Xin Jin,Charalampos Katsis,Fan Sang,Jiahao Sun,Ashish Kundu,Ramana Kompella

DOI: https://doi.org/10.48550/arXiv.2206.07164

2022-06-14

Cryptography and Security

Abstract:Edge computing is a paradigm that shifts data processing services to the network edge, where data are generated. While such an architecture provides faster processing and response, among other benefits, it also raises critical security issues and challenges that must be addressed. This paper discusses the security threats and vulnerabilities emerging from the edge network architecture spanning from the hardware layer to the system layer. We further discuss privacy and regulatory compliance challenges in such networks. Finally, we argue the need for a holistic approach to analyze edge network security posture, which must consider knowledge from each layer.

Jiale Zhang,Bing Chen,Yanchao Zhao,Xiang Cheng,Feng Hu

DOI: https://doi.org/10.1109/access.2018.2820162

IF: 3.9

2018-01-01

IEEE Access

Abstract:With the explosive growth of Internet of Things devices and massive data produced at the edge of the network, the traditional centralized cloud computing model has come to a bottleneck due to the bandwidth limitation and resources constraint. Therefore, edge computing, which enables storing and processing data at the edge of the network, has emerged as a promising technology in recent years. However, the unique features of edge computing, such as content perception, real-time computing, and parallel processing, has also introduced several new challenges in the field of data security and privacy preserving, which are also the key concerns of the other prevailing computing paradigms, such as cloud computing, mobile cloud computing, and fog computing. Despites its importance, there still lacks a survey on the recent research advance of data security and privacy-preserving in the field of edge computing. In this paper, we present a comprehensive analysis of the data security and privacy threats, protection technologies, and countermeasures inherent in edge computing. Specifically, we first make an overview of edge computing, including forming factors, definition, architecture, and several essential applications. Next, a detailed analysis of data security and privacy requirements, challenges, and mechanisms in edge computing are presented. Then, the cryptography-based technologies for solving data security and privacy issues are summarized. The state-of-the-art data security and privacy solutions in edge-related paradigms are also surveyed. Finally, we propose several open research directions of data security in the field of edge computing.

Dan Liu,Zheng Yan,Wenxiu Ding,Mohammed Atiquzzaman

DOI: https://doi.org/10.1109/jiot.2019.2897619

IF: 10.6

2019-01-01

IEEE Internet of Things Journal

Abstract:Internet of Things (IoT) is gaining increasing popularity. Overwhelming volumes of data are generated by IoT devices. Those data after analytics provide significant information that could greatly benefit IoT applications. Different from traditional applications, IoT applications, such as environmental monitoring, smart navigation, and smart healthcare come with new requirements, such as mobility, real-time response, and location awareness. However, traditional cloud computing paradigm cannot satisfy these demands due to centralized processing and being far away from local devices. Hence, edge computing was introduced to perform data processing and storage in the edge of networks, which is closer to data sources than cloud computing, thus efficient and location-aware. Unfortunately, edge computing brings new security and privacy challenges when applied to data analytics. The literature still lacks a thorough review on the recent advances in secure data analytics in edge computing. In this paper, we first introduce the concept and features of edge computing, and then propose a number of requirements for its secure data analytics by analyzing potential security threats in edge computing. Furthermore, we give a comprehensive review on the pros and cons of the existing works on data analytics in edge computing based on our proposed requirements. Based on our literature survey, we highlight current open issues and propose future research directions.

Ahmad Alzu'bi,Ala'a Alomar,Shahed Alkhaza'leh,Abdelrahman Abuarqoub,Mohammad Hammoudeh

DOI: https://doi.org/10.26599/tst.2023.9010080

2024-02-13

Tsinghua Science & Technology

Abstract:The healthcare industry is rapidly adapting to new computing environments and technologies. With academics increasingly committed to developing and enhancing healthcare solutions that combine the Internet of Things (IoT) and edge computing, there is a greater need than ever to adequately monitor the data being acquired, shared, processed, and stored. The growth of cloud, IoT, and edge computing models presents severe data privacy concerns, especially in the healthcare sector. However, rigorous research to develop appropriate data privacy solutions in the healthcare sector is still lacking. This paper discusses the current state of privacy-preservation solutions in IoT and edge healthcare applications. It identifies the common strategies often used to include privacy by the intelligent edges and technologies in healthcare systems. Furthermore, the study addresses the technical complexity, efficacy, and sustainability limits of these methods. The study also highlights the privacy issues and current research directions that have driven the IoT and edge healthcare solutions, with which more insightful future applications are encouraged.

computer science, information systems,engineering, electrical & electronic, software engineering

Christian Badolato

DOI: https://doi.org/10.48550/arXiv.2208.05922

2022-06-23

Abstract:Users care greatly about preserving the privacy of their personal data gathered during their use of information systems. This extends to both the data they actively provide in exchange for services as well as the metadata passively generated in many aspects of their computing experiences. However, new technologies are at a great risk of being inadequate to protect a user's privacy if researchers focus primarily on the use cases of these technologies without giving sufficient consideration to incorporating privacy at a fundamental level. Edge computing has been introduced as a promising networking paradigm for processing the incredible magnitude of data produced by modern IoT networks. As edge computing is still considered a relatively new technology, the edge computing community has a responsibility to ensure privacy protection is interwoven into its implementations at a foundational level. In this paper, I first introduce the concepts of user privacy and edge computing; I then provide a state-of-the-art overview of current literature as it relates to privacy preservation in honest-but-curious edge computing. Finally, I provide future research recommendations in the hope that the edge computing research and development community will be inspired to ensure strong privacy protections in their current and future work.

Cryptography and Security,Networking and Internet Architecture

Yao Zhao,Youyang Qu,Yong Xiang,Md Palash Uddin,Dezhong Peng,Longxiang Gao

DOI: https://doi.org/10.1145/3680277

IF: 16.6

2024-10-09

ACM Computing Surveys

Abstract:Recent advances in edge computing (EC) have pushed cloud-based data caching services to edge; however, such emerging edge storage comes with numerous challenging and unique security issues. One of them is the problem of edge data integrity verification (EDIV), which coordinates multiple participants (e.g., data owners and edge nodes) to inspect whether data cached on edge is authentic. To date, various solutions have been proposed to address the EDIV problem, while there is no systematic review. Thus, we offer a comprehensive survey for the first time, aiming to show current research status, open problems, and potentially promising insights for readers to further investigate this under-explored field. Specifically, we begin by stating the significance of the EDIV problem, the integrity verification difference between data cached on cloud and edge, and three typical system models with corresponding inspection processes. To thoroughly assess prior research efforts, we synthesize a universal criteria framework that an effective verification approach should satisfy. On top of it, a schematic development timeline is developed to reveal the research advance on EDIV in a sequential manner, followed by a detailed review of the existing EDIV solutions. Finally, we highlight intriguing research challenges and possible directions for future work, along with a discussion on how forthcoming technology, e.g., machine learning and context-aware security, can augment security in EC. Given our findings, some major observations are: there is a noticeable trend to equip EDIV solutions with various functions and diversify study scenarios; completing EDIV within two types of participants (i.e., data owner and edge nodes) is garnering escalating interest among researchers; although the majority of existing methods rely on cryptography, emerging technology is being explored to handle the EDIV problem.

computer science, theory & methods

Wei Tong,Wenjie Chen,Bingbing Jiang,Fengyuan Xu,Qun Li,Sheng Zhong

DOI: https://doi.org/10.1109/icdcs.2019.00104

2019-01-01

Abstract:Mobile edge computing (MEC) is proposed as an extension of cloud computing in the scenarios where the end devices desire better services in terms of response time. Edge nodes are deployed at the proximity of the end devices, and it can pre-download parts of data stored in the cloud so that the end devices can access these data with low latency. However, because the edges are usually owned by individuals and small organizations, which have limited operation capacities for maintaining the machines, the data on the edges are easily corrupted (due to external attacks or internal hardware failures). Therefore, it is essential to verify data integrity in the MEC. We propose two Integrity Checking protocols for mobile Edge computing, called ICE-basic and ICE-batch, which are designed for the cases where the user wants to check data integrity on a single edge or multiple edges, respectively. Based on the concept of provable data possession and the technique of private information retrieval, our protocols allow a third-party verifier to check the data integrity on the edges without violating users' data privacy and query pattern privacy. We rigorously prove the security and privacy guarantees of the protocols. Furthermore, we have implemented a proof-of-concept system that runs ICE, and extensive experiments are conducted. The theoretical analysis and experimental results demonstrate the proposed protocols are efficient both in computation and communication.

Fuhong Lin,Lei Yang,Xianwei Zhou

DOI: https://doi.org/10.23919/jcc.2020.9248512

2020-01-01

China Communications

Abstract:Edge computing is an emerging technology for revolutionarily tackling the network bottlenecks of cloud-device ecosystems. There are about 20 billion edge devices connected to the Internet, with 507.9 ZB data generated, which has reached the limits of central clouds and network bandwidth. It is vitally important for distributed and decentralized edge devices to perform necessary computations on-device rather than outsourcing it to the cloud. However, the openness, heterogeneity and limited computing and storage resources of edge devices have greatly increased the difficulty of security protection in edge computing. This SI targets to address challenges related to developing architectures, algorithms, and techniques to guarantee the security of edge computing. This Special Collection aims to address all these topics and invite contributions from worldwide leading researchers. These works have investigated a wide spread of topics with respect to security issues in emerging edge computing, which are summarized as follows in details.

Jun Ye,Yu Jiang

DOI: https://doi.org/10.3390/sym16121648

2024-12-14

Symmetry

Abstract:Mobile edge computing (MEC), is a technology that extends the power of cloud computing to the edge of the end device, with the primary goal of providing faster response times and an optimized quality of service. Given that edge devices are often used by smaller organizations with less computing power, data on the edge are more susceptible to data corruption, which is closely related to uneven resource allocation and uneven security protection. It is therefore particularly important to check the integrity of the MEC to ensure that it is intact, which in turn serves the symmetry of data security protection and facilitates the realization and optimization of symmetry in resource allocation. An integrity verification protocol MEC-P is proposed. MEC-P allows a third-party auditor (TPA) to check data integrity on the edge without violating users' data privacy and query pattern privacy. We rigorously demonstrate the security and privacy guarantees of the protocol. In addition, this protocol carefully considers the scenarios of single edge node and multiple edge nodes, as well as the complexity of dynamic modifications. Both theoretical analysis and experimental results demonstrate that the proposed protocol is effective.

multidisciplinary sciences

Ashish Singh,Kakali Chatterjee

DOI: https://doi.org/10.1016/j.cose.2021.102353

2021-09-01

Abstract:<p>Nowadays, the healthcare system faces new challenges due to the increasing growth of sensitive patient data. There is a need for a Smart Healthcare System (SHS) that makes the healthcare system smarter to protect the data and maintain privacy. An SHS contains several IoT devices, sensors, and mobile nodes that collect the data from the patient's body and store it remotely. The most commonly used approach for storing data in the SHS is cloud computing-based storage. This type of system is very popular and provides common solutions to all users because it allows accessing the data remotely. The security and privacy of remotely located data is another important concern because the solution is available to all types of users. Remotely located data enables a lack of control over the data. The real-time health monitoring system based on cloud computing is not feasible because the response time is comparatively high. It is essential to provide some solution that reduces this response time. The edge computing approach reduces the response time in real-time cases as well as needs low bandwidth.</p><p>This paper proposed a smart healthcare system based on edge computing architecture. This architecture consists of an intermediary layer called an edge computing layer responsible for maintaining the network latency and preserving the privacy of the patient data. This edge computing layer has handled the encryption and privacy of the patient data with the help of the Privacy-Preserving Searchable Encryption (PPSE) technique. The access control mechanism is also implemented to restrict unauthorized access to the remote stored patient data. The proposed model's implementation, performance, and security analysis show high security, low latency, low transfer time, low power, and low energy compared to a similar approach. The computed results demonstrated transfer time (64.24%), power consumption (69.03%), and energy consumption (69.56%) is reduced using the edge computing approach.</p>

computer science, information systems

Shivani Singh,Razia Sulthana,Tanvi Shewale,Vinay Chamola,Abderrahim Benslimane,Biplab Sikdar

DOI: https://doi.org/10.1109/jiot.2021.3098051

IF: 10.6

2022-01-01

IEEE Internet of Things Journal

Abstract:Edge computing (EC), is a technological game changer that has the ability to connect millions of sensors and provide services at the device end. The broad vision of EC integrates storage, processing, monitoring, and control of operations in the Edge of the network. Though EC provides end-to-end connectivity, speeds up operation, and reduces latency of data transfer, security is a major concern. The tremendous growth in the number of Edge Devices and the amount of sensitive information generated at the device and the cloud creates a broad surface of attack and therefore, the need to secure the static and mobile data is imperative. This article is a comprehensive survey that describes the security and privacy issues in various layers of the EC architecture that result from the networking of heterogeneous devices. Second, it discusses the wide range of machine learning and deep learning algorithms that are applied in EC use cases. Following this, this article broadly details the different types of attacks that the Edge network confronts, and the intrusion detection systems and the corresponding machine learning algorithms that overcome these security and privacy concerns. The details of machine learning and deep learning techniques for EC security are tabulated. Finally, the open issues in securing Edge networks and future research directions are provided.

computer science, information systems,telecommunications,engineering, electrical & electronic

Mr. Navin Garg,Amit Gupta

DOI: https://doi.org/10.35940/ijeat.f1006.1186s419

2020-05-18

International Journal of Engineering and Advanced Technology

Abstract:Internet of Things (IoT) is latest technology these days which generates high volume of data. Efficient use of data analytics techniques on discrete data using Cloud Computing provides significant and precise information. In view of the previously used applications, an application that is IoT enabled such as environmental monitoring, application for navigation and smart healthcare systems being developed with different requirements such as portability, fast and real-time response etc. However, the typical architecture of cloud system cannot fulfill these requirements as the processing of the data being distributed across the world remotely from physical location of installed IoT devices. Hence, the concept of edge computing emerged to perform data storage and processing at the extreme end devices that is nearer to data collection sources than the cloud storage. This makes applications computationally intelligent and location notified. But edge computing suffers from many challenges related to security and privacy when it is been applied to data analytics in association with IoT devices. The literature collected till date still deficient in detail review on the advancements in security and safe data analytics techniques used in edge computing. This paper, first introduce the various concepts and characteristics related to edge computing, and then we try to propose solutions for performing data analytics in a secured and efficient manner, thereafter reviewing the underlying some security attacks in the field of edge computing. Based on our literature survey, we have highlighted current open issues and some future research areas in this field

AN Xingshuo,CAO Guixing,MIAO Li,REN Shubo,LIN Fuhong

DOI: https://doi.org/10.11959/j.issn.1000-0801.2018181

2018-01-01

Abstract:With the rise of edge computing,more and more attentions have been paid to security issues of edge computing.The basic concepts,system architecture and the relationship between edge computing and other computing paradigms were introduced.Then the security threats to edge computing were analyzed,and the security technology of edge computing was discussed for these security threats.Finally,the technologies of intrusion detection,access control,defense strategy and key management in edge computing were summarized and the further research directions were pointed out.

Abdulmalik Alwarafy,Khaled A. Al-Thelaya,Mohamed Abdallah,Jens Schneider,Mounir Hamdi

DOI: https://doi.org/10.48550/arXiv.2008.03252

2020-08-06

Abstract:Internet of Things (IoT) is an innovative paradigm envisioned to provide massive applications that are now part of our daily lives. Millions of smart devices are deployed within complex networks to provide vibrant functionalities including communications, monitoring, and controlling of critical infrastructures. However, this massive growth of IoT devices and the corresponding huge data traffic generated at the edge of the network created additional burdens on the state-of-the-art centralized cloud computing paradigm due to the bandwidth and resources scarcity. Hence, edge computing (EC) is emerging as an innovative strategy that brings data processing and storage near to the end users, leading to what is called EC-assisted IoT. Although this paradigm provides unique features and enhanced quality of service (QoS), it also introduces huge risks in data security and privacy aspects. This paper conducts a comprehensive survey on security and privacy issues in the context of EC-assisted IoT. In particular, we first present an overview of EC-assisted IoT including definitions, applications, architecture, advantages, and challenges. Second, we define security and privacy in the context of EC-assisted IoT. Then, we extensively discuss the major classifications of attacks in EC-assisted IoT and provide possible solutions and countermeasures along with the related research efforts. After that, we further classify some security and privacy issues as discussed in the literature based on security services and based on security objectives and functions. Finally, several open challenges and future research directions for secure EC-assisted IoT paradigm are also extensively provided.

Networking and Internet Architecture,Cryptography and Security

J. Uma Maheswari,S. Vijayalakshmi,Rajiv Gandhi N,Laith H. Alzubaidi,Khonimkulov Anvar,R. Elangovan

DOI: https://doi.org/10.1051/e3sconf/202339904040

2023-01-01

E3S Web of Conferences

Abstract:The globe has adopted the cloud computing environment, which organizes data and manages space for data storage, processing, and access. This technical development has brought up questions regarding data security and privacy in cloud computing environments, though. The purpose of this abstract is to offer a thorough review of the issues, solutions, and future developments related to data privacy and security in cloud computing. Keeping data private and secure while it is being processed and stored in outside data centres is the main difficulty in cloud computing systems. The abstract discusses the dangers of insider threats, data breaches, and illegal access to sensitive information. It digs further into the legal and compliance criteria that businesses must follow in order to protect user data in the cloud. In result, data privacy and security in cloud computing environments remain critical concerns for organizations and individuals alike. In the survey the overview of how to use cloud storage globally and its challenges, solution and future innovation is well explained. It underscores the importance of robust encryption, access controls, user awareness, and emerging technologies in safeguarding data in the cloud. By addressing these concerns, organizations can leverage the power of cloud computing while maintaining the confidentiality, integrity, and availability of their data.

Guangming Cui,Qiang He,Bo Li,Xiaoyu Xia,Feifei Chen,Hai Jin,Yang Xiang,Yun Yang

DOI: https://doi.org/10.1109/tsc.2021.3090173

IF: 11.019

2022-01-01

IEEE Transactions on Services Computing

Abstract:The new edge computing paradigm extends cloud computing by allowing service vendors to deploy their service instances and data on distributed edge servers to serve their service users in close geographic proximity to those edge servers. Caching edge data on edge servers profoundly reduces the retrieval latency perceived by users. However, these edge data are subject to corruption due to intentional and/or accidental exceptions. This is a major challenge for service vendors but has been overlooked. Thus, verifying the integrity of edge data accurately and efficiently is a critical security problem in the edge computing environment. A unique characteristic of the edge computing environment is that edge servers suffer from constrained computing capacities. Thus, verifying data integrity on massive edge servers individually is computationally expensive and impractical. In this paper, we tackle this Edge Data Integrity (EDI) problem with an inspection and corruption localization scheme for EDI named ICL-EDI. This scheme allows service vendors to inspect data integrity and localize corrupted edge data cached on multiple edge servers accurately and efficiently. To evaluate its performance, we implement ICL-EDI and conduct extensive experiments to demonstrate its effectiveness and efficiency.

computer science, information systems, software engineering

Poornima Mahadevappa,Raja Kumar Murugesan

DOI: https://doi.org/10.48550/arXiv.2111.07672

2021-11-15

Abstract:Edge computing provides an agile data processing platform for latency-sensitive and communication-intensive applications through a decentralized cloud and geographically distributed edge nodes. Gaining centralized control over the edge nodes can be challenging due to security issues and threats. Among several security issues, data integrity attacks can lead to inconsistent data and intrude edge data analytics. Further intensification of the attack makes it challenging to mitigate and identify the root cause. Therefore, this paper proposes a new concept of data quarantine model to mitigate data integrity attacks by quarantining intruders. The efficient security solutions in cloud, ad-hoc networks, and computer systems using quarantine have motivated adopting it in edge computing. The data acquisition edge nodes identify the intruders and quarantine all the suspected devices through dimensionality reduction. During quarantine, the proposed concept builds the reputation scores to determine the falsely identified legitimate devices and sanitize their affected data to regain data integrity. As a preliminary investigation, this work identifies an appropriate machine learning method, Linear Discriminant Analysis (LDA), for dimensionality reduction. The LDA results in 72.83% quarantine accuracy and 0.9 seconds training time, which is efficient than other state-of-the-art methods. In future, this would be implemented and validated with ground truth data.

Machine Learning,Distributed, Parallel, and Cluster Computing,Neural and Evolutionary Computing

Bouganim, Luc

DOI: https://doi.org/10.1007/s00779-024-01821-9

2024-06-15

Personal and Ubiquitous Computing

Abstract:The convergence of opportunistic networks and trusted execution environments at the network edge presents a compelling opportunity for fully decentralized privacy-preserving data processing. Based on this convergence, we define the concept of edgelet computing, a new paradigm for executing powerful and privacy-preserving distributed queries on personal devices. Our objective is to establish a robust, secure, and scalable execution framework with strong individual privacy guarantees. This paper first proposes a liability model tailored to decentralized executions on crowd members' devices, along with a query evaluation model that differs from the traditional database closed-world assumption. Second, it defines essential properties for ensuring the security, resiliency, and validity of executions and subsequently presents several methods and strategies for their enforcement. Through a comprehensive qualitative analysis and extensive evaluations, we showcase the relevance and effectiveness of the approach, demonstrating that edgelet computing holds potential for the emergence of novel and important classes of applications.

computer science, information systems,telecommunications

Aiting Yao,Gang Li,Xuejun Li,Frank Jiang,Jia Xu,Xiao Liu

DOI: https://doi.org/10.1016/j.array.2023.100293

2023-01-01

Array

Abstract:Fast-growing smart city applications, such as smart delivery, smart community, and smart health, are generating big data that are widely distributed on the internet. IoT (Internet of Things) systems are at the centre of smart city applications, as traditional cloud computing is insufficient for satisfying the critical requirements of smart IoT systems. Due to the nature of smart city applications, massive IoT data may contain sensitive information; hence, various privacy-preserving methods, such as anonymity, federated learning, and homomorphic encryption, have been utilised over the years. Furthermore, limited concern has been given to the resource consumption for data privacy-preserving in edge computing environments, which are resource-constrained when compared with cloud data centres. In particular, differential privacy (DP) has been an effective privacy-preserving method in the edge computing environment. However, there is no dedicated study on DP technology with a focus on smart city applications in the edge computing environment.To fill this gap, this paper provides a comprehensive study on DP in edge computing-based smart city applications, covering various aspects, such as privacy models, research methods, mechanisms, and applications. Our study focuses on five areas of data privacy, including data transmitting privacy, data processing privacy, data model training privacy, data publishing privacy, and location privacy. In addition, we investigate many potential applications of DP in smart city application scenarios. Finally, future directions of DP in edge computing are envisaged. We hope this study can be a useful roadmap for researchers and practitioners in edge computing enable smart city applications.