In the previous post(part 1), I explained what the strength and weakness of Data-Centric Security at IoT architecture. Now I’m going to inspect the “Edge” capability on the security point of view. An intelligent factor may be more involved in designing a security architecture with edge centrality.
There are 4 sections for Edge-Centric architecture: end devices – users – cloud and finally the edge. As I mentioned before the Users are dealing with IoT apps that aim for a comfortable life that they actually rely on instead of just getting the service they want. Technology is lined up for them from the server or service edge. The End Devices are embedded in the physical part that senses the environment but can not perform heavy computational tasks. The Cloud has unlimited resources but is too far away and sometimes doesn’t cost-effective in real-time applications but at the moment this is the responsibility of the Cloud, definitely, there would better choice if we can bring the Edge in this architecture.
Constraints cause changes
The relationship between Cloud and Edge can be dependent (in collaboration) or independent (all responsibility lies with the edge). Collaboratively, the cloud performs dl based on Big data, and the learned model can be used by the edge to provide better services to end-users. Independently, the edge will do many tasks as storing, computing, and so on. Edge-centric design and architecture seem to be optimal (in terms of security) because compared to End Devices:
1. The edge layer has more resources, so security computational operations such as homomorphic encryption, attributed-based access control, etc. occur in the edge layer. 2-The edge layer is physically closer to the end device, which is useful in real-time security design demands.
3. The Edge layer collects and stores data. So compared to the end device, it is a better place to make security decisions. for instance, with the Big data the edge layer detects unauthorized interference more efficiently. 4- Considering the maintenance costs, resource constraints, and sheer numbers of end devices, it isn’t cost-effective to deploying firewall on end devices but should be implemented on the edge.