Wei Chang (editor) - Fog/Edge Computing For Security, Privacy, and Applications

More information about this series at Advances in Information Security http://www.springer.com/series/5576 The purpose of the book series is to establish the state of the art and set the course for future research in information security. The scope of this series includes not only all aspects of computer, network security, and cryptography, but related areas, such as fault tolerance and software assurance. The series serves as a central source of reference for information security research and developments. The series aims to publish thorough and cohesive overviews on specific topics in Information Security, as well as works that are larger in scope than survey articles and that will contain more detailed background information. The series also provides a single point of coverage of advanced and timely topics and a forum for topics that may not have reached a level of maturity to warrant a comprehensive textbook.

This Springer imprint is published by the registered company Springer Nature Switzerland AG

The registered company address is: Gewerbestrasse 11, 6330 Cham, Switzerland

With the advance of computer technology and high-speed networks, we have witnessed the rise of a new technology in fog/edge computing in recent years. The past decade has witnessed a significant advance in cloud technology, Internet of Things (IoT), and 4G/5G wireless communications that expand the traditional computer technology at both macro and micro levels. In the era of big data, IoT includes many sensors, actuators, and mobile devices at the network edges. With the help of 4G and future 5G high-speed communication, data collected at IoT will be sent to the cloud for storage and processing. However, communication latency, due to the sheer volume of data collected at IoT to be transmitted to the cloud, poses a major challenge in cloud technology. Various efforts have been made to allow IoT to perform limited computation and storage; fog/edge computing goes one step further to bring some cloud service close to the network edge.

Fog computing is an architecture that makes use of edge devices to carry out a good amount of computation and storage. Their communication is done locally and/or routed over the Internet and/or 4G/5G. Fog computing supports IoT and consists of a control plane and a data plane. Like cloud computing, fog computing also provides computation, storage, and applications to end-users. However, fog computing is closer to end-users at the network edge (also known as edge computing, although these two terms are sometimes used interchangeably) and has wider geographical distribution. Note that rather than a substitute, fog/edge computing often services as the complement to cloud computing, and in many cases, works together with existing cloud technology, like cloudlet. There are many technical challenges in fog/edge network design, such as computation offloading which deals with delay minimization, energy minimization, a combination of both, and caching which decides both placing caching units and their contents. This book focuses on security and privacy in fog/edge computing.

Security and privacy in fog/edge computing pose some unique challenges as various services are distributed at the network edge. Security and privacy issues can be divided into two parts: system-level and service-level. System-level security and privacy deal with issues in the computing system itself such as modern network design using virtualization and special threats and attacks and their counter methods in intrusion and malware detections. Service-level security and privacy handle issues under a service, which can be broadly divided into authentication and trust, access control, data confidentiality and integrity, privacy preservation, and non-repudiation. Security and privacy issues can also be partitioned in another orthogonal way based on system functions, including service provisioning, data processing, data transmission, and data storage. Note that service decentralization in fog/edge computing offers a double-edged sword, compared to service centralization in cloud computing: fog/edge computing offers more flexibility in the system and network design; however, it also poses some additional challenges in ensuring security and privacy, especially in supporting mobility, device heterogeneity, location-awareness, and lightweight solutions.

To handle the security and privacy issues in fog/edge computing, many secure and privacy-preserved systems, architectures, and algorithms have been designed. Based on the target, we can classify the existing security and privacy solutions to fog/edge computing into four categories: user-centric, device-centric, application-centric, and end-to-end-centric. The user-centric methods focus on the roles of users that participate in the fog/edge computing, and the corresponding security and privacy mechanisms are determined based on the roles. The device-centric methods provide security and privacy solutions for each end device based on its resources, location, and the roles it plays in the applications. The application-centric solutions take full advantage of the power, flexibility, and performance of the existing fog/edge computing systems and consider how to apply policies to different applications to meet their unique security and privacy requirements. The last group, end-to-end-centric, emphasizes the secure and privacy-preserved communications among all participants, such as the remote cloud, edge devices, and end devices. Because of the heterogeneity of the participants and variety of security and privacy goals, more and more fog/edge computing-related schemes have been proposed in the past decade.