Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Fog computing for the Internet of Things: security and privacy issues
Alrawais A., Alhothaily A., Hu C., Cheng X. IEEE Internet Computing21 (2):34-42,2017.Type:Article
Date Reviewed: Sep 7 2017

Connecting everything to the Internet is attractive because it can bring efficiency and convenience in many areas. However, security and privacy issues can also occur. The problem is that it is difficult to apply existing security and privacy solutions to the Internet of Things (IoT) because typical IoT devices are resource constrained. This paper focuses on several security and privacy challenges in the IoT and proposes an efficient scheme for certificate revocation.

Certificate revocation management is essential in maintaining a public-key-based security and authentication system. However, a node needs to have sufficient storage and network bandwidth to keep a valid certificate revocation list (CRL). The idea of this paper is that an IoT device can offload the burden of CRL maintenance to a fog node that is assumed to have sufficient resources. To reduce the communication overhead between the fog and the IoT device, this paper proposes a Bloom filter at the cost of a false positive. To prevent invalidation of a certificate due to a false positive, the IoT device asks the fog to double check whether a given certificate is in the CRL list. In the paper, the online certificate status protocol (OCSP) is also introduced for real-time validation checks with low network bandwidth consumption.

Although the paper states that the Bloom filter reduces the communication overhead between the fog and the IoT device compared to the existing CRL and OCSP, there are some unclear points. First, while the estimated CRL size includes the certificate authority’s (CA’s) signature as well as a list of revocations, the Bloom filter of the proposed scheme does not include the CA’s signature. Second, the fog needs to receive a fresh CRL and generate a Bloom filter for the freshest CRL continuously, and the IoT device needs to get the freshest Bloom filter continuously. This load is not counted in the observational results. Third, the Bloom filter includes only the local IoT devices’ certificates. What if the IoT device connects to an outside node? How can an IoT device determine if a certificate is valid if it is not used in generating the Bloom filter due to a new device?

It is reasonable to expect a fog to play a fundamental role in addressing security and privacy concerns. However, a fog is less trustworthy compared to a cloud that is maintained in a data center. Thus, a solution depending on a fog should be carefully designed so that the solution is not vulnerable to fog hacking and does not add additional security-checking burdens to the IoT devices.

Reviewer:  Seon Yeong Han Review #: CR145527 (1711-0732)
Bookmark and Share
  Reviewer Selected
 
 
Security and Protection (C.2.0 ... )
 
 
Privacy (K.4.1 ... )
 
 
Web-Based Services (H.3.5 ... )
 
 
Storage Management (D.4.2 )
 
Would you recommend this review?
yes
no
Other reviews under "Security and Protection": Date
Introduction to data security and controls (2nd ed.)
Edward R. I., QED Information Sciences, Inc., Wellesley, MA, 1991. Type: Book (9780894353864)
Aug 1 1992
Security for computer networks: an introduction to data security in teleprocessing and electronic funds transfer
Davies D., Price W., John Wiley & Sons, Inc., New York, NY, 1984. Type: Book (9780471900634)
Oct 1 1985
The development and proof of a formal specification for a multilevel secure system
Glasgow J., Macewen G. ACM Transactions on Computer Systems 5(2): 151-184, 1987. Type: Article
Oct 1 1987
more...

E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use
| Privacy Policy