FoNAC - An automated Fog Node Audit and Certification scheme

Aslam, Mudassar; Mohsin, Bushra; Nasir, Abdul; Raza, Shahid

doi:10.1016/j.cose.2020.101759

Cited by 19 publications

(14 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The literature [16] proposed an efficient cluster remote proof mechanism applicable to IoT based on grouping of sensing nodes, by grouping IoT devices to set up management nodes for cluster remote proof represented by management nodes, which has high security against collusion attacks. The literature [17] proposes an automatic audit as well as proof mechanism (FoNAC) for fog nodes to secure the fog layer, FoNAC uses the Trusted Platform Module (TPM 2.0) feature to evaluate and audit the platform integrity of running fog nodes and grant certificates to each fog node after successful security audits, and this scheme can resist replay attacks, forgery attacks, and distributed denial-ofservice attacks (DDoS).…”

Section: Related Workmentioning

confidence: 99%

A Remote Attestation Mechanism Using a Threshold Ring Signature for a Perception Layer of Distributed Networking

Huang

Chen

Zhang

et al. 2022

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

Due to the emergence of various new technologies, Internet of things (IoT) is gradually becoming one of the most valued technologies at present. The IoT makes our life more and more convenient through the interconnection of everything, but the IoT brings many advantages and also raises some security issues, such as the IoT perception layer as the main means of sensing data delivery, due to the limited resources of sensing nodes and their vulnerability, the diversity of sensing data, and the heterogeneity of the sensing network, making the IoT perception layer more vulnerable to various malicious attacks. Therefore, guaranteeing the trustworthy source of sensing data is the cornerstone to guarantee the secure operation of the sensing layer. In this paper, we investigate the remote proof scheme applicable to the IoT perception layer and propose a remote attestation mechanism using a threshold ring signature for a perception layer of distributed networking, which realizes the trusted proof of a data source and thus can effectively discern the trusted status of the data source, and prove that the proposed scheme in this paper outperforms other remote proof schemes through efficiency analysis and verify the correctness as well as the effectiveness of the scheme in this paper.

show abstract

Section: Related Workmentioning

confidence: 99%

A Remote Attestation Mechanism Using a Threshold Ring Signature for a Perception Layer of Distributed Networking

Huang

Chen

Zhang

et al. 2022

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

show abstract

“…Anisetti et al [20] presented an assurance framework for test-based cloud certification, which has then been extended for hybrid systems mixing cloud and private infrastructures [24]. Aslam et al [25] presented FoNAC, an audit and certification framework targeting fog computing and based on Trusted Platform Modules. De la Vara et al [26] introduced a certification framework targeting cyber-physical systems out of the European research project AMASS, for which they provide several tools aiding the certification process.…”

Section: Related Workmentioning

confidence: 99%

An Assurance-Based Risk Management Framework for Distributed Systems

Anisetti

Ardagna

Bena

et al. 2021

2021 IEEE International Conference on Web Services (ICWS)

View full text Add to dashboard Cite

The advent of cloud computing and Internet of Things (IoT) has deeply changed the design and operation of IT systems, affecting mature concepts like trust, security, and privacy. The benefits in terms of new services and applications come at a price of new fundamental risks, and the need of adapting risk management frameworks to properly understand and address them. While research on risk management is an established practice that dates back to the 90s, many of the existing frameworks do not even come close to address the intrinsic complexity and heterogeneity of modern systems. They rather target static environments and monolithic systems thus undermining their usefulness in real-world use cases. In this paper, we present an assurance-based risk management framework that addresses the requirements of risk management in modern distributed systems. The proposed framework implements a risk management process integrated with assurance techniques. Assurance techniques monitor the correct behavior of the target system, that is, the correct working of the mechanisms implemented by the organization to mitigate the risk. Flow networks compute risk mitigation and retrieve the residual risk for the organization. The performance and quality of the framework are evaluated in a simulated industry 4.0 scenario.

show abstract

“…Security assurance is defined as the mean to obtain justifiable confidence that an IT system behaves as expected demonstrating some non-functional properties (e.g., confidentiality) [3]. In the last decade, assurance has become a well-established practice, increasing the trustworthiness of service and cloud systems [3], with some methodologies addressing hybrid clouds [6] and edge systems [5]. However, hybrid cloud/edge and IoT systems raise some significant challenges, impairing the effectiveness of state of art solutions.…”

Section: Challenges and Requirements A Challengesmentioning

confidence: 99%

“…assurance frameworks implementing those practices. While some solutions have been already proposed, e.g., [5], they are far from being fully comprehensive.…”

Section: Introductionmentioning

confidence: 99%

Towards an Assurance Framework for Edge and IoT Systems

Anisetti

Ardagna

Bena

et al. 2021

2021 IEEE International Conference on Edge Computing (EDGE)

View full text Add to dashboard Cite

Current distributed systems increasingly rely on hybrid architectures built on top of IoT, edge, and cloud, backed by dynamically configurable networking technologies like 5G. In this complex environment, traditional security governance solutions cannot provide the holistic view needed to manage these systems in an effective and efficient way. In this paper, we propose a security assurance framework for edge and IoT systems based on an advanced architecture capable of dealing with 5G-native applications.

show abstract

FoNAC - An automated Fog Node Audit and Certification scheme

Cited by 19 publications

References 9 publications

A Remote Attestation Mechanism Using a Threshold Ring Signature for a Perception Layer of Distributed Networking

A Remote Attestation Mechanism Using a Threshold Ring Signature for a Perception Layer of Distributed Networking

An Assurance-Based Risk Management Framework for Distributed Systems

Towards an Assurance Framework for Edge and IoT Systems

Contact Info

Product

Resources

About