IEEE Network • Accepted for publication
1
0890-8044/18/$25.00 © 2018 IEEE
AbstrAct
Cloud computing is now a popular computing
paradigm that can provide end users access to
configurable resources on any device, from any-
where, at any time. During the past years, cloud
computing has been developed dramatically.
However, with the development of the Internet
of Things, the disadvantages (such as high laten-
cy) of cloud computing are gradually revealed
due to the long distance between the cloud and
end users. Fog computing is proposed to solve
this problem by extending the cloud to the edge
of the network. In particular, fog computing
introduces an intermediate layer called fog that
is designed to process the communication data
between the cloud and end users. Hence, fog
computing is usually considered as an extension
of cloud computing. In this article, we discuss the
design issues for data security and privacy in fog
computing. Specially, we present the unique data
security and privacy design challenges presented
by the fog layer and highlight the reasons why the
data protection techniques in cloud computing
cannot be directly applied in fog computing.
IntroductIon
Cloud computing as one of the most popular
computing paradigms has been developed dra-
matically during the past years. As reported by
IDC [1], worldwide spending on public cloud
computing has been growing at a rate 4.5 times
faster than that of IT spending. This quick devel-
opment is mainly due to the “AAA” property of
cloud computing. Specifically, the cloud could
give end users access to configurable computing
resources on any device, from anywhere, at any
time. Furthermore, cloud service providers are
usually equipped with professional operations and
maintenance teams, which guarantees the stabili-
ty, connectivity, and security of the resources and
reduces IT infrastructure costs on the user side.
Meanwhile, as the Internet of Things (IoT)
is developing rapidly, lots of wearable devices,
smart meters, wireless sensors, connected vehicles
and other smart devices have become immersed
in our daily lives. Gartner, Inc. [2] forecasts that
20.4 billion connected things will be in use world-
wide by 2020. Lots of data will be produced by
these devices [3], while IoT devices do not have
enough computing resources to process these
data. To solve this dilemma, cloud computing is
usually involved during data processing. In par-
ticular, this huge volume of data are uploaded to
and processed in the remote cloud. As a result, a
large volume of backbone bandwidth from/to the
cloud would be consumed due to this process-
ing, which may result in a high latency and low
throughput of the services in the cloud. For exam-
ple, a CCTV camera with 1280 x 1024 frame res-
olution, 20 fps and MPEG-4 compression would
generate more than 83 GB of data in 24 hours.
Once the video data cannot be processed proper-
ly and in time, a criminal could escape before the
surveillance system informs the police.
To address these issues, fog computing was
proposed in 2012 by Cisco Systems Inc. [4] to
enable data processing directly at the edge of the
network. It is regarded as an extension of cloud
computing to provide services between end
users and the cloud user [5]. These services are
supplied in the fog layer composed of heteroge-
neous, ubiquitous and decentralized fog nodes
that could be any devices from resource-con-
strained devices to more powerful servers, even
part of end users’ devices [6].
In fog computing, the data would never be
directly from end users, but from the fog layer [7].
In most cases, the data would be processed in the
fog layer, which changes the size, structure, and
even the validity of the data. On the other hand,
fog nodes comprising the fog layer are supposed
to be from different providers, including different
individuals. It is unreasonable to trust all the fog
nodes. These characteristics of fog computing lead
to many new security and privacy issues. As in
other information systems, data security and pri-
vacy are always high on the list of priorities. In this
article, we will discuss the design issues for the data
security and privacy in fog computing. Although
fog computing is just an extension of cloud com-
puting, and there are already many techniques
solving the data security and privacy issues in
cloud computing, data security and privacy in fog
computing remain unsolved. We will particularly
examine the unique data security and privacy chal-
lenges with the fog layer from a set of application
scenarios, and highlight the reasons why the data
protection techniques in cloud computing cannot
be directly applied in fog computing.
FeAtures oF Fog computIng
As described above, there has been a huge
increase in the number of IoT devices and the
data they generate. This increase has presented
challenges to IoT services in cloud computing in
several ways, such as latency, bandwidth, through-
put and scalability. With the help of the fog layer,
data generated at the edge of the network could
be processed before being sent to the cloud. One
Data Security and Privacy in Fog Computing
Yunguo Guan, Jun Shao, Guiyi Wei (Corresponding author) and Mande Xie
The authors are with Zhejiang Gongshang University.
ACCEPTED FROM OPEN CALL
Digital Object Identifier:
10.1109/MNET.2018.1700250
This article has been accepted for inclusion in a future issue of this magazine. Content is final as presented, with the exception of pagination.