We propose the best solution
will be a distributed management
layer for device-to-edge association.
Simple trusted interfaces can be established in the local domain, via
physical access, and used as a gateway for additional device association.
Armed with a trusted root certificate,
an edge device can verify the certificates of all peer devices locally. Once
trusted, the identity simply needs to
be added to the access control list for
the local edge system. The list can be
managed by a trusted smartphone
application with access to add a key,
corresponding a new device, to the
list. In a simple case, each client device could have a barcode, and the application can be used to identify the
device and its public key simply by
scanning it with the phone’s camera.
The key requirement would be to simplify the user involvement.
Edge computing presents an exciting new computational paradigm
that supports growing geographically
distributed data integration and data
processing for the Internet of Things
and augmented reality applications.
Edge devices and edge computing
interactions reduce network dependence and support low latency, context-aware information processing in
environments close to the client devices. However, services built around
edge computing are likely to suffer
from new failure modes, both hard
failures (unavailability of certain resources) and soft failures (degraded
availability of certain resources).
Low-latency requirements combined
with budget constraints will limit the
fail-over options available in edge
computing compared to a traditional
cloud-based environment. Consequently, system developers must develop and deploy applications on the
edge with an understanding of such
Additional issues edge computing
will face include authentication at
scale, cost amortization, and resource
contention management. Further, for
a thriving ecosystem, it is essential to
have standardization of the device
and network APIs, something that
has not been seen to date. How these
issues are handled will ultimately
determine the success or failure of
the paradigm of edge computing.
Like many technology inflection
points, timely moves on the thrusts
outlined in this article can signifi-
cantly tilt the balance in favor of suc-
1. Bagchi, S., Shroff, N.B., Khalil, I. M., Panta, R. K.,
Krasniewski, M.D., and Krogmeier, J. V. Protocol for
secure and energy-efficient reprogramming of wireless
multi-hop sensor networks. U.S. Patent 8,107,397. 2012.
2. Bonomi, F., Milito, R., Zhu, J., and Addepalli, S. Fog
computing and its role in the Internet of things. In
Proceedings of the 1st Edition of the MCC Workshop on
Mobile Cloud Computing. ACM, 2012, 13–16.
3. Butler, R., Welch, V., Engert, D., Foster, I., Tuecke,
S., Volmer, J., and Kesselman, C. A national-scale
authentication infrastructure. Computer 33, 12 (2000),
4. Capkun, S., Buttyan, L., and Hubaux, J.P. Self-organized public-key management for mobile ad hoc
networks. IEEE Trans. Mobile Computing 2, 1 (2003),
5. Felter, W., Ferreira, A., Rajamony, R., and Rubio, J. An
updated performance comparison of virtual machines
and Linux containers. In Proceedings of the 2015
IEEE Intern. Symposium on Performance Analysis of
Systems and Software. IEEE. 2015, 1–14.
6. Hu, Y. C., Patel, M., Sabella, D., Sprecher, N., and Young,
V. Mobile edge computing—A key technology towards
5G. E TSI White Paper 11 (2015).
7. Kong, L., McCreery, C., and Yamamoto, M. Indian
Ocean Tsunami Information Center, 2008;
8. Koo, J., Panta, R.K., Bagchi, S., and Montestruque, L. A
tale of two synchronizing clocks. In Proceedings of the
7th ACM Conf. Embedded Networked Sensor Systems.
ACM, 2009, 239–252.
9. International Business Machines. IBM Blockchain,
10. Maji, A.K., Mitra, S., Zhou, B., Bagchi, S., and Verma,
A. Mitigating interference in cloud services by
middleware reconfiguration. In Proceedings of the 15th
Intern. Middleware Conf. ACM, 2014, 277–288.
11. Juniper Networks. Mobile Edge Computing Use Cases
& Deployment Options, 2015; https://juni.pr/2kEXy6k
12. Novakovic, D.M., Vasic, N., Novakovic, S., Kostic, D.,
and Bianchini, R. DeepDive: Transparently identifying
and managing performance interference in virtualized
environments. In Proceedings of USENIX Annual
Technical Conf., 2013, 219–230.
13. Panta, R.K., Bagchi, S., and Midkiff, S.P. Efficient
incremental code update for sensor networks. In
Proceedings of ACM Trans. Sensor Networks, 2011,
14. Petersen, M. K., Edlund, K., Hansen, L. H., Bendtsen, J.,
and Stoustrup, J. A taxonomy for modeling flexibility
and a computationally efficient algorithm for dispatch
in smart grids. In Proceedings of the American Control
Conf. IEEE. 2013, 1150–1156.
15. Satyanarayanan, M. The emergence of edge
computing. Computer 50, 1 (2017), 30–39.
16. Ars Technica. Crypto shocker: Four of every 1,000
public keys provide no security (2012); http://bit.
17. UNESCO and I TU. The State of Broadband 2014:
Broadband for all, 2014; http://bit.ly/2mdHxFb.
Saurabh Bagchi is a professor in the School of Electrical
and Computer Engineering and director of the CRISP
Center at Purdue University, West Lafayette, IN, USA.
Muhammad-Bilal Siddiqui is a software engineer at
Qualcomm in San Diego, CA, USA.
Paul Wood is a cyber security researcher at The Johns
Hopkins University Applied Physics Laboratory in Laurel,
Heng Zhang is a graduate research assistant in the
School of Electrical and Computer Engineering at Purdue
University, West Lafayette, IN, USA.
© 2020 ACM 0001-0782/20/1
distributed smart grids—overloading
the grid even temporarily can cause
issues. Some accepted solutions rely
on constraint-managing dispatch
systems that classify different loads
by their requirements. In Petersen
14 for example, power loads are
classified as batteries, bakeries, and
buckets (BBB). A bakery is the kind of
load where the process must run in
one continuous stretch at constant
power consumption. The bakery
could be a commercial greenhouse,
where plants must receive a specific
amount of light each day. This light
must, however, be delivered continuously to stimulate the photosynthesis
of the plants. Our toaster example is
this kind of load. In the edge computing scenario, each client application
registers with a resource manager,
and the devices can effectively reserve resources prior to execution. In
the case of the toaster, this means the
CNN process and bandwidth for the
video feed are reserved prior to starting the toast process.
This thrust indicates there is research to be done for the appropriate
level of reservation and scheduling
under time constraints. We can rely
on significant prior work in the area of
soft real-time systems. However, two
domain-specific challenges arise here.
First, the delay tolerance can be specific to the context, for example, the specific user using the device. This must
be programmed in, and in the longer
term, learned by the scheduler for the
edge resource. Second, there are several levels of resources available for
making the scheduling decision—the
client device, the edge device, and resources on the cloud. Each choice has
interdependent effect on choices made
for other client applications.
will exist in two pieces. The first
piece—credentials—will be relatively
straight forward to solve. As with SSL, a
collection of central authorities (such
as Azure, EC2, Rackspace) will provide
API’s for registering and generating
signed public/private key pairs from
their Io T support systems. The second
piece, access control, must contain
the association between users, their
devices, and the edge computers. This
piece is complicated by both scale and