Fog - Applying blockchain to secure a distributed set of clusters
Document typeMaster thesis
Rights accessOpen Access
5G has already been presented and shown in major congresses, thus it’s just a matter of time that this technology comes to the enterprise and public usages. Therefore, we can affirm that we are moving towards a world where everything will be connected (i.e. our cars, our houses, our wearable devices). Consequently, the number of devices connected to the Fog will be around the billions. This drastic increase in connected devices at the Fog layer promotes a change in the Internet architecture, that requires new technologies to manage the newly Fog devices. Despite the cloud being a powerful model, at the end it’s a centralized architecture, thus it fails to scale with the addition of millions of Fog devices. The Fog presents a great amount of architectural and management challenges, such as who will run the Fog infrastructure, or how the Fog nodes will provide services by themselves, and a sometimes forgotten but critical aspect, the security. The current centralized security architectures do not scale well enough in order to be applied on the Fog. Those models such as Certificate Authorities (CA’s) are centralized, usually on cloud providers, and offer a much more static security (i.e. a website secured with a CA, that barely changes IP and doesn’t move). At the end this kind of security approaches are invalid in environments where devices are moving and changing networks constantly, like the fog scenario, because the same nature of the approach makes it invalid for such scenarios. Therefore, we require new and completely distributed security architectures, capable of being flexible and scalable, while at the same time providing fault proof security to the Fog. A new technology that has been growing lately is the blockchain, this technology really shines on completely distributed systems. The blockchain is capable of keeping an immutable set of data distributed across multiple peers on a network. Then the peers can use that data and update it through a consensus procedure, performed following a consensus algorithm criteria. The main objective of this project is the proposal of a novel blockchain architecture that will contain all the Fog session information. This information will be used to provide security to the Fog devices, and it will be capable of providing authentication and verification mechanisms to those devices, ensuring the integrity of the data provided. To accomplish this objective a Fog profile will be used. Each new device will be able to register its profile in the Fog session, with a required set of public keys, and by providing an extensible Rule-set field that will contain all the required information in order to identify a device (i.e. the device specs such as CPU or RAM), to later on execute services on the Fog, based on such specs and information.