Foggy clouds and cloudy fogs: a real need for coordinated management of fog-to-cloud computing systems

The recent advances in cloud services technology are fueling a plethora of information technology innovation, including networking, storage, and computing. Today, various flavors have evolved of IoT, cloud computing, and so-called fog computing, a concept referring to capabilities of edge devices and users' clients to compute, store, and exchange data among each other and with the cloud. Although the rapid pace of this evolution was not easily foreseeable, today each piece of it facilitates and enables the deployment of what we commonly refer to as a smart scenario, including smart cities, smart transportation, and smart homes. As most current cloud, fog, and network services run simultaneously in each scenario, we observe that we are at the dawn of what may be the next big step in the cloud computing and networking evolution, whereby services might be executed at the network edge, both in parallel and in a coordinated fashion, as well as supported by the unstoppable technology evolution. As edge devices become richer in functionality and smarter, embedding capacities such as storage or processing, as well as new functionalities, such as decision making, data collection, forwarding, and sharing, a real need is emerging for coordinated management of fog-to-cloud (F2C) computing systems. This article introduces a layered F2C architecture, its benefits and strengths, as well as the arising open and research challenges, making the case for the real need for their coordinated management. Our architecture, the illustrative use case presented, and a comparative performance analysis, albeit conceptual, all clearly show the way forward toward a new IoT scenario with a set of existing and unforeseen services provided on highly distributed and dynamic compute, storage, and networking resources, bringing together heterogeneous and commodity edge devices, emerging fogs, as well as conventional clouds.Peer ReviewedPostprint (author's final draft

Engineering a QoS Provider Mechanism for Edge Computing with Deep Reinforcement Learning

With the development of new system solutions that integrate traditional cloud computing with the edge/fog computing paradigm, dynamic optimization of service execution has become a challenge due to the edge computing resources being more distributed and dynamic. How to optimize the execution to provide Quality of Service (QoS) in edge computing depends on both the system architecture and the resource allocation algorithms in place. We design and develop a QoS provider mechanism, as an integral component of a fog-to-cloud system, to work in dynamic scenarios by using deep reinforcement learning. We choose reinforcement learning since it is particularly well suited for solving problems in dynamic and adaptive environments where the decision process needs to be frequently updated. We specifically use a Deep Q-learning algorithm that optimizes QoS by identifying and blocking devices that potentially cause service disruption due to dynamicity. We compare the reinforcement learning based solution with state-of-the-art heuristics that use telemetry data, and analyze pros and cons

Towards a proper service placement in combined Fog-to-Cloud (F2C) architectures

The Internet of Things (IoT) has empowered the development of a plethora of new services, fueled by the deployment of devices located at the edge, providing multiple capabilities in terms of connectivity as well as in data collection and processing. With the inception of the Fog Computing paradigm, aimed at diminishing the distance between edge-devices and the IT premises running IoT services, the perceived service latency and even the security risks can be reduced, while simultaneously optimizing the network usage. When put together, Fog and Cloud computing (recently coined as fog-to-cloud, F2C) can be used to maximize the advantages of future computer systems, with the whole greater than the sum of individual parts. However, the specifics associated with cloud and fog resource models require new strategies to manage the mapping of novel IoT services into the suitable resources. Despite few proposals for service offloading between fog and cloud systems are slowly gaining momentum in the research community, many issues in service placement, both when the service is ready to be executed admitted as well as when the service is offloaded from Cloud to Fog, and vice-versa, are new and largely unsolved. In this paper, we provide some insights into the relevant features about service placement in F2C scenarios, highlighting main challenges in current systems towards the deployment of the next-generation IoT servicesPostprint (author's final draft

Evaluating the benefits of combined and continuous Fog-to-Cloud architectures

The need to extend the features of Cloud computing to the edge of the network has fueled the development of new computing architectures, such as Fog computing. When put together, the combined and continuous use of fog and cloud computing, lays the foundation for a new and highly heterogeneous computing ecosystem, making the most out of both, cloud and fog. Incipient research efforts are devoted to propose a management architecture to properly manage such combination of resources, such as the reference architecture proposed by the OpenFog Consortium or the recent Fog-to-Cloud (F2C). In this paper, we pay attention to such a combined ecosystem and particularly evaluate the potential benefits of F2C in dynamic scenarios, considering computing resources mobility and different traffic patterns. By means of extensive simulations we specifically study the aspects of service response time, network bandwidth occupancy, power consumption and service disruption probability. The results indicate that a combined fog-to-cloud architecture brings significant performance benefits in comparison with the traditional standalone Cloud, e.g., over 50% reduction in terms of power consumption.Preprin

Towards service protection in Fog-to-Cloud (F2C) computing systems

Internet of Things (IoT) services are unstoppably demanding more computing and storage resources. Aligned to this trend, cloud and fog computing came up as the proper paradigms meeting such IoT services demands. More recently, a new paradigm, so-called fog to cloud (F2C) computing, promises to make the most out of both Fog and Cloud, paving the way to new IoT services development. Nevertheless, the benefits of F2C architectures may be diminished by failures affecting the computing commodities. In order to withstand possible failures, the design of novel protection strategies, specifically designed for distributed computing scenarios is required. In this paper, we study the impact of distinct protection strategies on several key performance aspects, including service response time, and usage of computing resources. Numerical results indicate that under distinct failure scenarios, F2C significantly outperforms the conventional cloud.Peer ReviewedPostprint (published version

Securing combined Fog-to-Cloud systems: challenges and directions

Nowadays, fog computing is emerged for providing computational power closer to the users. Fog computing brings real-time processing, lowlatency, geo-distributed and etc. Although, fog computing do not come to compete cloud computing, it comes to collaborate. Recently, Fog-To-Cloud (F2C) continuum system is introduced to provide hierarchical computing system and facilitates fog-cloud collaboration. This F2C continuum system might encounter security issues and challenges due to their hierarchical and distributed nature. In this paper, we analyze attacks in different layer of F2C system and identify most potential security requirements and challenges for the F2C continuum system. Finally, we introduce the most remarkable efforts and trends for bringing secure F2C system.This work is supported by the H2020 projects mF2C (730929). It is also supported by the Spanish Ministry of Economy and Competitiveness and the European Regional Development Fund both under contract RTI2018-094532-B-100.Peer ReviewedPostprint (author's final draft

A multidimensional control architecture for combined fog-to-cloud systems

The fog/edge computing concept has set the foundations for the deployment of new services leveraging resources deployed at the edge paving the way for an innovative collaborative model, where end-users may collaborate with service providers by sharing idle resources at the edge of the network. Combined Fog-to-Cloud (F2C) systems have been recently proposed as a control strategy for managing fog and cloud resources in a coordinated way, aimed at optimally allocating resources within the fog-to-cloud resources stack for an optimal service execution. In this work, we discuss the unfeasibility of the deployment of a single control topology able to optimally manage a plethora of edge devices in future networks, respecting established SLAs according to distinct service requirements and end-user profiles. Instead, a multidimensional architecture, where distinct control plane instances coexist, is then introduced. By means of distinct scenarios, we describe the benefits of the proposed architecture including how users may collaborate with the deployment of novel services by selectively sharing resources according to their profile, as well as how distinct service providers may benefit from shared resources reducing deployment costs. The novel architecture proposed in this paper opens several opportunities for research, which are presented and discussed at the final section.This work was supported by the H2020 EU mF2C project, ref. 730929 and for UPC authors, also by the Spanish Ministry of Economy and Competitiveness and the European Regional Development Fund under contract RTI2018-094532-B-I00.Peer ReviewedPostprint (author's final draft

Deploying fog-to-cloud towards a security architecture for critical infrastructure scenarios

Critical infrastructures are bringing security, and safety for people in terms of healthcare, water, electricity, industry, transportation, etc. The huge amount of data produced by CIs need to be aggregated, filtered, and stored. Cloud computing was merged into the CIs for utilizing cloud data centers as a pay-as-you-go online computing system for outsourcing services for data storage, filtering and aggregating. On the other hand, CIs need real-time processing for providing sophisticated services to people. Consequently, fog computing is merged into CIs aimed at providing services closer to the users, turning into a smooth real-time decision making and processing. When considering both, that is fog and cloud (for example, deploying the recently coined hierarchical fog-to-cloud F2C concept), new enriched features may be applied to the CIs. Security in CIs is one of the most essential challenges since any failure or attack can turn into a national wise disaster. Moreover, CIs also need to support quality of service (QoS) guarantees for users. Thus, bringing balanced QoS vs security is one of the main challenges for any CI infrastructure. In this paper, we illustrate the benefits of deploying an F2C system in CIs, particularly identifying specific F2C security requirements to be applied to CIs. Finally, we also introduce a decoupled security architecture specifically tailored to CIs that can bring security with reasonable QoS in terms of authentication and key distribution time delay.This work has been supported by the Spanish Ministry of Science, Innovation and Universities and the European Regional Development Fund (FEDER) under contract RTI2018-094532-B-I00, and by the H2020 European Union mF2C project with reference 730929.Peer ReviewedPostprint (author's final draft

Essentiality of managing the resource information in the coordinated fog-to-cloud paradigm

This is the peer reviewed version of the following article: Sengupta, S, Garcia, J, Masip‐Bruin, X. Essentiality of managing the resource information in the coordinated fog‐to‐cloud paradigm. Int J Commun Syst. 2019, which has been published in final form at https://doi.org/10.1002/dac.4286. This article may be used for non-commercial purposes in accordance with Wiley Terms and Conditions for Self-Archiving.Fog-to-cloud (F2C) computing is an emerging computational platform. By combing the cloud, fog, and IoT, it provides an excellent framework for managing and coordinating the resources in any smart computing domain. Efficient management of these kinds of diverse resources is one of the critical tasks in the F2C system. Also, it must be considered that different types of services are offered by any smart system. So, before managing these resources and enabling the various types of services, it is essential to have some comprehensive informational catalogue of resources and services. Hence, after identifying the resource and service-task taxonomy, our main aim in this paper is finding out a solution for properly organizing this information over the F2C system. For that purpose, we are proposing a modified F2C framework where all the information is distributively stored near to the edge of the network. Finally, by presenting some experimental results, we evaluate and validate the performance of our proposing framework.This work has been supported by the Spanish Ministry of Science, Innovation and Universities and by the European Regional Development Fund (FEDER) under contract RTI2018-094532-B-I00 and by the H2020 European Union mF2C project with reference 730929.Peer ReviewedPostprint (published version

Security architecture for Fog-To-Cloud continuum system

Nowadays, by increasing the number of connected devices to Internet rapidly, cloud computing cannot handle the real-time processing. Therefore, fog computing was emerged for providing data processing, filtering, aggregating, storing, network, and computing closer to the users. Fog computing provides real-time processing with lower latency than cloud. However, fog computing did not come to compete with cloud, it comes to complete the cloud. Therefore, a hierarchical Fog-to-Cloud (F2C) continuum system was introduced. The F2C system brings the collaboration between distributed fogs and centralized cloud. In F2C systems, one of the main challenges is security. Traditional cloud as security provider is not suitable for the F2C system due to be a single-point-of-failure; and even the increasing number of devices at the edge of the network brings scalability issues. Furthermore, traditional cloud security cannot be applied to the fog devices due to their lower computational power than cloud. On the other hand, considering fog nodes as security providers for the edge of the network brings Quality of Service (QoS) issues due to huge fog device’s computational power consumption by security algorithms. There are some security solutions for fog computing but they are not considering the hierarchical fog to cloud characteristics that can cause a no-secure collaboration between fog and cloud. In this thesis, the security considerations, attacks, challenges, requirements, and existing solutions are deeply analyzed and reviewed. And finally, a decoupled security architecture is proposed to provide the demanded security in hierarchical and distributed fashion with less impact on the QoS.Hoy en día, al aumentar rápidamente el número de dispositivos conectados a Internet, el cloud computing no puede gestionar el procesamiento en tiempo real. Por lo tanto, la informática de niebla surgió para proporcionar procesamiento de datos, filtrado, agregación, almacenamiento, red y computación más cercana a los usuarios. La computación nebulizada proporciona procesamiento en tiempo real con menor latencia que la nube. Sin embargo, la informática de niebla no llegó a competir con la nube, sino que viene a completar la nube. Por lo tanto, se introdujo un sistema continuo jerárquico de niebla a nube (F2C). El sistema F2C aporta la colaboración entre las nieblas distribuidas y la nube centralizada. En los sistemas F2C, uno de los principales retos es la seguridad. La nube tradicional como proveedor de seguridad no es adecuada para el sistema F2C debido a que se trata de un único punto de fallo; e incluso el creciente número de dispositivos en el borde de la red trae consigo problemas de escalabilidad. Además, la seguridad tradicional de la nube no se puede aplicar a los dispositivos de niebla debido a su menor poder computacional que la nube. Por otro lado, considerar los nodos de niebla como proveedores de seguridad para el borde de la red trae problemas de Calidad de Servicio (QoS) debido al enorme consumo de energía computacional del dispositivo de niebla por parte de los algoritmos de seguridad. Existen algunas soluciones de seguridad para la informática de niebla, pero no están considerando las características de niebla a nube jerárquica que pueden causar una colaboración insegura entre niebla y nube. En esta tesis, las consideraciones de seguridad, los ataques, los desafíos, los requisitos y las soluciones existentes se analizan y revisan en profundidad. Y finalmente, se propone una arquitectura de seguridad desacoplada para proporcionar la seguridad exigida de forma jerárquica y distribuida con menor impacto en la QoS.Postprint (published version