security and privacy challenges for internet-of-things and...
TRANSCRIPT
EditorialSecurity and Privacy Challenges for Internet-of-Things andFog Computing
Ximeng Liu ,1,2 Yang Yang,2 Kim-Kwang Raymond Choo,3 and Huaqun Wang4
1School of Information Systems, Singapore Management University, Singapore 1880652College of Mathematics and Computer Science, Fuzhou University, Fuzhou 350116, China3College of Business, The University of Texas at San Antonio, San Antonio, TX 78249, USA4School of Computer Science, Nanjing University of Posts and Telecommunications, Nanjing 210023, China
Correspondence should be addressed to Ximeng Liu; [email protected]
Received 5 September 2018; Accepted 5 September 2018; Published 24 September 2018
Copyright © 2018 Ximeng Liu et al. This is an open access article distributed under the Creative Commons Attribution License,which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
1. Introduction
Internet-of-Things (IoT) has been considered as a necessarypart of our daily life with billions of IoT devices collectingdata throughwireless technology and can interoperate withinthe existing Internet infrastructure. The new fog computingparadigm allows storing and processing data at the networkedge or anywhere along the cloud-to-endpoint continuum,and it also overcomes the limitations of IoT devices andallows us to design a far more capable architecture. Unfortu-nately, this new IoT-Fog paradigm faces many new securityand privacy issues, such as secure communication, authen-tication and authorization, and information confidentiality.Although the traditional cloud-based platform can evenuse heavyweight cryptosystem to enhance the security, itcannot be performed on the resource-constrained fog devicesdirectly. Moreover, millions of smart fog devices are wildlydistributed and located in different areas, which increases therisk of being compromised by some malicious parties.
To address these arising challenges and opportunitiesdifferent from traditional cloud-based architecture, all thepapers chosen for this special issue represent recent progressin the field of security and privacy techniques relevantto the convergence of IoT with fog computing, includingidentity/attribute-based cryptography, system and softwaresecurity, system and resource optimization, user privacypreservation, and data protection. Overall, our internationaleditorial committee selected 17 papers among 70 submissions
from both the theoretical and the practical side. All of thesepapers in this special issue not only provide novel ideas andstate-of-the-art techniques in the field of IoT-Fog computingbut also stimulate future research in the IoT-Fog computingenvironment.
2. Identity/Attribute-Based Cryptography
Identity-based cryptography is an attractive branch of publickey cryptography which uses the public known information(such as, an email address or a physical IP address) asthe public key. It arises more security and performanceissues when meeting the IoT-Fog computing applications.The paper by Q. Wang et al., entitled “An Anonymous Mul-tireceiver with Online/Offline Identity-Based Encryption”,presented anonymous multireceiver online/offline identity-based encryption which could reduce the computational costaccording to the online/offline encryption method suitablefor the sender which had limited resources, such as mobiledevices and sensor nodes. The paper by L. Zhu et al., enti-tled “An Efficient Identity-Based Proxy Blind Signature forSemioffline Services”, presented a new proxy blind signaturebased on the mathematical structure called NTRU lattice,which could be independent of public key infrastructure andsecure against quantum computers attack and was suitablefor semioffline e-payment system and e-voting in the fogcomputing scenario.Theproposed schemehas proven secure,that is, strongly identifiable and strongly undeniable. The
HindawiWireless Communications and Mobile ComputingVolume 2018, Article ID 9373961, 3 pageshttps://doi.org/10.1155/2018/9373961
2 Wireless Communications and Mobile Computing
paper by W. Liu et al., entitled “Strong Identity-Based ProxySignature Schemes, Revisited”, introduced a practical attack;that is, malicious adversary can create a proxy signatureon a message, if the adversary had access to the standardsignature of the original signer and proxy signer. This attackhad not been considered by the existing identity-based proxysignature schemes, which is greatly important for the IoT-Fog computing. Also, the authors proposed a constructionthat can effectively prevent this attack by transforming“normal” proxy signature scheme into “strong” one. As theextension of the identity-based cryptography, attributed-based cryptosystemcan support secure one-to-manymessagetransmission and fine-grained access control. The paper byQ. Li et al., entitled “Traceable Ciphertext-Policy Attribute-Based Encryption with Verifiable Outsourced Decryptionin eHealth Cloud”, presented a verifiable and traceable CP-ABE scheme in eHealth cloud. The proposed system couldsupport the verifiable outsourced decryption and white-boxtraceability at the same time and could ensure the privacyof the user’s identity. Also, the authors gave a delegationmethod to let the resource-limited devices (especially fit forthe IoT-Fog computing) authorize someone else to interactwith the cloud decryption server which is secure, efficient,and practical.
3. System and Software Security
System and software security is a crucial component to adevice operating at its optimum from authentication andanti-virus protection to vulnerability exploitation and mod-ifications. The system and software contain more securityissues when meeting the real IoT-Fog devices. For wildlyused Android devices, Z. Peng et al. gave a paper entitled“Hydra-Bite: Static Taint Immunity, Split, and ComplotBased Information Capture Method for Android Device.”The authors researched the Android system’s applicationlayer to use the permission split and reconstruct module tosplit traditional privacy stealing Trojan, and constructed acollaborative application group. The newly proposed Hydra-Bite could resist the detecting and killing ofmultiple antivirusprograms, which has higher information capture rate andstronger anti-killing performance. To achieve the isolationand access control for virtual machines and IoT devices, J.Dong et al. proposed a paper entitled “Task-Oriented Mul-tilevel Cooperative Access Control Scheme for Environmentwith Virtualization and IoT.” In the scheme, each user of theplatform created tasks which could be divided into multiplelevels to limit access between virtualmachines and IoT termi-nals. Moreover, the network isolation, process isolation, andshared memory isolation could further enhance security forvirtual machines and IoT terminals. The paper by B. Tang etal. entitled “Niffler: A Context-Aware and User-IndependentSide-Channel Attack System for Password Inference,” pre-sented a novel side-channel attack system according to theuser-independent features of tapping consecutive buttons toreconstruct the unlocking passwords on smartphones. Also,the Niffler used a Markov model to model the unlockingprocess and used the sequences with the highest probabilitiesas the attack candidates, which achieves high password
guessing accuracywith only several attempts and few trainingsamples.The paper by D.Wang et al., entitled “Resetting YourPassword Is Vulnerable: A Security Study of Common SMS-Based Authentication in IoT Device,” is aimed at gainingthe control of IoT devices without firmware analysis. Thefundamental idea was based on the observation that mostof the official applications (call APP) had a common featurewhich is using an SMS authentication code sent to clientphone to authenticate the client when he forgot his passwordfor the APP. The author implemented a prototype tool toenable performing such brute-force SMS authentication codeattack on IoT devices automatically.
4. System and Resource Optimization
The IoT and fog devices are typically deployed in resource(energy, computational, storage) constrained environments.The adoption of fog computingwith IoT has a lot of optimiza-tion shortcomings such as network reliability optimization,energy balancing, and task allocation. Y. Li et al. in theirpaper, entitled “Reliable Ant Colony Routing Algorithmfor Dual-Channel Mobile Ad Hoc Networks,” presentedreliable path under dual-channel condition (DSAR) systemwhich contained a dual-channel communication model anda hierarchical networkmodel to improve network bandwidthand to optimize the dual layer network, respectively. Also,the ant colony algorithm was used in the system for changesof network topology adaptability. To solve the IoT energybalancing problem, Y. Wang et al. in their paper, entitled“Gleer: A Novel Gini-Based Energy Balancing Scheme forMobile Botnet Retopology,” presented a novel Gini basedenergy balancing scheme (Gleer) for the atomic networkas the basis of the heterogeneous multi-layer mobile bot-net. The authors categorized atomic network into multiplegroups with the dynamic energy threshold, estimated botnetenergy gap, and regulated the probability for each nodewith the Gini coefficients to estimate in the Gleer whichcould significantly reduce user' detection awareness. For thetask allocation problem in mobile devices, the paper by W.Zhu et al., entitled “Multitask Allocation To HeterogeneousParticipants in Mobile Crowd Sensing”, considered a multi-task allocation problemwith the heterogeneity of participants(different participants with different devices and tasks). Tosolve the above problem, the authors proposed a greedydiscrete particle swarm optimization with genetic algorithmoperation by using heuristic strategies and the random two-point mutation/crossover operations in the genetic algo-rithm. Aiming to examine the relationship between places ofinterest and the spatial patterns of mobility flows, the paperby L. Huang et al., entitled “Mining the Relationship betweenSpatialMobility Patterns and POIs”,modelled a networkwitheach partitioned region as a node and connected betweenthem as links weighted by themobility flows.The communitydetection algorithm and logistic regression method wereadopted to discover spatial mobility patterns and achievedthe classify spatial communities featured by places of interest,respectively. To conserve the energy and wireless commu-nication bandwidth for IoT network, Q. Xu et al. proposeda paper entitled “Cluster-Based Arithmetic Coding for Data
Wireless Communications and Mobile Computing 3
Provenance Compression in Wireless Sensor Networks” andpresented a new cluster based arithmetic coding methodwhich could encode and decode the provenance in anincrementalmannerwith a higher compression rate. Also, theauthors used a mathematical function of the WSN’s size toderive the optimal clustering size, which was greatly usefulfor IoT-Fog computing environment.
5. User Privacy Preservation andData Protection
Protecting the user and data privacy is an essential topic inthe traditional cloud-based scenario. However, it containsmore challenge issues when meeting the distributed IoT-Fog environment. To improve the participation of sensingusers and the authenticity of sensing data in the fog com-puting, J. Xiong et al. proposed a paper entitled “AchievingIncentive, Security, and Scalable Privacy Protection inMobileCrowdsensing Services” constructing a privacy-preservingdata aggregation scheme. The authors used the differentialprivacy mechanism and homomorphic encryption for pro-tecting the sensing data which could ensure the privacy of thesensing users.Moreover, the authors gave a new auction gametheory based secure multi-party auction mechanism to solvethe problem of prisoners’ dilemma incurred in the sensingdata transaction. Aiming to promote quality of service andguarantee security and fairness for wireless sensor network(WSN) in IoT, Z. Lv et al. proposed a paper entitled “ARational Exchange Protocol under Asymmetric Informationin Wireless Sensor Networks.” In the paper, the authors pre-sented an entropy-based incentivemodel and used themodelto design an entropy-based rational exchange protocol, whichsatisfied the correctness, security, fairness, and robustness,respectively. To improve the efficacy of fully homomorphicencryption (FHE) for IoT usage, the paper by W.-T. Song etal., entitled “Privacy Protection of IoT Based on Fully Homo-morphic Encryption” improved the bootstrapping techniquein the FHE scheme to accelerate the computation. Theauthors optimized the parameter range, generalized theirciphertext modulus, and introduced SIMD homomorphiccomputation techniques into the new proposed method toimprove the efficiency. To protect the data embedded inelectronics, sensors, and software against side-channel attack(like DPA) in IoT scenario, the paper by S. Zhang and W.Zhong entitled “A New Type of Countermeasure againstDPA in Multi-Sbox of Block Cipher” gave a new type ofa countermeasure scheme against DPA in multi-Sbox ofblock cipher by converting themulti-Sbox into permutations,reused permutation to turn it into a special reusable Sbox,and made these inputs of permutations random by masking.The newmethod could successfully prevent the attacker fromaccurately aligning the power consumption and guarantee thedata privacy of the IoT devices.
6. Conclusions
The authors in the special issue highlight both the promiseand the challenges faced by this emerging field of security
and privacy challenges in IoT and fog computing. Theirmanuscripts identify the further related research for securityand privacy issues in IoT-Fog scenario. Hopefully, the specialissue serves as a remarkable source for graduate students,education, professors, researchers, and whoever interestedin updating their knowledge of fog computing, IoT, andsecurity and privacy issues for future information servicesand systems.
Conflicts of Interest
The authors declare that there are no conflicts of interestregarding the publication of this article.
Ximeng LiuYang Yang
Kim-Kwang Raymond ChooHuaqun Wang
International Journal of
AerospaceEngineeringHindawiwww.hindawi.com Volume 2018
RoboticsJournal of
Hindawiwww.hindawi.com Volume 2018
Hindawiwww.hindawi.com Volume 2018
Active and Passive Electronic Components
VLSI Design
Hindawiwww.hindawi.com Volume 2018
Hindawiwww.hindawi.com Volume 2018
Shock and Vibration
Hindawiwww.hindawi.com Volume 2018
Civil EngineeringAdvances in
Acoustics and VibrationAdvances in
Hindawiwww.hindawi.com Volume 2018
Hindawiwww.hindawi.com Volume 2018
Electrical and Computer Engineering
Journal of
Advances inOptoElectronics
Hindawiwww.hindawi.com
Volume 2018
Hindawi Publishing Corporation http://www.hindawi.com Volume 2013Hindawiwww.hindawi.com
The Scientific World Journal
Volume 2018
Control Scienceand Engineering
Journal of
Hindawiwww.hindawi.com Volume 2018
Hindawiwww.hindawi.com
Journal ofEngineeringVolume 2018
SensorsJournal of
Hindawiwww.hindawi.com Volume 2018
International Journal of
RotatingMachinery
Hindawiwww.hindawi.com Volume 2018
Modelling &Simulationin EngineeringHindawiwww.hindawi.com Volume 2018
Hindawiwww.hindawi.com Volume 2018
Chemical EngineeringInternational Journal of Antennas and
Propagation
International Journal of
Hindawiwww.hindawi.com Volume 2018
Hindawiwww.hindawi.com Volume 2018
Navigation and Observation
International Journal of
Hindawi
www.hindawi.com Volume 2018
Advances in
Multimedia
Submit your manuscripts atwww.hindawi.com