A FRAMEWORK FOR EFFICIENT AND SECURED MOBILITY OF IOT DEVICES IN MOBILE EDGE COMPUTING
Mobile Edge Computing (MEC) provides an efficient solution for IoT as it brings the cloud services close to the IoT device. This works well for IoT devices with limited mobility. IoT devices that are mobile by nature introduce a set of challenges to the MEC model. Challenges include security and efficiency aspects. Achieving mutual authentication of IoT device with the cloud edge provider is essential to protect from many security threats. Also, the efficiency of data transmission when connecting to a new cloud edge provider requires efficient data mobility among MEC providers or MEC centers. This research paper proposes a new framework that offers a secure and efficient MEC for IoT applications with mobile devices.
Internet of Things (IoT) represents an extensive network of devices connected to the Internet. These devices exchange data with each other to provide automation. IoT is expected to make a significant impact on our daily life activities. IoT applications exist in many areas and sectors, examples of such area are Medical and health, Office and business, Home-based and consumer level, Security, Food processing/restaurant, Industrial, Automotive, and Military. Many of the IoT devices and users are mobile by nature. Examples of such mobile users include mobile health monitoring IoT device that is attached to the patient. Also, IoT enabled cars are mobile by nature. IoT devices vary in terms of size, power needs, and computing capabilities. In general, IoT devices are limited in resources. This imposes security and performance challenges on IoT in general. Achieving security in IoT is important and challenging and personal information should be protected to avoid any unauthorized access. .
The proposed solution includes a set of components: The IoT application, IoT devices, Application data center, Cloud Provider, MEC providers, and the solution protocol. We will explain each component using a real-world scenario, a health monitoring IoT-based application. The IoT application has two parts: a client and a server. The client part is installed on the IoT device. It collects data from the IoT device and sends back to the server part. Also, every IoT application has a set of application requirements (ARs) including security requirement, bandwidth requirements, delay requirements, and cost requirements. In our health-monitoring example, the data could be heart-rate readings and temperature readings of a patient. The IoT device runs the client part of the application. We target mobile IoT devices. In our health-monitoring example, the device could be a watch reading the heart rate of patients. The application data center includes a centralized location for storing all of the application data. In our health monitoring application, this could be a cloud provider hosting an application for a hospital. Figure 1 shows the networking model of our solution. An IoT device runs a client (C) application that connects to the cloud provider (CP) via MEC providers MP1, MP2, and so on. A MEC provider could be an Internet Service Provider (ISPs), a Telecom Provider, or a specialized MEC provider. In the Internet world, ISPs are known to be of different tiers. A MEC provider could be Tier 1 ISP, Tier 2 ISP and so on. This implies that the path from a Client C to a cloud provider (CP) can pass through several MEC providers where each one can serve as the middle layer for our proposed solution. When C starts talking to CP, our solution suggests to dynamically select a MPi as the middle layer that will speed up the data transmission, improve its efficiency, and reduce resources consumption for IoT devices. The proposed solution selects the closest MP that achieves the application requirements ARs. CONCLUSION Mobile Edge Computing (MEC) providers can be used to improve the efficiency and resources utilization for IoT applications. Using third-party MEC providers as a middle layer between IoT devices and application centers introduces a set of security challenges for IoT applications. In this paper, we proposed a solution that addresses authentication, encryption, and integrity concerns that might arise from using third party MEC providers without compromising the efficiency obtained using MEC providers. In addition, the solution addresses mobility issues of IoT devices attached to different MEC providers. The solution addresses the mobility for one types of IoT scenario, and IoT client that talks to an IoT data center.
 V. Petrov, S. Edelev, M. Komar, and Y. Koucheryavy, “Towards the era of wireless keys: How the IoT can change authentication paradigm,” in 2014 IEEE World Forum on Internet of Things (WF-IoT). IEEE, mar 2014. [Online]. Available: https://doi.org/10.1109/wf-iot.2014.6803116
 J. Liu, Y. Xiao, and C. P. Chen, “Authentication and access control in the internet of things,” in 2012 32nd International Conference on Distributed Computing Systems Workshops. IEEE, jun 2012. [Online]. Available: https://doi.org/10.1109/icdcsw.2012.23
 W. Yu, F. Liang, X. He, W. G. Hatcher, C. Lu, J. Lin, and X. Yang, “A survey on the edge computing for the internet of things,” IEEE Access, vol. 6, pp. 6900–6919, 2018. [Online]. Available: https://doi.org/10.1109/access.2017.2778504
 K. Apampa, G. Wills, and D. Argles, “Towards security goals in summative e-assessment security,” in 2009 International Conference for Internet Technology and Secured Transactions, (ICITST). IEEE, nov 2009. [Online]. Available: https://doi.org/10.1109/icitst.2009.5402505
 O. O. Bamasag and K. Youcef-Toumi, “Towards continuous authentication in internet of things based on secret sharing scheme,” in Proceedings of the WESS 15: Workshop on Embedded Systems Security. ACM Press, 2015. [Online]. Available: https://doi.org/10.1145/2818362.2818363
 J. R. Kwapisz, G. M. Weiss, and S. A. Moore, “Cell phone-based biometric identification,” in 2010 Fourth IEEE International Conference on Biometrics: Theory, Applications and Systems (BTAS). IEEE, sep 2010.
 K. Habib, A. Torjusen, and W. Leister, “A novel authentication framework based on biometric and radio fingerprinting for the iot in ehealth,” 2014.
 T. Borgohain, A. Borgohain, U. Kumar, and S. Sanyal, “Authentication systems in internet of things,” CoRR, vol. abs/1502.00870, 2015. [Online]. Available: http://arxiv.org/abs/1502.00870
 C. Schmitt, T. Kothmayr, W. Hu, and B. Stiller, “Two-way authentication for the internet-of-things,” in Studies in Big Data. Springer International Publishing, 2017, pp. 27–56.
 B. Ndibanje, H.-J. Lee, and S.-G. Lee, “Security analysis and improvements of authentication and access control in the internet of things,” Sensors, vol. 14, no. 12, pp. 14 786–14 805, aug 2014. [Online]. Available: https://doi.org/10.3390/s140814786