Jiawei Zhang,Teng Li,Zuobin Ying,Jianfeng Ma

DOI: https://doi.org/10.1109/tcc.2022.3147226

IF: 5.697

2022-01-01

IEEE Transactions on Cloud Computing

Abstract:Cloud-Fog-Assisted Internet-of-Things (IoT) is a convincing paradigm to provide users with on-demand and low-latency services through Fog nodes in the edge of multiple clouds (Multi-Cloud). Multi-Cloud is a scalable multi-domain service-oriented net-centric system and can respond to complicated user requirements leveraging Multi-Cloud Service Composition (MCSC). However, in MCSC, user security can be easily compromised by untrusted and curious cloud service providers that may collect and violate the privacy and other essential assets of cloud users. Although many trust-based MCSC solutions have been proposed to seek a trustworthy composite service with highest trust level, most of them are vulnerable to malicious users intending to break through the clouds and inflict serious data leakage or asset damage. Considering these security concerns on both malicious users and untrusted service providers, in this article, we present a trust-based secure multi-cloud collaboration framework for Cloud-Fog-Assisted IoT systems. Specifically, to guarantee the security of users, we develop a role-based trust evaluation method to enhance the trustworthiness of MCSC. To preserve the security of services, we design an efficient user authentication scheme and a secure collaboration scheme to provide collaborative user authentication and access control mechanism for MCSC. We develop a proof of concept implementation for our framework and demonstrate its practicability by performance evaluation with extensive experiments.

computer science, information systems, theory & methods

Tian Wang,Guangxue Zhang,Zakirul Alam Bhuiyan,Anfeng Liu,Weijia Jia,Mande Xie

DOI: https://doi.org/10.1016/j.future.2018.05.049

IF: 7.307

2020-01-01

Future Generation Computer Systems

Abstract:In recent years, Sensor–Cloud System (SCS) has become a hot research issue. In this system, there are some cyber security problems that can be well solved by the trust mechanism. However, there are still some deficiencies in existing trust mechanisms, especially for the SCS underlying structure. We proposed a fog-based hierarchical trust mechanism for these cyber security deficiencies. This hierarchical mechanism consists of two parts, trust in the underlying structure and trust between cloud service providers (CSPs) and sensor service providers (SSPs). For trust in the underlying structure, the behavior monitoring part is established and implemented in Wireless Sensor Networks (WSNs), and the fine-grained and complicated data analysis part is moved to the fog layer. For trust between CSPs and SSPs, it focuses more on the real-time comparison of service parameters, the gathering of exception information in WSNs, the targeted quantitative evaluation of entities and so on. The experimental results indicate that this fog-based hierarchical structure performs well in saving network energy, detecting malicious nodes rapidly and recovering misjudgment nodes in an acceptable delay. Furthermore, the reliability of edge nodes is well guaranteed by data analyses in the fog layer and an evaluation strategy based on similar service records is put forward.

Shengmin Xu,Jianting Ning,Jinhua Ma,Xinyi Huang,HweeHwa Pang,Robert H. Deng

DOI: https://doi.org/10.1145/3450569.3463561

2021-01-01

Abstract:As a versatile system architecture, cloud-fog Internet-of-Things~(IoT) enables multiple resource-constrained devices to communicate and collaborate with each other. By outsourcing local data and immigrating expensive workloads to cloud service providers and fog nodes (FNs), resource-constrained devices can enjoy data services with low latency and minimal cost. To protect data security and privacy in the untrusted cloud-fog environment, many cryptographic mechanisms have been invented. Unfortunately, most of them are impractical when directly applied to cloud-fog IoT computing, mainly due to the large number of resource-constrained end-devices (EDs). In this paper, we present a secure cloud-fog IoT data sharing system with bilateral access control based on a new cryptographic tool called lightweight matchmaking encryption. Our system enforces both sender access control and receiver access control simultaneously and adapts to resource-constrained EDs by outsourcing costly workloads to FNs. We conduct extensive experiments to demonstrate the superior performance of our system to the most relevant solutions in the literature.

Yongkai Fan,Guanqun Zhao,Xiaofeng Sun,Jinghan Wang,Xia Lei,Fanglue Xia

DOI: https://doi.org/10.1145/3338507.3358621

2019-01-01

Abstract:As an extension of cloud computing, fog computing environment as well as fog node plays an increasingly important role in internet of things (IoT). This technology provides IoT with more distributed and efficient applications and services. However, IoT nodes have so much variety and perform poorly, which leads to more security issues. For this situation, we initially design a security scheme for the IoT fog environment. Based on the combination of Blockchain and Trusted Execution Environment (TEE) technologies, the security of data storage and transmission from fog nodes to the cloud are ensured, thus ensuring the trustworthiness of the data source in the fog environment.

Ruonan Ma,Leyou Zhang

DOI: https://doi.org/10.1016/j.sysarc.2023.102951

IF: 5.836

2023-01-01

Journal of Systems Architecture

Abstract:The fog computing paradigm extends the storage, network and computing facilities of the Internet of Things (IoT) to the edge of the network and provides increased convenience in real life. However, IoT still faces great security challenges, such as unauthorized access, collusion attacks between users, cloud attack, and privacy leaks. Most recently, Xiong et al. proposed a scheme to attempt to solve these issues (Xiong et al., 2020). However, we found that their scheme still could not resist the collusion attacks between non-revoked users and revoked users. This study performs the security analysis of SEM-ACSIT and proposes a secure and privacy-preserving multi-authority access control scheme named SPMAC. The proposed scheme can realize flexible user and attribute revocation. The proposed scheme achieves forward security and backward security. For the resource-limited devices, This scheme csn achieve lightweight computing using online–offline encryption technique, outsourced decryption method, and fog computing. It is worth noting that the scheme proposes a ciphertext update check algorithm, allowing users to confirm whether the ciphertext from the untrusted cloud and the user secret key have been updated. The security analysis shows that the proposed scheme can resist multiple collusion attacks, such as revoked and non-revoked users attack, cloud-users attack, and cloud attack. In addition, we realize the hidden access policy to protect users’ privacy. Finally, the results of simulation experiments indicate that the proposed scheme has great practical significance in the access control of IoT.

Hong Zhao,Guowei Sun,Weiheng Li,Peiliang Zuo,Zhaobin Li,Zhanzhen Wei

DOI: https://doi.org/10.3390/sym15050974

2023-04-25

Symmetry

Abstract:The application of fog Internet of Things (IoT) technology helps solve the problem of weak computing power faced by IoT terminals. Due to asymmetric differences in communication methods, sensing data offloading from IoT terminals to fog and cloud layers faces different security issues, and both processes should be protected through certain data transmission protection measures. To take advantage of the relative asymmetry between cloud, fog, and sensing layers, this paper considers using physical layer security technology and encryption technology to ensure the security of the sensing data unloading process. An efficient resource allocation method based on deep reinforcement learning is proposed to solve the problem of channel and power allocation in fog IoT scenarios, as well as the selection of unloading destinations. This problem, which is NP-hard, belongs to the attribute of mixed integer nonlinear programming. Meanwhile, the supporting parameters of the method, including state space, action space, and rewards, are all adaptively designed based on scene characteristics and optimization goals. The simulation and analysis show that the proposed method possesses good convergence characteristics. Compared to several heuristic methods, the proposed method reduces latency by at least 18.7% on the premise that the transmission of sensing data is securely protected.

multidisciplinary sciences

Weidong Fang,Wuxiong Zhang,Wei Chen,Yang Liu,Chaogang Tang

DOI: https://doi.org/10.1007/s11276-019-02129-w

IF: 2.701

2019-01-01

Wireless Networks

Abstract:Based on fog computer, an industrial wireless sensor network (F-IWSN) is a novel wireless sensor network in the industry. It not only can more efficiently reduce information transmission latency, but also can more beneficially achieve the real-time control and the rapid resource scheduling. However, similar to other distributed networks, it also faces enormous security challenges, especially those internal attacks. The differences from those traditional security schemes are that, one is the trade-off between security, transmission performance and energy consumption to meet the requirements of information convergence and control, the other constructs a multi-dimensional selective forwarding scheme to achieve the real time transmission. In this paper, we propose a Gaussian distribution-based comprehensive trust management system (GDTMS) for F-IWSN. Furthermore, in its trust decision, the grey decision making is introduced to achieve the trade-off between security, transmission performance and energy consumption. The proposed trade-off can effectively select the secure and robust relay node, namely, a trust management-based secure routing scheme. In addition, the proposed schemes are also applicable to defending against bad mouthing attacks. Simulation results show that, the comprehensive performance of GDTMS is better than other similar algorithms. It can effectively prevent the appearance of network holes, and balance the network load, promote the survivability of the network.

Vijay Karnatak,Amit Kumar Mishra,Neha Tripathi,Mohammad Wazid,Jaskaran Singh,Ashok Kumar Das

DOI: https://doi.org/10.1002/spy2.353

2023-11-03

Security and Privacy

Abstract:Fog computing is a distributed computing architecture, as opposed to depending entirely on centralized cloud servers, which brings the processing of data, functionality of an application, and its storage closer to the network's edge, where it can be closer to the data source or an end‐user device. Some of the potential applications of the fog computing‐based Internet of Things (IoT)‐enabled system are smart healthcare, smart agriculture, smart manufacturing, intelligent transportation system, and smart cities (i.e., in parking management, lighting control, traffic control, and security of civilians). The fog computing‐based IoT‐enabled system is vulnerable to various attacks. Therefore, one needs to deploy security mechanisms, like authentication, access control, key management, and malware detection, in order to secure its communication. In this article, we design a signature‐based access control and key management scheme for fog computing‐based IoT‐enabled big data applications (in short, SBAC‐FC). A detailed security analysis and performance comparison of the SBAC‐FC with other similar existing schemes reveal that the SBAC‐FC surpasses the existing schemes in terms of security and functionality characteristics, as well as complexity overheads.

Jirui Li,Xiaoyong Li,Jie Yuan,Rui Zhang,Binxing Fang

DOI: https://doi.org/10.1109/jiot.2018.2874808

IF: 10.6

2018-01-01

IEEE Internet of Things Journal

Abstract:The interaction between mobile Internet of Things (IoT) devices is based on a hybrid communication architecture. To improve packet delivery ratio, reduce end-to-end delay, and protect data privacy, designing an efficient data forwarding scheme is crucial in guaranteeing the quality of data transmission. Fog computing, a novel distributed computing framework, can decrease the amount of data transmission on the Internet and improve quality of services. In this paper, we propose a fog computing assisted trustworthy forwarding (FCTF) scheme. To the best of our knowledge, this paper is the first study that investigates the role of fog infrastructure nodes (FINs) in forwarding scheme design. FCTF first selects the contact probability and the service degree as the basic trustworthy metrics between node pairs, and combines high-performance optimization algorithms to design a dynamic detection model of overlapping trustworthy communities (DOTCs). Then, we construct logical joint edge community structures on the basis of the results of DOTC and the distribution of FINs at each timestamp. Finally, based on the logical joint edge community, we define the forwarding utilities for FINs and mobile devices, respectively, and design self-adaptive forwarding rules. The experimental results prove that our FCTF scheme can enhance the delivery ratio, and decrease the latency and average hop-count more effectively, and has better routing quality compared with some popular forwarding models in mobile IoT applications.

Jun Wang,Ze Luo,Chenglong Wang

DOI: https://doi.org/10.1007/s10586-024-04621-1

2024-06-24

Cluster Computing

Abstract:Compliance with security requirements in the fog computing environment is known as an important phenomenon in maintaining the quality of service due to the dynamic topology. Security and privacy breaches can occur in fog computing because of its properties and the adaptability of its deployment method. These characteristics render current systems inappropriate for fog computing, including support for high mobility, a dynamic environment, geographic distribution, awareness of location, closeness to end users, and absence of redundancy. Although efficient secure routing protocols have been developed by researchers in recent years, it is challenging to ensure security, reliability, and quality of service at the same time to overcome the limitations of cloud-fog computing. In light of the fact that trust management is an effective means of protecting sensitive information, this study proposes a two-way trust management system (TMS) that would enable both the service requester and the service provider to verify each other's reliability and safety. The trustworthiness of the service seeker can also be verified in this way. So that fog clients can confirm that fog nodes can deliver suitable, dependable, and secure services, trust in a fog computing environment should ideally be two-way. The ability to verify the authenticity of fog clients is an important capability for fog nodes to have. A distributed, event-based, multi-trust trust system is presented by the suggested approach to trust computation, which makes use of social relationships (nodes and clients) and service quality criteria. Hence, the trust score is computed using a number of characteristics. Here, the weight of direct and indirect ratings is emphasized, and the final trust score is computed by dynamically merging the information gained from self-observation and the suggestions of nearby nodes. An extensive evaluation of the proposed method shows that it is resistant to a large number of badly behaved nodes and can successfully neutralize trust-based attacks.

computer science, information systems, theory & methods

Clinton Dsouza,Gail-Joon Ahn,Marthony Taguinod

DOI: https://doi.org/10.1109/iri.2014.7051866

2014-08-01

Abstract:With the increasing user demand for elastic provisioning of resources coupled with ubiquitous and on-demand access to data, cloud computing has been recognized as an emerging technology to meet such dynamic user demands. In addition, with the introduction and rising use of mobile devices, the Internet of Things (IoT) has recently received considerable attention since the IoT has brought physical devices and connected them to the Internet, enabling each device to share data with surrounding devices and virtualized technologies in real-time. Consequently, the exploding data usage requires a new, innovative computing platform that can provide robust real-time data analytics and resource provisioning to clients. As a result, fog computing has recently been introduced to provide computation, storage and networking services between the end-users and traditional cloud computing data centers. This paper proposes a policy-based management of resources in fog computing, expanding the current fog computing platform to support secure collaboration and interoperability between different user-requested resources in fog computing.

Shuqing He,Bo Cheng,Haifeng Wang,Xuelian Xiao,Yunpeng Cao,Junliang Chen

DOI: https://doi.org/10.1109/infcomw.2018.8406927

2018-04-01

Abstract:With the scale of big data increasing in large-scale IoT application, fog computing is a recent computing paradigm that is extending cloud computing towards the edge of network in the field. There are a large number of storage resources placed on the edge of the network to form a geographical distributed storage system in fog computing system (FCS). It is used to store the big data collected by the fog computing nodes and to reduce the management costs for moving big data to the cloud. However, the storage of fog nodes at the edge of the network faces a direct attack of external threats. In order to improve the security of the storage of fog nodes in FCS, in this paper, we proposed a data security storage model for fog computing (FCDSSM) to realize the integration of storage and security management in large-scale IoT application. We designed a detail of the FCDSSM system architecture, gave a design of the multi-level trusted domain, cooperative working mechanism, data synchronization and key management strategy for the FCDSSM. Experimental results show that the loss of computing and communication performance caused by data security storage in the FCDSSM is within the acceptable range, and the FCDSSM has good scalability. It can be adapted to big data security storage in large-scale IoT application.

Lintao Dang,Mianxiong Dong,Kaoru Ota,Jun Wu,Jianhua Li,Gaolei Li

DOI: https://doi.org/10.1109/icc.2018.8422844

2018-01-01

Abstract:Recently, an accelerating number of studies are dedicated to deploying various IoT applications in the information centric network paradigm which has lower system complexity than traditional network architectures. However, such a paradigm poses a number of security challenges especially when it is applied in real-time e-health applications. Firstly, it is difficult to ensure security of sensitive data in such a distributed data caching environment because after the data is published in the form of a packet to the information centric network (ICN), it is no longer controlled by the data publisher. Secondly, in some real-time e-health applications, terminal medical sensors are usually resource-constrained, limiting the direct adoption of expensive cryptographic primitives. In order to address these challenges, a resource-efficient secure data sharing scheme in information centric e-health system is proposed, one that utilizes ciphertext-policy attribute based encryption (CP-ABE) and adapts it to the above-mentioned system with respect to necessary security requirements. It also exploits computation resources of fog nodes and employs outsourcing cryptography to improve system efficiency.The evaluation demonstrates that the scheme can significantly reduce the computation overheads of the resource-constrained terminal medical devices, and can better support the real-time e-health applications.

Lei Zhang,Jiangtao Li

DOI: https://doi.org/10.1109/access.2018.2868920

IF: 3.9

2018-01-01

IEEE Access

Abstract:Fog computing is an extension of cloud computing and enables computing directly at the edge of the network. In fog computing paradigm, the fog nodes reside between smart end devices and the cloud. Benefiting from the structure of fog computing, fog computing can provide services with low latency, location awareness, and mobility. Since the fog nodes are not as powerful as the cloud, resource allocation techniques are usually adapted to optimize the utilization of the resources of fog nodes. However, the current resource allocation techniques are not privacy-preserving, i.e., an attacker can easily find end devices’ sensitive information. In this paper, we propose a privacy-preserving resource allocation scheme for fog computing. The new proposal has constant message expansion, and it is secure against both an eavesdropper and a smart gateway that is employed to perform the resource allocation algorithm. Our scheme is also robust, since it achieves a full key compromise resistance which guarantees that even if the private keys of all the fog nodes in a fog system are corrupted the scheme remains secure.

Jiafu Jiang,Linyu Tang,Ke Gu,WeiJia Jia

DOI: https://doi.org/10.1093/comjnl/bxz108

2020-01-01

The Computer Journal

Abstract:Fog computing has become an emerging environment that provides data storage, computing and some other services on the edge of network. It not only can acquire data from terminal devices, but also can provide computing services to users by opening computing resources. Compared with cloud computing, fog devices can collaborate to provide users with powerful computing services through resource allocation. However, as many of fog devices are not monitored, there are some security problems. For example, since fog server processes and maintains user information, device information, task parameters and so on, fog server is easy to perform illegal resource allocation for extra benefits. In this paper, we propose a secure computing resource allocation framework for open fog computing. In our scheme, the fog server is responsible for processing computing requests and resource allocations, and the cloud audit center is responsible for auditing the behaviors of the fog servers and fog nodes. Based on the proposed security framework, our proposed scheme can resist the attack of single malicious node and the collusion attack of fog server and computing devices. Furthermore, the experiments show our proposed scheme is efficient. For example, when the number of initial idle service devices is 40, the rejection rate of allocated tasks is 10% and the total number of sub-tasks is changed from 150 to 200, the total allocation time of our scheme is only changed from 15 ms to 25 ms; additionally, when the task of 5000 order matrix multiplication is tested on 10 service devices, the total computing time of our scheme is $\sim$250 s, which is better than that of single computer (where single computer needs more than 1500 s). Therefore, our proposed scheme has obvious advantages when it faces some tasks that require more computational cost, such as complex scientific computing, distributed massive data query, distributed image processing and so on.

Tian Wang,Jiyuan Zhou,Minzhe Huang,Zakirul Alam Bhuiyan,Anfeng Liu,Wenzheng Xu,Mande Xie

DOI: https://doi.org/10.1016/j.future.2017.12.036

IF: 7.307

2018-01-01

Future Generation Computer Systems

Abstract:The recent emergence of cloud computing has drastically influenced everyone’s perception of infrastructure architectures, data transmission and other aspects. With the advent of both mobile networks and cloud computing, the computationally-intensive services are moving to the cloud, and the end user’s mobile device is used as an interface to access these services. However, cyber threats are also becoming various and sophisticated, which will endanger the security of users’ private data. In traditional service mode, users’ data is totally stored in the cloud, they lose the right of control on their data and face cyber threats such as data loss and malicious modification. To this end, we propose a novel cloud storage scheme based on fog computing. In our scheme, user’s private data is separately stored in the cloud and fog servers. By this way, the integrity, availability and confidentiality of user’s data can be ensured because the data is retrieved from cloud as well as fog, which is safer. We implement a system prototype and design a series of mechanisms. Extensive experiments results also validate the proposed scheme and methods.

Fatimah Faraji,Amir Javadpour,Arun Kumar Sangaiah,Hadi Zavieh

DOI: https://doi.org/10.1007/s00607-023-01199-1

2023-08-25

Computing (Vienna/New York)

Abstract:To manage the IoT resources to process the massive amount of collected data in complex systems, Allocation of tasks to nodes to increase user satisfaction has been noticed by researchers. In allocating tasks, the necessity of a powerful auxiliary platform is felt. Cloud and fog networks are two suitable options for performing and completing tasks on the Internet of Things. In the cloud network, due to offloading tasks to remote computing centers, problems such as increasing complete time, increasing traffic in the network, and high energy consumption for the Internet of Things network occur. The fog network solves the problem of completing tasks due to reducing the geographical distance between Internet of Things devices and processor nodes. The devices in the fog network cooperate with the Internet of Things network's diverse and variable nodes with time computing, storage, and processing resources. In this heterogeneous environment, the non-cooperation and dishonesty of malicious fog nodes through misrepresentation of shared resources and non-completion of tasks can disrupt the performance of the Internet of Things network. As a result, two fundamental challenges in the heterogeneous fog network include providing resources to allocate tasks and recognizing valid fog nodes. This paper focuses on creating a resource provider network to allocate tasks to authentic fog nodes with appropriate resources. When an Internet of Things node faces a shortage of resources and link prediction, it can form a resource supply network with neighboring nodes to solve the two stated challenges. For this purpose, in the first stage, efforts are made to select the most appropriate options among the neighboring nodes based on specific criteria. In the second step, reliable nodes are identified based on a trust mechanism, including resource trust and entity trust. In the last step, tasks are divided among reliable devices with sufficient resources. The evaluation of the proposed method in the OMNET++ simulator shows that the trust mechanism can lead to the identification of reliable sources and, as a result, reduce the time to complete tasks.

Urooj Yousuf Khan,Tariq Rahim Soomro,Zheng Kougen

DOI: https://doi.org/10.22581/muet1982.2303.08

2023-01-01

Mehran University Research Journal of Engineering and Technology

Abstract:Fog computing offers an optimal answer to the expansion challenge of today's networks. It boasts scaling and reduced latency. Since the concept is still nascent, many research questions remain unanswered. One of these is the challenge of Resource Management. There is a pressing need for a reliable and scalable architecture that meets the Resource Management challenge without compromising the Quality of Service. Among the proposed solutions, Artificial Intelligence based path selection techniques and automated link detection methods can provide lasting and reliable answer. An optimal approach for introducing intelligence in the networks is the infusion of Machine learning methods. Such futuristic, intelligent networks form the backbone of the next generation of Internet. These self-learning and self-healing networks are termed as the ZeroTouch networks. This paper proposes FedFog, a Federated Learning based optimal, automated Resource Management framework in Fog Computing for Zero-touch Networks. The paper describes a series of experiments focusing on Quality of Service parameters such as Network latency, Resources processed, Energy consumption and Network usage. The simulation results from these experiments depict superiority of the proposed architecture over traditional, existing architecture.

Kai Fan,Huiyue Xu,Longxiang Gao,Hui Li,Yintang Yang

DOI: https://doi.org/10.1016/j.future.2019.04.003

IF: 7.307

2019-01-01

Future Generation Computer Systems

Abstract:The fog-to-things paradigm is introduced to mitigate the heavy burden on the edge of cloud-based network due to the centralized processing and storing of the massive volume of IoT data. Fog-enabled IoT architectures ensure small latency and enough computing resource that enables real time devices and applications. However, there still exist security and privacy challenges on data access control for fog-enabled IoT. Ciphertext-policy attribute-based encryption (CP-ABE) can be adopted to realize data access control in cloud-fog computing systems. In this paper, we propose an efficient and privacy preserving outsourced multi-authority access control scheme, named PPO-MACS. All attributes of users are transformed to be anonymous and authenticable to realize privacy preserving. And the verifiable outsourced decryption is introduced to reduce computation overheads on the end user side. Meanwhile, an efficient user revocation method is proposed. Security and performance analysis show that our scheme is secure and highly efficient.

Ismail Zaharaddeen Yakubu,Lele Muhammed,Zainab Aliyu Musa,Zakari Idris Matinja,Ilya Musa Adamu

DOI: https://doi.org/10.48048/tis.2021.413

2021-11-05

Trends in Sciences

Abstract:Cloud high latency limitation has necessitated the introduction of Fog computing paradigm that extends computing infrastructures in the cloud data centers to the edge network. Extended cloud resources provide processing, storage and network services to time sensitive request associated to the Internet of Things (IoT) services in network edge. The rapid increase in adoption of IoT devices, variations in user requirements, limited processing and storage capacity of fog resources and problem of fog resources over saturation has made provisioning and allotment of computing resources in fog environment a formidable task. Satisfying application and request deadline is the most substantial challenge compared to other dynamic variations in parameters of client requirements. To curtail these issues, the integrated fog-cloud computing environment and efficient resource selection method is highly required. This paper proposed an agent based dynamic resource allocation that employs the use of host agent to analyze the QoSrequirements of application and request and select a suitable execution layer. The host agent forwards the application request to a layer agent which is responsible for the allocation of best resource that satisfies the requirement of the application request. Host agent and layers agents maintains resource information tables for matching of task and computing resources. CloudSim toolkit functionalities were extended to simulate a realistic fog environment where the proposed method is evaluated. The experimental results proved that the proposed method performs better in terms of processing time, latency and percentage QoS delivery. HIGHLIGHTS The distance between the cloud infrastructure and the edge IoT devices makes the cloud not too competent for some IoT applications, especially the sensitive ones To minimize the latency in the cloud and ensure prompt response to user requests, Fog computing, which extends the cloud services to edge network was introduced The proliferation in adoption of IoT devices and fog resource limitations has made resource scheduling in fog computing a tedious one GRAPHICAL ABSTRACT