Skip to main content

Advances, Systems and Applications

Journal of Cloud Computing Cover Image

Table 2 Summary of potential security issues found in Fog applications

From: Fog computing security: a review of current applications and security solutions

Attack category Possible threats Possible solutions Impact
Virtualization issues Hypervisor attacks VM-based attacks Weak or no Logical Segregation Side channel attacks Privilege Escalation Service abuse Privilege escalation attacks Inefficient resource policies Multi-factor Authentication Intrusion Detection System User data isolation Attribute/identity based encryption Role-Based Access Control model User-based permissions model Process isolation As all services and VMs are executing in a virtualized environment, its compromise will have adverse effect on all Fog services, data and users
Web security issues SQL injection Cross-site scripting Cross-site request forgery Session/Account hijacking Insecure direct object references Malicious redirections Drive-by attacks Secure code Find and patch vulnerabilities Regular software updates Periodic auditing Firewall Anti-virus protection Intrusion Prevention System Exposure of sensitive information, attacker can become legitimate part of network, and enable malicious applications to install
Internal/external communication issues Man-in-the-Middle attack Inefficient rules/policies Poor access control Session/Account hijacking Insecure APIs and services Application vulnerabilities Single-point of failure Encrypted communication Mutual/Multi-factor authentication Partial encryption Isolating compromised nodes Certificate pinning Limiting number of connections Transport layer security (TLS) Attacker can acquire sensitive information by eavesdropping and get access to unauthorized Fog resources
Data security related issues Data replication and sharing Data altering and erasing attacks Illegal data access Data ownership issues Low attack tolerance Malicious Insiders Multi-tenancy issues Denial of Service attacks Policy enforcement Security inside design architecture Encryption Secure key management Obfuscation Data Masking Data classification Network monitoring High probability of illegal file and database access, where attacker can compromise both user and Fog system’s data
Wireless security issues Active impersonation Message replay attacks Message distortion issues Data loss Data breach Sniffing attacks Illegal resource consumption Authentication Encrypted communication Key management service Secure routing Private network Wireless security protocols Vulnerable wireless access points can compromise communication privacy, consistency, accuracy, availability and trustworthiness
Malware protection Virus Trojans Worms Ransomware Spyware Rootkits Performance reduction Anti-malware programs Intrusion Detection System Rigorous data backups Patching vulnerabilities System restore points Malware infected nodes will lower the performance of the entire Fog platform, allow back-doors to the system and corrupt/damage data permanently