Fog computing is a paradigm that extends cloud computing and services to the edge of the network, similar to cloud but providing data computation, storage, and application services closer to users. This helps address issues with cloud like limited bandwidth, latency, and security vulnerabilities. Fog computing uses techniques like user behavior profiling and decoy systems to detect unauthorized access and secure data in the cloud from attackers. It has a decentralized architecture with fog devices acting as intermediaries between user devices and the cloud. Potential applications and scenarios of fog computing include smart grids, smart traffic lights, software defined networks, and the Internet of Things.
1. FOG COMPUTING
-SCENARIOS AND ITS ROLE IN CLOUD SECURITY
Presented by:
Anjana M. Shivangi (2GI11IS006)
Ashwini A. Patil (2GI11IS012)
1
Under the Guidance of:
Prof. K.S. Mathad
2. Contents
1. Introduction
2. Security Issues in Cloud
3. Why do we need Fog Computing?
4. Securing Cloud using Fog
5. Fog Computing Architecture
6. What can we do with Fog Computing?
7. Security and Privacy Issues in Fog Computing
8. Conclusion
9. References
2
3. Introduction
Internet of Things ( IoT)
The Internet of Things (IoTs) can be described as connecting
everyday objects like smart-phones, Internet TVs, sensors and
actuators to the Internet where the devices are intelligently
linked together enabling new forms of communication between
things and people, and between things themselves.
Now anyone, from anywhere and anytime can have connectivity
for anything and it is expected that these connections will extend
and create an entirely advanced dynamic network of IoTs.
3
4. Cloud computing (Existing system)
Cloud is basically a cluster of
multiple dedicated servers
attached within a network.
It has provided many
opportunities for enterprises by
offering their customers a range
of computing services.
Current “Pay-as-you-Use” Cloud
computing model becomes an
efficient alternative to owning and
managing private data centers for
customers facing Web
applications.
4
5. Fog computing
Fog Computing is a
paradigm that extends
Cloud computing and
services to the edge of the
network.
Like Cloud, Fog provides
data computation, storage
and application services for
end users.
Fog computing concept is
actually a Cloud computing
close to the “ground”.
5
6. Security issues in cloud
1. Abuse and Nefarious use of Cloud Computing
2. Insecure Application Programming Interfaces(API’s)
3. Malicious Insiders
4. Shared Technology Vulnerabilities
5. Data Loss/Leakage
6. Account, Service and Traffic Hijacking
7. Unknown Risk Profile
6
7. Why do we need fog computing?
Existing data protection mechanisms such as encryption, failed in securing the
data from the attackers.
The most evident bottleneck seen, is because of Limited Bandwidth problem.
With the proliferation of cloud computing placing added demands on Internet
speed and connectivity, latency is becoming a more critical concern for
everyone, from the end user to the enterprise.
Another prominent limitations of cloud computing includes requirement of high
speed reliable Internet connectivity and sometimes multi-homing to avoid link
outages and high latency, but would be very expensive and complex.
7
9. User behavior profiling
User profiling is a well-known
technique that can be applied here
to model how, when, and how
much a user accesses their
information in the Cloud.
Simple user specific features can
serve to detect abnormal Cloud
access based partially upon the
scale and scope of data transferred.
9
10. Decoy system
Decoy data, such as decoy documents, honey
pots and other bogus information can be
generated on demand and used for detecting
unauthorized access to information and to
poison the thief’s ex-filtrated information.
Serving decoys will confuse an attacker into
believing they have ex-filtrated useful
information, when they have actually not.
10
11. Combining the two technologies11
USER
PROFILING
USER
PROFILING
DECOY
DOCUMEN
T
ORIGINAL
DOCUMEN
T
SYSTEM
12. Fog computing architecture
ADMIN
ADMIN
OPERATION
S
ANSWER TO
QUESTIONS
LOGIN
USER
LOGIN
SIGN UP
ANSWER TO
QUESTIONS
ENTER
USERNAME
ENTER
PASSWORD
VIEW MY FILES
SEND MAIL
DOWNLOAD
FILES
UPLOAD FILES
ORIGINAL
DOCUMENT
DECOY
DOCUMENT
FOG COMPUTING
12
13. What can we do with fog computing?13
Smart
grid
Smart
Traffic
Lights
Software
Defined
Networks
Scenarios
Wireless
Sensor
Decentralized
Smart
Building
Control
Internet
of Things
14. Security and privacy issues in fog
computing
i) Security Issues:
The main security issues are authentication at different levels of
gateways as well as (in case of smart grids) at the smart meters
installed in the consumer’s home. Each smart meter and smart
appliance has an IP address. A malicious user can either tamper with
its own smart meter, report false readings, or spoof IP addresses.
ii) Privacy Issues
In smart grids, privacy issues deal with hiding details, such as what
appliance was used at what time, while allowing correct summary
information for accurate charging.
14
15. Security and privacy issues in fog
computing
iii) An Example: Man-in-the-Middle
Attack
In this subsection, we take man-
in-the-middle attack as an
example to expose the security
problems in Fog computing.
In this attack, gateways serving as
Fog devices may be compromised
or replaced by fake ones.
15
16. conclusion
• With the increase of data theft attacks the security of user data is
becoming a serious issue for cloud service providers for which Fog
Computing is a paradigm which helps in monitoring the behavior of the
user and providing security to the user’s data.
• By using decoy technique in Fog can minimize insider attacks in cloud.
• Fog provides unprecedented levels of security in the Cloud and in social
networks.
• The usage of fog computing can accelerate the innovation process in ways
that has never been seen before. This includes self-healing, self-organizing
and self-learning applications for industrial networks products.
16
17. References
[1] Ivan Stojmenovic and Sheng Wen, “The Fog Computing Paradigm: Scenarios and Security
Issues”, 2014 IEEE Federated Conference on Computer Science and Information Systems.
[2] Salvatore J. Stolfo, Malek Ben Salem and Angelos D. Keromytis, “Fog Computing: Mitigating
Insider Data Theft Attacks in the Cloud”, 2014 IEEE CS Security and Privacy Workshop.
[3] Mohammad Aazam, Eui-Nam Huh, “Fog Computing and Smart Gateway Based
Communication for Cloud of Things”, 2014 International Conference on Future Internet of Things
and Cloud.
[4] Cloud Security Alliance, “Top Threat to Cloud Computing V1.0,” March 2010.
[Online].Available: https://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf
[5] http://en.wikipedia.org/wiki/Fog_computing
[6] Cisco Cloud Computing -Data Center Strategy, Architecture, and Solutions
http://www.cisco.com/web/strategy/docs/gov/CiscoCloudComputing_WP.pdf.
[7] http://www.slideshare.net/priyankareddy14/fog-computing-provide-security-to-the-data-in-
cloud?related=1
17
1)The Internet of Things (IoTs) can be described as connecting everyday objects like smart-phones, Internet TVs, sensors and actuators to the Internet
where the devices are intelligently linked together enabling new forms of communication between things and people, and between things themselves.
3)All things on the Internet of things or IoT are uniquely addressable and are associated with the use of standard communication protocols
4) Now anyone, from anywhere and anytime can have connectivity for anything and it is expected that these connections will extend and create an entirely advanced dynamic network of IoTs.
Cloud is basically a clusters of multiple dedicated servers attached within a network.
It is the practice of using a network of remote servers hosted on the Internet to store, manage, and process data, rather than a local server or a personal computer.
It has provided many opportunities for enterprises by offering their customers a range of computing services.
With this cloud computing, a smart phone can become an interface to large data centre
3) the user does not need to worry about maintenance and managing all the resources. User has to bear only the cost of usage of service(s), which is called pay-as-you-use in cloud computing terms.
1)Fog Computing is a paradigm that extends Cloud computing and services to the edge of the network.
2) In Fog computing, services can be hosted at end devices. Also, Fog devices are much more heterogeneous in nature, ranging from end-user devices, access points, to edge routers and switches. To accommodate this heterogeneity, Fog services are abstracted inside a container for ease of orchestration. Example container technologies are Java Virtual Machine (JVM), and Linux containers.
3) The infrastructure of this new distributed computing allows applications to run as close as possible to sense actionable and massive data, coming out of people, processes and things.
4) Fog computing or fog networking or Edge Computing like Cloud provides data, computation, storage and application services to end-users. However, Fog can be distinguished from Cloud by its proximity to end-users, the dense geographical distribution and its support for mobility.
5) Fog computing concept is actually a Cloud computing close to the “ground”.
6)We adopt a simple three level hierarchy as in Fig.2.1. In this framework, each smart thing is attached to one of Fog devices. Fog devices could be interconnected and each of them is linked to the Cloud
1) Abuse and nefarious use of cloud computing is the top threat identified by the CSA. A simple example of this is the use of botnets to spread spam and malware. Attackers can infiltrate a public cloud, for example, and find a way to upload malware to thousands of computers and use the power of the cloud infrastructure to attack other machines.
2) As software interfaces or APIs are what customers use to interact with cloud services, those must have extremely secure authentication, access control, encryption and activity monitoring mechanisms - especially when third parties start to build on them.
3) The malicious insider threat is one that gains in importance as many providers still don't reveal how they hire people, how they grant them access to assets or how they monitor them. Transparency is, in this case, vital to a secure cloud offering, along with compliance reporting and breach notification.
4) Sharing infrastructure is a way of life for IaaS providers. Unfortunately, the components on which this infrastructure is based were not designed for that. To ensure that customers don't thread on each other's "territory", monitoring and strong compartmentalization is required. Promote strong authentication and access control for administrative access and operations.
5) Be it by deletion without a backup, by loss of the encoding key or by unauthorized access, data is always in danger of being lost or stolen. This is one of the top concerns for businesses, because they not only stand to lose their reputation, but are also obligated by law to keep it safe.
6) Account service and traffic hijacking is another issue that cloud users need to be aware of. These threats range from man-in-the-middle attacks, to phishing and spam campaigns, to denial-of service attacks.
7) Security should be always in the upper portion of the priority list. Code updates, security practices, vulnerability profiles, intrusion attempts – all things that should always be kept in mind.
1)Since the cloud systems have been located with the Internet, user requests need to traverse a large number of intermediate networks depending on the distance between the users and systems. When customer data is out there in a public cloud, there is a risk of them being compromised of their integrity and confidentiality. Deeper the data inside the Internet, higher the risk as the data has to travel a long distance to and from the user's computer to the cloud system, even if the data is encrypted.
2) Since cloud computing is basically Internet based computing, it is a must to have reliable Internet connectivity with sufficient bandwidth to access the services. If the link outage occurs due to any reason the total system would be unreachable making a total blackout.
3)Real time applications with which users directly interact with are badly affected by delay and delay jitter caused by latency in networks.
4) The prominent limitations of cloud computing include requirement of high speed reliable Internet connectivity and sometimes multi-homing to avoid link outages, high latency, undefined security
Therefore,
The main feature of fog computing is its ability to support applications that require low latency, location awareness and mobility. This ability is made possible by the fact that the fog computing systems are deployed very close to the end users in a widely distributed manner. Fog computing nodes must have sufficient computing power and storage capacity to handle the resource intensive user requests
In Figure, Fog network is close to the smart devices, data processing is happening closer to the devices and the processed information is passed to the cloud computing environment.
The thing that distinguishes fog from cloud is its support for mobility, its proximity to its end-users and its dense geographical distribution.
A completely different approach to securing the cloud is proposed using decoy information technology. We use this technology to launch disinformation attacks against malicious insiders, preventing them from distinguishing the real sensitive customer data from fake worthless data.
We posit that secure Cloud services can be implemented given two additional security features:
Behaviour based security
a‘normal user’ behavior can be continuously
checked to determine whether abnormal access
to a user’s information is occurring.
Ex: Fraud detection applications
Decoy data, such as decoy documents, honey pots and other bogus information can be generated on demand and used for detecting unauthorized access to information and to poison the thief’s ex-filtrated information.
Serving decoys will confuse an attacker into believing they have ex-filtrated useful information, when they have actually not.
While fog computing will grow in helping the emerging network paradigms that require faster processing with less delay and delay jitter, cloud computing would serve the business community meeting their high end computing demands lowering the cost based on a utility pricing model.