A Secure Integrated Framework for Fog-Assisted Internet-of-Things Systems

Abstract

Fog-assisted Internet-of-Things (Fog-IoT) systems are deployed in remote and unprotected environments, making them vulnerable to security, privacy, and trust challenges. Existing studies propose security schemes and trust models for these systems. However, mitigation of insider attacks, namely, blackhole, sinkhole, sybil, collusion, self-promotion, and privilege escalation, has always been a challenge and mostly carried out by the legitimate nodes. Compared to other studies, this article proposes a framework featuring attribute-based access control and trust-based behavioral monitoring to address the challenges mentioned above. The proposed framework consists of two components, the security component (SC) and the trust management component (TMC). SC ensures data confidentiality, integrity, authentication, and authorization. TMC evaluates Fog-IoT entities' performance using a trust model based on a set of Quality of Service (QoS) and network communication features. Subsequently, trust is embedded as an attribute within SC's access control policies, ensuring that only trusted entities are granted access to fog resources. Several attacking scenarios, namely, Denial of Service (DoS), Distributed DoS, probing, and data theft are designed to elaborate on how the change in trust triggers the change in access rights and, therefore, validates the proposed integrated framework's design principles. The framework is evaluated on a Raspberry Pi 3 Model B+ to benchmark its performance in terms of time and memory complexity. Our results show that both SC and TMC are lightweight and suitable for resource-constrained devices.