Related Works

The Internet of Things (IoT) refers to the concept of a set of connected objects, often called nodes, that can communicate with each other for a specific purpose, for example, weather monitoring or landslide detection. The nodes are often integrated with ubiquitous equipment and facilities, to realize communication and dialogue through various wireless and wired communication network links (object-to-object message, object-to-person dialogue, person-to-person dialogue), to provide management and service functions.

With the evolution of time, in recent years, the IoT has become an important technology, improving the quality of life, providing convenience, and generating many IoT applications (such as in medical care, smart transportation, smart homes, and smart grids). These applications use many IoT devices, the number of which will reach 5 trillion in 2021 [17]. This also indicates that the market for the IoT is considerable.

Nataliia Neshenko et al. [ 18] made an exhaustive survey on IoT vulnerabilities by providing a categorization and taxonomy, including layers, security impact, attacks, countermeasures, and situational awareness capabilities. Some common vulnerabilities, such as deficient physical security, insufficient energy harvesting, inadequate authentication, improper encryption, etc., are all considered in the taxonomy. Different kinds of attacks, and remediation strategies, such as access and authorization controls, software assurance, security protocols, situational awareness, and intrusion detection, are all considered. Further, a data-based approach is adopted by scrutinizing 1.2 GB of darknet data collected from an a/8 network telescope and correlating it with Shodan’s API, resulting in the discovery of 19,629 unique IoT devices in 169 countries. Tejsi Sharma et al. [19] have given an overview on the basics of blockchain technology and the IoT. Some challenges to blockchain in the IoT are described including scalability, malware detection, a lack of IoT-centric consensus protocol, and privacy. However, the authors did not propose solutions. Ayasha Malik et al. [20] have described several issues that are present in blockchain- based IoT security, such as attacks on hot/cold blocks, phishing, vulnerable signatures, etc. Vikas Hassija et al. [21 ] have presented a survey of IoT security, especially at the different layers of IoT architecture, including the sensing, network, middleware, gateway, and application layers. The authors discuss both blockchain technology for IoT security and how fog computing architecture can be leveraged for security. Daemin Shin et al. [22] have proposed a security protocol for DMM-based smart home IoT networks, which goes to show that IoT security is now a major concern. Tanishq Varshney et al. [23] discuss the various issues of IoT security and how it differs from traditional IoT security. They also cover the model for IoT threats and state-of-the-art security measures.

Most companies use centralized storage to manage and analyze data. However, traditional infrastructure and cloud computing can no longer meet the requirements of many practical applications. As mentioned earlier, because the number of IoT devices has increased significantly, the amount of data has also increased. If a large amount of data needs to be transmitted at the same time, problems such as increased latency or network congestion occur. As a result, the overall system performance declines. High- availability networks can deal with large amounts of data in real time, in order to solve this problem; but this is not possible on a traditional IoT infrastructure. Nevertheless, fog or edge computing is a promising design paradigm that solves part of the problem by performing local analysis and the distributed processing of data [24].

In edge computing, data is processed near the data collection source, so there is no longer a need to transfer the data to the cloud or to a local data center for processing and analysis. This approach reduces the load on both network and cloud. Due to its ability to process data in real time, and its faster response time, edge computing has a high applicability in the IoT field, especially in the Industrial Internet of Things (IIoT). In addition to accelerating the digital transformation of industrial and manufacturing companies, edge computing technologies can also enable innovations including artificial intelligence and machine learning. However, edge computing also faces the problem of deployment, specifically, how to effectively deploy the subordinates at various nodes. In 2017, Rakesh Jain and Samir Tata [25] proposed a deployment method using RED-Node. In this work, a dynamically reconfigurable edge computing architecture is proposed for the IoT based on Docker containers that are automatically orchestrated using Kubernetes.

Docker is an open source project that mainly provides the deployment and automated management of containerized applications. Deploying the Docker engine on an operating system provides a software abstraction layer, such that applications can be automatically deployed in containers through Docker images. It is very lightweight. Compared to traditional virtual machine technology, a Docker container has the following advantages:

  • • A high-performance virtualized environment,
  • • Easy migration and extension services,
  • • Simplified management, and
  • • A more efficient use of physical host resources

Figure 10.1 compares the differences between Docker and traditional virtualization methods. It can be seen that containers are implemented at the operating system level, using the local host operating system directly, while the traditional method is implemented at the hardware level.

Virtual Machine vs. Docker Container [The traditional Virtual Machine needs extra Guest OS to support Libs and Applocation. On the contrary. Docker provides Docker Engine.]

FIGURE 10.1 Virtual Machine vs. Docker Container [The traditional Virtual Machine needs extra Guest OS to support Libs and Applocation. On the contrary. Docker provides Docker Engine.]

Kubernetes-Based Edge Computing Architecture for IoT Security [There are two Nodes and a Master; the Master can control the Pod of Nodes, which includes Containers.]

FIGURE 10.2 Kubernetes-Based Edge Computing Architecture for IoT Security [There are two Nodes and a Master; the Master can control the Pod of Nodes, which includes Containers.]

Kubernetes is a system developed and open sourced by Google. It is a system that can help us manage microservices. It can automatically deploy and manage multiple containers on multiple machines. The four basic components of Kubernetes are pod, node, master node, and cluster.

First, the pod is the smallest unit of the Kubernetes operation, corresponding to an application service. Pods can have one or more containers. Second, the node is the smallest hardware unit on which Kubernetes operates, corresponding to a machine, whether a physical machine, such as a laptop, or a virtual machine. Third, a master node is the command center operated by Kubernetes and is responsible for managing all the other nodes, acting as a communication bridge between them. A node cannot communicate directly with other nodes; all communications must be through a master node. Finally, a cluster is a collection of multiple nodes and master nodes in Kubernetes, which can be thought of as a unit where all the nodes are grouped together in the same environment.

As shown in Figure 10.2, Kubernetes is also implemented in our proposed edge computing architecture for IoT security. A Kubernetes node corresponds to either a Raspberry Pi 3 platform or a Raspberry Pi 4 platform. In the figure, there are two nodes. A pod is deployed to each node. The left pod has two Docker containers, while the right one has one Docker container. All the nodes are managed by the master node, which is in the cloud, and which consists of a scheduler, a controller-manager, and an API server.

 
Source
< Prev   CONTENTS   Source   Next >