A systematic review on security aspects of fog computing environment: Challenges, solutions and future directions

IF 13.3 1区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computer Science Review Pub Date : 2024-10-25 DOI:10.1016/j.cosrev.2024.100688

{"title":"A systematic review on security aspects of fog computing environment: Challenges, solutions and future directions","authors":"","doi":"10.1016/j.cosrev.2024.100688","DOIUrl":null,"url":null,"abstract":"<div><div>The dynamic and decentralized architecture of fog computing, which extends cloud computing closer to the edge of the network, offers benefits such as reduced latency and enhanced bandwidth. However, the existing fog architecture introduces unique security challenges due to the large number of distributed fog nodes, often deployed in diverse and resource-constrained environments. Further, the proximity of fog computing nodes to end-users and the open, distributed nature of the architecture make fog environments particularly vulnerable to unauthorized access and various types of cyberattacks. Therefore, in order to address these challenges, the study presented a detailed systematic review that aims to analyze existing security technologies in fog computing environments, identify current security gaps, and propose future research directions. The comprehensive literature review uses quality databases, focusing on articles published within the last four years, i.e. from 2020 to 2024. Further, the review followed a systematic methodology with clear inclusion and exclusion criteria to ensure relevance and quality with respect to security in fog computing. Consequently, key research questions are also formulated and answered for addressing various security concerns, such as architectural security, IoT integration vulnerabilities, and dynamic security management. Finally, the detailed review summarizes the key findings through MTGIR analysis to give valuable insights on the existing security framework of fog computing systems. The result analysis further revealed that 16% of the research is focusing on blockchain and elliptic curve cryptography, alongside the utilization of artificial intelligence and machine learning, which is around 13.2%, specifically for dynamic threat detection. Furthermore, there are few technologies which require attention are federated learning, secure key management, and secure communication mechanisms, as these technologies are less considered in literature, i.e. around 3% only. Finally, the analysis underscored the necessity for real-time security monitoring and adaptive threat response to manage the dynamic nature of fog computing environments effectively.</div></div>","PeriodicalId":48633,"journal":{"name":"Computer Science Review","volume":null,"pages":null},"PeriodicalIF":13.3000,"publicationDate":"2024-10-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Science Review","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1574013724000728","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

The dynamic and decentralized architecture of fog computing, which extends cloud computing closer to the edge of the network, offers benefits such as reduced latency and enhanced bandwidth. However, the existing fog architecture introduces unique security challenges due to the large number of distributed fog nodes, often deployed in diverse and resource-constrained environments. Further, the proximity of fog computing nodes to end-users and the open, distributed nature of the architecture make fog environments particularly vulnerable to unauthorized access and various types of cyberattacks. Therefore, in order to address these challenges, the study presented a detailed systematic review that aims to analyze existing security technologies in fog computing environments, identify current security gaps, and propose future research directions. The comprehensive literature review uses quality databases, focusing on articles published within the last four years, i.e. from 2020 to 2024. Further, the review followed a systematic methodology with clear inclusion and exclusion criteria to ensure relevance and quality with respect to security in fog computing. Consequently, key research questions are also formulated and answered for addressing various security concerns, such as architectural security, IoT integration vulnerabilities, and dynamic security management. Finally, the detailed review summarizes the key findings through MTGIR analysis to give valuable insights on the existing security framework of fog computing systems. The result analysis further revealed that 16% of the research is focusing on blockchain and elliptic curve cryptography, alongside the utilization of artificial intelligence and machine learning, which is around 13.2%, specifically for dynamic threat detection. Furthermore, there are few technologies which require attention are federated learning, secure key management, and secure communication mechanisms, as these technologies are less considered in literature, i.e. around 3% only. Finally, the analysis underscored the necessity for real-time security monitoring and adaptive threat response to manage the dynamic nature of fog computing environments effectively.

查看原文本刊更多论文

雾计算环境安全问题系统综述：挑战、解决方案和未来方向

雾计算的动态分散架构将云计算延伸到网络边缘，具有减少延迟和提高带宽等优点。然而，由于大量分布式雾节点通常部署在多样化和资源有限的环境中，现有的雾架构带来了独特的安全挑战。此外，由于雾计算节点与终端用户距离较近，而且架构具有开放、分布式的特性，因此雾环境特别容易受到未经授权的访问和各种类型的网络攻击。因此，为了应对这些挑战，本研究提交了一份详细的系统综述，旨在分析雾计算环境中的现有安全技术，找出当前的安全差距，并提出未来的研究方向。全面的文献综述使用了高质量的数据库，重点关注过去四年内（即 2020 年至 2024 年）发表的文章。此外，该综述采用了系统的方法，具有明确的纳入和排除标准，以确保与雾计算安全相关的内容和质量。因此，还针对各种安全问题，如架构安全、物联网集成漏洞和动态安全管理等，制定并回答了关键研究问题。最后，详细综述通过 MTGIR 分析总结了关键发现，为现有的雾计算系统安全框架提供了有价值的见解。结果分析进一步显示，16%的研究集中在区块链和椭圆曲线密码学上，而利用人工智能和机器学习的研究约占 13.2%，专门用于动态威胁检测。此外，需要关注的技术还有联合学习、安全密钥管理和安全通信机制，因为这些技术在文献中提及较少，仅占 3%左右。最后，分析强调了实时安全监控和自适应威胁响应的必要性，以便有效管理雾计算环境的动态特性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computer Science Review Computer Science-General Computer Science

CiteScore

32.70

自引率

0.00%

发文量

审稿时长

51 days

期刊介绍： Computer Science Review, a publication dedicated to research surveys and expository overviews of open problems in computer science, targets a broad audience within the field seeking comprehensive insights into the latest developments. The journal welcomes articles from various fields as long as their content impacts the advancement of computer science. In particular, articles that review the application of well-known Computer Science methods to other areas are in scope only if these articles advance the fundamental understanding of those methods.