Novel Security Models for IoT–Fog–Cloud Architectures in a Real-World Environment

Abstract

With the rise of the Internet of Things (IoT), there is a demand for computation at network edges because of the limited processing capacity of IoT devices. Fog computing is a middle layer that has appeared to address the latency issues between the Internet of things (IoT) and the cloud. Fog computing is becoming more important as companies face increasing challenges in collecting and sending data from IoT devices to the cloud. However, this has led to new security and privacy issues as a result of the large number of sensors in IoT environments as well as the massive amount of data that must be analyzed in real time. To overcome the security challenges between the IoT layer and fog layer and, thus, meet the security requirements, this paper proposes a fine-grained data access control model based on the attribute-based encryption of the IoT–Fog–Cloud architecture to limit the access to sensor data and meet the authorization requirements. In addition, this paper proposes a blockchain-based certificate model for the IoT–Fog–Cloud architecture to authenticate IoT devices to fog devices and meet the authentication requirements. We evaluated the performance of the two proposed security models to determine their efficiency in real-life experiments of the IoT–Fog–Cloud architecture. The results demonstrate that the performance of the IoT–Fog–Cloud architecture with and without the blockchain-based certificate model was the same when using one, two, or three IoT devices. However, the performance of the IoT–Fog–Cloud architecture without the access control model was slightly better than that of the architecture with the model when using one, two, or three IoT devices.