and many more favorable things. Moreover all
other advantages can approach of big risks of privacy loss and
security issues. To protect the IoT devices, so many research
works have been measure to find those problems and locate a
best way to eradicate those risks or at least to reduce their effect
on the security and privacy requirement. Formation the concept
of device to device (D2D) communication technology, IoT plays
the information transfer from one end to another end as node of
interconnection. This paper examines the constraints and
security challenges posed by IoT connected devices and the
ability to connect, communicate with, and remotely manage an
incalculable number of networked, automated devices via the
Internet is becoming pervasive.
A Study on Cloud and Fog Computing Security Issues and SolutionsAM Publications
Cloud computing is the significant part of the data world. The security level in cloud is undefined. Fog computing is the new buzz word added to the technical world. And the term Fog was coined by CISCO. The need for Fog computing is security and gets the data more closely to the end-user. Fog Computing is not going to replace the Cloud computing, it will be acting as the intermediate layer for securing the data which is stored inside the cloud. The principal idea of this paper is to provide data safety measures to the Cloud storage through Fog Computing. Fog Computing will be playing the vital role for the future technology. The Internet of Things (IoT) will be using the Fog computing to implement the smart World concept. So, in the future we have to handle huge amount of data and we need to provide the security for the Data. This study gives the security solutions available for the different issues.
Architectural Layers of Internet of Things: Analysis of Security Threats and ...Scientific Review SR
A pervasive network architecture that interconnect heterogeneous objects, devices, technologies and services called
Internet of Things has prompted a drastic change in demand of smart devices which in turn has increased the rate of
data exchange. These smart devices are built with numerous sensors which collect information from other interacting
devices, process it and send it to remote locations for storage or further processing. Although this mechanism of data
processing and sharing has contributed immensely to the information world, it has recently posed high security risk
on privacy and data confidentiality. This paper therefore analyses different security threats to data at different
architectural layers of Internet of Things, possible countermeasures and other in-depth security measures for Internet
of Things. The paper identifies device authentication on IoT network to be of paramount impo rtance in securing IoT
systems. This paper also suggests some essential technologies of security such as encryption for securing IoT
devices and the data shared over IoT network
Appraisal of the Most Prominent Attacks due to Vulnerabilities in Cloud Compu...Salam Shah
Cloud computing has attracted users due to high speed and bandwidth of the internet. The e-commerce systems are best utilizing the cloud computing. The cloud can be accessed by a password and username and is completely dependent upon the internet. The threats to confidentiality, integrity, authentication and other vulnerabilities that are associated with the internet are also associated with cloud. The internet and cloud can be secured from threats by ensuring proper security and authorization. The channel between user and cloud server must be secured with a proper authorization mechanism. The research has been carried out and different models have been proposed by the authors to ensure the security of clouds. In this paper, we have critically analyzed the already published literature on the security and authorization of the internet and cloud.
Challenges and Mechanisms for Securing Data in Mobile Cloud Computingijcnes
Cloud computing enables users to utilize the services of computing resources. Now days computing resources in mobile applications are being delivered with cloud computing. As there is a growing need for new mobile applications, usage of cloud computing can not be overlooked. Cloud service providers offers the services for the data request in a remote server. Virtualization aspect of cloud computing in mobile applications felicitates better utilization of resources. The industry needs to address the foremost security risk in the underlying technology. The cloud computing environment in mobile applications aggravated with various security problems. This paper addresses challenges in securing data in cloud for mobile Cloud computing and few mechanisms to overcome.
SECURITY& PRIVACY THREATS, ATTACKS AND COUNTERMEASURES IN INTERNET OF THINGSIJNSA Journal
The idea to connect everything to anything and at any point of time is what vaguely defines the concept of the Internet of Things (IoT). The IoT is not only about providing connectivity but also facilitating interaction among these connected things. Though the term IoT was introduced in 1999 but has drawn significant attention during the past few years, the pace at which new devices are being integrated into the system will profoundly impact the world in a good way but also poses some severe queries about security and privacy. IoT in its current form is susceptible to a multitudinous set of attacks. One of the most significant concerns of IoT is to provide security assurance for the data exchange because data is vulnerable to some attacks by the attackers at each layer of IoT. The IoT has a layered structure where each layer provides a service. The security needs vary from layer to layer as each layer serves a different purpose. This paper aims to analyze the various security and privacy threats related to IoT. Some attacks have been discussed along with some existing and proposed countermeasures.
A new algorithm to enhance security against cyber threats for internet of thi...IJECEIAES
One major problem is detecting the unsuitability of traffic caused by a distributed denial of services (DDoS) attack produced by third party nodes, such as smart phones and other handheld Wi-Fi devices. During the transmission between the devices, there are rising in the number of cyber attacks on systems by using negligible packets, which lead to suspension of the services between source and destination, and can find the vulnerabilities on the network. These vulnerable issues have led to a reduction in the reliability of networks and a reduction in consumer confidence. In this paper, we will introduce a new algorithm called rout attack with detection algorithm (RAWD) to reduce the affect of any attack by checking the packet injection, and to avoid number of cyber attacks being received by the destination and transferred through a determined path or alternative path based on the problem. The proposed algorithm will forward the real time traffic to the required destination from a new alternative backup path which is computed by it before the attacked occurred. The results have showed an improvement when the attack occurred and the alternative path has used to make sure the continuity of receiving the data to the main destination without any affection.
Hierarchical Digital Twin of a Naval Power SystemKerry Sado
A hierarchical digital twin of a Naval DC power system has been developed and experimentally verified. Similar to other state-of-the-art digital twins, this technology creates a digital replica of the physical system executed in real-time or faster, which can modify hardware controls. However, its advantage stems from distributing computational efforts by utilizing a hierarchical structure composed of lower-level digital twin blocks and a higher-level system digital twin. Each digital twin block is associated with a physical subsystem of the hardware and communicates with a singular system digital twin, which creates a system-level response. By extracting information from each level of the hierarchy, power system controls of the hardware were reconfigured autonomously. This hierarchical digital twin development offers several advantages over other digital twins, particularly in the field of naval power systems. The hierarchical structure allows for greater computational efficiency and scalability while the ability to autonomously reconfigure hardware controls offers increased flexibility and responsiveness. The hierarchical decomposition and models utilized were well aligned with the physical twin, as indicated by the maximum deviations between the developed digital twin hierarchy and the hardware.
6th International Conference on Machine Learning & Applications (CMLA 2024)ClaraZara1
6th International Conference on Machine Learning & Applications (CMLA 2024) will provide an excellent international forum for sharing knowledge and results in theory, methodology and applications of on Machine Learning & Applications.
Water billing management system project report.pdfKamal Acharya
Our project entitled “Water Billing Management System” aims is to generate Water bill with all the charges and penalty. Manual system that is employed is extremely laborious and quite inadequate. It only makes the process more difficult and hard.
The aim of our project is to develop a system that is meant to partially computerize the work performed in the Water Board like generating monthly Water bill, record of consuming unit of water, store record of the customer and previous unpaid record.
We used HTML/PHP as front end and MYSQL as back end for developing our project. HTML is primarily a visual design environment. We can create a android application by designing the form and that make up the user interface. Adding android application code to the form and the objects such as buttons and text boxes on them and adding any required support code in additional modular.
MySQL is free open source database that facilitates the effective management of the databases by connecting them to the software. It is a stable ,reliable and the powerful solution with the advanced features and advantages which are as follows: Data Security.MySQL is free open source database that facilitates the effective management of the databases by connecting them to the software.
HEAP SORT ILLUSTRATED WITH HEAPIFY, BUILD HEAP FOR DYNAMIC ARRAYS.
Heap sort is a comparison-based sorting technique based on Binary Heap data structure. It is similar to the selection sort where we first find the minimum element and place the minimum element at the beginning. Repeat the same process for the remaining elements.
Using recycled concrete aggregates (RCA) for pavements is crucial to achieving sustainability. Implementing RCA for new pavement can minimize carbon footprint, conserve natural resources, reduce harmful emissions, and lower life cycle costs. Compared to natural aggregate (NA), RCA pavement has fewer comprehensive studies and sustainability assessments.
TOP 10 B TECH COLLEGES IN JAIPUR 2024.pptxnikitacareer3
Looking for the best engineering colleges in Jaipur for 2024?
Check out our list of the top 10 B.Tech colleges to help you make the right choice for your future career!
1) MNIT
2) MANIPAL UNIV
3) LNMIIT
4) NIMS UNIV
5) JECRC
6) VIVEKANANDA GLOBAL UNIV
7) BIT JAIPUR
8) APEX UNIV
9) AMITY UNIV.
10) JNU
TO KNOW MORE ABOUT COLLEGES, FEES AND PLACEMENT, WATCH THE FULL VIDEO GIVEN BELOW ON "TOP 10 B TECH COLLEGES IN JAIPUR"
https://www.youtube.com/watch?v=vSNje0MBh7g
VISIT CAREER MANTRA PORTAL TO KNOW MORE ABOUT COLLEGES/UNIVERSITITES in Jaipur:
https://careermantra.net/colleges/3378/Jaipur/b-tech
Get all the information you need to plan your next steps in your medical career with Career Mantra!
https://careermantra.net/
1. International Journal of Research in Advent Technology, Vol.7, No.6S, June 2019
E-ISSN: 2321-9637
Available online at www.ijrat.org
60
doi: 10.32622/ijrat.76S201913
Abstract—Fog computing isa new paradigm that’san
add-on to cloud computing in the network. It has similar
characteristics to cloud computing such as computation,
storage, control, network functions. Fog is closer to end-users
but different in that it is de-centralised architecture. This
platform is suitable for real time low latency applications like
Internet of Things (IOT) devices. This paper surveys the
effect of security issues and privacy issues with possible
solutions in fog systems.
Index Terms— Fog computing, cloud computing,
Security threats, Privacy, Internet of Things
I. INTRODUCTION
The idea of Fog computing was first presented by CISCO in
2012. This platform refers to expanding cloud computing to
the edge of an enterprise's network. Fog computing
architecture is a scalable decentralized computing
architecture different from cloud centralized architecture.
Fog platform doesn’t exist on its own, this acts an
intermediate between end users and cloud platform to process
the communication. The basic framework of fog platform is
similar to cloud platform but its architecture supports
sensitive low latency applications [1]. Fog platform uses
many edge devices such as router, switches and hub for
processing, analyzing, aggregating and transmitting data of
latency aware applications that’s why its named as fog
computing [2].
Fog node can be any device that has the capacity of
carrying out the computing, providing the storage, and does
network connectivity. Fog system when compared to cloud
system are relatively have small computing resources such as
memory and storage but these resources can be enhanced
on-demand.
With the fast growth of Internet..of Things (IoT)
requests, numerous challenges are faced by the cloud
computing architecture such as high .latency, low capacity,
network failure and long distance (multiple hops) between
cloud and end users. Fog computing has brought the cloud
nearer to end user devices such as IoT. Devices for addressing
these challenges. It has offered processing of IoT information
and storage close to IoT devices[3].
Manuscript revised May 13, 2019 and published on June 5, 2019
Rashmi R, Mtech Student, Dept of Information Science & Engineering, BMS
college of Engineering, Bangalore, India
Dr R Ashok Kumar, Associate Professor, Dept of Information Science &
Engineering, BMS college of Engineering, Bangalore, India
Different applications such as automation of home,
monitoring of environment, traffic light that uses IOT devices
are all connected physically. These applications generate huge
data that are gathered. Features such as low latency, location.
awareness and geographic distribution are important for
applications that are not supported by IOT. Fog computing
and IOT are integrated together in-order to support these
features[4].
Instead of sending information to cloud for analysis,
storage and processing. Fog computing does all of these, this
helps in improving the efficiency and decreases the amount
of information that sent to cloud. Many companies such as
CISCO, Dell, Microsoft. Corp. have dedicated to explore and
development of Fog. To enable scalability and
interoperability feature, OpenFog Consortium workgroup are
working to create an open architecture for Fog [5].
Fog platform has the following characteristics:
Quick enough to respond to low latency
applications.
Can process large amount of data locally due to
which performance increases.
Services like storage, computation, memory are
virtualized and are located at the edge of source
premises.
Supports Geographic distribution of Fog nodes.
Software installation on Heterogeneous hardware.
Support for Mobility and Location Awareness.
Reduces Network Congestion.
Services provided by Fog are disrupted by malicious
attack. These attacks can happen either internally or from
external sources by consuming the resources. Thereby
reducing bandwidth and interrupt the services provided by
fog to genuine end users. In this paper we highlight security
and privacy issues with possible solutions [6].
The paper is organized. as follows: section II includes
the connection among cloud and user devices, section III
includes the literature survey, section IV includes the
different types of attacks in fog platform, section V includes
the security and privacy issues and finally section VI
included the conclusion..
II. FOG ARCHITECTURE
Figure 1 depicts how communication happens between
Cloud, Fog and End user devices. Fog platform lies nearer to
end user devices rather than cloud. This is how fog nodes are
linked to each other. Fog to Fog, Fog to cloud and Fog to End
user devices are all communicating in bi-directional.
Possible Solutions on Security and Privacy Issues in Fog
Computing
Rashmi R, Dr R Ashok Kumar
2. International Journal of Research in Advent Technology, Vol.7, No.6S, June 2019
E-ISSN: 2321-9637
Available online at www.ijrat.org
61
doi: 10.32622/ijrat.76S201913
End user Devices / IOT devices – This consists of
physical devices such as Mobiles, Sensors,
actuators, tablets and others. These devices are
provided with global. positioning system [7].
Fog Platform: This layer includes fog nodes and
does computing via Gateways, Switches, Router and
Access Points. Between fog nodes Storage and
Computing facilities are shared [7].
Cloud Platform: This platform includes Servers and
Data Centers that has sufficient Storage and
Computing resource[7]
Figure 1: Fog Archiecture
This architecture is applicable to many applications such as
smart cities, healthcare, transportation (smart cars and traffic
control) , agriculture, hospital and financial services
III. RELATED SURVEY
A brief overview of different types of attacks are presented
in [1]. Saad Khan, Simon Parkinson and Yongrui Qin author’s
have provided the security issues and possible solutions and
recommendations for fog [2].Integration of IOT with Fog is
explained in[3]. VM’s can be attacked so a Conceptual. smart
pre-copy. live migration method is proposed for VM’s in [6]
to choose when to advance with stop and copy stage. Open
challenges and ongoing research in security and privacy
issues are highlighted by author’s in[5][7]. In order to support
location privacy a secure positioning protocol was proposed
in [8]. The authors in paper[9] have highlighted why data
protection. techniques of cloud cannot be directly. applied to
Fog.
IV. SECURITY THREATS IN FOG
. Access control issues: Unauthorized user gets the
permission to acquire the data, change configuration and
install software.
Account Hijacking: In order to carry out malicious activity
hijacking the user account. Phishing attack is used to
steal user data.
Denial of service (DOS): Prevents the genuine users from
accessing the services or data.
Eavesdropping: attackers tries to steal information from
systems when transmitted over network.
Forgery: Attackers imitate user’s identity.
Side channel attack: kind of hidden channel already exists
in hardware through which attacker can access.
VM based attack: a kind of malicious attack through
servers, users could experience system failure.
Impersonation attack: an attacker acts identical to reliable
server. They provide services that are offensive to users
by making the users to believe they are connecting to
genuine fog nodes[3].
Man-in-the-middle attack: an attacker establishes an
momentary situation between the interactive nodes. Data
is altered without revealing to the users while they are
communicating the data with fog nodes[1].
Data Tampering: Data is modified or deleted by
unauthorized channels.
Stealth attack: Attackers hide malware command over the
network and control the fog services.
Tampering Attack: Attacker can modify or drop or can
delay the data that is being transmitted thereby degrading
performance and efficiency [7].
Spoofing: Attackers gains the access to system indicating
that messages are sent from trusted host.
Resonance attack: Improper data is transmitted to fog node
by compulsory making the sensors to operate at diverse
frequencies.
Sniffing attack: Stealing of end users devices data when
transmitted over the network.
V. SECURITY AND PRIVACY ISSUES
The following gives an understanding about the attacks,
possible solution and impact on the features of Fog.
Authentication and Authorization
This is first step in establishing relation between End
user devices/ IOT Devices and Fog nodes. Authorization
identifies as ―officially having accessing right‖ were as
Authentication is ―Action of proving‖. During the
establishment phase access right and identity of the node
which wants to connect is verified. For accessing storage and
processing services, end users should get authentic to the Fog
node. Traditional Public Key Infrastructure (PKI) along with
certificates is not appropriate due to resource limitations of
IOT devices [7].
Possible Threats:
Man-.in-the.-middle attack
Forgery attack
Data Tampering
Spoofing attack
Stealth attack
Access control issues
Impact:
Trusted end user data might get hacked by the attacker during
communication and these devices might not get the required
services.
Possible Solution:
3. International Journal of Research in Advent Technology, Vol.7, No.6S, June 2019
E-ISSN: 2321-9637
Available online at www.ijrat.org
62
doi: 10.32622/ijrat.76S201913
Multicast authentication using Public-Key Infrastructure
(PKI) [7]
Diffie. Hellman key exchange
Intrusion. Detection techniques
Biometric-authentication-techniques:
Face-authentication, Finger-print authentication,
Touch-based authentication.
Certifying Authority (CA) [7]
Fully homomorphism can be used to secure data
Virtualization
Virtualization can be hardware virtualization or
software virtualization. Hardware virtualization refers to a
virtual fog that allows Virtual Machines (VMs) to co-occur
in. a physical. server (host) so that multiple entities to share
the same physicalsystem. Software virtualization refers to
multiple operating system images run at a same time on a
piece of hardware. We can have virtual version of storage,
network, data, memory and software virtualization, with the
help of this delay and jitter can be decreased. Malicious VM’s
can take control over hardware and operating system and
modify the services in fog without security.
Possible Threats:
Denial of service (DOS) attacks,
VM based attack
Side channel attack
Impersonation attack
Impact:
Failure of hosted server’s result in absence of services
provided by them and resources [4].
Possible Solutions:
Multi-Factor Authentication [2]
Intrusion. Detection. system [2]
Role-based access. control model
Attribute based encryption [2]
User-based permission model [2]
Data Security
Data security is an important aspect in fog system.
Data should be secured in fog system from unauthorized
access. While data is getting processed in fog, it will undergo
changes in its size, structure. and validity of data. Fog nodes
managed by different providers and individuals needs to be
checked for trustworthiness.
Possible Threats:
Denial of service (DOS) attack
Data ownership issue
Illegal data access
Data altering and erasing attack
Data replication and sharing [2]
Impact:
Corruption, deletion of data present in database system of fog
nodes. Downtime caused to the trusted fog nodes.
Possible Solution:
Encryption of sensitive data at end user devices then
transfers it to fog nodes.
Secure. key management
Data. Masking
Network Monitoring
Policy enforcement
Wireless Network Security
Network acts as a bridge between fog nodes and end
user devices and correspondingly between the fog nodes.
Network should be secure from malicious attack, if that
happens then it can spread malicious threats to connected
parties and also damages the working of that network itself.
Properly isolating the network can prevent the network from
spreading if infected.
Possible Threats:
Packet sniffing
Denial-of-Service (DoS) attack,
Man in the middle attack
Resonance attack
Gateway attacks were recognized as likely attacks on
network infrastructure
Impact:
Wireless. access. points that are susceptible can compromise
features such as. privacy, accuracy, consistency, availability
and reliability of data. Performance of the fog nodes are
decreased by consuming the network resources such as
bandwidth.
Possible Solution:
Antivirus [2]
Encryption and authentication [2]
Deployment of intrusion detection system (IDS) [6]
Cloud watcher – for network monitoring [2]
Virtual Private Network (VPN) – Isolating the network
from external attack [2]
Secure Communication
Secure Communication can be of three kinds
between end user devices, Fog nodes and cloud.
Communication between end user devices and Fog
nodes.
Communication within Fog nodes.
Communication between fog nodes and cloud[10].
Possible Threats:
Tampering attack
Spamming attack
Impact:
Many bogus messages or wrong information can float around
the network [2].
Possible Solution:
4. International Journal of Research in Advent Technology, Vol.7, No.6S, June 2019
E-ISSN: 2321-9637
Available online at www.ijrat.org
63
doi: 10.32622/ijrat.76S201913
Homomorphic encryption techniques – Maintain data
secrecy and protect identities of devices once uploading
info from. devices to cloud.
Lightweight encryption or masking algorithms can also
be used to protect the data secrecy.
Trust
All Devices in fog network should have certain level of
trust on one node to one more node. Trust play mutual role in
fog network for end user devices.
End user devices should trust Fog nodes that they connect
are genuine.
End user devices that send data to fog nodes are indeed
secure[5].
Possible Threats:
Malicious attacks.
Impact:
Attacks causes sensors to be untrustworthy to avoid this trust
evaluation method to provide reliable connection among
sensors to fight against malicious attack
Possible Solution:
Regionbased trust model – It’s a trust communication
amongst fog nodes at different region[5].
Dynamic nature of end user devices and fog nodes uses
opinion-based model[4].
Privacy
Preservation of privacy data is extra challenging as
fog nodes are nearer with end users for collecting the
sensitive information. Sensitive data are not retrieved or
revealed to an illegal person is ensured by privacy [6].Fog
systems must let users to specify the privacy attributes of the
data that they own on the system [8]. Privacy can be
distinguished in terms of End user privacy, Location privacy
and Usage privacy.
Possible Threats:
Eavesdropping or Sniffing attack
Man-in-the-middle attack
Impact:
Sensitive data or personal information of end user can be
hacked. In case of location privacy attackers may provide
fake locations, so locations specified by one entity might not
reliable.
Possible Solution:
Public key infrastructure for encrypting the data block at
end-user devices and decrypting that at fog nodes.
Location verification protocols are used to support location
property
Host Firewall with Network Location Awareness[11]
Position based cryptography[8]
VI. CONCLUSION
Fog is a computing paradigm present at the edge of
network to support end users. Cloud computing security
features cannot be functional to fog computing because of its
distinctive characteristics. This paper summarizes attacks,
possible solutions on security and privacy issues in Fog
computing. The major concerns in context to fog computing
are considered in this paper.
.
REFERENCES
[1]A. Aljumah and T. A. Ahanger, ―Fog computing and security issues: A
review,‖ 2018 7th Int. Conf. Comput. Commun. Control. ICCCC 2018
- Proc., no. Icccc, pp. 237–239, 2018.
[2]S. Khan, S. Parkinson, and Y. Qin, ―Fog computing security: a review of
current applications and security solutions,‖ J. Cloud Comput., vol. 6,
no. 1, 2017.
[3] H. F. Atlam, ―Fog Computing and the Internet of Things : A Review,‖
pp. 1–18, 2018.
[4]―Fog-IOT.‖ [Online]. Available:
https://internetofthingsagenda.techtarget.com/ definition
/fog-computing-fogging . [Accessed: 06-Mar-2019].
[5]P. Y. Zhang, M. C. Zhou, and G. Fortino, ―Security and trust issues in Fog
computing: A survey,‖ Futur. Gener. Comput. Syst., vol. 88, pp.
16–27, 2018.
[6]O. Osanaiye, S. Chen, Z. Yan, R. Lu, K. K. R. Choo, and M. Dlodlo,
―From Cloud to Fog Computing: A Review and a Conceptual Live VM
Migration Framework,‖ IEEE Access, vol. 5, no. c, pp. 8284–8300,
2017.
[7]M. Mukherjee et al., ―Security and Privacy in Fog Computing:
Challenges,‖ IEEE Access, vol. 5, pp. 19293–19304, 2017.
[8]R. Yang, Q. Xu, M. H. Au, Z. Yu, H. Wang, and L. Zhou, ―Position based
cryptography with location privacy: A step for Fog Computing,‖ Futur.
Gener. Comput. Syst., vol. 78, pp. 799–806, 2018.
[9] Y. Guan, J. Shao, G. Wei, and M. Xie, ―Data Security and Privacy in
Fog Computing,‖ IEEE Netw., vol. 32, no. 5, pp. 106–111, 2018.
[10] ―Open Fog Consortium.‖ [Online]. Available:
https://www.openfogconsortium.org/wp-content/uploads/OpenFog_R
eference_Architecture_2_09_17-FINAL.pdf. [Accessed:
20-Mar-2019].
[11]―ScienceDirect.‖[Online].Available:https://www.sciencedirect.com/to
pics/computer-science/location-awareness. [Accessed: 10-Mar-2019].
.