Planned maintenance
A system upgrade is planned for 24/9-2024, at 12:00-14:00. During this time DiVA will be unavailable.
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
FoNAC - An automated Fog Node Audit and Certification scheme
RISE Research Institutes of Sweden, Digital Systems, Data Science. COMSATS University Islamabad, Pakistan.ORCID iD: 0000-0003-3223-4234
COMSATS University Islamabad, Pakistan.
COMSATS University Islamabad, Pakistan.
RISE Research Institutes of Sweden, Digital Systems, Data Science.ORCID iD: 0000-0001-8192-0893
2020 (English)In: Computers & security (Print), ISSN 0167-4048, E-ISSN 1872-6208, Vol. 93, article id 101759Article in journal (Refereed) Published
Abstract [en]

Meeting the security and privacy needs for IoT data becomes equally important in the newly introduced intermediary Fog Computing layer, as it was in its former technological layer - Cloud; but the accomplishment of such security is critical and challenging. While security assurance of the fog layer devices is imperative due to their exposure to the public Internet, it becomes even more complex, than the cloud layer, as it involves a large number of heterogeneous devices deployed hierarchically. Manual audit and certification schemes are unsuitable for large number of fog nodes thereby inhibiting the involved stakeholders to use manual security assurance schemes altogether. However, scalable and feasible security assurance can be provided by introducing automated and continuous monitoring and auditing of fog nodes to ensure a trusted, updated and vulnerability free fog layer. This paper presents such an solution in the form of an automated Fog Node Audit and Certification scheme (FoNAC) which guarantees a secure fog layer through the proposed fog layer assurance mechanism. FoNAC leverages Trusted Platform Module (TPM 2.0) capabilities to evaluate/audit the platform integrity of the operating fog nodes and grants certificate to the individual node after a successful security audit. FoNAC security is also validated through its formal security analysis performed using AVISPA under Dolev-Yao intruder model. The security analysis of FoNAC shows its resistance against cyber-attacks like impersonation, replay attack, forgery, Denial of Service(DoS) and MITM attack.

Place, publisher, year, edition, pages
Elsevier Ltd , 2020. Vol. 93, article id 101759
Keywords [en]
Certification, Cloud computing, Continuous auditing, Edge, Fog, Remote attestation, Security, SLA, TPM 2.0, Automation, Fog computing, Network security, Security systems, Trusted computing, Denial-of-service attack
National Category
Natural Sciences
Identifiers
URN: urn:nbn:se:ri:diva-44444DOI: 10.1016/j.cose.2020.101759Scopus ID: 2-s2.0-85081116437OAI: oai:DiVA.org:ri-44444DiVA, id: diva2:1415135
Note

Funding details: VINNOVA, 2019-01305; Funding details: 830927; Funding text 1: This research has been supported by the funding for H2020 CONCORDIA (grant agreement No 830927) and from VINNOVA Sweden (grant agreement no 2019-01305).

Available from: 2020-03-17 Created: 2020-03-17 Last updated: 2023-06-08Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Aslam, MudassarRaza, Shahid

Search in DiVA

By author/editor
Aslam, MudassarRaza, Shahid
By organisation
Data Science
In the same journal
Computers & security (Print)
Natural Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 109 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf