How to secure a Transportation Cloud Computing with minimum computational and communication cost?
SHIFT from "Tranportation Cloud" to "Transportation's hybrid Edge-Cloud architecture".
WHY?
Transportation puts the burden of many moving parts: vehicles, people and loads moving along the vehicle, or even from one vehicle to another one, etc. Multimodal transportation is even more tricky.
This means one should be efficient and minimal in the use of energy, communication, and even computing resource.
The Cloud is none of that! With the classical Cloud, as in the old days of mainframe computers and time sharing for using it, everything is on the other side of a network. Network availability and coverage (radio access part of networks) is always assumed, computing is heavy and not necessarily efficient (data centers, etc).
HOW?
In the history of computing, we have had several oscillations already between distributed and centralised architectures. Now is a phase where the centralised Cloud is becoming obsolete. You may gain considering Edge Computing, and in particular ETSI ISG MEC (Multi-access edge computing). This would help you gain N degrees of freedom (the individual nodes linked to every device and even every sensor belonging to your transportation use case: vehicles, loads be it humans or goods, supervision system) instead of the single-block Cloud. Edge computing pragmatically does locally what can be done locally, and shifts to the other side of the network only what cannot be achieved staying local. You can even insert a hierarchy of multiple layers for your processing, networking and other digital functionality.
ETSI ISG MEC ref:
http://www.etsi.org/news-events/news/1180-2017-03-news-etsi-multi-access-edge-computing-starts-second-phase-and-renews-leadership-team
Now, with a more "addressable" system, you can secure and isolate every termination/access point, and often it's already done better than Cloud-wise: see the secure elements used in IoT devices, or classically with the Smart Card and NFC secure element of smart phones, payment systems, identification badges, etc. For people you have also themselves, with biometrics security. So the Edge is covered as much as it can. Then you address network security, and by design you have minimised the traffic, hence you can focus on the air interface path (radio interception) with multiple techniques available, the core networking aspects, and use application knowledge to further enhance and prioritise what to protect to what degree of intensity.
If you do that, you have reduced your surface of attack.
Does this help?
- Badges
- Science method