Smart
Smart
Smart
Abstract—As a new computing paradigm, edge computing has cannot provide real-time response for users. In addition, the
appeared in the public field of vision recently. Owing to its advan- long-distance transmission and centralized storage of data are
tages of low delay and fast response, edge computing has become more vulnerable to the threat of privacy disclosure. However,
an important assistant of cloud computing and has brought new
opportunities for diverse smart applications like the smart grid, traditional cloud computing fails to satisfy the higher require-
the smart home, and the smart transportation. However, the ments of user experience. To offset the weaknesses of cloud
accompanying security issues, which have always been the focus computing in the context of IoT, edge computing emerges as
of users’ concern, still cannot be ignored. Therefore, we focus the time requires [2], [3]. Its wide application is an inevitable
on the security issues in this overview. We first introduce some trend in the era of larger data. Recently, the Guide to the Edge
related definitions of edge computing and present the architecture
for edge computing-based smart applications. After illustrating Computing Market of the Industrial IoT, released by Gartner,
the smart applications, from the perspective of identity authen- predicted that more than 50% data generated by enterprises
tication and data security, we analyze the security protection would be produced and processed outside the data center or
requirements of these smart applications in the edge comput- cloud by 2022 [4]. Edge computing, which provides capabili-
ing environment. Next, we review some state-of-the-art works ties of computing and other services near the edge network, is
on them. Furthermore, we present the extended discussions on
the applicability of these current works in the edge comput- just like a new tentacle of cloud computing extending to the
ing environment. Finally, we briefly discuss the future work on edge.
authentication and data security of edge computing-based smart Presently, various smart applications based on IoT are
applications. applying edge computing to achieve better utility, such as
Index Terms—Data security, edge computing, identity authen- the smart grid [5], the smart home [6], and the smart trans-
tication, smart grid, smart home, smart transportation. portation [7]. These smart applications bring convenience to
our life, but there also exist some security issues that cannot
be ignored. For example, the smart grid relies too much on
I. I NTRODUCTION the network infrastructure. Once the network exhibits weak-
ITH the continuous advancement in the 5G technology nesses, the attacker is likely to damage the stability of the
W and Internet of Things (IoT), more and more users join
in the life of Internet. According to the 44th Statistical Report
smart grid by manipulating system parameters or instrument
measurement information [8]. Edge computing, a new comput-
on the Development of Internet in China, the Internet users ing paradigm, does bring new opportunities for these smart
and Internet penetration rate of China are on the rise. They applications, but it is undeniable that its characteristics of
have reached 854 million and 61.2% by June 2019, respec- distributed deployment and complex service mode may also
tively, [1]. Besides, network edge devices and the data are also bring some new security issues to the smart applications (brief
growing explosively, which puts forward higher requirements explanations are presented in Section III-B). Moreover, there
to the cloud for data processing and storage. First, transmitting exist security issues in edge computing itself [9], [10]. For
mass of data is a great pressure to the transmission bandwidth. instance, Caprolu et al. [10] especially discussed some related
Second, the centralized processing of a large amount of data scenario-driven attack identification. Consequently, the tech-
nologies originally used to solve the security issues of these
Manuscript received March 31, 2020; revised July 16, 2020; accepted smart applications cannot be directly applied in the edge
August 19, 2020. Date of publication August 25, 2020; date of current version computing environment. That is, they fail to consider the
March 5, 2021. This work was supported by the National Natural Science
Foundation of China under Grant U1708262, Grant U1736203, and Grant features of edge computing. By taking identity authentica-
61872449. (Corresponding author: Qingfeng Cheng.) tion for illustration, the trust model in the edge computing
Xinghua Li, Ting Chen, and Jianfeng Ma are with the State Key may be different from the assumed ones in some original
Laboratory of Integrated Services Networks and School of Cyber Engineering,
Xidian University, Xi’an 710071, China (e-mail: [email protected]; schemes. For example in the smart home, terminals have trust
[email protected]; [email protected]). relationship with the home gateway (edge node), as well as
Qingfeng Cheng is with the State Key Laboratory of Mathematical with the backend server (cloud), while there does not exist
Engineering and Advanced Computing, Strategic Support Force
Information Engineering University, Zhengzhou 450001, China (e-mail: trust relationship between the edge node and cloud. This trust
[email protected]). model is different from the 802.1X, where the authentication
Siqi Ma is with the School of Information Technology and Electrical server has trust relationships with the access point and termi-
Engineering, University of Queensland, Brisbane, QLD 4072, Australia
(e-mail: [email protected]). nals. Therefore, the authentication schemes suitable for 802.1X
Digital Object Identifier 10.1109/JIOT.2020.3019297 cannot be directly used in the edge computing environment.
2327-4662
c 2020 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission.
See https://www.ieee.org/publications/rights/index.html for more information.
Authorized licensed use limited to: University of Queensland. Downloaded on March 07,2022 at 00:44:16 UTC from IEEE Xplore. Restrictions apply.
4064 IEEE INTERNET OF THINGS JOURNAL, VOL. 8, NO. 6, MARCH 15, 2021
TABLE I
C OMPARISON OF E XISTING OVERVIEWS W ITH T HEIR P RIMARY F OCUS
Consequently, the original schemes need improving based on and related architectures of edge computing, we
the features of edge computing before they are applied to these exhibit the edge computing-based architecture for smart
edge computing-based systems. applications.
Currently, there have existed some overviews on smart 2) We describe three typical smart applications and briefly
applications or edge computing, such as [7], [8], [11]–[18]. illustrate how edge computing works in them. Then,
Among them, Khan et al. [11] surveyed on edge computing we briefly summarize some security risks of them and
driven smart city and highlighted the role that edge computing present a security protection framework by taking iden-
played in smart city, but it did not focus on the security of tity authentication and data preserving for illustration.
specific applications in smart city. Although Zhang et al. [12] 3) Based on the proposed security protection framework,
and Xiao et al. [15] highlighted the security in edge com- we overview and analyze the current related works,
puting, but they did not combine specific smart applications. including briefly discussing their applicability after the
As [13] and [14], they only surveyed on edge computing, participation of edge computing.
neither combining smart applications nor focusing on secu- 4) After summaries, analysis, and discussions, we briefly
rity. Tan et al. [8] and Kuyucu et al. [16] put emphasis present the future security researches on authentication
on the security discussion in the smart grid and the smart and data security of the edge computing-based smart
home, respectively, but they did not take edge computing applications.
into account. Li et al. [7] surveyed on edge computing- The remaining of this article is sketched as follows. We
based smart transportation, but their focus is not security. briefly introduce the definitions of edge computing and exhibit
Caropreso et al. [17] and Ghosal and Conti [18] summarized the architecture of smart applications based on edge computing
the security issues and technologies related to smart metering in Section II. Section III introduces three typical smart applica-
facilities in the smart grid. Concretely, Caropreso et al. [17] tions, analyzes the security protection requirements from the
put forward an open-source framework of smart meters from perspective of identity authentication and data security, and
the perspective of communication security and data security, puts forward the security protection framework of these smart
and realized the multiframe communication between the client applications in the edge computing environment. Based on
and the server by TCP/IP protocol via wireless networks. the proposed framework, some recent research reviews and
Ghosal and Conti [18] emphasized the important role that corresponding analysis of the smart grid, the smart home,
key management system played in the advanced measurement and the smart transportation are given in Sections IV–VI in
infrastructure of the smart grid, and observed that its secu- order. Section VII presents brief extension that is interesting.
rity was still a challenge. Although Caropreso et al. [17] and Section VIII concludes this article. The last section presents
Ghosal and Conti [18] have made contributions to survey on the possible research works in the future.
the security of the smart grid, they still failed to consider edge
computing. To indicate the difference between our article and
the aforementioned overviews, the comparison of our overview II. E DGE C OMPUTING : D EFINITION AND A RCHITECTURE
with [7], [8], [11]–[18] is given in Table I. From the compar- As [19] described, the requirement of edge computing were
ison, it is obvious that our overview is the first one to discuss pushed from three aspects, i.e., cloud services, IoT, and data
the security of edge computing-based smart applications and consumer to producer. Specifically, when various edge devices
the corresponding applicability in edge computing. Since the produce massive data that needs efficient processing in a
legality of entity and data security are two basic points to guar- network area, it is a challenge for the cloud to meet the high
antee the better function of the system, we take the two aspects efficiency with limited resources. Moreover, in the IoT era,
to discuss. Our main contributions are listed as follows. billions of devices participate in the data production. All the
1) We introduce the definition of edge computing from dif- data transmitted to the cloud puts great pressure on the network
ferent research works. Associating with the definitions bandwidth. To some extent, processing data on the edge of the
Authorized licensed use limited to: University of Queensland. Downloaded on March 07,2022 at 00:44:16 UTC from IEEE Xplore. Restrictions apply.
LI et al.: SMART APPLICATIONS IN EDGE COMPUTING: OVERVIEW ON AUTHENTICATION AND DATA SECURITY 4065
network can protect users’ privacy better. Thus, the emergence the edge gateway focuses on network protocol processing and
of edge computing is inevitable, which plays a nonnegligible conversion, the edge controller focuses on supporting real-
role in addressing the aforementioned issues. time closed-loop control business, and the edge sensor mainly
The definitions of edge computing are various on ver- collects and processes low-power information. Specifically,
sions. Specifically, Shi et al. [19] claimed that it referred to when these smart applications upload data to the cloud center
a technology, where the computing was permitted to be exe- and interact with it, edge computing layer plays a significant
cuted on the edge network. Moreover, the downstream and role in data processing and storage, service delivery, the IoT
the upstream data represent cloud service and IoT services, management, privacy protection, and computing offloading by
respectively. The word “edge” can refer to any network and decreasing the time delay and lightening the pressure of the
computing service existing from the data source to the cloud cloud center.
center. Edge computing consortium (ECC) also defined it in As Fig. 1 displays, cloud computing and edge computing are
the white paper of Edge Computing Reference Architecture 3.0. complementary and cooperative. They have their own advan-
Concretely, edge computing, a distributed architecture, inte- tages, but they are not separate. Otherwise, the system will
grates the computing, network, and other core capabilities on not achieve the expected effect. As for cloud computing, it
the edge network. Close to the objects or data sources, it possesses a larger storage resource, while the storage resource
provides smart services nearby and satisfies some key require- of edge computing is limited. However, compared with cloud
ments, such as the industry digitalization in agile connection, computing, edge computing closes to the data producer and
real-time business, application intelligence, etc. Besides, it costs shorter time to respond users. If the user requires a real-
serves as a bridge that connects the physical and digital world, time response, then edge computing functioned as the data
enabling smart assets, smart gateways, and smart services [20]. processor can satisfy the user by reducing the delay. In addi-
Associating with the aforementioned definitions, based on tion, to well make use of the storage of cloud computing, the
our understanding of edge computing and related descriptions edge node can also return the data result to the cloud if the
in [21]–[23], we put forward an edge computing-based archi- user approves. In this case, if the edge node misses some data
tecture for smart applications, seen in Fig. 1. The architecture that the user requires, he/she can obtain them from the cloud.
consists of three layers, i.e., the cloud center, edge computing, To exhibit a more comprehensive display of the differences
and the smart applications. Edge computing, which interacts and relations between cloud computing and edge computing,
with both the cloud center and the smart applications, is in we summarize them in Table II.
the middle layer, docking with the cloud upward and connect-
ing with various smart devices downward. Edge computing
is mainly composed of various hardware entity edge nodes. III. T YPICAL S MART A PPLICATIONS AND
As described in [20], according to different hardware char- C ORRESPONDING S ECURITY R EQUIREMENTS
acteristics and business focus, edge nodes can be classified Three typical smart applications, i.e., the smart grid, the
into edge gateway, edge controller, edge sensor, etc., where smart home, and the smart transportation, are introduced in this
Authorized licensed use limited to: University of Queensland. Downloaded on March 07,2022 at 00:44:16 UTC from IEEE Xplore. Restrictions apply.
4066 IEEE INTERNET OF THINGS JOURNAL, VOL. 8, NO. 6, MARCH 15, 2021
TABLE II
D IFFERENCE AND R ELATION B ETWEEN C LOUD C OMPUTING 2) Smart Home: Except for the smart grid, the smart home,
AND E DGE C OMPUTING which aims to improve the living environment of res-
idents and remotely or automatically control different
smart home appliances through computer and commu-
nication technologies, is also a hot application under
the development of IoT. In the smart home scene, there
are security monitoring devices, such as smart webcam
that can identify hazards. Undoubtedly, smart appli-
ances are indispensable in the smart home. They can
implement some automatic functions for hosts’ conve-
nience. Moreover, smart energy and lighting are in great
demand, such as smart doors and windows. One of the
most important thing to realize smart home is sensing
and speech recognition, which produce the amount of
sensitive data locally. To better analyze and decide on
these data in real time as well as preserving the privacy,
edge node plays an essential role. In some proposed
smart home edge computing architecture [26], there have
introduced edge analysis engines like local speech recog-
nition. Such engines, which are used to temporarily store
section, including illustrating how edge computing is deployed sensitive data and further analyze them, are deployed on
in them at current research. Furthermore, we will summarize the edge and close to data resource.
some security risks and security requirements of them in terms 3) Smart Transportation: The smart transportation can help
of authentication and data security. The details are shown as solve the issues of urban residents’ travel path. It inte-
follows. grates several technologies like information and com-
munication technology, and applies them to the trans-
portation, the vehicle manufacturing, and service control,
A. Brief Introduction of Typical Smart Applications realizing the improvement on the traffic environment and
1) Smart Grid: As one of the IoT applications, the smart efficiency. Information collection, information analysis,
grid is a network physical system covering various smart and information release are three significant components
devices. It perfectly combines modern information tech- of the smart transportation. For instance, if a vehi-
nology with traditional grid, and transmits not only cle accident happens somewhere, nearby monitors can
current but also the data of advanced monitoring appli- collect such information, analyze causes of such acci-
cations. It highly integrates flows of power, information, dent, and release the accident information in the system
and business and improves the efficiency of power sup- to inform other vehicles and users. However, numer-
ply. Smart grid relies on some advanced technologies, ous vehicles and monitoring equipment are included
such as data analysis, sensing, and measurement, to in the system. Since the bandwidth is limited and the
realize its efficient function with security and relia- data resource is far from the data center, some urgent
bility. A variety of monitoring devices and measur- information may not be released in real time, result-
ing equipment are deployed in the smart grid system. ing in serious consequence. To address such problem,
In the earlier stage, it applies cloud computing for researchers have tried to apply edge computing and
data processing and storage to guarantee efficiency. A realize cloud-edge collaboration. The edge nodes are
related illustration can refer to [24]. In response to deployed close to roadside infrastructure and vehicles,
the high requirement of real time and meeting the such as edge servers and edge sensors. In this way, the
challenges in communication and storage, researchers related information can be sent to the edge nodes close
have introduced edge computing into the smart grid. to the data source for analysis and processing in some
Concretely, analyze and process the data collected by emergency cases.
smart meters and other monitoring equipment on the
edge or power devices terminal. There have already
existed such cases in application. For instance, Tencent B. Summary of Security Requirements
Cloud and Pengmai Energy Technology took edge com- No matter the smart grid, the smart home, or the smart
puting into account and released the overall architecture transportation, the complexity of their own structure and the
of energy IoT solution in 2018 [25]. In the released diversity of their participants will lead to many security threats.
Pengmai smart grid solution, the edge server acts as the Edge computing also risks various security issues. For a clear
core component. It connects with numerous monitoring display of the security problems existing in both edge com-
devices and measuring equipment deployed in the smart puting and the described three smart applications, we briefly
grid, collects power information and analyzes them in summarize and list them in Table III. There is no deny-
real time. ing that the participation of edge computing will make them
Authorized licensed use limited to: University of Queensland. Downloaded on March 07,2022 at 00:44:16 UTC from IEEE Xplore. Restrictions apply.
LI et al.: SMART APPLICATIONS IN EDGE COMPUTING: OVERVIEW ON AUTHENTICATION AND DATA SECURITY 4067
TABLE III
B RIEF S UMMARY OF S ECURITY W EAKNESSES E XISTING IN E DGE defense line and the most significant basis. Identity authenti-
C OMPUTING AND T HOSE S MART A PPLICATIONS cation technology can confirm the validity of communication
participants, preventing the attacker from impersonating as the
legitimate users to spoof the server and consuming the com-
puting, storage, and network sources of the server. Similarly,
this technology prevents the attacker from impersonating as the
legitimate servers to obtain the privacy information of users.
In the edge computing environment, multiple trust domains
coexist, and multiple user entities in the smart grid, the smart
home, and the smart transportation participate in communica-
tion and interaction. Therefore, realizing the authentication of
the application system is very necessary.
Additionally, any system will produce various data and the
data plays an important part in these systems. The data is
usually generated from the user terminal and there exists user’s
sensitive privacy in these data. Moreover, the data produced
in the systems are encouraged to be shared and aggregated
for better function of the systems, but the security needs to
be guaranteed in these data operations. Thus, data security
is another essential basis to guarantee the normal and even
better functions of these systems. That is, apart from identity
authentication, data security protection is also a top priority.
Similar to the smart grid, the smart home, and smart trans-
portation, after edge computing is applied to them, although
there involve threats of both edge computing and smart
applications, the identity authentication of entities and data
security are common issues. Besides, there exists a relationship
between identity authentication and data security. By authen-
tication, the user’s legality is verified and then he/she can be
authorized to access certain data. Moreover, in some proposed
authentication schemes, after authentication, legal users can
further negotiate a session key that can be utilized to pro-
become more complex, and the characteristics of edge comput- tect the data transmitted between the entities, realizing data
ing also add new security threats to these smart applications. protection to a certain extent.
For instance, various edge nodes are distributed in the system, Different scenarios possess different architecture character-
such as edge server and edge controller, so they are easier to istics and the authentication objects are also not the same.
become the target of attackers. Concretely, the attacker can Accordingly, the requirements of authentication and data secu-
disguise malicious edge nodes as legitimate edge nodes and rity protection are naturally different. Consequently, there is no
then induce users to access them by giving some benefits. In such common identity authentication scheme and data security
this case, some important information of user may be leaked protection mechanism for these smart application scenarios.
to the attacker, such as the account and password of some soft- We present the differences between them and summarize their
ware used by users. Furthermore, as Edge Computing Security respective security requirements on authentication and data
White Paper released [27], there exist 12 security challenges preserving as follows.
in edge computing, mainly reflecting in four aspects, i.e., edge 1) First, according to the different security requirements
network, edge dada, edge application, and edge infrastruc- and device characteristics of smart applications in these
ture. In terms of attacks, they may occur in edge access, edge computing-based systems, it is necessary to design
edge server, and edge management. For edge access, there different authentication schemes, thus realizing the con-
exist insecure communication protocols and malicious edge fidentiality of the communication process. Generally,
nodes. For edge server, it occurs problems, such as Distributed the authentication in the smart grid occurs at the smart
Denial of Service (DDoS), insecure systems and components, meter and service provider and requires properties of
and lack of data privacy preserving. For edge management, anonymity, unlinkability, and lightweight. While in the
it exhibits challenges like malicious administrators that are smart home, apart from the smart meter, there are other
difficult to supervise. Thus, if edge computing is applied in home devices that need to authenticate with users or
the smart application, it is inevitable to face these security home gateway. The authentication also requires rela-
problems. tively lightweight. In the smart transportation, we prefer
Currently, most Internet scenes are open to people, including to discuss authentication in the Internet of Vehicles
users and attackers. To guarantee the normal and secure func- (IoV), i.e., vehicle to vehicle and vehicle to roadside
tion of the Internet system, identity authentication is the first infrastructure. The authentication in such scene may
Authorized licensed use limited to: University of Queensland. Downloaded on March 07,2022 at 00:44:16 UTC from IEEE Xplore. Restrictions apply.
4068 IEEE INTERNET OF THINGS JOURNAL, VOL. 8, NO. 6, MARCH 15, 2021
Authorized licensed use limited to: University of Queensland. Downloaded on March 07,2022 at 00:44:16 UTC from IEEE Xplore. Restrictions apply.
LI et al.: SMART APPLICATIONS IN EDGE COMPUTING: OVERVIEW ON AUTHENTICATION AND DATA SECURITY 4069
provider anonymously without the participation of third par- key disclosure attacks in the Canetti–Krawczyk (CK) threat
ties in the authentication. Additionally, only a small amount of model. Based on these analyses, Abbasinezhad-Mood and
calculation operation is needed at the smart meter. However, Nikooghadam [35] mended the drawbacks. In 2019, based
Odelu et al. [30] found that the scheme in [29] suffered on TinySet, Afianti et al. [36] designed a multiuser authen-
from server impersonation attacks and failed to provide secure tication scheme to improve efficiency and resist DoS attacks.
mutual authentication. Besides, when the ephemeral secret was Their scheme used RC5 encryption, partial recovery principle,
inadvertently disclosed, Tsai et al.’s scheme could not guar- and elliptic curve digital signature, which greatly increased the
antee the session key security and user certificate privacy. complexity of attack. Additionally, TinySet is regularized to
Consequently, Odelu et al. put forward an improvement and simplify the administrator’s task to setup initialization param-
enhanced the security. However, both the protocols designed eters. For the computing limitation of the smart measuring
by Tsai et al. and Odelu et al. need high computation and device, Abbasinezhad-Mood et al. [37] specifically designed
communication costs, which cannot meet the resource con- a security protocol, which not only overcame the weakness
straints of smart meters. In 2018, Mahmood et al. [31] and of power service providers participating in the key protocol
Abbasinezhad-Mood and Nikooghadam [32] designed authen- but also greatly reduced the communication cost. To over-
tication protocols for smart grid based on bilinear pairing come the weaknesses existing in the IEC 62351 standard,
operation and elliptic curve cryptosystem, respectively, meet- Moghadam et al. [38] used private key and hash function
ing the anonymity of smart meters. However, compared with and proposed a secure protocol. By pointing out the failure
Abbasinezhad-Mood et al.’s scheme, Mahmood et al.’s scheme of previous anonymous authentication schemes in identify-
costs more calculation and does not realize key escrow. ing malicious users, Kong et al. [39] designed a group blind
Moreover, Chen et al. [33] pointed out that Mahmood et al.’s signature scheme, realizing conditional anonymity.
scheme failed to provide perfect forward security, suffered No matter what the application scenario, key agreement
from impersonation attack and potentially vulnerable to protocols to realize identity authentication usually use some
ephemeral key compromise attack. common cryptography methods, such as elliptic curve, bilin-
For the complexity and time delay sensitivity of the smart ear pairing, public-key encryption and symmetric encryption,
grid, Mahmood et al. [34] proposed a lightweight authen- etc. Thus, here we only take smart grid as an example to
tication scheme using the elliptic curve. After the effective compare the involved protocols on the security and com-
session key is shared between the communication partic- putation cost to present the advantages and disadvantages
ipants, the identity authentication is completed. However, of these key agreement schemes. The compared literature
Abbasinezhad-Mood et al.’s protocol [35] observed that their involve [29]–[35], [37], [38], shown in Table IV. In the
scheme still exhibited some drawbacks, such as the inabil- table, S1 –S7 means user anonymity, perfect forward security,
ity to provide forward security and resistance to ephemeral mutual authentication, anti-impersonation attack, anti-replay
Authorized licensed use limited to: University of Queensland. Downloaded on March 07,2022 at 00:44:16 UTC from IEEE Xplore. Restrictions apply.
4070 IEEE INTERNET OF THINGS JOURNAL, VOL. 8, NO. 6, MARCH 15, 2021
TABLE IV
C OMPARISON ON THE S ECURITY AND C OMPUTATION C OST OF R ELATED S CHEMES
attack, resistance to man-in-the-middle attack, and session key adopted to propose an authoritative proof consensus protocol,
security. Additionally, the symbols Tm , Tb , Te , Th , and Ts which aimed to get the credit score, so as to solve the existing
denote time for performing scalar multiplication, bilinear pair- computing problem of Ethereum blockchain.
ing, modular exponentiation, hash function, and symmetric Smart grid, the next power grid generation, can effectively
encryption in order. As the table shows, the key agreement monitor, control, and predict the production and consumption
schemes for the smart grid are improving. Besides, security of the energy, but the transmission of power data fails to keep
and performance are relative, that is, high security requires a confidential. Besides, the fine-grained measurement data may
certain performance as a cost. The issue on how to balance leak the privacy of users. Therefore, Li et al. [42] designed a
the security and performance is a challenge. power data transmission protection scheme based on quantum
cryptography combining with the one-time key mechanism.
Additionally, they used quantum to generate random numbers,
B. Data Security which fixed the weaknesses of the traditional generator, and
There are entities, such as substations, smart appliances, put forward a key distribution scheme. For another thing, the
and control centers in the smart grid. Smart meter is used research on secure data aggregation has been developing and
to help exchange information between the smart appliances improving [43]–[49], including various public-key-based data
and substations and transmit customer’s requirements to the aggregation protocols, but the public-key technology is not
substation. Then, the substation forwards these requests to the recommended in this scenario due to the high costs of main-
corresponding control center, which further responds to incom- taining public-key infrastructure (PKI). Thus, by adopting the
ing requests. Thus, there must exist data interaction among the identity-based encryption and signature, Wang [43] proposed a
above-mentioned entities. They are confidential information protocol of data aggregation, which was suitable for the appli-
and need security protecting. According to the summarized cation in the smart grid. It can avoid fine-grained analysis as
security requirements, from the perspective of secure shar- well as unauthorized reading, and resist unexpected faults and
ing, transmission, and aggregation of the power data, this malicious tampering of message.
subsection reviews some works and analyzes them. In 2018, Gope and Sikdar [44] put forward an effective
Under the era of the IoT, smart meters in the smart grid will data aggregation scheme, which avoided high computation
generate massive data. Users, however, are generally unwilling cost and overcame the weakness of fixed price for the whole
to share the data that they own because the privacy of their day (or even the whole month). Their scheme used symmet-
data cannot be guaranteed to be not leaked. To balance the ric key encryption primitives for privacy-aware and secure
personal privacy and the beneficial use of data in the smart billing system, and promoted the generation of power and
grid, Yassine et al. [40] proposed a mechanism that could the requirement balance in the smart grid, relatively decreas-
determine the value of privacy risk. Once a user decided to ing the computation cost and the time for data aggregation.
share data with a third-party service provider, this mechanism Thus, it was suitable for smart grid devices with constrained
will function to determine the benefits of users. Moreover, resource. Liu et al. [45] proposed a practical scheme with pri-
Yassine et al.’s scheme used a negotiation mechanism based vacy preserving used for data aggregation. In the scheme, a
on game theory to study the fairness among entities involv- virtual aggregation region consisting of users with a certain
ing a third party, consumers, and data aggregators, where degree of trust is constructed to hide single user’s data, where
the entities in the game aimed to maximize their own util- the aggregation results have little impact on the data practica-
ity. Concretely, the consumers wanted to get the maximum bility of large-scale applications. Liu et al. [45] depended little
return for allowance to access their data, the data aggregators on the third party, promoted the performance, and improved
wished to get more money from the third party by providing the practicability. In 2020, Gope and Sikdar [47] proposed
the consumers with less rewards, and the third party wanted a privacy-friendly scheme of data aggregation to prevent fine-
to spend less money for the data. For the sake of encourag- grained data from being collected by smart meters and massive
ing users to share data, based on blockchain and differential measurement results from being used to reconstruct the behav-
privacy technology, Samuel et al. [41] proposed a mechanism ior of consumers. Aiming at the data integrity attacks for smart
of access control to fairly compensate users’ contribution in grid, Mohammadpourfard et al. [49] recommended to find the
sharing data. Meanwhile, in [41], PageRank mechanism was critical line outage contingencies.
Authorized licensed use limited to: University of Queensland. Downloaded on March 07,2022 at 00:44:16 UTC from IEEE Xplore. Restrictions apply.
LI et al.: SMART APPLICATIONS IN EDGE COMPUTING: OVERVIEW ON AUTHENTICATION AND DATA SECURITY 4071
TABLE V
K EY W ORDS , A NALYSIS , AND THE A PPLYING OF E DGE C OMPUTING IN THE S MART G RID
C. Applicability in Edge Computing Environment as attribute encryption and homomorphic encryption but also
For the sake of clearly presenting the consideration of shorten the time delay, being able to correctly and timely han-
edge computing in the smart grid, we summarize some lit- dle the data transmission among the smart grid devices, edge
erature mentioned above in Table V. Obviously, the table computing nodes, and the cloud centers.
shows that a few schemes take edge computing into account
when discussing the security in the smart grid. Among them,
only [31] applies edge computing. However, [31] only intro- V. S MART H OME
duces edge computing as a background, but it does not reflect In the smart home system, the data collected by the sensor
in the authentication scheme. Edge nodes exhibits the char- is transmitted to the decision-making unit, which calculates
acteristics of distributed deployment. Such deployment brings the appropriate control signals to achieve the predetermined
more threats to the secure communication of the smart grid, goal [50]. The research works of deploying cloud comput-
such as the DDoS attack, so the requirement of resistance to ing, fog computing, and edge computing to the smart home
such attack should be taken into consideration when design- have been put forward successively [51]–[54]. The scenario
ing authentication protocols. Moreover, in the edge computing of the smart home in the edge computing environment is
environment, massive smart devices are connected; thus, the presented in Fig. 4 [55], [56]. Users can locally control
efficiency of authentication is another challenge that can- kinds of smart home devices through Bluetooth, Wi-Fi, home
not be ignored. These authentication protocols should realize LAN, etc. Additionally, users can also remotely operate home
lightweight and improve the performance. In addition, if the devices through Internet services provided by the edge com-
edge node is malicious or forcibly manipulated by the attacker, puting layer. Therefore, the smart home system is also the
the data information it stores will also be disclosed. As far as intrusion target of hackers and other attackers. For instance,
the data sharing and aggregation are concerned, to ensure the an attacker can launch a botnet attack [57] to control vari-
data security or even the data privacy, the future researches ous smart home device, so as to achieve a large-scale DDoS
should not only learn from the existing technologies, such attack.
Authorized licensed use limited to: University of Queensland. Downloaded on March 07,2022 at 00:44:16 UTC from IEEE Xplore. Restrictions apply.
4072 IEEE INTERNET OF THINGS JOURNAL, VOL. 8, NO. 6, MARCH 15, 2021
A. Identity Authentication layer to establish encryption key for smart home devices.
As the summarized security requirements of the smart home However, the rate of key generation in most advanced schemes
describe, it is necessary to realize the authentication of user is low. To overcome this challenge and improve the key gen-
and smart home equipment. The entities in the smart home are eration rate, by using the received signal strength (RSS),
able to use Bluetooth and other channels for communication, Zhao et al. [60] presented an adaptive key establishment
and these channels have their own unique parameters and fea- scheme, where the two devices in the smart home were able
tures. The designed schemes will prefer to use physical-layer to quantify the RSS measurements adaptively and got the
information for authentication. Such reviewing are illustrated key. Furthermore, to demonstrate the practicability, they car-
as follows. ried out experimental implementation based on the Ralink
From the perspective of identity authentication in the smart Wi-Fi card of RT2870 chipset and evaluated the random-
home, there have been many related works available for ness of the key generation through the test experiment of
reference [58]–[65]. The smart home enables individuals to NIST randomness. In some cases, devices used in the smart
control smart devices in their homes through the Internet. home are made by various factories, so it is a big challenge
Internet services like IFTTT integrate different kinds of smart to use the secret loaded in advance by different factories
home devices, which allow users to customize smart home to securely establish the communication key. In this case,
configuration through IFTTT. In view of the challenge that Zhang et al. [61] presented a key agreement protocol suit-
distributed malware based on features can harm users’ IFTTT able for the smart home. Their scheme adopted the problem
accounts, Baruah and Dhal [58] put forward a secure IFTTT- of secret mismatch existing in the schemes of secret extraction
based framework for the smart home. It combined a one- on the physical layer. That is, two smart home devices used
time password authentication scheme using verification code. mismatched bitstreams to generate highly correlated blocks
Adopting one-time password makes it resist to replay attack. and then used these blocks to mask the transmitted message
Chifor et al. [59] presented an authorization stack that was between the devices in the smart home, so as to guarantee
lightweight in the cloud environment to provide digital identity the secure establishment of the communication key between
for users and smart devices, where the cloud joint authentica- them. Although this key protocol can address some issues
tion for the smart home through the fast identity online (FIDO) existing in some related works, it also increases some extra
authentication message was realized. In addition, they used a communication cost. Considering the group communication,
keep-alive online protocol for security, which was executed Mughal et al. [63] presented a mobile management scheme
every time when a user requested for the authentication of using logical tree, which could effectively solve the problem of
FIDO. Additionally, to ensure the near real-time constraints, frequent key updates. Based on transaction history and physi-
Chifor et al. implemented experiments based on the Kaa IoT cal context awareness, Fakroon et al. [65] proposed a scheme
cloud and further measured the delay time. for authenticating the user remotely, which avoided the prob-
To ensure the security of home LAN, it is necessary to lems of clock synchronization and maintaining a verification
implement a lightweight key extraction scheme on the physical table.
Authorized licensed use limited to: University of Queensland. Downloaded on March 07,2022 at 00:44:16 UTC from IEEE Xplore. Restrictions apply.
LI et al.: SMART APPLICATIONS IN EDGE COMPUTING: OVERVIEW ON AUTHENTICATION AND DATA SECURITY 4073
Authorized licensed use limited to: University of Queensland. Downloaded on March 07,2022 at 00:44:16 UTC from IEEE Xplore. Restrictions apply.
4074 IEEE INTERNET OF THINGS JOURNAL, VOL. 8, NO. 6, MARCH 15, 2021
TABLE VI
K EY W ORDS , A NALYSIS , AND THE A PPLYING OF E DGE C OMPUTING IN THE S MART H OME
is not very high. Meanwhile, it is necessary to ensure the authentication scheme using blockchain. Their scheme authen-
anonymity of the vehicle, so as to prevent the vehicle from ticated servers and users anonymously, solving a single point
being tracked by the attacker and preserve the privacy of the of failure problems and realizing privacy preserving. Through
owner. In 2018, for some problems existing in the related the mutual authentication and distributed agreement mech-
works, such as the high cost of initial authentication may lead anism, Li et al.’s scheme exhibits high fault tolerance and
to serious DoS attacks, Liu et al. [80] put forward a cooper- can well handle the attacked servers. To overcome the weak-
ative authentication scheme applied in VANET. Their scheme nesses of the low performance and the strong hypothesis of
designs a computing problem using the real-time information ideal TPD, Zhong et al. [83] proposed a completely con-
like the expected receiver and location, so as to reduce DoS verged privacy-preserving authentication scheme in vehicle
attacks against anonymous authentication. Additionally, the ad hoc network. They used the aggregation signature with-
trust cluster was constructed by adopting the trust relation- out certificate, realizing the secure communication of vehicle
ships among vehicles and the connected component theory to infrastructure and greatly saving the resources of comput-
that effectively helped construct the trust cluster. After estab- ing and bandwidth. Furthermore, they adopted pseudonyms,
lishing the trust clusters among the legal vehicles, they can conditionally achieving privacy protection, and when neces-
conduct authentications through the trust cluster to improve the sary, the tracking agencies were able to identify the vehicle’s
efficiency. real identity. Since the length is constant in the aggrega-
Furthermore, vehicles in the IoV come from different tion signature, the overhead of storage and communication
domains and the mobility of vehicles is high. Therefore, in are reduced. Based on bilinear pairing and one-way hash
addition to the authentication of vehicles in the single domain, operation, Ali and Li [84] presented an efficient signature
cross-domain authentication of vehicles is also needed con- scheme called ID-CPPA, which was used for the communi-
sideration. In 2019, Li et al. [81] presented a cross-domain cation between vehicles and infrastructure and was allowed to
Authorized licensed use limited to: University of Queensland. Downloaded on March 07,2022 at 00:44:16 UTC from IEEE Xplore. Restrictions apply.
LI et al.: SMART APPLICATIONS IN EDGE COMPUTING: OVERVIEW ON AUTHENTICATION AND DATA SECURITY 4075
authenticate massive traffic-related messages. Facing the appli- when they transmit and store data, and allocate rewards to the
cation of cloud-assisted autonomous vehicles, Jiang et al. [86] vehicles participating in data sharing. Based on blockchain,
presented a three-factor authentication scheme, involving Fan et al. [90] presented a scheme of data sharing that realized
smart card, biometrics and password. Their scheme pro- one to many, where the blockchain was responsible for record-
vides privacy preserving, especially user’s biometric privacy ing the access policy to achieve the cloud nonrepudiation and
preserving. user self-certification.
The rapid advancement in the IoT technology contributes to
massive smart devices with specific perception ability access-
B. Data Security ing to the network and getting data. To guarantee the security
Various privacy data will be generated in the smart trans- and privacy of data aggregation, Li et al. [91] put forward
portation system, such as the location data produced by vehicle a scheme of data aggregation for IoT applications assisted
users, road information data collected by surveillance cameras, by mobile-edge computing in 2018. In their scheme, Boneh–
etc. To enjoy better service, some personal data is encouraged Goh–Nissim cryptosystem is adopted to ensure user privacy.
to share in the system. For better deciding on the data, some- Through edge computing, the public cloud center can use
times they need aggregating. All these data operation should the sensing function of the IoT terminal equipment (TE) to
be secure and even privacy preserving. To realize the above obtain specific parameters and the data collected by TE is
mentioned, researchers have presented plenty of schemes and summarized by the edge server. In 2019, based on fog comput-
some of them [87]–[93] are illustrated as follows. ing, Guan et al. [92] designed a device-oriented scheme with
Zhang and Chen [87] proposed a new scheme to ensure the privacy protection, which provided security for the data aggre-
privacy protection of real-time location data. In this scheme, gation application. It supported multiauthority management of
a vehicle can dynamically generate virtual location accord- local smart devices and fog nodes. Moreover, Guan et al. used
ing to the surroundings and provide misleading information pseudonym and the corresponding pseudonym certificate to
of driving route, so as to achieve the privacy preserving. Also, ensure the validity and anonymity for the devices and deployed
based on the alliance chain, Zhang et al. [88] put forward a the local certification authority to transfer the management of
secure system of data storage and data sharing. The technol- pseudonyms to the professional edge fog network, so as to
ogy of digital signature adopted in [88] follows the elliptic offer real-time services for the registration and correspond-
curve’s feature of bilinear pairing, which guarantees the relia- ing update of devices. Besides, they used Paillier algorithm to
bility and integrity of data transmission. Besides, the adopted ensure the data confidentiality in the process of data aggre-
blockchain provides a decentralized database that is reliable gation. Based on the feature of message recovery signature
and secure. In addition, the smart contracts are utilized to be (MRS), Shen et al. [93] proposed a secure scheme of traffic
the constraint triggering conditions of the preselected nodes data aggregation with real-time service for vehicle cloud in
Authorized licensed use limited to: University of Queensland. Downloaded on March 07,2022 at 00:44:16 UTC from IEEE Xplore. Restrictions apply.
4076 IEEE INTERNET OF THINGS JOURNAL, VOL. 8, NO. 6, MARCH 15, 2021
TABLE VII
K EY W ORDS , A NALYSIS , AND THE A PPLYING OF E DGE C OMPUTING IN THE S MART T RANSPORTATION
vehicle ad hoc network. The scheme first verified the valid- we summarize some of them in Table VII. From the table,
ity of the signature of vehicles and then extracted the original we observe that the existing authentication protocols and data
data of traffic from it. Because of the advantages of MRS, protection schemes in the IoV still lacks of consideration
Shen et al.’s scheme owns the common data security attributes, on edge computing scenario. For authentication, the scheme
such as the confidentiality, privacy protection, and anti-replay in [94], which realizes anonymous authentication for mobile-
attacks. edge computing, may be a good reference. Additionally,
because of the participation of the edge sensors, the format of
the generated data may be different. While realizing security
C. Applicability in Edge Computing Environment and privacy protection, how to well integrate these multisource
The smart transportation system consists of vehicles, var- heterogeneous data should be paid more attention, and the cor-
ious roadside infrastructure, monitoring cameras, etc. There responding processing strategy with privacy preserving should
exist interactions between not only vehicles and the road- be chosen according to the data characteristics, so that they
side infrastructure but also the edge node and the roadside can be better used in the analysis.
infrastructure, as well as the cloud and the edge nodes; thus,
different authentication protocols need to be designed to adapt
to the corresponding communication entities. In addition, vehi- VII. E XTENSION
cles and edge nodes are dynamic, and the mobility of vehicles Most of the aforementioned authentication schemes are
is high and fast. Therefore, in the designed authentication high-layer protocols based on cryptography without using
protocols, the edge server or cloud should be able to cope the inherent properties of the wireless channel. They may
with the dynamic changes, ensure high efficiency, and do not resist various attacks, but they commonly cost high com-
increase complex computing operations. To show the consid- putation or communication overhead. In recent years, PHY-
eration on edge computing of the literature discussed above, layer authentication based on physical-layer channel features
Authorized licensed use limited to: University of Queensland. Downloaded on March 07,2022 at 00:44:16 UTC from IEEE Xplore. Restrictions apply.
LI et al.: SMART APPLICATIONS IN EDGE COMPUTING: OVERVIEW ON AUTHENTICATION AND DATA SECURITY 4077
is a hot authentication technology. It enhances the secu- research direction for the security in the edge computing
rity of high-layer with the help of transmission features of environment.
the channel, such as spatiotemporal uniqueness. Due to its
advantages of low computation and communication cost, low
delay and power consumption, and unnecessary distribution F UTURE W ORK
of secret keys, PHY-layer authentication is promising to serve Based on the aforementioned summaries and discussions,
as a complementary solution for the conventional high-layer we look forward to future researches in this field as follows.
authentication. 1) When designing the protocol for realizing the identity
There is no doubt that PHY-layer authentication can be authentication in the edge computing-based smart grid
applied in these smart applications, as described in the smart system, we should not only consider the anonymity of
home scenario, such as [60] and [61]. Moreover, in the smart devices but also consider the ability to resist DDoS
smart city scenario, by using tag embedding and verification, attacks under edge computing. When designing the data
Zhang et al. [95] presented a PHY-layer authentication frame- security protection scheme, we should not only learn
work that was lightweight. PHY-layer authentication is also a from the existing data security technology of the smart
useful aid in edge computing. For instance, Liao et al. [96] grid but also reduce the time delay and ensure the data
used PHY-layer authentication to enhance the security of availability.
mobile-edge computing. In their designed method, multiple 2) After edge computing is deployed in the smart home,
legal edge nodes can be distinguished from attackers and mali- based on the existing authentication technology, we need
cious nodes. Recently, Liao et al. [97], Zhang et al. [98], and to combine with the network environment of the home
Zhang et al. [99] have also investigated on PHY-layer authenti- equipments and the application characteristics of edge
cation. For edge computing-based smart application scenarios, computing and design the lightweight authentication
PHY-layer authentication may also be a good boost in identity protocols with high security. For the data security and
authentication and there has presented such work. For instance, privacy preserving, the existing task offloading technolo-
to overcome rogue edge attacks in mobile-edge computing- gies need to be improved, enabling them to offload part
based VANETs, an important part of smart transportation or all of the sensitive data in the smart home to the edge
scenario, Lu et al. [100] proposed a PHY authentication for execution.
scheme by exploiting mobile device’s serving edge and the 3) After the combination of smart transportation and edge
related channel information. Unfortunately, PHY-layer authen- computing, it is necessary to design the correspond-
tication may be not suitable for the mobile communication ing security protocols with low cost and high efficiency
system with fast mobility, and to achieve higher efficiency, it under the condition of knowing the characteristics of
needs to be combined with cryptography. In a word, apply- mutual authentication entities, as well as considering the
ing PHY-layer authentication in edge computing-based smart dynamic and mobility. Moreover, in the environment of
application scenarios will be an interesting research direction edge computing, according to the multisource hetero-
in the future. geneity of the data generated by the smart transportation
system, it is necessary to design secure aggregation and
sharing schemes with privacy preserving.
VIII. C ONCLUSION 4) The smart grid and the smart home, the smart grid
The trend of the large-scale deployment of edge comput- and the smart transportation are also closely related.
ing is inevitable, especially in IoT-based smart applications. For example, the smart grid can provide power for the
From the viewpoint of cybersecurity, this article especially smart home, and electric vehicles in the smart transporta-
investigates on the issues of authentication and data secu- tion can help the smart grid in case of power shortage
rity existing in edge computing-based smart applications. To when they are idle. Therefore, how to design appro-
provide a comprehensive understanding, we briefly describe priate security protection technologies while ensuring
some definitions of edge computing in current works and mutual promotion among them is another possible future
compare it with cloud computing. From the comparison, research direction.
it can be seen that edge computing does have its obvious
advantages, such as fast response. Moreover, we introduce
R EFERENCES
three typical applications that apply edge computing and
analyze some security weaknesses existing in these smart [1] “The 44th China statistical report on Internet development,” in Office
of the Central Leading Group for Cyberspace Affairs, China Internet
applications as well as edge computing. We observe that Netw. Inf. Center, Beijing, China, 2019.
their common challenge is to ensure the identity legality of [2] W. Shi and S. Dustdar, “The promise of edge computing,” Computer,
system entity, which is also the most basic problem to be vol. 49, no. 5, pp. 78–81, May 2016.
solved in ensuring system security. Besides, data protection is [3] M. Satyanarayanan, “The emergence of edge computing,” Computer,
vol. 50, no. 1, pp. 30–39, Jan. 2017.
indispensable because it is an important component of these [4] (2018). Gartner Inc. [Online]. Available: https://www.gartner.com/
smart applications. Thus, based on authentication and data technology/home.jsp
security, we summarize some related works of these smart [5] K. Gai, Y. Wu, L. Zhu, L. Xu, and Y. Zhang, “Permissioned
blockchain and edge computing empowered privacy-preserving smart
applications and briefly illustrate the adaptability after edge grid networks,” IEEE Internet Things J., vol. 6, no. 5, pp. 7992–8004,
computing is introduced to them. Moreover, we give the future Oct. 2019.
Authorized licensed use limited to: University of Queensland. Downloaded on March 07,2022 at 00:44:16 UTC from IEEE Xplore. Restrictions apply.
4078 IEEE INTERNET OF THINGS JOURNAL, VOL. 8, NO. 6, MARCH 15, 2021
[6] R. Trimananda, A. Younis, B. Wang, B. Xu, B. Demsky, and [29] J.-L. Tsai and N.-W. Lo, “Secure anonymous key distribution scheme
G. Xu, “Vigilia: Securing smart home edge computing,” in Proc. for smart grid,” IEEE Trans. Smart Grid, vol. 7, no. 2, pp. 906–914,
IEEE/ACM Symp. Edge Comput. (SEC), Seattle, WA, USA, 2018, Mar. 2016.
pp. 74–89. [30] V. Odelu, A. K. Das, S. Kumari, X. Huang, and M. Wazid, “Provably
[7] Q. Li, P. Chen, and R. Wang, “Edge computing for intelligent trans- secure authenticated key agreement scheme for distributed mobile
portation system: A review,” in Cyberspace Data and Intelligence, cloud computing services,” Future Gener. Comput. Syst., vol. 68,
and Cyber-Living, Syndrome, and Health. Singapore: Springer, 2019, pp. 74–88, Mar. 2017.
pp. 130–137. [31] K. Mahmood et al., “Pairing based anonymous and secure key agree-
[8] S. Tan, D. De, W. Z. Song, J. Yang, and S. K. Das, “Survey of secu- ment protocol for smart grid edge computing infrastructure,” Future
rity advances in smart grid: A data driven approach,” IEEE Commun. Gener. Comput. Syst., vol. 88, pp. 491–500, Nov. 2018.
Surveys Tuts., vol. 19, no. 1, pp. 397–422, 1st Quart., 2017. [32] D. Abbasinezhad-Mood and M. Nikooghadam, “An anonymous ECC-
[9] D. Liu, Z. Yan, W. Ding, and M. Atiquzzaman, “A survey on secure based self-certified key distribution scheme for the smart grid,” IEEE
data analytics in edge computing,” IEEE Internet Things J., vol. 6, Trans. Ind. Electron., vol. 65, no. 10, pp. 7996–8004, Oct. 2018.
no. 3, pp. 4946–4967, Jun. 2019. [33] T. Chen, Q. Cheng, and X. Li, “An anonymous key agree-
[10] M. Caprolu, R. Di Pietro, F. Lombardi, and S. Raponi, “Edge comput- ment protocol with robust authentication for smart grid infras-
ing perspectives: Architectures, technologies, and open security issues,” tructure,” Sci. China Inf. Sci., early access. [Online]. Available:
in Proc. IEEE Int. Conf. Edge Comput. (EDGE), Milan, Italy, 2019, http://engine.scichina.com/doi/10.1007/s11432-019-2736-5
pp. 116–123.
[34] K. Mahmood, S. A. Chaudhry, H. Naqvi, S. Kumari, X. Li, and
[11] L. U. Khan, I. Yaqoob, N. H. Tran, S. Kazmi, T. N. Dang, and
A. K. Sangaiah, “An elliptic curve cryptography based lightweight
C. S. Hong, “Edge computing enabled smart cities: A comprehen-
authentication scheme for smart grid communication,” Future Gener.
sive survey,” IEEE Internet Things J., early access, Apr. 10, 2020,
Comput. Syst., vol. 81, pp. 557–565, Apr. 2018.
doi: 10.1109/JIOT.2020.2987070.
[12] J. Zhang, B. Chen, Y. Zhao, X. Cheng, and F. Hu, “Data security [35] D. Abbasinezhad-Mood and M. Nikooghadam, “Design and hard-
and privacy-preserving in edge computing paradigm: Survey and open ware implementation of a security-enhanced elliptic curve cryptography
issues,” IEEE Access, vol. 6, pp. 18209–18237, 2018. based lightweight authentication scheme for smart grid communica-
[13] Y. Mao, C. You, J. Zhang, K. Huang, and K. B. Letaief, “A survey tions,” Future Gener. Comput. Syst., vol. 84, pp. 47–57, Jul. 2018.
on mobile edge computing: The communication perspective,” IEEE [36] F. Afianti, T. Suryani, and I. Wirawan, “Lightweight and DoS resistant
Commun. Surveys Tuts., vol. 19, no. 4, pp. 2322–2358, 4th Quart., multiuser authentication in wireless sensor networks for smart grid
2017. environments,” IEEE Access, vol. 7, pp. 67107–67122, 2019.
[14] X. Wang, Y. Han, V. C. Leung, D. Niyato, X. Yan, and X. Chen, [37] D. Abbasinezhad-Mood, A. Ostad-Sharif, and M. Nikooghadam,
“Convergence of edge computing and deep learning: A comprehensive “Novel anonymous key establishment protocol for isolated smart
survey,” IEEE Commun. Surveys Tuts., vol. 22, no. 2, pp. 869–904, meters,” IEEE Trans. Ind. Electron., vol. 67, no. 4, pp. 2844–2851,
2nd Quart., 2020, doi: 10.1109/COMST.2020.2970550. Apr. 2020.
[15] Y. Xiao, Y. Jia, C. Liu, X. Cheng, J. Yu, and W. Lv, “Edge computing [38] M. F. Moghadam, M. Nikooghadam, A. H. Mohajerzadeh, and
security: State of the art and challenges,” Proc. IEEE, vol. 107, no. 8, B. Movali, “A lightweight key management protocol for secure com-
pp. 1608–1631, Aug. 2019. munication in smart grids,” Elect. Power Syst. Res., vol. 178, Jan. 2020,
[16] M. K. Kuyucu, Ş. Bahtiyar, and G. İnce, “Security and privacy in Art. no. 106024.
the smart home: A survey of issues and mitigation strategies,” in Proc. [39] W. Kong, J. Shen, P. Vijayakumar, Y. Cho, and V. Chang, “A practical
IEEE 4th Int. Conf. Comput. Sci. Eng. (UBMK), Samsun, Turkey, 2019, group blind signature scheme for privacy protection in smart grid,” J.
pp. 113–118. Parallel Distrib. Comput., vol. 136, pp. 29–39, Feb. 2020.
[17] R. D. T. Caropreso, R. A. Fernandes, D. P. Osorio, and I. N. Silva, [40] A. Yassine, A. A. N. Shirehjini, and S. Shirmohammadi, “Smart meters
“An open-source framework for smart meters: Data communication and big data: Game theoretic model for fair data sharing in deregulated
security traffic analysis,” IEEE Trans. Ind. Electron., vol. 66, no. 2, smart grids,” IEEE Access, vol. 3, pp. 2743–2754, 2015.
pp. 1638–1647, Feb. 2019. [41] O. Samuel, N. Javaid, M. Awais, Z. Ahmed, M. Imran, and M. Guizani,
[18] A. Ghosal and M. Conti, “Key management systems for smart grid “A blockchain model for fair data sharing in deregulated smart grids,”
advanced metering infrastructure: A survey,” IEEE Commun. Surveys in Proc. IEEE Global Commun. Conf. (GLOBCOM), Waikoloa, HI,
Tuts., vol. 21, no. 3, pp. 2831–2848, 3rd Quart., 2019. USA, 2019, pp. 1–7.
[19] W. Shi, J. Cao, Q. Zhang, Y. Li, and L. Xu, “Edge computing: Vision [42] Y. Li, P. Zhang, and R. Huang, “Lightweight quantum encryption for
and challenges,” IEEE Internet Things J., vol. 3, no. 5, pp. 637–646, secure transmission of power data in smart grid,” IEEE Access, vol. 7,
Oct. 2016. pp. 36285–36293, 2019.
[20] (2018). Edge Computing Consortium. [Online]. Available: [43] Z. Wang, “An identity-based data aggregation protocol for the smart
http://www.ecconsortium.org/Lists/show/id/334.html grid,” IEEE Trans. Ind. Informat., vol. 13, no. 5, pp. 2428–2435,
[21] S. Raponi, M. Caprolu, and R. Di Pietro, “Intrusion detection at the Oct. 2017.
network edge: Solutions, limitations, and future directions,” in Proc. [44] P. Gope and B. Sikdar, “An efficient data aggregation scheme for
Int. Conf. Edge Comput., 2019, pp. 59–75. privacy-friendly dynamic pricing-based billing and demand-response
[22] T. M. Mengistu, A. Albuali, A. Alahmadi, and D. Che, “Volunteer cloud management in smart grids,” IEEE Internet Things J., vol. 5, no. 4,
as an edge computing enabler,” in Proc. Int. Conf. Edge Comput., 2019, pp. 3126–3135, Aug. 2018.
pp. 76–84.
[45] Y. Liu, W. Guo, C. I. Fan, L. Chang, and C. Cheng, “A practical
[23] T. Suganuma, T. Oide, S. Kitagami, K. Sugawara, and N. Shiratori,
privacy-preserving data aggregation (3PDA) scheme for smart grid,”
“Multiagent-based flexible edge computing architecture for IoT,” IEEE
IEEE Trans. Ind. Informat., vol. 15, no. 3, pp. 1767–1774, Mar. 2019.
Netw., vol. 32, no. 1, pp. 16–23, Jan./Feb. 2018.
[24] Z. Guan, J. Li, L. Wu, Y. Zhang, J. Wu, and X. Du, “Achieving efficient [46] J. Song, Y. Liu, J. Shao, and C. Tang, “A dynamic membership data
and secure data acquisition for cloud-supported Internet of Things in aggregation (DMDA) protocol for smart grid,” IEEE Syst. J., vol. 14,
smart grid,” IEEE Internet Things J., vol. 4, no. 6, pp. 1934–1944, no. 1, pp. 900–908, Mar. 2020, doi: 10.1109/JSYST.2019.2912415.
Dec. 2017. [47] P. Gope and B. Sikdar, “An efficient privacy-friendly hop-by-hop data
[25] (2018). Cloud Tencent and Energy IoT Pengmai. [Online]. Available: aggregation scheme for smart grids,” IEEE Syst. J., vol. 14, no. 1,
https://cloud.tencent.com/solution/energy_iot pp. 343–352, Mar. 2020, doi: 10.1109/JSYST.2019.2899986.
[26] N. Gupta, K. Anantharaj, and K. Subramani, “Containerized archi- [48] H. Shen, Y. Liu, Z. Xia, and M. Zhang, “An efficient aggregation
tecture for edge computing in smart home: A consistent architecture scheme resisting on malicious data mining attacks for smart grid,” Inf.
for model deployment,” in Proc. IEEE Int. Conf. Comput. Commun. Sci., vol. 526, pp. 289–300, Jul. 2020, doi: 10.1016/j.ins.2020.03.107.
Informat. (ICCCI), Coimbatore, India, 2020, pp. 1–8. [49] M. Mohammadpourfard, Y. Weng, M. Pechenizkiy, M. Tajdinian, and
[27] (2019). Edge Computing Consortium. [Online]. Available: B. Mohammadi-Ivatloo, “Ensuring cybersecurity of smart grid against
http://www.ecconsortium.org/Lists/show/id/374.html data integrity attacks under concept drift,” Int. J. Elect. Power Energy
[28] A. Kumari, S. Tanwar, S. Tyagi, N. Kumar, M. S. Obaidat, and Syst., vol. 119, Jul. 2020, Art. no. 105947.
J. J. Rodrigues, “Fog computing for smart grid systems in the 5G envi- [50] S. Feng, P. Setoodeh, and S. Haykin, “Smart home: Cognitive
ronment: Challenges and solutions,” IEEE Wireless Commun., vol. 26, interactive people-centric Internet of Things,” IEEE Commun. Mag.,
no. 3, pp. 47–53, Jun. 2019. vol. 55, no. 2, pp. 34–39, Feb. 2017.
Authorized licensed use limited to: University of Queensland. Downloaded on March 07,2022 at 00:44:16 UTC from IEEE Xplore. Restrictions apply.
LI et al.: SMART APPLICATIONS IN EDGE COMPUTING: OVERVIEW ON AUTHENTICATION AND DATA SECURITY 4079
[51] M. Tao, J. Zuo, Z. Liu, A. Castiglione, and F. Palmieri, “Multi-layer [74] H. A. Khattak, S. U. Islam, I. U. Din, and M. Guizani, “Integrating fog
cloud architectural model and ontology-based security service frame- computing with VANETs: A consumer perspective,” IEEE Commun.
work for IoT-based smart homes,” Future Gener. Comput. Syst., vol. 78, Stand. Mag., vol. 3, no. 1, pp. 19–25, Mar. 2019.
pp. 1040–1051, Jan. 2018. [75] S. Garg et al., “Edge computing-based security framework for big
[52] A. Yassine, S. Singh, M. S. Hossain, and G. Muhammad, “IoT big data analytics in VANETs,” IEEE Netw., vol. 33, no. 2, pp. 72–81,
data analytics for smart homes with fog and cloud computing,” Future Mar./Apr. 2019.
Gener. Comput. Syst., vol. 91, pp. 563–573, Feb. 2019. [76] A. Mahmood, H. Zen, and S. Hilles, “Big data and privacy
[53] C. S. M. Babou, D. Fall, S. Kashihara, I. Niang, and Y. Kadobayashi, issues for connected vehicles in intelligent transporta-
“Home edge computing (HEC): Design of a new edge computing tion systems,” 2018. [Online]. Available: arXiv:1806.02944.
technology for achieving ultra-low latency,” in Proc. Int. Conf. Edge doi: 10.1007/978-3-319-63962-8_234-1.
Comput., 2018, pp. 3–17. [77] A. Nanda, D. Puthal, J. J. Rodrigues, and S. A. Kozlov, “Internet
[54] J. M. Batalla and F. Gonciarz, “Deployment of smart home manage- of autonomous vehicles communications security: Overview, issues,
ment system at the edge: Mechanisms and protocols,” Neural Comput. and directions,” IEEE Wireless Commun., vol. 26, no. 4, pp. 60–65,
Appl., vol. 31, no. 5, pp. 1301–1315, 2019. Aug. 2019.
[55] K. Xu, Y. Wan, and G. Xue, “Powering smart homes with information- [78] D. A. Hahn, A. Munir, and V. Behzadan, “Security and privacy
centric networking,” IEEE Commun. Mag., vol. 57, no. 6, pp. 40–46, issues in intelligent transportation systems: Classification and chal-
Jun. 2019. lenges,” IEEE Intell. Transp. Syst. Mag., early access, Apr. 11, 2019,
[56] L. Zhu, M. Li, Z. Zhang, X. Du, and M. Guizani, “Big data mining of doi: 10.1109/MITS.2019.2898973.
users’ energy consumption patterns in the wireless smart grid,” IEEE [79] S. M. Pournaghi, B. Zahednejad, M. Bayat, and Y. Farjami, “NECPPA:
Wireless Commun., vol. 25, no. 1, pp. 84–89, Feb. 2018. A novel and efficient conditional privacy-preserving authentication
[57] Y. Meidan et al., “N-BaIoT—Network-based detection of IoT botnet scheme for VANET,” Comput. Netw., vol. 134, pp. 78–92, Apr. 2018.
attacks using deep autoencoders,” IEEE Pervasive Comput., vol. 17, [80] P. Liu, B. Liu, Y. Sun, B. Zhao, and I. You, “Mitigating DoS
no. 3, pp. 12–22, Jul./Sep. 2018. attacks against pseudonymous authentication through puzzle-based co-
[58] B. Baruah and S. Dhal, “A two-factor authentication scheme against authentication in 5G-VANET,” IEEE Access, vol. 6, pp. 20795–20806,
FDM attack in IFTTT based smart home system,” Comput. Security, 2018.
vol. 77, pp. 21–35, Aug. 2018. [81] C. Li, Q. Wu, H. Li, and J. Liu, “Trustroam: A novel blockchain-
[59] B. C. Chifor, I. Bica, V. V. Patriciu, and F. Pop, “A security authoriza- based cross-domain authentication scheme for Wi-Fi access,” in Proc.
tion scheme for smart home Internet of Things devices,” Future Gener. Int. Conf. Wireless Algorithms Syst. Appl., 2019, pp. 149–161.
Comput. Syst., vol. 86, pp. 740–749, Sep. 2018. [82] S. Tangade, S. S. Manvi, and P. Lorenz, “Decentralized and scalable
[60] H. Zhao, Y. Zhang, X. Huang, and Y. Xiang, “An adaptive secret key privacy-preserving authentication scheme in VANETs,” IEEE Trans.
establishment scheme in smart home environments,” in Proc. IEEE Int. Veh. Technol., vol. 67, no. 9, pp. 8647–8655, Sep. 2018.
Conf. Commun. (ICC), Shanghai, China, 2019, pp. 1–6. [83] H. Zhong, S. Han, J. Cui, J. Zhang, and Y. Xu, “Privacy-preserving
[61] Y. Zhang, H. Zhao, Y. Xiang, X. Huang, and X. Chen, “A key agree- authentication scheme with full aggregation in VANET,” Inf. Sci.,
ment scheme for smart homes using the secret mismatch problem,” vol. 476, pp. 211–221, Fev. 2019.
IEEE Internet Things J., vol. 6, no. 6, pp. 10251–10260, Dec. 2019.
[84] I. Ali and F. Li, “An efficient conditional privacy-preserving authentica-
[62] Y. Lu, G. Xu, L. Li, and Y. Yang, “Robust privacy-preserving mutual
tion scheme for vehicle-to-infrastructure communication in VANETs,”
authenticated key agreement scheme in roaming service for global
Veh. Commun., vol. 22, Apr. 2020, Art. no. 100228.
mobility networks,” IEEE Syst. J., vol. 13, no. 2, pp. 1454–1465,
[85] T. Chen, X. Li, and Q. Cheng, “An enhanced key exchange protocol
Jun. 2019.
exhibiting key compromise impersonation attacks resistance in mobile
[63] M. A. Mughal, P. Shi, A. Ullah, K. Mahmood, M. Abid, and X. Luo,
commerce environment,” Sci. China Inf. Sci., 2019. [Online]. Available:
“Logical tree based secure rekeying management for smart devices
http://engine.scichina.com/doi/10.1007/s11432-019-2645-x
groups in IoT enabled WSN,” IEEE Access, vol. 7, pp. 76699–76711,
2019. [86] Q. Jiang, N. Zhang, J. Ni, J. Ma, X. Ma, and K.-K. R. Choo, “Unified
[64] Q. Jiang, Z. Chen, J. Ma, X. Ma, J. Shen, and D. Wu, “Optimized biometric privacy preserving three-factor authentication and key agree-
fuzzy commitment based key agreement protocol for wireless body area ment for cloud-assisted autonomous vehicles,” IEEE Trans. Veh.
network,” IEEE Trans. Emerg. Topics Comput., early access, Oct. 23, Technol., early access, Feb. 3, 2020, doi: 10.1109/TVT.2020.2971254.
2019, doi: 10.1109/TETC.2019.2949137. [87] X. Zhang and X. Chen, “Data security sharing and storage based on a
[65] M. Fakroon, M. Alshahrani, F. Gebali, and I. Traore, “Secure consortium blockchain in a vehicular ad-hoc network,” IEEE Access,
remote anonymous user authentication scheme for smart home envi- vol. 7, pp. 58241–58254, 2019.
ronment,” Internet Things, vol. 9, Mar. 2020, Art. no. 100158, [88] L. Zhang et al., “Blockchain based secure data sharing system for
doi: 10.1016/j.iot.2020.100158. Internet of Vehicles: A position paper,” Veh. Commun., vol. 16,
[66] M. B. Mollah, M. A. K. Azad, and A. Vasilakos, “Secure data sharing pp. 85–93, Apr. 2019.
and searching at the edge of cloud-assisted Internet of Things,” IEEE [89] J. Shen, T. Zhou, J. F. Lai, P. Li, and S. Moh, “Secure and efficient
Cloud Comput., vol. 4, no. 1, pp. 34–42, Jan./Feb. 2017. data sharing in dynamic vehicular networks,” IEEE Internet Things J.,
[67] H. Yang, W. Zheng, T. Zhou, X. Jin, and A. Wang, “A privacy- early access, Apr. 29, 2020, doi: 10.1109/JIOT.2020.2985324.
protecting and resource-saving scheme for data sharing in smart home,” [90] K. Fan et al., “A secure and verifiable data sharing scheme
J. Internet Technol., vol. 20, no. 2, pp. 607–615, 2019. based on blockchain in vehicular social networks,” IEEE
[68] Z. Guan et al., “Privacy-preserving and efficient aggregation based Trans. Veh. Technol., vol. 69, no. 6, pp. 5826–5835, Jun. 2020,
on blockchain for power grid communications in smart communities,” doi: 10.1109/TVT.2020.2968094.
IEEE Commun. Mag., vol. 56, no. 7, pp. 82–88, Jul. 2018. [91] X. Li, S. Liu, F. Wu, S. Kumari, and J. J. Rodrigues, “Privacy
[69] J. Shen, C. Wang, T. Li, X. Chen, X. Huang, and Z.-H. Zhan, “Secure preserving data aggregation scheme for mobile edge computing
data uploading scheme for a smart home system,” Inf. Sci., vol. 453, assisted IoT applications,” IEEE Internet Things J., vol. 6, no. 3,
pp. 186–197, Jul. 2018. pp. 4755–4763, Jun. 2019.
[70] G. S. Poh, P. Gope, and J. Ning, “PrivHome: Privacy-preserving [92] Z. Guan et al., “APPA: An anonymous and privacy preserving data
authenticated communication in smart home environment,” IEEE aggregation scheme for fog-enhanced IoT,” J. Netw. Comput. Appl.,
Trans. Depend. Secure Comput., early access, May 3, 2019, vol. 125, pp. 82–92, Jan. 2019.
doi: 10.1109/TDSC.2019.2914911. [93] J. Shen, D. Liu, X. Chen, J. Li, N. Kumar, and P. Vijayakumar, “Secure
[71] Q. Liu, W. Zhang, S. Ding, H. Li, and Y. Wang, “Novel secure group real-time traffic data aggregation with batch verification for vehicu-
data exchange protocol in smart home with physical layer network lar cloud in VANETs,” IEEE Trans. Veh. Technol., vol. 69, no. 1,
coding,” Sensors, vol. 20, no. 4, p. 1138, 2020. pp. 807–817, Jan. 2020, doi: 10.1109/TVT.2019.2946935.
[72] S. Garg, A. Singh, S. Batra, N. Kumar, and L. T. Yang, “UAV- [94] Y. Li, Q. Cheng, X. Liu, and X. Li, “A secure anonymous
empowered edge computing environment for cyber-threat detection in identity-based scheme in new authentication architecture for mobile
smart vehicles,” IEEE Netw., vol. 32, no. 3, pp. 42–51, May/Jun. 2018. edge computing,” IEEE Syst. J., early access, Mar. 19, 2020,
[73] T. S. Darwish and K. A. Bakar, “Fog based intelligent transportation doi: 10.1109/JSYST.2020.2979006.
big data analytics in the Internet of Vehicles environment: Motivations, [95] P. Zhang, J. Liu, Y. Shen, H. Li, and X. Jiang, “Lightweight tag-based
architecture, challenges, and critical issues,” IEEE Access, vol. 6, PHY-layer authentication for IoT devices in smart cities,” IEEE Internet
pp. 15679–15701, 2018. Things J., vol. 7, no. 5, pp. 3977–3990, May 2020.
Authorized licensed use limited to: University of Queensland. Downloaded on March 07,2022 at 00:44:16 UTC from IEEE Xplore. Restrictions apply.
4080 IEEE INTERNET OF THINGS JOURNAL, VOL. 8, NO. 6, MARCH 15, 2021
[96] R. Liao et al., “Security enhancement for mobile edge comput- Qingfeng Cheng received the M.S. degree from
ing through physical layer authentication,” IEEE Access, vol. 7, the National University of Defense Technology,
pp. 116390–116401, 2019. Changsha, China, in 2004, and the Ph.D.
[97] R. F. Liao et al., “Multiuser physical layer authentication in Internet degree from Information Engineering University,
of Things with data augmentation,” IEEE Internet Things J., vol. 7, Zhengzhou, China, in 2011.
no. 3, pp. 2077–2088, Mar. 2020. He is currently an Associate Professor with the
[98] N. Zhang et al., “Physical layer authentication for Internet of Things State Key Laboratory of Mathematical Engineering
via WFRFT-based Gaussian tag embedding,” IEEE Internet Things J., and Advanced Computing, Strategic Support Force
early access, Jun. 11, 2020, doi: 10.1109/JIOT.2020.3001597. Information Engineering University, Zhengzhou.
[99] P. Zhang, Y. Shen, X. Jiang, and B. Wu, “Physical layer authentication His research interests include cryptography and
jointly utilizing channel and phase noise in MIMO systems,” IEEE information security.
Trans. Commun., vol. 68, no. 4, pp. 2446–2458, Apr. 2020.
[100] X. Lu, L. Xiao, T. Xu, Y. Zhao, Y. Tang, and W. Zhuang,
“Reinforcement learning based PHY authentication for VANETs,”
IEEE Trans. Veh. Technol., vol. 69, no. 3, pp. 3068–3079, Mar. 2020.
Ting Chen received the B.S. degree in Internet Jianfeng Ma (Member, IEEE) received the M.E. and
of Things Engineering from East China Jiaotong Ph.D. degrees in computer software and communi-
University, Nanchang, China, in 2018. She is cur- cations engineering from Xidian University, Xi’an,
rently pursuing the M.S. degree in security of China, in 1988 and 1995, respectively.
cyberspace with Xidian University, Xi’an, China. He is currently a Professor with the School of
Her research interests include authentication and Cyber Engineering, Xidian University, China. His
security protocol. research interests include information and network
security, coding theory, and cryptography.
Authorized licensed use limited to: University of Queensland. Downloaded on March 07,2022 at 00:44:16 UTC from IEEE Xplore. Restrictions apply.