Towards a Secure and GDPR-compliant Fog-to- Cloud Platform
Description
The mF2C project is building an open, secure and decentralized management platform for coordinating resource sharing between connected devices in the fog-to-cloud (F2C) environment. Safeguarding information security and privacy in mF2C is a considerable challenge given the heterogeneous and autonomous nature of devices spanning the F2C spectrum. The recently introduced General Data Protection Regulation (GDPR) raised the stake further by defining stringent security and privacy requirements on the
processing of personal information. IaaS and PaaS providers falling in scope must demonstrate that they have implemented
reasonable security mechanisms to ensure compliance or face significant financial penalties. In this paper, we present a prototype JAVA-based security library that addresses some of the data security and privacy requirements of mF2C and GDPR. The prototype employs a PKI-based trust model to facilitate authentication and authorization. It uses policy to ensure data privacy and cryptography to deliver data confidentiality, integrity and non-repudiation. We also outline plans to enhance the mF2C security infrastructure with data protection functionalities from the security library and to leverage blockchain technology to augment mF2C security and data protection capabilities.
Files
Restricted
The record is publicly accessible, but files are restricted to users with access.
Request access
If you would like to request access to these files, please fill out the form below.
You need to satisfy these conditions in order for this request to be accepted:
This paper is subject to IEEE Copyright terms
You are currently not logged in. Do you have an account? Log in here