Treasure Collection on Foggy Islands: Building Secure Network Archives for Internet of Things

Fog computing has emerged as a promising paradigm in overcoming the growing challenges (e.g., low latency, location awareness, and geographic distribution) arising from many real-world Internet of Things (IoT) applications, by extending the cloud to the network edge. With the widespread deployment o...

Full description

Saved in:
Bibliographic Details
Published inIEEE internet of things journal Vol. 6; no. 2; pp. 2637 - 2650
Main Authors Duan, Huayi, Zheng, Yifeng, Wang, Cong, Yuan, Xingliang
Format Journal Article
LanguageEnglish
Published Piscataway IEEE 01.04.2019
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects
Archives & records
Archiving
Cloud computing
Communications traffic
Cryptography
Cybersecurity
Edge computing
Encryption
Forensic computing
Forensics
Geographical distribution
Indexes
information security
Internet of Things
network security
Troubleshooting
Trustworthiness
Online AccessGet full text

Cover

More Information
Summary:Fog computing has emerged as a promising paradigm in overcoming the growing challenges (e.g., low latency, location awareness, and geographic distribution) arising from many real-world Internet of Things (IoT) applications, by extending the cloud to the network edge. With the widespread deployment of fog-assisted IoT applications, unprecedentedly huge volumes of network traffic from massive IoT devices would continuously arrive at the fog nodes. Archiving the network traffic can be highly beneficial to fog computing, which forms the basis of forensic, monitoring, troubleshooting, and many other critical tasks. Such high value, however, constantly renders traffic archives the first-order target to experienced attackers. This mandates the traffic archives to be built in a trustworthy way and stayed encrypted at rest. Security aside, it is yet highly desirable to retain the utility of the encrypted traffic archives, in particular by making them privately queryable. In this paper, we take the first research attempt and explore a new design point to delicately bridge trusted hardware and searchable encryption for building trustworthy, encrypted, yet queryable network traffic archives for fog-assisted IoT applications. We take a systematic approach to address several key challenges, which are unsolvable by synthesizing out-of-box techniques, from ground up. Extensive evaluations show that our system can achieve stable archiving throughput of 350 Mb/s with one core, and saturate a 1 Gb/s link with four cores; for a real trace, it outperforms a baseline system without any of our designs by over <inline-formula> <tex-math notation="LaTeX">110 \times </tex-math></inline-formula>.
ISSN:2327-4662
2327-4662
DOI:10.1109/JIOT.2018.2872461