Why is Edge Security Important?
The edge needs to be secure to maintain user privacy and to preserve user trust in the edge and other networks.
The network edge can be a weak point in the network because of a lack of physical security and the absence of or weakness of security measures in the devices using edge computing. Carelessly made Internet of Things (IoT) devices, or weak passwords on employee-owned devices create vulnerabilities for the whole network. Establishing a uniform level of security for all hosts, and keeping all of them patched is a way to make edge computing less risky.
- Integrity of information is key to assuring that data is securely transmitted without undetected modification. If integrity exists, then trust follows.
- Security mechanisms should guarantee the outsourcing information of users, such as data, personal identity, and location, is kept secret from adversaries.
- Suggested security mechanisms include encryption, integrity audits, and authentication and access control features.
Who or What is Targeted on the Edge?
The edge network user, IoT devices, the data on the network, and the network itself are all targets on the edge.
IoT devices are major targets because they have implicit trust for other devices and do not verify the credibility of connections. They are also often released before they have suitable security measures included so the company can be the first to market.
Edge computing’s vulnerabilities come from its distributed nature, whether there is limited physical security, or difficulties around total network visibility.
How Companies Can Ensure Secure Edge Nodes
A key component to securing any network is visibility. An operator needs to know what is happening on the network to ensure that it is working properly and that users are behaving properly.
This is particularly important in the IoT world, as devices send potentially sensitive data to clouds that users cannot be certain are safe. Moreover, the vast majority of applications for users to interact with or monitor IoT devices have little to no security testing.
Secure Operating System for Edge Platforms
Internet Technology Letters published a proposal for a new architecture for security in IoT and edge computing, focusing mainly on an operating system for edge computing. Elements of a secure edge operating system include authenticated network nodes, using named data networking (NDN) instead of a traditional IP addressing, and authenticated users.
VPN and General Encryption of All Data
Whether the edge is being used for IoT or to increase throughput at an enterprise’s location, data encryption is recommended.
It is not guaranteed an edge computing device will be encrypted or support transport layer security (TLS), although devices can have these capabilities. If there is no form of encryption, a VPN is a good option for data encryption and secure transmission because of its availability and reliability with options like OpenVPN.
User Access Management
The IEEE paper referenced above included specifications on user access control, which regulates who can access the network and how they can use it, specifically the reading and writing of data.
Authentication mechanisms are necessary to keep out malicious users and deny unauthorized users access to resources in the edge and core. The IEEE paper recommends a fine-grained access control system for every trust domain in the edge network by using attribute-based encryption or role-based encryption. Additionally, trusted platform modules (TPMs) could ensure security.
Updated April 2019