Paper Discussion: 2b. Fog Computing for the Internet of Things: Security and Privacy Issues

[tuhinadasgupta]

@lrshpak The second question is a great point and one that is not addressed by the paper (great critique!) @pcodes The second question is an issue that the paper assumes doesn't occur (nice catch!) The third question is a concern addressed in the first half of the paper, admittedly without a solid solution (proposed computation in the fog node) @gkahl You have two great questions (would love to discuss them in class) but I'm not totally sure what you mean by the last question (feel free to bring it up in the class discussion) @s-hanna15 The critical thought behind the first question is excellent & something I hope we discuss tomorrow. @bushidocodes The first question is insightful as the focus of the prayer is unclear @chandaweia The second question is mentioned in my presentation! (you'll get an answer!) @rachellkm Both questions are insightful but I don't know the answer to the first & would love to know! @mjhegarty The third question is a consideration that must be made but I too am unsure how it occurs efficiently. @huachuan The first question will be answered in my presentation! (you'll get an answer!)

[lrshpak]

Reviewer: Lily Shpak Review Type: Comprehension

Problem Being Solved

The problem that the authors in this paper are trying to solve is how to make the Internet of Things more secure by using fog computing. The authors acknowledge that there are many obstacles that would have to be crossed in order to make this a secure and effective solution.

Main Contributions

The main contributions this paper makes to solving this issue is providing solutions to the biggest issue that fog computing introduces, security. The authors give different facets of security that would need help, and then they provide solutions for these issues but they also recognize that there are extreme strides that need to be made in order for fog computing to be an effective solution.

Three Questions

1. The authors acknowledge that there is a communication overhead to send the certificate packets back and forth, is this a significant enough overhead that would cause delays in the system?
2. In order for this to work for all IoT devices, the devices need to be significantly updated, how would administrators of this system ensure that all devices are updated so no vulnerabilities can occur?
3. How hard would it be to implement a fog computing system in a system that already exists?

[pcodes]

Reviewer: Pat Cody Review Type: Comprehension

Problem Being Solved

IoT devices by themselves generate massive amounts of data and have intrinsic problems due to being small physical devices, on top of the security challenges from being connected to the Internet. As a result, these shortcomings place a higher burden on cloud computing servers. Fog computing has been introduced as a means to bridge IoT devices with the cloud, but they also suffer from security issues.

Main Contributions

This paper highlights a wide variety of security issues present in IoT. It proposes a novel means of performing certificate revocation using fog computing. It also describes how fog computing can be used more generally to solve the security issues they previously highlighted.

Questions

• How has fog computing evolved into edge computing?
• Regarding their certificate revocation proposal, how would the case of the fog node not being able to reach the cloud be handled?
• How would an IoT device communicate with the fog node regarding authentication?

[gkahl]

Reviewer: Greg Kahl Review Type: Comprehensive

Problem Being Solved

In this survey paper, the authors discuss the advantages of using Fog Computing, or Edge Computing, in IoT. They also discuss the security risks that may be brought about by utilizing Fog Computing and address these risks with solutions to mitigate the risks that may arise.

Main Contributions

In the first portion of the survey discusses the issues that the use of Fog Computing may bring with it. They then move on to discuss their solution which helps to mitigate these issues and hopefully provide a better experience than the systems currently in place. And finally, they discuss Fog Computing could be utilized to help solve some of the problems discussed earlier.

Questions

• Doesn't the use of CRL on the Fog Computing device run into the same issue as when it is on the actual IoT device, wherein if the table isn't updated revoked keys may still be authorized?
• Continuing off that, would it be more secure to use OSCP to request the certificate status if the certificate does not show up in the bloom filter?
• Although the table isn't being stored on the IoT device, is this proposed method scalable? Would the addition of many more devices on the system increase latency as more requests are being made to the single Fog Node?

[s-hanna15]

Reviewer: Sam Hanna Review Type: Comprehension

Problem Being Solved: This paper talks about fog computing and the security and privacy implications of using fog computing with IoT devices. The paper covers common security problems and gives an example of a solution for one of the problems, Certificate Revocation.

Important Areas: The paper focused on how fog computing can help improve the security of IoT devices. The areas of security that were focused on in particular were authentication, privacy, and access control. It also gave a solution for Certificate Revocation, which uses Bloom Filters on the device and checks any false positives on the edge.

Questions about the Survey:

1. In the section about using bloom filters as a solution for certificate revocation, it talks about reliability and authentication, but one important aspect of security is Integrity. I’m curious if it would be possible for a man-in-the-middle type attack that would be able to change the bloom filter and thus circumvent the security that was put in place?
2. In the section called “Certificate Revocation Schemes,” it briefly mentions public-key cryptosystems but does not really explain how it is used in relation to the certificate revocation, so I am confused about the relevance of the inclusion?
3. It mentioned the location of the fog devices helping with security updates, and I don’t think I understand how that would help with updating?

[bushidocodes]

Reviewer: Sean McBride Review type: Comprehension

Problem Being Solved

"Fog Computing for the IOT: Security and Privacy Issues" seeks to provide a high-level and non-exhaustive list of security and privacy issues around the IOT, demonstrate a focused example of fog computing to one of the many problems in this domain, and then outlines numerous open research issues at the intersection of fog computing and IOT security and privacy."

Main Contributions

1. Outlines a number of ways that the characteristics of IOT devices are hamstrung in executing the sorts of security and privacy measures common in data centers. I.e. cryptographic hashing
2. Provides a quick primer in Certificate Revocation Schemes, why these are problematic for IOT, and then presents a novel reference architecture for a "fog-native" certificate revocation scheme that provides on-IOT verification via Bloom Filters with fallback to client-server interaction with a fog device.
3. Provides a number of possible areas for follow on research.

Questions about the Research Paper:

1. Is the certificate revocation architecture the main topic of the paper or is it more of an example and call-to-arms to encourage more researchers to perform creative architectural thinking at the intersection of these domains?
2. The paper discusses using the fog to obfuscate or anonymize data before sending it to the cloud, but assuming a customer rents edge computing services from a service provider, how does locality change the trust relationship with the edge computing provider? Alternatively, does this suggest that edge devices should be personally-owned and run within some sort of trusted enclave?
3. What sort of security problems are exposed by trusted an external device to do crypto on your behalf? What sort of controls can be put in place to defend this, and do these security controls scale down to IOT?

[chandaweia]

Reviewer: Cuidi Wei Review Type: Comprehension

Problem being solved Employing fog to improve the distribution of certificate revocation information among IoT devices security enhancement. Also. The fog computing paradigm aims to reduce the data volume and traffic to cloud servers, decrease latency, and improve quality of service.

Main contributions Proposing a new scheme using fog to solve security issues in distributing certificate revocation information IoT environments.

Questions about the survey 1.Is there a possibility that a client A disguises as another client B to communicate with fog and access a certain source? 2.How to measure the communicate overhead? Is the comparison between the latency and communicate overhead fair enough? I mean, if there is a fog between cloud and client, there may be more latency because there is one more step to communicate with. 3.Why high bandwidth use and timeliness issues could lead to security consequences?

[rachellkm]

Reviewer: Rachell Kim Review Type: Comprehension

Problem Being Solved

Ensuring security and privacy in IoT devices can be a unique challenge due to architectural constraints and the mobile nature of the devices involved. This paper discusses areas that may pose as security and privacy threats to IoT as well as the insufficiency of existing mechanisms to cover for these identified problems. The authors also propose a new method which utilizes fog computing to enhance security in IoT environments that do interact with fog devices.

Main Contributions

The authors survey various vulnerabilities in IoT devices and propose a new system to improve certificate revocation schemes through fog computing. They also survey different facets of security in IoT that may benefit from incorporating the usage of fog computing as a part of potential solutions.

Questions

1. The authors mention providing a short list of the CRL in the form of a bloom filter as one of the key steps in their certificate revocation scheme, but how is this short list made? What decides which serial numbers make it into the filter and how does this guarantee that a certificate is not revoked if it isn’t found inside the bloom filter that was passed onto the IoT device?
2. I understand that fog computing adopts some of the similar challenges faced with cloud computing with respect to IoT devices, as discussed in this paper, but what exactly are the unique challenges that can be introduced that are specific to fog in IoT that is not faced with the cloud?

[mjhegarty]

Reviewer: Michael Hegarty Review Type: Comprehension

Problem being solved

This paper discusses the challenges related to IoT devices fitting into the current internet system. They discuss how different aspects of security and privacy are facing issues due to the unique nature of IoT. The authors go into detail about the challenges of certificate revocation, particularly in IoT devices.

Main Contributions

The authors sum up different problems facing the world of IoT while explaining how the nature of IoT lead to these problems. They give a case study to show how the specific issue of certificate revocation in IoT would be fairly difficult to solve in a conventional way without making trade offs involving data size, round trip time, or security, and provide a solution using a fog based framework. They then discuss the potential issues that fog computing will need to address.

Questions

1. The authors discuss in the later sections how location verification can be an issue with IoT devices moving in a fast and dynamic way. Wouldn't this issue have already been addressed and solved by the numerous maps programs on cell phones?

2. The authors mention the idea that a user's usage pattern of IoT devices can be revealed from the data generated from the devices. Assuming the attacker gets this information from intercepting the wireless transmission from node to node is this something that can be dealt with without simply encrypting every transmission?

3. How would the trust model based on reputation be implemented in the IoT domain? Wouldn't it get computationally expensive to keep track of reputations for every single device on the network and update them based on their behavior?

[huachuan]

Reviewer: Huachuan Wang Review Type: Comprehension

Overview

This paper analyzed the security and privacy issues of fog computing in IoT environments. It proposed a new methodology using fog to solve security issues in distributing certificate revocation information in IoT environments.

Contribution

This paper investigated and discussed security and privacy challenges of introducing fog computing in IoT environments. It emphasized great attention should be paid to solve the authentication in the context of fog computing in IoT applications and other security problems. This paper also did research on the location and other new privacy issues.

Questions

1. Figure 2 gives an example of a bloom filter with k independent hash functions. Why did this paper argue although a false positive matching is possible in the bloom filter, a false negative is not?
2. In the overhead part. This paper comparison of the communication overhead in different certificate revocation schemes and showed the proposed scheme is more efficient, however, as mentioned in the storage overhead part, OCSP protocol doesn’t incur any storage overhead, because it’s an online approach, referring to figure 4, which compared the speed vs package size, why the OCSP's zero storage overhead has cannot benefit the speed?

[ratnadeepb]

Reviewer: Ratnadeep Bhattacharya Review type: Critical

Problem Solved

The paper analyzes the overall security situation of IoT devices. It then goes on to describe the role fog nodes can play. Finally, it discusses the use of a scheme to provide certificate revocation better than current schemes.

Main Contribution

It discusses a scheme that combines hashing and a bloom filter data structure (a bit map) that provides certificate revocation information better than current schemes like CRL (Certificate Revocation List) and OCSP (Online Certificate Status Protocol).

Figure 1 and 2 in the paper provide a very concise description of the scheme. It improves on two aspects of current schemes

• Communication overhead required by OCSP
• Storage overhead required by CRL

The method is rather simple where each fog node maintains CRL files for a CA. The node then passes the certificates through k hashing functions and store a single bit for each certificate in a bloom filter. The data structures are stored in the IoT devices. If a source device talks to a destination device then the bits corresponding to the destination are checked. If they are unset then the destination has a valid certificate; otherwise the fog is checked with because there is a small probability for false positives.

According to my calculations, for a fog having 1000 devices in a hostile environment (500 devices could be malicious), the size of the CRL file would be around 1 KB. Also, in case of revoked certificates, the devices make much lesser requests to the fog.

Critique

• The underlying assumption is that fogs would be inherently secure (maybe as a subset of the cloud)
• The paper mentions that the probability of false positive (p) depends on the number of hash functions (k). However, this relationship is not explained. According to their formula for the size of the bloom filter (m), m has a substantial relationship with p.
• If we hold p constant at 0.01, then in a large-ish environment (n = 1000) which is also hostile (b = 500), the ~1661 bits required to store the bloom filter.