Elsevier

Computer Communications

Volume 175, 1 July 2021, Pages 35-46
Computer Communications

Interval-Valued Intuitionistic Fuzzy-Analytic Hierarchy Process for evaluating the impact of security attributes in Fog based Internet of Things paradigm

https://doi.org/10.1016/j.comcom.2021.04.019Get rights and content

Abstract

Internet of Things (IoT) may be defined as a network of smart devices that are involved in data collection and exchange. This technology has automated the day-to-day jobs and thus made our lives easier. But, real-time analysis of data is not always possible in a typical cloud-IoT architecture, especially for latency-sensitive applications. This led to the introduction of fog computing. On one side, fog layer has the capability of data processing and computation at the network edge and thus provides faster results. But, on the other hand, it also brings the attack surface closer to the devices. This makes the sensitive data on the layer vulnerable to attacks. Thus, considering Fog-IoT security is of prime importance. The security of a system or platform depends upon multiple factors. The order of selection of these factors plays a vital role in efficient assessment of security. This makes the problem of assessment of Fog-IoT security a Multi-Criteria Decision-Making (MCDM) problem. Therefore, the authors have deployed an Interval-Valued Intuitionistic Fuzzy Set (IVIFS) based Analytical Hierarchy Process (AHP) for the said environment. Using this integrated approach, the Fog-IoT security factors and their sub-factors are prioritized and ranked. The results obtained using above hybrid approach are validated by comparing them with Fuzzy-AHP (F-AHP) and Classical- AHP (C-AHP) results and are found to statistically correlated. The ideology and results of this research will help the security practitioners in accessing the security of Fog-IoT environment effectively. Moreover, the outcome of this analysis will help in paving a path for researchers by shifting their focus towards the most prioritized factor thereby assuring security in the environment.

Introduction

Fog computing appears to be an emergent technology which intensifies Cloud computing with auxiliary computing, networking facility and storage in close vicinity with the ground devices that generate and absorb the produced data segments [1]. With the expansion of IoT network and advancement in its application areas, the enormous volume of data is being produced by the ground IoT devices at the edge of the network. In such case, it is often not viable to push all the generated data to a remote Cloud data centre and anticipate good results in terms of Quality of Service (QoS), mainly in the field of applications with low latency requirements. Further, in merely Cloud-based scenario all the personal and sensitive data generated by the devices is pushed to the high-end Cloud servers for processing. Hence, leaving the user with little or no control over their data. Thus, justifying the obvious presence of fog in the scenario.

In three layer Fog-IoT architecture, the middle layer consists of fog layer that facilitates the processing of highly secure data and is also beneficial for latency-sensitive applications [2]. Depending upon the application, some portion of the processing and computation may be consigned to fog layer. As in fog computing, data is processed locally; Therefore, the usage of long-distance network bandwidth and overall response time is reduced. Additionally, the data is computed geographically closer to the epicentre; Thus, limiting the dispersal of data. As nothing in this world is perfect, despite these advantages, this system also presents some challenges.

Fog nodes are situated at prudent places between the ground device and cloud, where all the business logic dwell. Therefore, fog node has exposure to all the data, either in the form of the data that is sensed from the ground devices or the control data that is sent back to the devices. Further, they even have the information about the actual origin of the data. This presents a new security glitch, as any infirmity in the security of fog layer can put the overall security of the IoT system at stake. Its severity can be confirmed by the fact that the computation of majority of the IoT data is done at the network edge itself [3]. Security is recognized as one of the major threat in adoption of Fog-IoT scenario. Hence, getting it gripped is of utmost importance [4], [5].

Security in fog environment is composed of various factors that are required to be dealt while considering overall security of the system. These factors when combined together can ensure the security of the complete system. But defining the order in which they are required to be addressed is yet another big challenge. This issue can be resolved by using Multi-Criteria Decision Making (MCDM) approach.MCDM approach deals with problems where there are distinct alternatives and more than one perspectives for evaluation [6]. In the decision making process, MCDM approach takes into account both objective and subjective measurement values. Initially in classical approach only crisp values were used for subjective evaluation. Later, to deal with imprecision and uncertainty in decision making, fuzzy set theory was introduced [7] by L. A. Zadeh in 1965. Further, it was mentioned that the fuzzy system was capable of dealing with the membership function only. This was accounted as one of its major shortcomings.

To overcome this drawback of fuzzy set, Atanassov in 1986,1989 [8], [9] proposed a new scheme of Intuitionistic Fuzzy Set (IFS) by appending a non-membership function to the basic fuzzy set. Further, the IFS was extended by Atanassov and Gargov (1989, 1994) [9], [10] to Interval-Valued Intuitionistic Fuzzy Set (IVIFS) by defining an interval for both membership and non-membership functions. IVIFS as compared to IFS and fuzzy system provides more precise results and is eminent to describe the fuzzy information [11]. Numerous existing MCDM methods are differentiated in their operational methodology of defining objectives and alternative weights [6], [12]. Amongst them, AHP is considered as a structured technique that is used to find the weights of the criteria/factors in an efficient manner [12].

In spite of the high efficiency and simplicity of AHP, it is often criticized as it does not deal with uncertainty in perception of decision makers opinion as a crisp number [13]. In various researches, it was found that hybrid AHP provides better results for crisp decisions considering their weights [13], [14]. Later, integrated IVIFS and AHP process can be expected to tackle such constraints as it provides a range rather than a precise number and also consider non-membership function along with the membership one [15], [16], [17], [18], [19]. In the light of the above discussion, the authors have presented an IVIFS-AHP approach to evaluate fog computing security.

The focus of this research endeavour is to define security factors and sub-factors that are accountable for security of the Fog-IoT environment. Further, for efficient and effective management of security, the order of their consideration plays a vital role. For this, the authors have employed hybrid IVIFS-AHP approach for ranking the factors at both the levels. The ranking will provide the priority list of the factors and will help in their redressal in a better way. This research contribution will also assist the researchers working in the area in outlining their focus in accordance to the priority of the factors.

The rest of the paper is organized as follows: Section 2 describes the literature review of prevalent security glitches in Fog-IoT scenario. In Section 3, the preliminaries of IVIFS along with its arithmetic operations are discussed. Section 4 presents the hierarchy of the security factors and its sub-factors. The methodology of the work is defined in Section 5. In Section 6, empirical data analysis as per the proposed methodology is presented. Section 7 is about the comparison of the proposed approach with the F-AHP and C-AHP approach. In Section 8, the authors have discussed the pros and cons of the proposed research. Finally, Section 9 concludes the research article pointing out the promising future directions of the work.

Section snippets

Related work

Ample amount of work has been done in context of security of Fog-IoT environment in the past. In spite of all the attempts, the environment is still not secure enough. During the period of years there has been a substantial increase in security breaches. It may be because of increased attack surface or escalation in number of IoT devices. A lot of effort has been put up by the researchers to combat the security related challenges but still very slight progress can be seen. Defining the security

Preliminaries

In this section the preliminary information required for this study is explained. The main concept of IVIFS sets and its arithmetic operations which are used in rest of the paper are discussed. For better understanding of the concept, the authors have used a simplified notation dropping.

Definition 1

Let X = x1,x2,x3,.xn, an IFS à in X is defined as [29] Ã={x,μÃ(x),υÃ(x)xεX}where, μÃ(x) and υÃ(x) [0,1] and represents membership and non-membership function of the element x from the setÃ. μÃ(x)

Fog-Internet of Things security

Security is perceived as the potential show-stopper in the adoption of IoT services and technologies [4], [31]. The integration of physical and technical scenario in IoT makes the security issues even more prevalent as compared to the conventional IT systems. With the emergence of Fog, the data is now processed closer to where it is created. The above fact makes it even more suspectable to security attacks. The data breaches could easily disclose the sensitive information of the individuals.

Integrated interval-valued intuitionistic Fuzzy-AHP methodology

With the advancement in technological era and elevation in IoT systems, the need of security has become the prime objective of researchers. Multiple factors and sub-factors contribute to the overall security of the Fog-IoT system. To handle the security, prioritization of these factors and sub-factors is of utmost importance [10]. By prioritizing them, the order of the security factors can be decided. Thus, most promising security factor can be selected according to the generated list for

Implementation and empirical data analysis

Security in Fog-IoT environment can be ensured by accessing both qualitative and quantitative parameters. Generally, qualitative assessment is easier as compared to the quantitative one. Experts from development industry and academia are trying to implement security polices for securing the mentioned environment. Also, new high end security approaches are designed to present accurate result in a given time frame. In the light of above facts, the researchers in this research are trying to access

Comparison between different methods

In this section of paper, the researchers have compared the C-AHP, F-AHP and IVIFS-AHP techniques for ranking the factors and sub-factors. For this comparison, the collected data was transformed into the numerical formats as per the linguistic scale and results were calculated with regard to the methodology. For this comparison the authors have used Spearman’s Rank Correlation coefficient (Spearman’s ρ Correlation coefficient) as it is assumed as the best fit for the ordinal data [57]. The

Discussion

The assessment of Fog-IoT security factors furnishes different ways of providing security of the complete network. This evaluation presents many new facets of security by determining and describing its contributing factors. The investigation of Fog-IoT security factors and their impact on security will ease in estimating the strength of the security. A hierarchical structure helps in finding out the relation between the factors which contribute to security in fog environment. Quantitative

Conclusion

In order to provide overall security to the environment, where the network devices are dispersed in vast geographical area and communication occurs at a constant pace, it is required to categorize security factors and define their driving sub-factors. It is apparent from the reviewed literature that no such known, exhaustive and complete mechanism exists that undertakes security throughout the Fog-IoT scenario. For accessing security in complete Fog-IoT environment, it is required to prioritize

CRediT authorship contribution statement

Richa Verma: Conceived and designed the analysis, Data curation, Formal analysis. Shalini Chandra: Revised it critically for important intellectual content.

Declaration of Competing Interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

References (58)

  • VaidyaOmkarprasad S. et al.

    Analytic hierarchy process: An overview of applications

    Eur. J. Oper. Res.

    (2006)
  • HungWen-Liang et al.

    Correlation of intuitionistic fuzzy sets by centroid method

    Inform. Sci.

    (2002)
  • ZhangPeiYun et al.

    Security and trust issues in Fog computing: A survey Future Generation Computer Systems

    (2018)
  • AtanassovK.T.

    Operators over interval-valued intuitionistic fuzzy sets

    Fuzzy Sets and Systems

    (1994)
  • MiorandiD. et al.

    Internet of things: Vision, applications and research challenges

    Ad hoc Netw.

    (2012)
  • HuPengfei et al.

    Survey on fog computing: architecture, key technologies, applications and open issues

    J. Netw. Comput. Appl.

    (2017)
  • GopeProsanta

    LAAP: Lightweight anonymous authentication protocol for D2D-Aided fog computing paradigm

    Comput. Secur.

    (2019)
  • MutlagA.A. et al.

    Enabling technologies for fog computing in healthcare IoT systems

    Future Gener. Comput. Syst.

    (2019)
  • SaatyT.L.

    How to make decision: the analytic hierarchy process

    Eur. J. Oper. Res.

    (1990)
  • F. Bonomi, R. Milito, J. Zhu, S. Addepalli, Fog computing and its role in the internet of things, in: Proc. MCC...
  • Openfog reference architecture for fog computing

    (2017)
  • WeissbergerA.

    IDC directions: IoT forecast, 5G and related sessions

    (2017)
  • GanguliS. et al.

    IoT Technology Disruptions: A Gartner Trend Insight ReportTech. rep.

    (2017)
  • KahramanCengiz et al.

    Fuzzy multicriteria decision-making: a literature review

    Int. J. Comput. Intell. Syst.

    (2015)
  • LiuB.

    Why is there a need for uncertainty theory

    J. Uncertain Syst.

    (2012)
  • TooranlooHossein Sayyadi et al.

    Supplier selection and evaluation using interval-valued intuitionistic fuzzy AHP method

    Int. J. Procure. Manag.

    (2017)
  • S. Pešić, M. Radovanović, M. Ivanović, C. Badica, M. Tošić, O. Iković, D. Bošković, CAAVI-RICS model for analyzing the...
  • Praveen Kumar, Nabeel Zaidi, Tanupriya Choudhury, Fog computing: Common security issues and proposed countermeasures,...
  • VermaRicha et al.

    Security and privacy issues in fog driven IoT environment

    Int. J. Comput. Sci. Eng.

    (2019)
  • Cited by (32)

    View all citing articles on Scopus
    View full text