Now showing 1 - 2 of 2
No Thumbnail Available
Publication

Survey on Multi-Access Edge Computing Security and Privacy

2021-02-26, Ranaweera, Pasika, Jurcut, Anca Delia, Liyanage, Madhusanka

The European Telecommunications Standards Institute (ETSI) has introduced the paradigm of Multi-Access Edge Computing (MEC) to enable efficient and fast data processing in mobile networks. Among other technological requirements, security and privacy are significant factors in the realization of MEC deployments. In this paper, we analyse the security and privacy of the MEC system. We introduce a thorough investigation of the identification and the analysis of threat vectors in the ETSI standardized MEC architecture. Furthermore, we analyse the vulnerabilities leading to the identified threat vectors and propose potential security solutions to overcome these vulnerabilities. The privacy issues of MEC are also highlighted, and clear objectives for preserving privacy are defined. Finally, we present future directives to enhance the security and privacy of MEC services.

No Thumbnail Available
Publication

Security as a Service Platform Leveraging Multi-Access Edge Computing Infrastructure Provisions

2020-06-11, Ranaweera, Pasika, Imrith, Vashish N., Liyanage, Madhusanka, Jurcut, Anca Delia

The mobile service platform envisaged by emerging IoT and 5G is guaranteeing gigabit-level bandwidth, ultra-low latency and ultra-high storage capacity for their subscribers. In spite of the variety of applications plausible with the envisaged technologies, security is a demanding objective that should be applied beyond the design stages. Thus, Security as a Service (SECaaS) is an initiative for a service model that enable mobile and IoT consumers with diverse security functions such as Intrusion Detection and Prevention (IDPaaS), Authentication (AaaS), and Secure Transmission Channel (STCaaS) as a Service. A well-equipped edge computing infrastructure is intrinsic to achieve this goal. The emerging Multi-Access Edge Computing (MEC) paradigm standardized by the ETSI is excelling among other edge computing flavours due to its well-defined structure and protocols. Thus, in our directive, we intend to utilize MEC as the edge computing platform to launch the SECaaS functions. Though, the actual development of a MEC infrastructure is highly dependent on the integration of virtualization technologies to enable dynamic creation, the deployment, and the detachment of virtualized entities that should feature interoperability to cater the heterogeneous IoT devices and services. To that extent, this work is proposing a security service architecture that offers these SECaaS services. Further, we validate our proposed architecture through the development of a virtualized infrastructure that integrates lightweight and hypervisor-based virtualization technologies. Our experiments prove the plausibility of launching multiple security instances on the developed prototype edge platform.