The world is undergoing the most dramatic overhaul of our information service infrastructure ever, driven by the “connected everything” movement.
While the benefits of connected data are indisputable – better decisions based on near real-time data, less downtime for machines, more efficient transportation, etc. – potential security risks come along with the foreseeable benefits. Information security and service trustworthiness are like IT’s Achilles heel, precariously protecting our heavy dependency on the global information infrastructure.
The physical vulnerability of our smart devices heightens our concern, and increasingly devastating cyber-attacks show that the problem is getting worse. As millions upon millions of devices become connected, hackers find new vulnerabilities to exploit.
These new, unplanned entry points can damage our physical world, and present life-or-death safety risks to our critical infrastructure, including utilities, factories, transportation systems, municipal buildings and cities. Increasingly sophisticated attacks make it far more difficult for systems to identify, protect and react to these threats.
But now, there is a new distributed approach capable of casting a wide net to mitigate attacks: fog computing. Fog’s distributed architecture safeguards connected systems, end-to-end – from the cloud to the device.
It’s in this architecture that security resides directly in the local context, not as a remote or centralized function. Fog creates an inherent layer of system security in which compute, control, storage, networking and communications work closer to the services and the data sources they protect.
A Trusted Foundation
According to the OpenFog Reference Architecture, fog nodes protect cloud-based, IoT and fog-based services by performing a wide range of security functions on any number of inter-connected devices, even the smallest and most resource-constrained.
This trusted distributed platform and execution environment provides a platform for applications and services, managing and updating security credentials and pushing out timely software patches quickly and at scale. Through its distributed approach, it can detect and shut down malware faster.
Fog ensures trustworthy communication by detecting, invalidating and reporting attacks. A network of fog nodes can monitor the security status of nearby devices to quickly detect and isolate threats. If a security breach is detected, fog provides a trusted foundation that enables real-time incident response, directly and within the local context, minimizing disruption of services. Additionally, through its scalability, modularity, capacity and resource distribution, fog allows for Blockchain deployments to low-cost IoT endpoints.
The provision of end-to-end security to all information, services and applications residing within a device-fog-cloud continuum is accomplished by a concerted effort between fog nodes, fog networks and data security protection. Consider each of these three elements:
1 - Fog Node Security
The development of a secure fog system begins with a secure implementation of its fog nodes. In turn, fog nodes should be anchored to strong “Roots-of-Trust” implemented in secure hardware or protected by hardware-supported security mechanisms. Policy enforcement engines should also be in place to manage information flows among user processes executed on behalf of multiple tenants.
Fog nodes equipped with “Trusted Computing Bases” that can extend chains-of-trust from the Roots of Trust to the user processes are capable of instantiating “Trusted Execution Environments” through hardware virtualization and trusted boots.
Various technologies can be used to implement OpenFog-compatible Trusted Computing Bases ranging from the use of dedicated or integrated hardware Roots of Trusts to the firmware implementation of Trusted Computing Bases with hardware support of memory protection and secure operating modes.
2 - Fog Network Security
Security on the network itself provides both communication security and information security services:
* With Communication Security Provision, a fog node provides communication security services in conformance to the X.800 recommendation, which includes confidentiality, integrity, authentication and non-repudiation of origins and transactions (for remote attestation).
These services should be provided among all fog-to-cloud and fog-to-fog communications with the use of standardized secure transport protocols. Fog communications are protected by Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) protocols, which have become the de facto standards.
A device protocol abstraction layer may be developed to support the across-the-board IP adaptation to the edge. Additionally, a communication proxy implementing the protocol adaptation may be deployed in front of fog nodes to implement proper confidentiality and integrity controls for wired and wireless communications from node-to-device communication.
* With Information Security Service Provision, fog nodes are equipped with Trusted Computing Bases. Strong security mechanisms are an ideal platform to provide information security services through network function virtualization and software-defined networking.
A number of services such as Deep Packet Inspection, Application Layer Proxy, IDS/IPS, etc., should be deployed in conformance to the interoperability and service domain specifications and operated according to the domain-based security service policies.
3. Data Security
Data, meta-data and programs exist in the device-fog-cloud continuum in one of three states listed below. Proper protection can be provided on information existing in each of these states:
- Data in use (i.e. data resident in system memory during processing). Data and programs reside in the memory hierarchy during processing. Information such as keying material, proprietary personal/company data and even program codes may be considered secret and through a layer of fog protection, can be protected from unauthorized read or alteration.
- Data at rest (i.e. data resident on non-volatile storage). Information residing in non-volatile storage must receive basic confidentiality and integrity protection. Three mechanisms are commonly used to protect data at rest: indiscriminate full-storage encryption; discriminant file and database encryption; and mandatory and discretionary access control.
- Data in Motion (i.e. data exchanged over the networking infrastructure). Information exchanged within the device-fog-cloud continuum must be protected with network security measures. In addition, user processes executing in trusted execution environments may choose to encrypt their data using service/process specific keys. These, plus proper data storage protection, may further enhance information privacy.
Security is a fundamental architectural pillar of the OpenFog Reference Architecture. Our work is focused on actively reducing cyber risk and turning fog-based solutions from conceptual to actionable so that transactions are trusted, secure and private. We invite you to follow, or join, this game-changing work by visiting us at www.openfogconsortium.org.