The importance of information security in edge computing

The importance of information security in edge computing

The importance of information security in edge computing is described in this article, which describes the role of information security in IOT and its architecture and importance in the edge computing field.

Information security has always followed a layered model. This in-depth defense can help users protect resources when one layer is damaged. Edge devices can also be used as end-to-end authentication mechanisms because they have the ability to detach computing and analysis workloads from data center servers.

With this cognition, we can see how different levels of security can cope with edge workloads.

1. Hardware Layer

A large number of violations and complexity prompted OEMs to incorporate security into the device during the design phase. At the hardware layer, it establishes TPM (trusted platform modules, trusted platform Module). It integrates the encryption key in the chip into the chip that can be used for device authentication at the software layer. However, if the key is shared on the bus, the involved key may still be fragile. If a non-shared key is encrypted or decrypted in TPM, the problem can be easily solved.

2. communication layer

Data transmission media should be secure to prevent man-in-the-middle attacks and other similar attacks. Such communication can be divided into the following types:

Local Communication: the endpoint device communicates with one or more edge gateways. These edge gateways provide enterprise network endpoints after authentication. Through remote communication, edge gateways can communicate with each other through an orchestration layer or a centralized cloud platform.

Edge gateways provide security through encryption And X.509 certificates. They also act as Protocol converters that convert different data from multiple devices to a single protocol, such as Message Queue telemetry transmission (MQTT ). MQTT is a lightweight protocol designed for high-latency, low-bandwidth networks.

3. Cloud Security

To maintain data integrity, sensitive data should be encrypted from the edge to the cloud. The software-layer edge orchestrator for edge device management and configuration enters the image and simplifies data encryption from the edge to the cloud, and vice versa. In addition, digital certificates play a vital role in identity verification for other cloud or third-party applications that attempt to communicate with users' cloud services.

4. Continuous lifecycle management

If you do not update the latest patch or upgrade the firmware of edge devices or endpoints sensors, it is important to regularly update all edge devices and endpoints remotely as new and complex attacks occur every day.

The above control measures will reduce the number of security threat carriers, including:

Spoofing: attackers cannot intrude into transmitted data. When TPM is used, other devices are not allowed to access the system.

Tempering: attackers cannot replace software running on the system because the software is bound to hardware.

Privilege Escalation: You can control the privilege through specific access management, which can be put out or deliberately elevated.

With the rapid growth of access terminals, a series of edge clouds are emerging from automotive temperature sensors to mobile devices and smart grids. These clouds serve specific users to provide low latency and consume less bandwidth. However, it is important to choose the right infrastructure to run these edge workloads. Containers have great advantages in this regard, but where should they be hosted? Virtual Machine or bare metal machine? The answer is based on the edge workload you plan to run.

It is vital to protect these new edge clouds. users need to enforce transmission and static data encryption and protect communication with centralized clouds. Only by embedding security mechanisms in all components/layers involved in the security design can the edge work of users be on the right track.