Access Control Issues in Utilizing Fog Computing for Transport Infrastructure

Salonikias, Stavros; Mavridis, Ioannis; Gritzalis, Dimitris

doi:10.1007/978-3-319-33331-1_2

Cited by 38 publications

(16 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Due to heterogeneity and poor security controls in IoT devices, it is often easier for attackers to gain access to these devices. Salonikias et al [80] proposed a role-based authorization in traditional web services in which administrators have to regulate access rights. In [81], attribute-based encryption is proposed, in which predefined attributes of users must be satisfied [82,83].…”

Section: Fog Computing Security Challengesmentioning

confidence: 99%

The Security of Big Data in Fog-Enabled IoT Applications Including Blockchain: A Survey

Tariq

Asim

Al-Obeidat

et al. 2019

Sensors

215

171

View full text Add to dashboard Cite

The proliferation of inter-connected devices in critical industries, such as healthcare and power grid, is changing the perception of what constitutes critical infrastructure. The rising interconnectedness of new critical industries is driven by the growing demand for seamless access to information as the world becomes more mobile and connected and as the Internet of Things (IoT) grows. Critical industries are essential to the foundation of today’s society, and interruption of service in any of these sectors can reverberate through other sectors and even around the globe. In today’s hyper-connected world, the critical infrastructure is more vulnerable than ever to cyber threats, whether state sponsored, criminal groups or individuals. As the number of interconnected devices increases, the number of potential access points for hackers to disrupt critical infrastructure grows. This new attack surface emerges from fundamental changes in the critical infrastructure of organizations technology systems. This paper aims to improve understanding the challenges to secure future digital infrastructure while it is still evolving. After introducing the infrastructure generating big data, the functionality-based fog architecture is defined. In addition, a comprehensive review of security requirements in fog-enabled IoT systems is presented. Then, an in-depth analysis of the fog computing security challenges and big data privacy and trust concerns in relation to fog-enabled IoT are given. We also discuss blockchain as a key enabler to address many security related issues in IoT and consider closely the complementary interrelationships between blockchain and fog computing. In this context, this work formalizes the task of securing big data and its scope, provides a taxonomy to categories threats to fog-based IoT systems, presents a comprehensive comparison of state-of-the-art contributions in the field according to their security service and recommends promising research directions for future investigations.

show abstract

Section: Fog Computing Security Challengesmentioning

confidence: 99%

The Security of Big Data in Fog-Enabled IoT Applications Including Blockchain: A Survey

Tariq

Asim

Al-Obeidat

et al. 2019

Sensors

215

171

View full text Add to dashboard Cite

show abstract

“…These fog nodes usually provide intermediary computation and networking services between the end-users and the traditional cloud data servers. Over the last few years, a number of fog-based access control approaches have been proposed in the literature (e.g., [48][49][50][51]).…”

Section: The Backgroundmentioning

confidence: 99%

“…Zaghdoudi et al [48] propose a generic and scalable access control model for fog computing with low overhead, considering the information about the subjects, objects and operations as contexts. In [49], the authors present a recent study on intelligent transport systems utilizing fog computing and identify the corresponding fog-based access control issues. Both research works have been concerned with several important requirements of the fog-based access control models, such as context-awareness and distributed architecture.…”

Section: The Backgroundmentioning

confidence: 99%

A Survey of Context-Aware Access Control Mechanisms for Cloud and Fog Networks: Taxonomy and Open Research Issues

Kayes

Kalaria

Sarker

et al. 2020

Sensors

View full text Add to dashboard Cite

Over the last few decades, the proliferation of the Internet of Things (IoT) has produced an overwhelming flow of data and services, which has shifted the access control paradigm from a fixed desktop environment to dynamic cloud environments. Fog computing is associated with a new access control paradigm to reduce the overhead costs by moving the execution of application logic from the centre of the cloud data sources to the periphery of the IoT-oriented sensor networks. Indeed, accessing information and data resources from a variety of IoT sources has been plagued with inherent problems such as data heterogeneity, privacy, security and computational overheads. This paper presents an extensive survey of security, privacy and access control research, while highlighting several specific concerns in a wide range of contextual conditions (e.g., spatial, temporal and environmental contexts) which are gaining a lot of momentum in the area of industrial sensor and cloud networks. We present different taxonomies, such as contextual conditions and authorization models, based on the key issues in this area and discuss the existing context-sensitive access control approaches to tackle the aforementioned issues. With the aim of reducing administrative and computational overheads in the IoT sensor networks, we propose a new generation of Fog-Based Context-Aware Access Control (FB-CAAC) framework, combining the benefits of the cloud, IoT and context-aware computing; and ensuring proper access control and security at the edge of the end-devices. Our goal is not only to control context-sensitive access to data resources in the cloud, but also to move the execution of an application logic from the cloud-level to an intermediary-level where necessary, through adding computational nodes at the edge of the IoT sensor network. A discussion of some open research issues pertaining to context-sensitive access control to data resources is provided, including several real-world case studies. We conclude the paper with an in-depth analysis of the research challenges that have not been adequately addressed in the literature and highlight directions for future work that has not been well aligned with currently available research.

show abstract

“…In [24] an IoT enabled ecosystem utilizing the notion of fog computing in Intelligent Transportation Systems (ITSs) is presented. Considering the number of access control issues presented there, the following requirements can be extracted:…”

Section: Access Control Requirementsmentioning

confidence: 99%

“…In [24] an ABAC specific deployment is proposed where cloud, fog and edge layers are used for the various components of access control system. Access control administration is provided by a PAP, which is located on the cloud along with a PIP that stores subject, object and system attributes.…”

Section: Components Placementmentioning

confidence: 99%

Access Control in the Industrial Internet of Things

Salonikias

Gouglidis

Mavridis

et al. 2019

Advanced Sciences and Technologies for Security Applications

Self Cite

View full text Add to dashboard Cite

The Industrial Internet of Things (IIoT) is an ecosystem that consists of -among others --various networked sensors and actuators, achieving mainly advancements related with lowering production costs and providing workflow flexibility. Introducing access control in such environments is considered to be challenging, mainly due to the variety of technologies and protocols in IIoT devices and networks. Thus, various access control models and mechanisms should be examined, as well as the additional access control requirements posed by these industrial environments. To achieve these aims, we elaborate on existing state-of-the-art access control models and architectures and investigate access control requirements in IIoT, respectively. These steps provide valuable indications on what type of an access control model and architecture may be beneficial for application in the IIoT. We describe an access control architecture capable of achieving access control in IIoT using a layered approach and based on existing virtualization concepts (e.g., the cloud). Furthermore, we provide information on the functionality of the individual access control related components, as well as where these should be placed in the overall architecture. Considering this research area to be challenging, we finally discuss open issues and anticipate these directions to provide interesting multi-disciplinary insights in both industry and academia.

show abstract

Access Control Issues in Utilizing Fog Computing for Transport Infrastructure

Cited by 38 publications

References 21 publications

The Security of Big Data in Fog-Enabled IoT Applications Including Blockchain: A Survey

The Security of Big Data in Fog-Enabled IoT Applications Including Blockchain: A Survey

A Survey of Context-Aware Access Control Mechanisms for Cloud and Fog Networks: Taxonomy and Open Research Issues

Access Control in the Industrial Internet of Things

Contact Info

Product

Resources

About