Secure Privacy Preserving Technique for Data Access in Fog- Internet of Things

Secure Privacy Preserving Technique for data access in Fog- Internet of Things

Abstract

Fog computing is a paradigm that extends cloud computing to the edge of the network. It can provide computation and storage services to end devices in Internet of Things (IoT). IoT uses the Internet as a key infrastructure to interconnect numerous geographically diversified IoT nodes which usually have scare resources, and therefore cloud is used as a key back-end supporting infrastructure. Unfortunately, the IoT cloud suffers from various drawbacks such as huge network latency as the volume of data which is being processed within the system increases. To alleviate this issue, the fog computing is introduced, in which fog like intermediate computing buffers are located between the IoT nodes and the cloud infrastructure to locally process a significant amount of regional data. In this research proposal, the privacy preserving technique based data access control scheme in fog computing for IoT. This proposed technique monitors the user activity to identify the legitimate access and prevent from any unauthorized access of data. Although, reduces the computational cost and burden of the IoT devices. 

Introduction

Nowadays, the cloud computing is considered as a significant computing paradigm. It can provide elastic computing resources to users based on the techniques of distributed computing, virtualization, and so on. The term “Fog computing” or “Edge computing” means a computing system that other than hosting and working entirely from a centralized cloud, fog systems operate on network ends [1, 2]. The fogging is a distributed computing infrastructure in which some application services are handled at the network in smart devices and some applications are handled in cloud. It is a term for processing some small applications and resources at the edge of the cloud, rather than processing applications entirely in the cloud. Fog computing facilitates the operation of compute, storage and other services between end devices such as Internet of Things (IoT) devices and cloud computing data centers. But, Fog can never replace cloud it is just extending the cloud computing by giving security in the cloud atmosphere [3, 4]. An IoT device is generally characterized by real world and small things with limited storage and processing capacity which has the consequential issues regarding reliability, performance, security and privacy. At the same time, cloud computing has virtually unlimited capabilities such as storage, processing power, privacy and security [5]. Cloud computing provides infinite computation and storage through a shared pool of resources, which can be dynamically allocated and easily obtained by any IoT application [6].

Fog model provides benefits in advertising, computing, entertainment and other applications, well suited for data analytics and distributed data collection points. End services can be easily done on set-up-boxes and access points. It improves QoS and reduces response time. The main objective of fogging is placing the information close to the user at the edge of the network. The advantages of Fogging model is lot of reduction in data movement across the network resulting in reduced data traffic, cost and latency, elimination of overhead of centralized computing systems, increased security of data as it stays closer to the end user [7]. The several techniques are used in IoT and cloud in terms of security and privacy. The traditional technique of Homomorphic encryption scheme is used in IoT. This approach is fully additive homomorphic encryption with fully additive threshold secret sharing to allow secure and efficient combination of many sensed variables without revealing any one of other variable [8]. Another existing technique Fine Grained Privacy Preserving Query (FGPQ) scheme is provide the privacy preservation for the Location Based Service (LBS) provider and mobile user. The FGPQ scheme significantly reduces the computational and communicational overheads as well as ensures the low latency [9]. To overcome the problems in multi-cloud broadcast in IoT, multi-cloud based outsourced Attribute based Encryption (ABE) is used. By enforcing the collaboration between multiple clouds, these schemes significantly reduce the computational overhead at the resource-constrained IoT devices [10, 11].In this research proposal, the privacy preserving and security in data access technique is proposed for transmission between fog nodes and IoT devices. In order to reduce the computational costs, burdens of constrained IoT devices, and provide the high security purpose privacy preserving technique is used.

Problem Definition

     In secure fog communication, an existing cipher text technique is used for an encryption and decryption in key exchange protocol to establish secure communication among a group of fog nodes and the cloud. Sine, encryption and decryption operation requires a large number of module experimentation and pairings. So, the computation cost is high.  

     The traditional cipher text policy attribute based technique is reduces the key delegation problem in for computing. The cipher text policy attribute creates new private keys for user’s original sets of attributes. The new keys are misguiding the users so, difficult to trace the malicious user. 

     The fog computing framework using face identification and resolution technique meet the challenges of confidentiality, integrity and availability in the process of face identification. The fog nodes are in locality of end users and collect more sensitive face detection information. So, high privacy preserving security was required. 

     A secure existing encryption technique is used in IoT. The IoT devices generate and encrypt data before sending to remote server; it would not keep a copy in local storage, which will make it very difficult to realize policy updating.

     The conventional attribute based encryption technique is encrypting the sensitive data of data owners with multiple policies. In IoT devices transfer the data to the local side from the remote server, and re-encrypt the data using encryption scheme and the n send encrypted data back to the remote server. However, this may suffer heavy computation and communication cost on IoT devices.

Literature Review

Numerous methods have been proposed by researchers in security and privacy techniques of fog computing in IoT. In this section, a brief review of some important contributions to the existing literature is presented.

Research Objective

     To develop secure and efficient constrained IoT devices policy updating for instead of retrieving and re-encrypting the data. The IoT device generates update key for new access policy, with the cloud server can renew access policy of its ciphertext. Although the policy-updating task is outsourced to the cloud server, the updating procedureis without leaks the sensitive data.

     Todesign and develop the fog computing based IoT devices efficient attribute based encryption technique is used.A large number of devices in IoT to connect hundreds of thousands of objects to Internet, which brings heavy burden to attribute authority in the aspect of key management. The ABE technique, reduce the workload on the unique attribute authority and also achieve the scalability in key management.

     Fog computing provides a new opportunity to design an efficient intrusion-detection solution on both the cloud and IoT device sides. Employing such a solution at fog nodes will add a layer of protection that monitors and detects any unusual behaviour and malicious attacks in IoT environments as well as decrease the execution errors.

     To identity obfuscation techniquecan be used in fog computing for IoT devices such that fog nodes can’t identify which IoT device is of loading the data. Also, to protect user privacy would be designing an efficient privacy-preserving technique based on partitioning the data among fog devices and this technique improves the privacy and security.

     To develop a protocol for encrypted key exchange based technique combines encryption and signature to achieve data access control, confidentiality, and verifiability.This encrypted key exchange based technique illustrates its efficiency in terms of message size and communication overheads.

Proposed Methodology

In this section proposed a privacy preserving data access control scheme in fog computing for IoT. The proposed architecture consist of several elements such as attribute authority, cloud service provider, fog nodes, data owners and users as shown in the figure.1 and described below. At the initialization phase, attribute authority uses the Setup algorithm to generate systems parameter. By the KeyGen technique, attribute authority generates secret keys for data owners and users. In order to achieve high encryption efficiency, the data owner first encrypts the collected data with a random by applying symmetric encryption method and defines an access policy and an update policy, the fog node uses the Fog.Encrypt scheme to partially encrypt the data with the access policy, and then data owner uses the Owner. Encrypt algorithm to finish the encryption with both the access policy and update policy and stores it to the CSP. When accessing the data, the fog node first uses the Fog. Decrypt algorithm to partially decrypt the ciphertext, and then the user can use the User.Decrypt algorithm to recover the data.

Figure.1 Proposed Architecture of Fog computing using security model

Attribute authority: The attribute authority is a fully trusted party which is in charge of generating system parameters as well as secret key for each user.The attribute authority uses the Setup algorithm to generate systems parameter. By the KeyGen technique, attribute authority generates secret keys for data owners and users in order to achieve high encryption efficiency.

CSP: The CSP is a semi-trusted party which provides high-capacity and online data storage service. It is also responsible for verifying the signature before accepting the updated ciphertext.Encryptionmethod to partially encrypt the data with the access policy, and then data owner uses the Owner. Encryptionmethod to finish the encryption with both the access policy and update policy and stores it to the CSP. When accessing the data, the fog node first uses the Fog. Decryptiontechnique to partially decrypt the ciphertext, and then the user can use the Decryption scheme to recover the data.

Fog node: The fog nodes are also semi-trusted parties which are deployed at the network edge and offer a variety of services. They are in charge of generating part of the ciphertext and uploading the whole ciphertext to the CSP, and also helping users to decrypt the ciphertext from the CSP. Moreover, they assist end users to sign the ciphertext update request.

Data owner: The data owner has a great amount of data from the IoT devices to be uploaded to cloud. It is designed to define access and update policies to generate the whole ciphertext with the fog nodes.

User: The user is attached to fog nodes and equippedwith IoT devices such as smart cameras, medical sensors and smart meters. Since the IoT device has limited computation and storage ability, it wishes to gain access to the ciphertext stored in CSP with the help of fog nodes. If the user’s attribute set satisfies the access policy in the ciphertext, he is able to decrypt the underlying data. After accessing the data, the user may make a modification and wish to re-encrypt the data. If the user’s attribute set satisfies the update policy in the ciphertext, the CSP will renew the stored ciphertext.

Fog computing is a nontrivial extension of cloud computing, it inherits many securityand privacy challenges of cloud computing, causing the extensiveconcerns in the research community. To enable authentic and confidential communications among a group of fog nodes, in this research proposal, proposed a privacy preserving data access control scheme in fog computing for IoT. In order to reduce the computational costs, burdensof constrained IoT devices, and provide the high security purpose privacy preserving technique is used. The proposed technique is can be implemented in Java, Cisco_iox, Fog Sim, SAP, and etc.

Possible Outcome

The performance of the privacy preserving data access control scheme in fog computing for IoT is calculated with the help of evaluation metrics likecomputational cost, delay time, network usage, and response time for decryption, encryption and key generation. The proposed approach majorly concentrates on security and privacy in terms of various attacks. Also, improve the performance of fog nodes communications. All method’s results are compared in below table 1. The table consists of different kinds of existing papers, methods, and evaluation metrics. These existing works are challenging for our proposed work.

Summary

Fog computing extends the Cloud Computing paradigm to the edge of the network, thus enabling a new breed of applications and services. Defining characteristics of the Fog are low latency and location awareness, wide-spread geographical distribution, mobility, very large number of nodes, predominant role of wireless access, strong presence of streaming and real time applications, heterogeneity. Fog the appropriate platform for a number of critical Internet of Things (IoT) services and applications, namely, Connected Vehicle, Smart Grid, Smart Cities, and, in general,Wireless Sensors and Actuators Networks (WSANs).In this research proposal,security and privacy is the key factors and implemented efficient privacy preserving technique in the fog computing.In order to reduce the computational costs, burdens of constrained IoT devices, and provide the high security purpose privacy preserving technique is used.

Tools Used: 

Reference

[1] Chen, Y. C., Chang, Y. C., Chen, C. H., Lin, Y. S., Chen, J. L., & Chang, Y. Y. (2017, May). Cloud-fog computing for information-centric Internet-of-Things applications. In Applied System Innovation (ICASI), 2017 International Conference on (pp. 637-640). IEEE.

[2] Alotaibi, Asma, Ahmed Barnawi, and Mohammed Buhari. “Attribute-Based Secure Data Sharing with Efficient Revocation in Fog Computing.” Journal of Information Security 8.03 (2017): 203.

[3] Koo, D., Shin, Y., Yun, J., & Hur, J. (2016, December). A Hybrid Deduplication for Secure and Efficient Data Outsourcing in Fog Computing. In Cloud Computing Technology and Science (CloudCom), 2016 IEEE International Conference on (pp. 285-293). IEEE.

[4] Su, J., Cao, D., Zhao, B., Wang, X., & You, I. (2014). ePASS: An expressive attribute-based signature scheme with privacy and an unforgeability guarantee for the Internet of Things. Future Generation Computer Systems, 33, 11-18.

[5] Deng, R., Lu, R., Lai, C., Luan, T. H., & Liang, H. (2016). Optimal workload allocation in fog-cloud computing toward balanced delay and power consumption. IEEE Internet of Things Journal, 3(6), 1171-1181.

[6] Liu, Y., Dong, B., Guo, B., Yang, J., & Peng, W. (2015). Combination of cloud computing and internet of things (IOT) in medical monitoring systems. International Journal of Hybrid Information Technology, 8(12), 367-376.

[7] Khairnar, Sonali, and Dhanashree Borkar. “Fog Computing: A New Concept To Minimize The Attacks And To Provide Security In Cloud Computing Environment.” IJRET: International Journal of Research in Engineering and Technology 3.06 (2014).

[8] Zouari, Jaweher, Mohamed Hamdi, and Tai-Hoon Kim. “A privacy-preserving homomorphic encryption scheme for the Internet of Things.” Wireless Communications and Mobile Computing Conference (IWCMC), 2017 13th International. IEEE, 2017.

[9] Yang, Xue, Fan Yin, and Xiaohu Tang. “A Fine-Grained and Privacy-Preserving Query Scheme for Fog Computing-Enhanced Location-Based Service.” Sensors 17.7 (2017): 1611.

[10] Yang, Lei, Abdulmalik Humayed, and Fengjun Li. “A multi-cloud based privacy-preserving data publishing scheme for the internet of things.” Proceedings of the 32nd Annual Conference on Computer Security Applications. ACM, 2016.

[11] Vishwanath, Akhilesh, Ramya Peruri, and Jing (Selena) He. Security in fog computing through encryption. DigitalCommons@ Kennesaw State University, 2016.

[12] Hu, P., Ning, H., Qiu, T., Song, H., Wang, Y., & Yao, X. (2017). Security and privacy preservation scheme of face identification and resolution framework using fog computing in internet of things. IEEE Internet of Things Journal.

[13] Jiang, Y., Susilo, W., Mu, Y., & Guo, F. (2017). Ciphertext-policy attribute-based encryption against key-delegation abuse in fog computing. Future Generation Computer Systems.

[14] Huang, Qinlong, Licheng Wang, and Yixian Yang. “DECENT: Secure and fine-grained data access control with policy updating for constrained IoT devices.” World Wide Web (2017): 1-17.

[15] Alrawais, A., Alhothaily, A., Hu, C., Xing, X., & Cheng, X. (2017). An Attribute-Based Encryption Scheme to Secure Fog Communications. IEEE Access.

[16] Huang, Qinlong, Yixian Yang, and Licheng Wang. “Secure Data Access Control With Ciphertext Update and Computation Outsourcing in Fog Computing for Internet of Things.” IEEE Access 5 (2017): 12941-12950.

[17]Taneja, Mohit, and Alan Davy. “Resource aware placement of IoT application modules in Fog-Cloud Computing Paradigm.” Integrated Network and Service Management (IM), 2017 IFIP/IEEE Symposium on. IEEE, 2017.

[18] Lu, R., Heung, K., Lashkari, A. H., & Ghorbani, A. A. (2017). A Lightweight Privacy-Preserving Data Aggregation Scheme for Fog Computing-Enhanced IoT. IEEE Access, 5, 3302-3312.