Fog computing is an emerging paradigm in the Internet of Things (IoT) space, consisting of a middle computation layer, sitting between IoT devices and Cloud servers. Fog computing provides additional computing, storage, and networking resources in close proximity to where data is being generated and/or consumed. As the Fog layer has direct access to data streams generated by IoT devices and responses/commands sent from the Cloud, it is in a critical position in terms of security of the entire IoT system. Currently, there is no specific tool or methodology for analysing the security of Fog computing systems in a comprehensive way. Generic security evaluation procedures applicable to most information technology products are time consuming, costly, and badly suited to the Fog context. In this article, we introduce a methodology for evaluating the security of Fog computing systems in a systematic way. We also apply our methodology to a generic Fog computing system, showcasing how it can be purposefully used by security analysts and system designers.

中文翻译：

---

雾计算安全的系统方法：资产、漏洞、可能的对策

雾计算是物联网 (IoT) 空间中的一种新兴范式，由位于物联网设备和云服务器之间的中间计算层组成。雾计算提供了额外的计算、存储和网络资源，靠近生成和/或消耗数据的地方。由于雾层可以直接访问物联网设备生成的数据流和云端发送的响应/命令，因此在整个物联网系统的安全性方面处于关键地位。目前，还没有具体的工具或方法来全面分析雾计算系统的安全性。适用于大多数信息技术产品的通用安全评估程序既费时又费钱，而且非常不适合雾环境。在本文中，我们介绍了一种系统地评估雾计算系统安全性的方法。我们还将我们的方法应用于通用雾计算系统，展示安全分析师和系统设计人员如何有目的地使用它。