Fog Computing in IoT Smart Environments via Named Data Networking: A Study on Service Orchestration Mechanisms

[EN] By offering low-latency and context-aware services, fog computing will have a peculiar role in the deployment of Internet of Things (IoT) applications for smart environments. Unlike the conventional remote cloud, for which consolidated architectures and deployment options exist, many design and implementation aspects remain open when considering the latest fog computing paradigm. In this paper, we focus on the problems of dynamically discovering the processing and storage resources distributed among fog nodes and, accordingly, orchestrating them for the provisioning of IoT services for smart environments. In particular, we show how these functionalities can be effectively supported by the revolutionary Named Data Networking (NDN) paradigm. Originally conceived to support named content delivery, NDN can be extended to request and provide named computation services, with NDN nodes acting as both content routers and in-network service executors. To substantiate our analysis, we present an NDN fog computing framework with focus on a smart campus scenario, where the execution of IoT services is dynamically orchestrated and performed by NDN nodes in a distributed fashion. A simulation campaign in ndnSIM, the reference network simulator of the NDN research community, is also presented to assess the performance of our proposal against state-of-the-art solutions. Results confirm the superiority of the proposal in terms of service provisioning time, paid at the expenses of a slightly higher amount of traffic exchanged among fog nodes.This research was partially funded by the Italian Government under grant PON ARS01_00836 for the COGITO (A COGnItive dynamic sysTem to allOw buildings to learn and adapt) PON Project.Amadeo, M.; Ruggeri, G.; Campolo, C.; Molinaro, A.; Loscri, V.; Tavares De Araujo Cesariny Calafate, CM. (2019). Fog Computing in IoT Smart Environments via Named Data Networking: A Study on Service Orchestration Mechanisms. Future Internet. 11(11):1-21. https://doi.org/10.3390/fi11110222S1211111Lee, I., & Lee, K. (2015). The Internet of Things (IoT): Applications, investments, and challenges for enterprises. Business Horizons, 58(4), 431-440. doi:10.1016/j.bushor.2015.03.008Cicirelli, F., Guerrieri, A., Spezzano, G., Vinci, A., Briante, O., Iera, A., & Ruggeri, G. (2018). Edge Computing and Social Internet of Things for Large-Scale Smart Environments Development. IEEE Internet of Things Journal, 5(4), 2557-2571. doi:10.1109/jiot.2017.2775739Chiang, M., & Zhang, T. (2016). Fog and IoT: An Overview of Research Opportunities. IEEE Internet of Things Journal, 3(6), 854-864. doi:10.1109/jiot.2016.2584538Openfog Consortiumhttp://www.openfogconsortium.org/Zhang, L., Afanasyev, A., Burke, J., Jacobson, V., claffy, kc, Crowley, P., … Zhang, B. (2014). Named data networking. ACM SIGCOMM Computer Communication Review, 44(3), 66-73. doi:10.1145/2656877.2656887Amadeo, M., Ruggeri, G., Campolo, C., & Molinaro, A. (2019). IoT Services Allocation at the Edge via Named Data Networking: From Optimal Bounds to Practical Design. IEEE Transactions on Network and Service Management, 16(2), 661-674. doi:10.1109/tnsm.2019.2900274ndnSIM 2.0: A New Version of the NDN Simulator for NS-3https://www.researchgate.net/profile/Spyridon_Mastorakis/publication/281652451_ndnSIM_20_A_new_version_of_the_NDN_simulator_for_NS-3/links/5b196020a6fdcca67b63660d/ndnSIM-20-A-new-version-of-the-NDN-simulator-for-NS-3.pdfAhlgren, B., Dannewitz, C., Imbrenda, C., Kutscher, D., & Ohlman, B. (2012). A survey of information-centric networking. IEEE Communications Magazine, 50(7), 26-36. doi:10.1109/mcom.2012.6231276NFD Developer’s Guidehttps://named-data.net/wp-content/uploads/2016/03/ndn-0021-diff-5..6-nfd-developer-guide.pdfPiro, G., Amadeo, M., Boggia, G., Campolo, C., Grieco, L. A., Molinaro, A., & Ruggeri, G. (2019). Gazing into the Crystal Ball: When the Future Internet Meets the Mobile Clouds. IEEE Transactions on Cloud Computing, 7(1), 210-223. doi:10.1109/tcc.2016.2573307Zhang, G., Li, Y., & Lin, T. (2013). Caching in information centric networking: A survey. Computer Networks, 57(16), 3128-3141. doi:10.1016/j.comnet.2013.07.007Yi, C., Afanasyev, A., Moiseenko, I., Wang, L., Zhang, B., & Zhang, L. (2013). A case for stateful forwarding plane. Computer Communications, 36(7), 779-791. doi:10.1016/j.comcom.2013.01.005Amadeo, M., Briante, O., Campolo, C., Molinaro, A., & Ruggeri, G. (2016). Information-centric networking for M2M communications: Design and deployment. Computer Communications, 89-90, 105-116. doi:10.1016/j.comcom.2016.03.009Tourani, R., Misra, S., Mick, T., & Panwar, G. (2018). Security, Privacy, and Access Control in Information-Centric Networking: A Survey. IEEE Communications Surveys & Tutorials, 20(1), 566-600. doi:10.1109/comst.2017.2749508Ndn-ace: Access Control for Constrained Environments over Named Data Networkinghttp://new.named-data.net/wp-content/uploads/2015/12/ndn-0036-1-ndn-ace.pdfZhang, Z., Yu, Y., Zhang, H., Newberry, E., Mastorakis, S., Li, Y., … Zhang, L. (2018). An Overview of Security Support in Named Data Networking. IEEE Communications Magazine, 56(11), 62-68. doi:10.1109/mcom.2018.1701147Cisco White Paperhttps://www.cisco.com/c/dam/en_us/solutions/trends/iot/docs/computing-overview.pdfAazam, M., Zeadally, S., & Harras, K. A. (2018). Deploying Fog Computing in Industrial Internet of Things and Industry 4.0. IEEE Transactions on Industrial Informatics, 14(10), 4674-4682. doi:10.1109/tii.2018.2855198Hou, X., Li, Y., Chen, M., Wu, D., Jin, D., & Chen, S. (2016). Vehicular Fog Computing: A Viewpoint of Vehicles as the Infrastructures. IEEE Transactions on Vehicular Technology, 65(6), 3860-3873. doi:10.1109/tvt.2016.2532863Yousefpour, A., Fung, C., Nguyen, T., Kadiyala, K., Jalali, F., Niakanlahiji, A., … Jue, J. P. (2019). All one needs to know about fog computing and related edge computing paradigms: A complete survey. Journal of Systems Architecture, 98, 289-330. doi:10.1016/j.sysarc.2019.02.009Baktir, A. C., Ozgovde, A., & Ersoy, C. (2017). How Can Edge Computing Benefit From Software-Defined Networking: A Survey, Use Cases, and Future Directions. IEEE Communications Surveys & Tutorials, 19(4), 2359-2391. doi:10.1109/comst.2017.2717482Duan, Q., Yan, Y., & Vasilakos, A. V. (2012). A Survey on Service-Oriented Network Virtualization Toward Convergence of Networking and Cloud Computing. IEEE Transactions on Network and Service Management, 9(4), 373-392. doi:10.1109/tnsm.2012.113012.120310Amadeo, M., Campolo, C., & Molinaro, A. (2016). NDNe: Enhancing Named Data Networking to Support Cloudification at the Edge. IEEE Communications Letters, 20(11), 2264-2267. doi:10.1109/lcomm.2016.2597850Krol, M., Marxer, C., Grewe, D., Psaras, I., & Tschudin, C. (2018). Open Security Issues for Edge Named Function Environments. IEEE Communications Magazine, 56(11), 69-75. doi:10.1109/mcom.2018.170111711801-2:2017 Information Technology—Generic Cabling for Customer Premiseshttps://www.iso.org/standard/66183.htm

The Road Ahead for Networking: A Survey on ICN-IP Coexistence Solutions

In recent years, the current Internet has experienced an unexpected paradigm shift in the usage model, which has pushed researchers towards the design of the Information-Centric Networking (ICN) paradigm as a possible replacement of the existing architecture. Even though both Academia and Industry have investigated the feasibility and effectiveness of ICN, achieving the complete replacement of the Internet Protocol (IP) is a challenging task. Some research groups have already addressed the coexistence by designing their own architectures, but none of those is the final solution to move towards the future Internet considering the unaltered state of the networking. To design such architecture, the research community needs now a comprehensive overview of the existing solutions that have so far addressed the coexistence. The purpose of this paper is to reach this goal by providing the first comprehensive survey and classification of the coexistence architectures according to their features (i.e., deployment approach, deployment scenarios, addressed coexistence requirements and architecture or technology used) and evaluation parameters (i.e., challenges emerging during the deployment and the runtime behaviour of an architecture). We believe that this paper will finally fill the gap required for moving towards the design of the final coexistence architecture.Comment: 23 pages, 16 figures, 3 table

Interest-Based Access Control for Content Centric Networks (extended version)

Content-Centric Networking (CCN) is an emerging network architecture designed to overcome limitations of the current IP-based Internet. One of the fundamental tenets of CCN is that data, or content, is a named and addressable entity in the network. Consumers request content by issuing interest messages with the desired content name. These interests are forwarded by routers to producers, and the resulting content object is returned and optionally cached at each router along the path. In-network caching makes it difficult to enforce access control policies on sensitive content outside of the producer since routers only use interest information for forwarding decisions. To that end, we propose an Interest-Based Access Control (IBAC) scheme that enables access control enforcement using only information contained in interest messages, i.e., by making sensitive content names unpredictable to unauthorized parties. Our IBAC scheme supports both hash- and encryption-based name obfuscation. We address the problem of interest replay attacks by formulating a mutual trust framework between producers and consumers that enables routers to perform authorization checks when satisfying interests from their cache. We assess the computational, storage, and bandwidth overhead of each IBAC variant. Our design is flexible and allows producers to arbitrarily specify and enforce any type of access control on content, without having to deal with the problems of content encryption and key distribution. This is the first comprehensive design for CCN access control using only information contained in interest messages.Comment: 11 pages, 2 figure

To NACK or not to NACK? Negative Acknowledgments in Information-Centric Networking

Information-Centric Networking (ICN) is an internetworking paradigm that offers an alternative to the current IP\nobreakdash-based Internet architecture. ICN's most distinguishing feature is its emphasis on information (content) instead of communication endpoints. One important open issue in ICN is whether negative acknowledgments (NACKs) at the network layer are useful for notifying downstream nodes about forwarding failures, or requests for incorrect or non-existent information. In benign settings, NACKs are beneficial for ICN architectures, such as CCNx and NDN, since they flush state in routers and notify consumers. In terms of security, NACKs seem useful as they can help mitigating so-called Interest Flooding attacks. However, as we show in this paper, network-layer NACKs also have some unpleasant security implications. We consider several types of NACKs and discuss their security design requirements and implications. We also demonstrate that providing secure NACKs triggers the threat of producer-bound flooding attacks. Although we discuss some potential countermeasures to these attacks, the main conclusion of this paper is that network-layer NACKs are best avoided, at least for security reasons.Comment: 10 pages, 7 figure

On Constructing Persistent Identifiers with Persistent Resolution Targets

Persistent Identifiers (PID) are the foundation referencing digital assets in scientific publications, books, and digital repositories. In its realization, PIDs contain metadata and resolving targets in form of URLs that point to data sets located on the network. In contrast to PIDs, the target URLs are typically changing over time; thus, PIDs need continuous maintenance -- an effort that is increasing tremendously with the advancement of e-Science and the advent of the Internet-of-Things (IoT). Nowadays, billions of sensors and data sets are subject of PID assignment. This paper presents a new approach of embedding location independent targets into PIDs that allows the creation of maintenance-free PIDs using content-centric network technology and overlay networks. For proving the validity of the presented approach, the Handle PID System is used in conjunction with Magnet Link access information encoding, state-of-the-art decentralized data distribution with BitTorrent, and Named Data Networking (NDN) as location-independent data access technology for networks. Contrasting existing approaches, no green-field implementation of PID or major modifications of the Handle System is required to enable location-independent data dissemination with maintenance-free PIDs.Comment: Published IEEE paper of the FedCSIS 2016 (SoFAST-WS'16) conference, 11.-14. September 2016, Gdansk, Poland. Also available online: http://ieeexplore.ieee.org/document/7733372