Edge Computer Security Part - 2

Edge Computer Security


Now that we actually understand what Edge Computing is, we're now going to dive deep into the security aspects of edge computing.

Security and Edge Computing

We all have watched Spongebob Squarepants growing up, and the central plot was plankton trying to steal the secret formula from the Krusty Krab.

Now let's say that the Krusty Krab opened a branch somewhere far away. But the thing is, Mr. Crabs didn't want the secret formula to fall into plankton's hands. So every time the second branch needs the secret formula, they would have to travel a long distance to deliver it.

Okay, now what does this have to do with Edge Computing Security? Well, the fact that edge computing actually allows the processing to happen closer to the user, means that the data doesn't have to actually travel far, thus providing fewer opportunities for trackers to intercept the secret formula information during transit.

Going back to Spongebob, now let's say to prevent the loss of the formula in transit, they allow the second branch to have the secret formula with them, thus eliminating the possibility of an underwater high-speed heist. But the second branch does not have Mr. Crabs' level of threat mitigation.

(Must protect the formula at all costs!)

So the second branch is more open to threats, and this leads us to an interesting paradox, something that translates to the real world quite perfectly.

The Edge Computing Security Paradox

So this interesting now, isn't it? Wider device distribution may offer security benefits by reducing the distance data has to travel for processing means there are fewer opportunities for tracers to intercept it during transit. Furthermore, it reduces the number of attacks on the central servers.

The Achilles heel here is that the edge devices have known vulnerabilities. They are open to attacks as the devices have limited capacities and cannot have extensive security features.

So the real challenge lies in incorporating security into the device design. Companies are beginning to focus on this and other measures for making data safer, including the use of encryption and creating solutions to manage, update and secure these devices. If inherent security features are built into more end-user devices and edge data centers, it would be possible to create expansive networks with minimal vulnerabilities.

Security Fundamentals at the Edge

Existing security fundamentals are the starting point for securing any new or reimagined technology.
The security fundamentals seen across the IT landscape include encryption, cryptography, system visibility, access control, and the principle of least privilege.
These tools are often virtualized. Edge computing and network functions virtualization are used together for improved security tools.

  • Encryption:
Edge devices can especially benefit from data encryption at rest and in transit.  Data at rest is data in storage, that can be accessed via authorization, like the secret formula in Mr.Crabs restaurant. Data in transit is when the data is moving between different locations.

So even if the device is stolen, the data will be safe.

Encryption can be executed through a VPN and with cryptographic keys.

  • Visibility and Automated Monitoring:
An organization can only act against threats if they are aware of them. System visibility needs to be extremely detailed. This is especially true for edge deployments because the number of nodes increases astronomically. With more network nodes, the possibility of attack increases.

This is where Intrusion Prevention Systems and Intrusion Detection Systems(IPS/IDS) comes into play. Intrusion detection systems monitor, analyze and report on network events and checks for anomalies and strange activities.

  • Access Control:
Access control under the principle of least privilege keeps an organization's employees from accessing sensitive data. In edge computing, the demands for robust security protocols cannot be met. Thus access control is more effective. Now let's look into a model that implements this in the next section

The "Don't  Trust anyone" Model aka Zero Trust Architecture

The Zero Trust model is the response to the realization that the perimeter security approach isn't working because many data branches happened because hackers, once they got past the corporate firewalls, were able to move through internal systems without much resistance.

With edge-computing, the perimeter itself is no longer properly defined, because applications and data stores are on-premises and in the cloud, with users accessing them from multiple devices and locations.

So what the Zero trust model says is "Don't trust ANYONE."

  (Yeah, this is the basis of Zero Trust

So what happens under this model is actors, systems, or services operating from within the security perimeter should be automatically be trusted, and instead must verify anything and everything trying to connect to its systems before granting access.

Zero trust draws on technologies such as multifactor authentication, IAM, orchestration, analytics, encryption, scoring, and file system permissions. Zero trust also calls for governance policies such as giving users the least amount of access they need to accomplish a task. Push notification authentication enables user authentication directly to a secure application on the users' device, alerting them that an authentication attempt is taking place. Users can view authentication details and approve or deny access, typically via a press of a button.

References and sources: