Publicação

Privacy and Secure Communications in Mobile Edge Computing

Ver documento

Detalhes bibliográficos
Resumo:Cloud computing has been in constant growth since it appeared and, more recently, the Edge computing paradigm arose in an effort to provide a better service for the users. This, combined with an ever increasing number of devices connected to the internet, brings new challenges, specifically those in the field of security. Some of those challenges are the user Authentication, the Access Control and the Data Confidentiality. EdgeGarden is a content sharing system for mobile edge environments. Up to this work, it did not provide any security or privacy guarantees. To address such limitation, the main purpose of this thesis was to equip EdgeGarden with mechanisms that would make it secure and respectful of its user’s privacy. The proposed solution requires users to be authenticated by applying a token-based authentication scheme. Moreover, it encrypts the contents published in the system to provide data confidentiality, making use of a symmetric-key-based algorithm and provides access control, by leveraging on the tokens and the symmetry of the encryption keys. We implemented and fully test our solution to assess its effectiveness and performance. Such tests included a comparison of two encryption options (a stream cipher and AES in CBC mode) to select the best one. By the end of this work, EdgeGarden provides security and data privacy guarantees although a vulnerability has been found, nevertheless we do provide a possible solution to tackle such issue. We have concluded the performance is affected by the introduc- tion of security but this reduction in performance is not the same throughout all sys- tem’s operations. Overall, depending on the most common operation, the system can be more or less affected. It was also concluded the inferior performance on the AES en- crypting/decrypting operations is not significant when compared with the stream cipher, being even more secure.
Autores principais:Lopes, Hugo Alexandre Alves Afonso
Assunto:Mobile Edge Computing Security Authentication Access Control Data Confidentiality Stream Cipher
Ano:2022
País:Portugal
Tipo de documento:dissertação de mestrado
Tipo de acesso:acesso aberto
Instituição associada:Universidade Nova de Lisboa
Idioma:inglês
Origem:Repositório Institucional da UNL
Descrição
Resumo:Cloud computing has been in constant growth since it appeared and, more recently, the Edge computing paradigm arose in an effort to provide a better service for the users. This, combined with an ever increasing number of devices connected to the internet, brings new challenges, specifically those in the field of security. Some of those challenges are the user Authentication, the Access Control and the Data Confidentiality. EdgeGarden is a content sharing system for mobile edge environments. Up to this work, it did not provide any security or privacy guarantees. To address such limitation, the main purpose of this thesis was to equip EdgeGarden with mechanisms that would make it secure and respectful of its user’s privacy. The proposed solution requires users to be authenticated by applying a token-based authentication scheme. Moreover, it encrypts the contents published in the system to provide data confidentiality, making use of a symmetric-key-based algorithm and provides access control, by leveraging on the tokens and the symmetry of the encryption keys. We implemented and fully test our solution to assess its effectiveness and performance. Such tests included a comparison of two encryption options (a stream cipher and AES in CBC mode) to select the best one. By the end of this work, EdgeGarden provides security and data privacy guarantees although a vulnerability has been found, nevertheless we do provide a possible solution to tackle such issue. We have concluded the performance is affected by the introduc- tion of security but this reduction in performance is not the same throughout all sys- tem’s operations. Overall, depending on the most common operation, the system can be more or less affected. It was also concluded the inferior performance on the AES en- crypting/decrypting operations is not significant when compared with the stream cipher, being even more secure.