Journal of Information Assurance and Security.

ISSN 1554-1010 Volume 15 (2020) pp. 001-016

© MIR Labs, www.mirlabs.net/jias/index.html

Security, Privacy Research issues in Various

Computing Platforms: A Survey and the Road
Ahead
Amit Kumar Tyagi1, Meghna Manoj Nair2, Sreenath Niladhuri3 and Ajith Abraham4
1 School of Computer Science and Engineering,
Vellore Institute of Technology, Chennai Campus, Chennai, 600127, Tamilnadu, India.
[email protected]
2 School of Computer Science and Engineering,
Vellore Institute of Technology, Chennai Campus, Chennai, 600127, Tamilnadu, India.
[email protected]
3 Department of Computer Science and Engineering,

Pondicherry Engineering College, -605014, Puducherry, India.

[email protected]

4
Machine Intelligence Research Labs (MIR Labs),
Scientific Network for Innovation and Research Excellence, Auburn, Washington 98071, USA
[email protected]

Abstract: Security and Privacy (S&P) preserved systems play can be ensured [1, 3]. Privacy and Security are two
an important role in decision support for Internet-mediated integrated issues (important) in the deployment of every
service provision. It is essential (need to be mandatory) to technology (require with data, i.e., data need to be secured
enable systems/ users to represent and update their security and confidentially during data transfer) or network.
and maintain privacy with other peers (systems, in open
networks) for sharing files, and especially to accessing reliable Security is the degree of confrontation or protective nature
services in computing/ real world scenarios. Privacy and from destruction, valuable goods, humans, nation, institution,
security concerns are highly critical one and required efficient etc. On the contrary, privacy refers to “masking oneself from
solution from research communities (working in different others” [1], i.e., securing our personal details, location, etc.
domains/ disciplines around the world). The motto of this very
from illegal access or rather, privacy refers to the certain
article is to provide apprehensive and rightful information
about the existing security and privacy issues, approaches, information which everyone would like to keep in incognito
hurdles, etc. in a plethora of platforms to enhance the data mode of theirs. For example, in a vehicular ad-hoc network,
quality in the corresponding processing department. Note that user’s privacy is important while communicating with other
among several issues like trust, efficiency, scalability, security, users and also with infrastructure, a user always worry about
complexity, etc., especially security and privacy issues (in their personal data and their location. Moreover these issues
various computing platforms) have been discussed in this work. trust issue also comes into picture in computing environment,
The review methodology has led to the successful revelations of but this article is more focused towards security and privacy
the major challenges and necessities for safe and secure privacy issue only. The difference between privacy and security have
in real time.
discussed (in detail) in [1, 2].

Keywords: Security, Privacy, Trust, Computing Environment, Hence, the organization (remaining part) of this
Computer Science. work is followed as: Section 2 discusses about motivation
related to this work. Then from section 3 to 14, this work
discusses various security and privacy issues in various
computing platforms, starting from Big Data to Blockchain
I. INTRODUCTION technology. And in last, we conclude this work (in brief)
with some future enhancements (needed to be done in near
Security is a human right and need to be provided future) in section 15.
in all situations to client/ user/ system in this smart era (to
electronic frameworks). On another side, privacy is required II. MOTIVATION
to be maintained for communicated or collected data (data in
motion and data at rest). Privacy and Security have different It is a mandating fact that human rights, which
meaning but they are inseparably related. Security can both includes privacy, are to be preserved and secured when users
be an ally and an enemy to privacy. Though privacy and interact and converse with each other on a computing
security seem to complement each other, privacy has a platform. We noticed that, with privacy, trust also an
socialistic perspective while security has a technical essential component in several computing platforms like
approach. The relationship between them is that the security Vehicular Ad-hoc Network (VANET), Cloud Computing [5],
technologies might provide mechanisms by which privacy Grid Computing, Blockchain [29], etc. [11]. Authors in [10]
have proven that privacy is indeed a factor that drives trust
MIR Labs, USA
2 Tyagi et al.
and loyalty without the direct interaction between privacy to build. For explaining trust, several metrics, measurement
and the users’ manners (trust). Security is also dependent on are required to discuss in each computing environment,
Trust component (e.g., in case of insider attack, any security which will make this article difficult to read (and project).
mechanism fails). On the whole, trust leads to a number of So, authors will try to give trust concerns in various
definitions as it is completely based on context and the topic computing environment in separate article (work) in near
in consideration (e.g. ethics and values, computing sciences, future. With this survey, we will get to know that there is not
socio-economics, etc.) [10]. Trust is based on beliefs, faith a single approach/ trustworthy method which can provide/
and takes years to build. Once it is lost, hard to gain/ recover overcome these two issues (security and privacy) in the
[10]. It is necessary for users to trust the Recommendation respective computing platforms. In summary, there are
and Reputation (R&R) [12] schemes before R&R can play a several areas where security and privacy issues are rising
role in informing users ‘trust perception. It is to be noted that with a higher growth. And not much research work has been
location privacy and trust, both equally demand for done with respect to some applications/ areas like grid
interactions, usage of personal info and details, computation computing, future vehicular network, and Blockchain
and analysis, etc. But, when we make a survey on several technology, etc. So, we require a lot of research objectives/
computing platforms, then we find that Security, Privacy and directions/ issues and challenges (also research gaps in
Trust are highly critical concerns in the past decade [1]. current scenarios) to be solved by future researchers with
Security and Privacy are highly essential for every respect to respective computing platforms. Hence, this result
computing platform/ environment, for example, transfer provides us a primary motivation to do innovative work in
information needed to be secured with good encryption several areas. These emerging factors force us to write this
algorithm and needed to be kept confidential along the ways/ work/ paper. Now this section onwards, we will discuss
network/ channel/ in system. So, we used (explained) these several security and privacy issues in several computing
two issues “security and privacy” to discuss in each and platforms (as future research directions) in detail. Also, a
every computing platforms. Note that we could not consider brief comparison about security, privacy and trust issues is
trust concerns here (in this work) because trust belongs to discussed in table 1.
belief, faith, etc., and require a lot of time (also interaction)

Table 1: Summary of State-of-the-Art and Research Challenges.

S no Applications Objectives Characteristics Issues Research Research

/ Computing Challenges Opportunities
Environmen Security Privacy Trust
t
1 Big data Taking strategic Volume, variety, Vulnerabilit leakage of Data sharing, Security and Development of
decision, cost velocity, variability, y to fake sensitive Data storage, privacy in data real time
optimization value data information, Data gathering, processing
generation, Unintentional processing, storing, algorithms ands
presence of discriminatio quality analysing, and algorithms for
untrusted n, data transferring, handling domain
mappers, privacy, data lack of efficient specific data,
infrastructu management, tool, timeliness Integration of
re security, conflicting of analysis, multidimensional
reactive laws in scalability data models ,
security different creation of
countries Efficient storage
devices
2 Cloud Dynamically On-demand self- Data Data use, Defining trust Data location, Increased
computing scalable and service, confidential share, according to the procedure development of
virtualised Broad network ity, Abuse transfer, attribute of transparency hybrid cloud,
resources are access, use of archives, cloud identity and Providing more
provided as Resource pooling, cloud, unauthorised computing access application on
services over Multitenancy of insecure access environments, management, cloud, developing
internet data, Measured API, handling disaster a complete
service Malicious malicious recovery security, privacy
insider, recommend trust evaluation,
data information, management
leakage, providing framework
service and different
traffic security level of
hijacking service
according to the
trust, managing
trust degree
change w.r.t
time and
context
3 Internet of Connecting Interconnectivity, Machine Object Device theft, Data storage, IoT and cloud,
things physical devices heterogeneity, phishing, privacy, Data Data analytics, IoT and network
over a network dynamic changes, poor legacy Location falsification, IP Scalability, capacity, IoT and
in secure Things related security, privacy theft, device Inter- security IoT and
manner, Online services IoT manipulation operability, smart city, IoT
data access and malware network and embedded
process, and bandwidth system
ransomwar constraint,
e, security,
 Security, Privacy Research issues in Various Computing Platforms: A Survey and the Road Ahead 3
untrustwort Privacy,
hy Software
communica development
tion challenges
4 Internet of The intelligent Data input and Spoofing, Design Self-promotion Security and Protecting home
everything connection of output, Tampering, privacy, attacks, Bad- privacy issues, users from attack,
people, process, Decentralization and DoS, man Architecture mouthing Network Enable all security
data and things, moving to the edge in middle privacy attacks, Ballot- bandwidth features on all
Improve attack stuffing attacks, smart devices
experiences, Ballot-stuffing
make smarter attacks
decisions, new
capabilities
5 Fog/ edge Off load cloud Heterogeneity, Malfunctio End user Authentication, Trust, Privacy Fog-enabled edge
computing node centres, Wireless access, ning fog privacy, Preserving preservation, and access
reducing service End device mobility, nodes, Location integrity Intrusion networking,
latency Supports geographic Malicious privacy detection, Security,
distribution, low insider Access control, Convergence and
latency attack, cross-border consistency.
DoS, web issue and fog
security ,wi forensic
reless
security
6 Pervasive Combining Decentralisation, Cyber End user Data sharing, Scalability, finding ways to
computing current network Connectivity, foraging, privacy, Trusted code, changing integrate existing
technologies Diversification, Physical Location Trusted environment, technologies with
with wireless Simplicity jamming, privacy, data computing private a wireless
computing Eaves collection and information infrastructure, to
dropping,D sharing, retrieval provide each user
oS, Context with an invisible
intrusion Dependency halo of computing
and information
services that
persists regardless
of location
7 Distributed Computing over Transparency, Impersonati Leakage of Computational Security, Fault
computing distributed openness, on, DoS, information trust tolerance,
autonomous Reliability, Destruction Resource
computers. scalability of data, sharing

8 Future Support the Increased self- Software defined

internet complete manageability, network,
technologies lifecycle of Virtualization of
applications and resources,
services that are Parallel Internets
primarily
constructed by
recombining
existing
elements in new
and creative
ways.
9 Grid enables the Architectur Confidentialit Trust No clear managing
computing integrated, Decentralised, e issue, y, relationship, standard, coordination of
collaborative Heterogeneity, Infrastructu Trust Limited area multiple resources
use of high-end Resource sharing re issue, establishments and for distributed
computers, and coordination, Manageme applications, applications,
networks, On-demand and nt issue, Difficult to formulating
databases, and high throughput Grid develop, effective models
scientific computing. security, Resource for resource-
instruments inter- sharing between sharing, access
owned and operability, heterogeneous negotiation,
managed by integrity, services execution
multiple Authenticat monitoring and
organizations ion control,
communication
protocols,
resource usage
accounting and
pricing
10 Future creation of High mobility, Attacks on Data Data centric Network Secure routing
vehicular wireless Rapidly changing availability, identification, trust, entity volatility, algorithm,
network/ network for network topology, Attacks on pseudonym centric trust Heterogeneity, development of
Vehicular enhancing the anonymity of the authenticati infrastructure- safety application,
Adhoc data to domain support, attenuation, on and less, multi hop Designing
Network of vehicles frequent exchange identificatio connection integrated system
of information n architecture

11 Location Information Confidentia Location Information unlink ability privacy-

4 Tyagi et al.
based services lity, privacy, sharing, problem, preserving LBS,
services provided to integrity, disclosing untrusted third wireless link providing reliable,
mobile devices availability user party breakage ubiquitous
through mobile information, problem , positioning that
networks, which Location- Collusion of works anytime
may utilize the based spam, malicious users and anywhere,
location privacy of trouble broad
information communicati cast storm
recorded by on problem ,
mobile devices Operation in
to various multiple
value-adding responder,
services Identity
privacy ,safety
problem, LBS
server
difficulty,
Preserving user
location
privacy,
12 Cloudlet Support Only soft state, Virtual Proof of Determine
interactive and powerful, well- Node cloudlet domains where
resource- connected and safe, Security, concept, the cloudlet
intensive builds on standard Mobile Balance of concept with
mobile cloud technology Application offload middleware offers
applications, Security, elements and better
such as those Virtual host mobile performance for
for speech Network device offloading instead
recognition, Security processing, of direct
language Balance of communication to
processing, mac offload clouds, Determine
hine elements via domains where
learning and Wi-Fi on the local mobile
virtual reality. cloudlet and device processing
mobile operator is better than
Internet using offload
communicated elements ,
cloud. Determine
balance of local
mobile device
processing and
offload elements
13 Artificial Enable Eliminate dull tsk, National Voice and AI failure in Building trust, Effect of AI on
intelligence computers to focus diffuse security, facial case of life or AI human the supply
perform problem, distribute data recognition, death case, interface, of and demand for
intellectual data, Solve dynamic vulnerabilit identification cyber security investment, human labor.
tasks as data y, domestic and tracking, vulnerabilities, software
decision security data Making wrong malfunction,
making, exploitation, decision based need of
problem prediction on AI governance
solving,
perception,
understanding
human
communication
etc.
14 Block chain Storage of Decentralisation, Untested Data Lack of Scalability, Block chain
technology information in Persistency, code, transparency, security, Bit privacy leakage, testing, big data
secure manner anonymity, vendor risk, auditability , coin, immutable selfish mining analytics, artificial
Auditability lack of data smart contracts intelligence, smart
standard ownership, contract
and
regulation
III. BIG DATA
The large collection of data/information (generated by a
bazillion tech-giant) which is sophisticated to deal with the
existing data mining/modern algorithms is what we
commonly refer to as Big Data [13]. Here, some challenges
with Big Data [14] include analysis, capture, data curation,
search, sharing, storage, transfer, visualization, querying,
updating and information privacy. Now, issues related to Big
Data can be discussed as:
A. Security issues in Big Data
It is clear that we are yet to figure out the safe and secure
handling of such big data analytics which is extracted from a
 Security, Privacy Research issues in Various Computing Platforms: A Survey and the Road Ahead 5
mightier data environment along with human behaviors. IV. CLOUD COMPUTING
Without a security approach, handling collected data/
information, is too difficult and risky. This collected/ A computational analysis on a particular internet
analyzed data contain personal information of users in platform (IBC) that allows shared PC (Personal Computers)
structured/ unstructured form. Big data is being generated to deal with details and resources to PCs and various other
almost in every application like defense, agriculture, medical systems and devices is called Cloud Computing. It is similar
care, etc. Hence, several studies need to be done in various to a pay and use model wherein services are supplied only if
sectors/ computing platforms. Based on our analysis and requested (e.g., PC systems, servers, stockpiling,
observations, security issues and concerns of big data applications and administrations). They need a number of
analysis is divided as: input, data processing, output and centralized administrations to work efficiently in an
system wise interactions. Input mainly throws light on all the institution or organization. They have a number of varieties
sensors, hardware devices (along with those involved in IoT like External Cloud, Internal Cloud, Combined Cloud, etc.
network), etc. which are in use. The major concern is to Top notch companies are providing clouds services include
prevent attacks on the sensors. Consider the case of Amazon EC2 (Elastic Compute Cloud), GoogleApps, IBM’s
interactions between systems. Security poses to be the Blue Cloud, Yahoo, Microsoft, Zoho, Mosso, Salesforce,
largest problem, in summary security and privacy are crucial GoGrid and ElasticHosts, etc.
concerns in current era. Another example would be the A. Security Issues in Cloud Computing
hurdles faced when with the data in stock being exposed to
duplicate generation of data, existence of unfaithful mappers, Safety and security in cloud is procured in bits and pieces
problems of alphanumeric protection using cryptography, with the help of third-party controls similar to those in
possibility of data mining and lack of security audits, traditional arrangements. It is to be noted that there are still
requirement of highly processing NoSQL databases’ no common grounds available for cloud computing safety
evolution, etc. Hence, one major issue with Big Data is and related issues. At present, a number of cloud providers
generating of large amount of data (rapidly, at a dynamic have executed a plethora of standards for stricter security
rate), providing security to data in motion is a critical issue. and they have their own pros and cons. In a standard cloud
In general, there are seven security issues available in big model, customer organizations are compulsorily adopted to
data (need attention from research community) include ensure secure services, collection of risk analyses, intense
Distributed frameworks, Lack of Designed Security, research, and assured activities.
anonymity concerns, big data skilling gap, Non-relational Table 2: Some issues in Cloud Computing Models
data stores, Storage, Endpoints, Real-time security/
compliance tool, Data mining solutions and Access controls. IaaS model PaaS model SaaS model
security issues security issues security issues
B. Privacy issues in Big Data
In Big Data, privacy is also highly critical issue (i.e., than
any other issue, we think). The concern of privacy makes 1.Virtual 1.Structured 1.Data Security
majority of population stay on their heels due to their Machine (VM) Query Language Management
uncomforted nature because if the systems cannot provide Security related security
cent percent assurance about safe and sound procurement of 2.Web
personal information, the system fails there. Note that 2.Virtual 2.Application Application
leaking of privacy also raises issue of breaking trust among Machines images Programming Vulnerability and
users and technologies/ organizations. Here, privacy issue repository Interface Security Scanning
has become an essential issue together security in area of big security
data (because of the value of personal information of users). 3.Virtual network
Big Data analytics makes use of data mining and other security
apprehension techniques, but the personal details may be
leaked to malicious users after the process of analyzing.
Consider the example of a shopkeeper. In spite of all the data
Mostly, the following issues are verified in a general cloud:
collected being unidentified (e.g., buying a pistol) as the data
is collected from a number of devices, a simple data mining  The fear against information resources prevailing in
technique can retrieve the details of the person who bought Cloud Computing Environments (CCE).
the pistol. Data analysis helps in reduction of the scope of
database because the address of the shop and the buyers’ age  The variety of attackers and their capacity of
are sufficient enough to pick out the corresponding person. attacking clouds.
These issues highly recommend the presence of privacy  The security risks associated with the cloud, and
safeguarding. The anonymous (k-anonymity [15], l-diversity countermeasures of mitigated threats/ attacks.
[16], etc.), temporary identification, and encryption are some
methods in preserving privacy of data analytics, but here Here, some issues have been discussed (based on cloud
some critical factors are like “how to use”, “what to use”, layers) in table 2. On the whole, safety concerns in Cloud
and “why to use the collected data on big data analytics”? Computing [8, 17] are classified as Traditional concerns,
Availability and accessibility issues and Third-Party data
Hence, this section discusses several critical issues like control issues.
security, privacy, etc., towards (in) Big Data. Now, next
section will deal with several security and privacy concerns, B. Privacy Issues in Cloud Computing
identified in Cloud Computing Environment (CCE) [17]. Data privacy is of utmost importance in cloud services,
as cloud providers are able to transfer data from one node to
the next which are operated by a number of organizations
(from the view of data owner). Once again, trust issues are
6 Tyagi et al.
raised here hand-in-hand with privacy. If there’s an representation”? “How to support the identification
unauthenticated usage of Personally Identifiable Information of entities”?
(PII), ambiguity and agreement to data flourishing (along  Privacy: Managing privacy or preventing any attack
with global, dynamic flows, and adhering to the task of on user’s personal information is still in developed
acquainting with trans-border data) are taken care of. Issues phases. Moreover this, several mechanisms like k-
related to personal safety in cloud, immediately relate to a anonymity [15], l-diversity [16], t-closeness [23], p-
highly prioritized context as it varies from person to person. sensitivity [24], etc., have been proposed in the past
Public cloud is best suited for reduction of cost though it decade, but not much work have been proposed
relies on Cloud Service Provider (CSP) which is capable of related to privacy preservation in IoT context.
handling ones’ data [18]. Hence, this environment uses Hence, there is essential requirement for creating
privacy control, regulatory sophistication, legalized efficient privacy preserving mechanisms in IoT
ambiguity, etc. We can conclude that this section discusses a context/ devices.
number of important issues in Cloud Computing platform.  Policy Enforcement: It concentrates on the
Now, next section will deal with several security and privacy perspectives used to implement some efforts in a
concerns, identified in Internet of Things (IoTs). given system. Policies are basic rules which are
made use of in security, consistency of data, etc.
V. INTERNET OF THINGS (IOT) However, it is important to identify the enforcement
The interconnection between various systems and methodology with respect to IoT context (showing
gadgets in different sectors, networks, etc., for efficient a balance between the declaration of privacy and
usage in vehicles, buildings, and other areas hand in hand security among the device). We require strong and
with sensors, motors, actuators, etc., is called the Internet of efficient privacy policies in IoT context to avoid
Things (IoT) or Internet Connected Things (ICT) or Smart any kind of breaches.
things [19]. The well-known, Kevin Ashton founded the  Mobile Security: Generally, mobile nodes are often
term in 1999. Note that these devices (embedded with commuted from one group to that of another in an
internet of things) collect and exchange a lot data (called Big IoT network. A number of cryptographic
Data) every day. IoT is not a new concept, it is being used protocol/encryption based mechanisms are made
(smart devices are communicating with each other) in use of for identification, authorisation, and privacy
various applications (are still in growing phase), i.e., these and security in IoT framework. A few rules have
smart devices have seen a big change in usage since previous been issued in the past years like hash protocol
decade to till today (roughly 50 billion devices will be which can easily handle and control the number of
connected together till 2030). For applications, IoT devices overhead communications with tightened security
are using in many applications [20] like smart home, smart and protection. Security issues relating to mobile
grid, smart transportation, smart farming, smart logistics/ phones are under further research for improving the
supply chain management, Smart e-healthcare, etc. existing methods and mechanisms.
 Secure Middleware: Numerous middleware layers
A. Security issues in Internet of Things (IoT) are involved when different technological aspects
Security in Internet of Things is completely new are put into use for IoT benchmark for integrity,
concerns, because IoT are still in accepting phases (yet to security and data control [22]. Thus, it is necessary
embedded in many applications). These devices are making to protect the data with its policies along with some
human life easier to live with providing efficient services. secure mechanism. However, this requires the
On a broader outlook, Internet of Things consists of a presence of different communication mediums.
rapidly growing network consisting of devices or systems Many smart devices/ gadgets can support IPv6
referred to as things [21]. These entities possess their own communications though they may not acknowledge
authentication address and the capability to process and the IP rules in that local area. Middle wares lack the
transmit data. When these devices use in a small scale, then presence of supervision, and adopt to the IoT
leaking of communication/ information may be not an issue, conditions. Multidisciplinary approach along with
but in case of large-scale applications like Machine-To- interoperability is a rising concern in this context.
Machine (M2M), Device to Device (D2D) communication,  Authentication and Confidentiality: In the past
etc., security and privacy issues [22] raised in general. decade, many attempts have been made by several
There’s a pressing need for the presence of secured privacy researchers for authentication and confidentiality
and trust when it comes to IoT which is done by computing (in IoT) like two-way authentication security
machines and embedded systems like Machine-To-Machine scheme for IoT, using of Public Key Infrastructure
communication (M2M), multifaceted energy grid, home and (PKI), etc. All the present solutions and researches
building automations, interaction between vehicles, etc. solve the issue of lightweight cyphering in chaotic
Security of such systems needs attention (of researchers) environments but for sophisticated or large-scale
from all over the world. Some issues related to IoT are: networks, these fail drastically. So, it is the need of
the hour to create protocols for authorisation and
 Access Control: This basically handles the denial confidentiality in IoT devices.
and permission of access powers vested to the
things in an IoT. It broadly consists of [21]: a) data B. Privacy issues in Internet of Things (IoT)
carriers (Clients) who are responsible for sending or Privacy is a major challenge in IoT’s these days and
receiving data through the smart devices b) data they need to be protected. IoT devices or entities get unique
accessors (things), which communicates with the identifiers/addresses with the help of which it can be easily
clients alone. Some challenges with respect to located throughout the large network. As the devices
access control (in IoT context) are: “How to handle continuously transmit data in an IoT environment, they also
huge amount of transmitted data (i.e., in the form of communicate with other devices. Data from different nodes
stream data) in a common recognized are gathered and analyzed and is used for producing delicate
 Security, Privacy Research issues in Various Computing Platforms: A Survey and the Road Ahead 7
details which may have privacy concerns [20, 21, 22, and striking a balance between protections and granting access in
26]. In general, Privacy issues (in the IoTs) are threefold: service provisions and product development. Emerging ideas,
techniques and mechanisms, like location-based services, are
 Creating awareness of the privacy risks which are pushing privacy concerns into limelight, offering the users
imposed by IoTs which surround data and its an enhanced experience while portraying concerns of
subjects, identity protection. Some other issue/challenges are:
 Personal control and access over the dispensation of
details by encompassing the IoT entities,  Network infrastructure improvements.
 Limiting the subsequent usage and spreading of  Building intelligence into the network.
personal details to the outsiders.  Distributing computing and storage.
Furthermore, a few other privacy threats and hurdles in the Hence, this section discusses several critical issues like
field of IoT are: Identification, Localization, Violation of security, privacy, etc., in Internet of Everything. Now, next
policies, system attacks, etc. Hence, this section discusses section will discuss respective issues in fog computing
several critical issues like security, privacy, etc., in IoT. Now, environment.
next section will deal with several security and privacy
concerns, identified in Internet of Everything (IoE). VII. FOG COMPUTING
VI. INTERNET OF EVERYTHING (IOE) Todays’ the mode of computing has moved from
distributed, parallel, grid, cloud to Fog/ Edge computing,
Indeed, with every leap comes a downfall and this is because large amount of data is being generated by Internet
applicable in this context too. The IoT is a world filled with of Things (IoT)/ smart devices/ IoT Based Cloud [30]. This
exciting and innovative technical inventions but there are a large amount of information (generated by IoT/ internet
few hurdles which are yet to be overcome. Cisco laid connected devices) become a critical issue (for data
foundation for the emergence of the Internet of Everything processing and analytical prediction using cloud
in 2012 and describes it to be the “intelligent interconnect computation/ existing mining/ machine or deep learning
between data, people, processes, and entities” [27]. All algorithms). Cloud computing is used as backbone to
forms of communications and interactions were considered
Internet of Things, and provide resource utilizations
to be synonymous between machines, for example, M2M
(accessing) from anywhere, anytime. But, still cloud
techniques, etc. However, IoE involves all devices in its
environment, i.e., which have the interconnection between computing has some limitations. Today’s many problems
other smart devices/ gadgets (in all possible applications) [27, have been investigated with cloud computing which are:
28]. IoE involves Machine-To-People (M2P) and People-To- high latency (i.e., time interval between the stimulation and
People (P2P) interactions. More than 2.5 quintillion bytes of response), limited bandwidth, low internet connectivity, no
information are generated every day (by smart devices) [28]. data center etc. The solutions to such issues can be raised by
By 2020, there will be more than 40 trillion gigabytes (or 40 the introduction of fog computing with an efficient
yottabytes) of computerized information or 5,200 GigaBytes functioning of cloud network, i.e., based on arrangement of
(GB) for each individual (on earth) [14]. Note that each nodes referred to as micro clouds which are very close to
smart device/ machine contains quick development process, data sources.
information generation and transmission, and can be
identified each device based on IP address (IPv4/ IPv6). Fog computing or networking or fogging facilitates
Internet Protocol (IP) is helping in connected unconnected computation away from a centralized administrative
objects, people, things, and processes to networks (i.e., platform to the logical stream of the network [30, 31]. Fog
which are connecting for the first time). The Internet literally means someone closer. Thus, fog computing can be
Protocol version 6 (IPv6) allows to connect trillions of defined to be close to cloud and nearer to the clients. It
trillions of devices with the Internet. Note that Internet expands the traditional practices to the nook and corner of
Protocol (IP) is a basic protocol used for data the network. It is capable of ranging the foundational blocks
communication. of cloud like storage necessities, network services,
A. Security issues in Internet of Everything (IoE) computation, etc. to the fog nodes, entities, etc. Fog nodes
showcase a number of distributed points for data
IoT is a subdivision of IoE in broad terms and arrangement which are produced by the entities through
visualization aspects [28]. It consists of physical or virtual substitutes, routers, etc. It has the following features [30]:
objects and entities which can be made accessible and can be less dormancy and positional awareness, complements
permitted to transmit data without human-machine
geographic distribution, entity mobilization, wireless access,
interactions. But with People-To-People (P2P) or Machine
non-uniformity, etc.
to People (M2P) interactions, IoE faces several security risks
like cyber-security challenges, etc. Human experts build and A. Security issues in Fog computing
maintain "tougher digital locks" (using Blockchain concept Fog computing used in serval applications like smart grid,
[29]) and "higher firewalls" against cyber-attacks and not
smart cities, smart logistics, smart vehicles, etc. Several
enough strong to face IoE's potential attack [7, 28]. However,
serious issues with respect to fog computing have been
extensive research in this field can result in projecting the
investigated from 2012 (this term was coined this year) to till
flaws related to TCP/IP and the hurdles of an IT system or
network. date. The key aspects of safety techniques are authorization,
tightening of network security, Intrusion Detection System
B. Privacy issues in Internet of Everything (IoE) (IDS), maintaining privacy and building trust, recovery, etc.
Privacy and security issues emerge with increase in the For example, security of data, security for smart grid,
quantity and volume of data being handles, particularly by or securing virtualization of a critical and essential task,
related to individuals. Lawmakers must realize the need for privacy and trust in a sensitive communication [30], etc., are
8 Tyagi et al.
some serious concerns to take care in fog computing privacy and security are a major concern in majority of the
environment. fields. Hence, some serious issues like security and privacy
in this environment discussed as:
B. Privacy issues in Fog Computing
Confidentiality or Privacy during Network fortification/ A. Security issues in Pervasive Computing
access control to a network is a serious concern. Leaking or Having the maximum communication is being made
accessing to user’s personal information by malicious user through wireless technologies; security is a main concern in
may create several problems. Note that trust is directly pervasive computing (when many peer nodes arbitrarily join
connected to privacy concerns, for example, inside attacker and leave a network). Hence, some issues towards security
or insider (in an environment/ organization) may steal the are [33]: usability, scalability, threat modelling, key
information of users and can use this information for its management, quality of management, etc. Some other issues
financial purpose. Similar network privacy is a serious are listed here are:
concern in fog computing. Network operators are capable of  Insufficient Privacy Response: The problem is to
producing configurations physically and manually while fog mould the users’ feedback in such a way that the
nodes involve a mighty maintenance cost. High risks of data level of abstraction of private details fall way below
leakages are gaining great attentions while working with a certain threshold. The usage proves to be stuck if
networks. The clients gain insight into further information the service provider fails to provide further
through fog nodes, i.e., larger quantities of details can be information. Instead, the clients may be exposed to
gathered by fog nodes when compared to a remote cloud a number of messages or will be led to believe that
network. they are still being provided with the services
In summary, fog computing for Big Data/ IoT data though they are not. The settlement of privacy with
analytics is in evolving phase and requires innovative application is a rising concern.
research (or efficient solutions) to produce more knowledge  Scalability: A majority of the researches are done
and smart decisions. Some other issues [30] in fog on surveyed data which has been obtained from
computing are: network management, delay in computing, controlled environment, ranging to a smaller area
placement of fog servers, energy consumption. Hence, this and client population. These models which have
section discusses several critical issues like security, privacy, been generated in the testing atmosphere have to
etc., in Fog Computing. Now, next section will discuss prove themselves for their scalability when applied
respective issues in pervasive computing environment. to a larger area and client population [34].
 Changing Environment: Client find it easier to be
more flexible and move between different
VIII. PERVASIVE COMPUTING computational environments and user interfaces
Hidden computational devices are used for retrieving with a number of systems and applications [35].
personal data in order to derive user context leading to a However, it is to be noted that when the clients
spread of fear amongst the clients about their privacy. On the move, they expect their data to be commuted as
contrary, smart devices exchange and portray the personal well and hence it poses a challenge for all model
information among other smart systems in a persistent designers as they have to create models that
environment. When devices belong to a number of different emphasise on this mobility.
domains, privacy becomes an issue then. It is indeed a  Private Information Retrieval: Some applications or
herculean task to develop and produce services which are users require services without providing or using
highly sensitive to privacy in a pervasive environment to any user identifiable information. This is a problem
optimize the true perks of these techniques and decrease the similar to domain of Private Information Retrieval
possible risks. These techniques gather huge amounts of (PIR) protocols [1, 6]. This provides data retrieval
personal details including email-id’s, location, etc. But in the with queries that require user information without
current era, with people being highly concerned about their disclosing the same information. Developments of
very own details being leaked, majority of them are reluctant applications that provide PIR have not been given
to actively take part in a persistent environment. This calls sufficient attention in pervasive computing.
for the generation of a mechanism that assures centum  Avoiding Privacy Violation for Resource Sharing:
privacy to all its clients. Pervasive computing also known as The presence of clients’ information often leads to
Context awareness computing or Ubiquitous Computing, has violation of privacy policies while communication
its features described by the authors of [32]: for other sources and services. Designing a model
that resolves this issue efficiently is indeed a task to
 Better expansion of smart environments and objects,
achieve pervasiveness.
and impetus behind data collection;
 Data collection will be made more hidden and B. Privacy issues in Pervasive Computing
abstract;
In 1991, Mark Weiser already identified privacy in
 Gathered data will involve the intimate feelings of
Ubiquitous Computing (ubicomp) as one of its biggest
individuals;
challenges [36]. According to Steffen et al. [38], privacy is
 Forcing the flow of unnecessary details at a lower “as an entity’s ability to control the availability and exposure
level. of information about itself”. Broadly speaking, privacy
It is to be observed that clients using pervasive refers to claiming of individuals, groups, etc., to reciprocate
computing environments are not aware of what is being when, how, and to what level the details about them are
processed with their personal information and are under the being transferred to others. The umbrella spread of pervasive
assumption that a service may store or process the data in computing is what makes preserving a user’s privacy a
other ways which may not be authorized by them. This herculean task. Compounding spaces with sensors, actuators,
makes clients insecure about their private life and even today, etc. results in a construction of innovative area and
 Security, Privacy Research issues in Various Computing Platforms: A Survey and the Road Ahead 9
computational analyses which will be globally accepted. for the collection of details about individuals, how much
With the help of numerous sensors and embedded systems, more of the data may be collected and what are the new
the spaces can be easily customized for the clients’ interests ways in which it will be used for?
and can extract the context details completely. Consider the
A. Security issues in Distributed Computing
case of intruders invading and exploiting this technique in
order to trace certain clients or users. In fact, there are a few The secured execution of distributed systems has created
situations when people want to be anonymous so that they a number of severe issues. Few points are listed here as:
cannot be tracked by anyone else.
a. Identifying the methods which analyse the level of
In daily life, with people being surrounded by a bazillion security in a system;
number of smart devices and gadgets, privacy in persistent b. Monitoring the system safety;
computing is raised to be a serious issue [22, 26, and 28]. c. Developing the security metrics;
These devices are embedded in artefacts and other articles d. Integrating ideas, like cryptography, etc. for
including human bodies and have skilled communication secured and safe conversations;
capabilities, ability to implement spy work, etc. In near e. Using middleware in system security;
future, these questions re likely to pop up in our minds when f. Using web services for enhancing security.
using our smart devices:
B. Privacy issues in Distributed Computing
 Can I trust my refrigerator? With the advent in
innovation and technology, fridges are likely to There has been an ardent desire for the evolution of
report the dietary misbehaviour of its owner to the computational technology due to recent enhancements in
concerned doctor. Interne technology. These days’ users do not even have to
make use of private machines for executing their
 Can I trust my smart phones, TV, etc.? All smart
computational tasks. Simultaneously, there has been an
devices make use of cookies, and other methods to
evolution in data storage as well as people have moved to
get a better insight into the lives of its owners to
storing data in cloud. This has led to a global acceptance of
customize the product accordingly.
computation and data analysis with enhanced accessibility
 Will pervasive computing force us to abandon all
and assurance. Together this, advancement in technology has
hope for privacy? also created several new challenges in distributed computing
 Will the existence and presence of cyber-flies environment [38], like (issues in distributed computing) are:
whose eyes are substituted with high-resolution Trust, Robustness to network delay, Efficiency, Scalability,
cameras bring a halt to privacy? Threats to validity, and Secure computation.
 Would it be clever enough to develop a cyber-
spider to decrement the cyber-flies? But cyber-birds A distributed computational system contains numerous
would feed on them too. software parts which function as a single system and hence,
it generates a number of golden opportunities for further
So, we will build a cyber-cat for overcoming above research. Hence, this section discusses several issues raised
issues. Will a new privacy category appear/ protecting in distributed computing. Now, next section will deal with
artificial entities’ privacy? Note that socially based security and privacy concerns with respect to future Internet
paradigms like trust-based approaches will play a big role in society.
pervasive computing in protecting privacy. Privacy and
Trust, both are integrated terms in computing environment. X. FUTURE INTERNET SOCIETY
Hence, this section discusses several critical issues like
security, privacy, etc., in pervasive computing environment. Internet has turned out to be the highly used and most
Now next section will discuss respective issues in distributed required tool of the modern century. Little did we know, that
computing environment. internet would bring about such a drastic evolution seeding
grounds for human environment, socio-economic growth, etc.
IX. DISTRIBUTED COMPUTING Questions like “What Will the Internet Look Like In 10
Years”? or “How many smart devices will be connected
Due to recent development in technology like through internet in 2030”? Internet of people, Internet of
Blockchain, etc., the future belongs to distributed era value, internet of everything, internet of Nano-Things are
(environment) [11], for example, distributed computing, some enhancement using internet in today’s applications.
distributed network, distributed web, etc. With distributed But, here also several issues also raised together popularity
functionality in a network, user builds more trust among of internet which are included here as:
other user [34]. In general, distributed computing is difficult
to understand for individuals, i.e., who has data about them, A. Security issues in the Future Internet Society
where it is stored, and how it is being used. Ensuring quick Internet is the basic backbone for any kind of computing
and easy access of intense data to the clients can be executed environment/ technology. Some of the security issues related
by combining the dissimilar, separate and different computer to the future internet are:
systems and databases into a single space. However, this
also raises the privacy and security concerns which need to  Consistent and real-life supervision and control of
be resolved. How is it that the customers can be assured that security systems, context, services, etc.
there will be no breaching of data in a distributed system?  Detection of intrusions and attacks by malicious
How can national privacy and consumer rights be protected users at a primitive stage to prevent critical and
across a global grid? How can clients be ensured that their chronic impairment, analysing and understanding
data isn’t be used for malicious purposes during transactions he mannerisms of the harmful model designs in
with a vendor? How can we prove to the clients that data order to produce new schemes and proposals.
would remain in loyal jurisdictions? What kinds of redressal
methods can be used for a customer’s privacy of data? And
most importantly, as circulated computing makes it simpler
10 Tyagi et al.
 Safeguarding the interrelated frameworks of the computer network involving each computerized resource to
modern era against attacks, cascadings, be shared with every other computer to achieve a major
interventions, etc. target [4]. Large number of network registration in Grid
 Cross-border, cross-organizational, scalable and computing, is a capable and proficient computational
well dispensed, co-related security methodologies, innovation. A framework which is registered with grid, is
including the measures influenced by the bio- rising as a promising innovation for three reasons: (i) its
spherians: collective and self-made, self-healing capacity to make more cost-proficient use of a given
and self-studying mechanisms. measure of figuring assets, (ii) as an approach to tackle
 Handling and controlling the “identity” of a huge substantial scale issues that cannot be unravelled without a
number of networking citizens, gadgets, services, remarkable measure of processing force, and (iii) since it
etc. recommends that the assets of many PCs can be controlled
 Watching over the communications and interfaces and directed towards a typical goal. Now some similarities
existing between non-uniform ICT (Information between cloud and grid computing are:
and Communications Technology) systems and  Scalability: The ability of an efficient system to
developing possible security norms across the handle the doubling load of work along with
futuristic net. improvisation is called scalability. Grid and cloud
 Protecting the key frameworks which are are two well versed examples of scalability based on
interrelated and are controlled by exhaustive their performance. CPU and network spectrum are
networks. directed on command. Hence, grid and cloud
 Designing systems and services that have high networks have a great storage space that is flexible
scopes, and those which are dependable and and it depends on the number of users and the
resistive in nature. collection of data transfer rates at a point.
 Qualifying security, dependability and resistive  Multitenancy and Multitasking: Multitenancy is a
nature during design and manufacture or doing it case where individual instanced software serves
dynamically during run-time. numerous users, while multitasking [4, 8] is the
 Anticipating, supervising and controlling the audacity to carry out versatile tasks and share
dependant nature, progress and comforts to the resource. Both are complementary to grid and cloud-
rapidly changing content, conditions, rules, norms, based networks and thus, allow users to execute a
etc. along with a guaranteed service level set up variety of tasks.
between the contrasting factors.
 Protection of distributed virtual objects and Hence, though cloud computing shows enhancement
efficient frameworks based on interactions, storage from grid computing [8], there are numerous similarities
reservoirs, etc. under them. Grid computing proves to be better for institutes
 New crypto-schemes are introduced in the main with bulk data requirements being serviced by small number
networks to deal with the ever-increasing data of users. On the contrary, cloud computing is suitable for
transfer rates in the modern era. those situations where there are multiple users and clients
who necessitate small amounts of data alone. Now, some
B. Privacy issues in the Future Internet Society characteristics of Grid Computing over Cloud Computing
are: Heterogeneity (grid has different Operating System and
Through computing devices which are connected with
Hardware), Loosely coupled (grids are distributed in nature
internet network, then information can be accessed from
over a network), scattered (grid use many machines but not
anywhere, anytime (in this smart era). Some of the privacy
at a single location), and Resource handling (done by the
issues related to the future internet are:
resource manager at each node as an independent unit), etc.
 Comprehending and recreating a personal-friendly Now, concerns like security, privacy in respective
identity management scheme; computing technologies can be discussed as:
 Reimbursing privacy and safety in the future A. Security issues in Grid Computing
environments; new privacy designs and models and
data control modules with advancing technologies; Security can be referred to as the strata which contains
 Frameworks and technical foundations for resources necessary for grid architecture and design.
controlling personal details and for data distribution; Security means need to protect something from outside
 Analysing the emergence of trust and related world/ malicious/ unknown users. The resource (in used)
terminologies; may be valuable and protected with weak security
mechanisms. The security issues in a grid are sophisticated
In near future, we need to develop novel, trustworthy, and the resources are positioned in a number of domains,
reliable, and usable algorithms, which are efficient enough to each having its own norms and rules. In grid computation,
carry out informed decisions about which information, we need to protect: Private, anonymous accounts, and
service and system they can rely on. Hence, this section Runtime process monitoring.
discusses several critical issues like security, privacy, etc.,
with respect to Future Internet Society. Now, next section In summary, security issues in grid computing [3] are:
will deal with security and privacy concerns, raised in Grid System Security of Server and Database, Networking
computing environment. Security, User Authentication, Data Protection, System and
Storage Protection.
XI. GRID COMPUTING
B. Privacy issues in Grid Computing
Grid computing (or a processing architecture) combines
The mobile cloud users have several serious concerns
several computers (together) to reach a common objective/
to solve a problem. In lay means words, grid computing is a like data security (during data in motion/ at rest or stored),
data privacy, etc., in a cloud/ grid enviroenment. Now, some
 Security, Privacy Research issues in Various Computing Platforms: A Survey and the Road Ahead 11
privacy issues related to data (in grid environment) are A. Security Issues in Future Vehicular Network
included as:
Security and privacy concerns [1] are very similar to
i. Risk of data steals and leaks majority of the mobile and wireless connection set ups:
ii. Data privacy lies in the hands of customers authorization, data consistency, resilience to future attacks
iii. Violating privacy rights and interventions like Denial of Services (DoS), Sybil
iv. Lack of physical safety and secureness attacks, etc.
v. Dealing with encryption and decryption of keys
Issues of security and privacy are nearly common to
vi. Safety issues of virtualised machines
most mobile and wireless network settings: authentication,
vii. Lower standards for data integrity
data integrity, resistance to various attacks like Denial of
viii. Incompatibility of services because of the
Service. Here are a few major differences observed:
involvement of too many vendors
Note that privacy issue is raised only when a data/  No Confidentiality: This is mainly applicable in the
information (personal or confidential) leak. It is also mobile network sector. For example, in the recent cell-
necessary to encourage the clients to adapt to cloud data phone models (GSM, CDPD, etc.) there is the existence
services which have distinct standardization. In addition to of a secure channel between the phones and the closest
the data security threats (on cloud/ grid side), some attacks base station or registry. The safety and security needs
are always possible at end-user mobile devices [4] like for VANETs are similarly needed in V2V (Vehicle to
Device Data Theft, Virus and Malware Attacks via Wireless Vehicle) group interactions. Hence, this is to be taken
Devices and Misuse of Access Rights. On another side, other up as a key issue in the field of VANET.
issues (in grid computing) are: latency, low internet  No Key Distribution: Prime assortment is a necessity in
connectivity, location awareness, engagement of maximum VANET due to the following two concerns: a) no
system/ machines (for completing main task) or sharing of chances of bulk data being transferred between vehicles
resources together, architecture related (information sector), or – frameworks b) vehicles which pace with a greater
infrastructure (host and network) and management issues acceleration are likely to be present in the base station
(credit management, trust management, monitoring). Some for less amount of time within a particular station. It is
resources in a system are useful and taking part in a also to be noted that these vehicles use broadcasting
computation (with other system’s resources) but some are techniques to transmit the data (in a pair/ group) and key
useless and not taking any participation in solving a problem, distribution is not compulsory. Mobile network
but creating problem, i.e., sending system in deadlock state. architecture has the facility for key dispensing.
 No Hand-Over: When a node commutes from one cell
Hence, this section discusses several critical issues like to cell, its state and data are being simultaneously
security, privacy, etc., with respect to Grid computing. Now, transferred. Same way, in VANET, physical transfer of
next section will deal with several security and privacy data is eradicated in the case of handling humongous
concerns, raised in Vehicular Ad-hoc Network/ Vehicular volume of data, i.e., vehicle which are required to attest
Cloud Computing environment. their speed and other arguments to the station.
 No Battery Power: On the whole, the power
XII. VEHICULAR AD HOC NETWORK consumption (CPU) is rated high for most of the mobile
Vehicular Ad Hoc Network (VANET) is a subset of networks. The power is consumed for receiving and
Mobile Ad Hoc Networks (MANET) [10, 17 and 25] having transmitting the data as well as to form cryptographic
a few dissimilarities like restriction in power, mobility operations on nearly dead and power challenged gadgets
patterns, etc. In VANET, cars commute as nodes in network including PDAs, mobile phones, etc.
for the production of a mobile network. In VANET, vehicles  No CPU Speed: Reduced CPU speed of the nodes is of
use On Board Units (OBU) and Rode Side Units (RSU) for prime concern in many of the mobile networks. Security
making communication among each other. For simulation and safety norms are managed to reduce cryptography.
purpose, in VANET every participating vehicle  Extreme Time Sensitivity: Time management proves to
communicates through wireless router, and allowing be another essential factor for which we can rely on
vehicles to be in range of 100 to 300 metres. In near future, CPS devices for accurate and precise clock
we need to provide efficient services to each and every measurements. After all, the devices must be prejudices
vehicle (in Future Vehicular Network (FVN)). Basically, of replays and else unreceptive. It is easier to access
VANETs were primarily designed to support the simpler frameworks embedded with features like
communication between totally different Vehicles (Vehicles digitalised signs, certified framework, etc.
to Vehicles: V2V) and infrastructures (Vehicle to
Infrastructure: V2I) [25]. During this growing phase of Now, some serious privacy issues will be discussed as our
VANET, several issues like security, privacy, and trust, next task of this section.
scalability, etc., raised in it. But, among all existing issues B. Privacy Issues in a Future Vehicular Network
(or challenges) of the VANET/ Future Vehicle Network,
security, privacy (also trust) received less attention. Each Note that why is Privacy Important for VANETs? To give
vehicle or service provides contain information about a answer to this question, we need to discuss some threats to
vehicle user. It is important that this information should not the privacy, which have investigated/ measured in the past
modified by an attacker (including drivers should also decade. Here, leaking of traces/ information can be
respond with full trust, i.e., correctly about traffic represented in terms of degree/ level. The levels and
management. It is to be keenly noted that the size of the different tiers of privacy determine the aim and targets of the
network, geographic relevance, flexibility, etc., makes the system on the basis of which privacy would have to be
execution harder and different from other network finally designed. Here are a few examples to overcome the
protections. Hence, each issue is discussed in detail as: hurdle of future privacy:
12 Tyagi et al.
 To analyse the mannerisms of the driver during the A. Security issues in Location Based Services
driving session so that the gained details can be of use
 What are the norms vested on institutions with
to the police as well. In case of over-speeding, penalty
respect to the bulk amounts of data they deal with?
tickets can be issued to the concerned person.
 Are the LBS electronic systems well secured and
 Parking areas can be efficiently managed by making
grounded from other attacks?
use of car identifiers to capture any form of
communications taking place in the parking which  What measures have been taken up to control the
would act as an upper-hand to retrieve the arrival and LBS users?
departure information regarding any personnel.  Are there any strong back-up measures that have
 By detecting the cars’ movements and behaviours, been adopted in case of a system failure?
fines can be easily issued for any form of misconduct B. Privacy issues in Location Based Services
or other acts.
Preserving Privacy is still impossible as perfectly till
Moreover this, many attempts have tried in previous decade communication takes place among human being. The term is
for preserving user’s privacy in [15, 16, 23, 24, and 25]. said to comprise of the perspectives of information security
Though these principles are in agreement with mislinkage’s and safety, discretion during communications and
and intrackability principles, privacy ought to be considered conversations, along with regional secrecy as per Privacy
for data sharing. Specifically, positional information can be International. Several definitions of privacy can be found in
made use of to track a vehicle, though its aliases are in use. [1, 6]. Here, some categories of privacy are; “privacy of the
It is also important to provide minimalized details to the person,” “privacy of personal behavior,” “privacy of
remaining vehicles, while maintaining its worthiness. personal communications,” and “privacy of personal data.”
 Location cloaking techniques: In order to It is an oblivious fact that secrecy and human beings would
always go hand in hand with each other. It is leads people to
compensate for the trade-off, these techniques have
live a life of their own by keeping their thoughts, interests,
been issued because of which, positional details and
likes, etc., to themselves. Secrets are often considered to be a
information will be portrayed on the achievable of
mechanistic and holistic way of protection, which is ardent
protection and safety.
for self-perseverance and thereby, necessary for preserving
 Aggregation: It permits the transfer of only
security. As an individual, it is known to all of us that we
segregated and required data, allowing the
need to preserve our secrets and mask them from the raging
minimisation of the personal data being sent.
world. Even so, we seem to be discomforted by the secrets
 Non-Repudiation: It targets towards dodging any which are possessed by the government. Secrets can be of
one particular instance after having an action different types. For example, when secrecy is being used to
performed. For example, the interrelated protect the national interests, it is invulnerable. Everything is
information in a computerised network may be of secret, nothing is secret for a human being [1]. No one care
NRO: Non-repudiation of Origin, NRR: Non- much about his/ her privacy, but it matters or everyone cares
repudiation of Receipt format. However, NRO’s are when he/ she is being tracked for a period of time
used more commonly that VANET. continuously. The best way to ensure that keep secrecy of
Some popular attacks in VANET [10, 17] are: Message users as most important secrets, kept as secret (with a higher
replay attack, Message spoofing, Denial of Service (DoS) trust), is for secrecy to be returned to its limited but
attack, Movement tracking. On another side in VANETs, necessary role.
some challenges (related to security) are: Network Volatility,  Who is permitted to access the positional details?
Liability vs. Privacy, Delay-Sensitive Applications, Network
 Can individual possess tracking devices which may
Scale, Heterogeneity, Infrastructure less, Multi-hop
be deactivated?
connection, Wireless Link use. Some other issues (in
VANET) are: Availability, DoS and uncollaborative  Are the benefits from LBS in a given context
behavior prevention, information trust. Note that in FVN, known to overweigh the effects of personal privacy
power consumption is not important since a running vehicle invasion?
provides an ample source of battery power. Hence, this  Is the privacy of an individual way higher when
section discusses several critical issues like security, privacy, compared to the safety and personal deeds of the
etc., in VANET. Now, next section will deal with several community?
security and privacy concerns, identified in location-based With rapidly increasing wireless and mobile
services. technologies, LBSs are being exposed to security and
personal safety breaches. Privacy can be defined as “the
XIII. LOCATION BASED SERVICES secretive technique of masking ones’ current position from
All vehicles embedded with the location tracking devices those of another [1, 6]. Locational privacy is of utmost
like Global Positioning System (GPS) receivers, and other concern when compared to all of the other LBS categories as
interaction abilities are efficient enough to enable and it reveals all of their personal traits and figures including
activate a certain range of location-based applications (like their addresses, hobbies, etc. Privacy can be further turned
Location Based Services (LBSs)) [1]. In LBSs, users submit into data, location, identity and genomic. Some privacy
queries along with his/ her location to a service provider like issues existing in location-based services is included as:
“Where is the nearest car parking?” “Where is the nearest
a) Should the user whose location is being tracked be
Coffee Shop”? Note that, user send these queries together
informed when in use? Can they be granted
with the geographic coordinate of his/ her current location.
permission to switch it off? What factors may
influence these responses?
b) Should the user be allowed to handle the collection
of location information?
 Security, Privacy Research issues in Various Computing Platforms: A Survey and the Road Ahead 13
c) Can the positional information be identified and efficient solutions to overcome the hurdles with a
individually, or can the user decide on the levels of popular mechanism
anonymity it possesses?
d) What type of preservance can a persons’ past B. Privacy Leakage
locational information have against search and Public and private keys can be used to preserve a definite
captivism? amount of privacy through Blockchains and the users easily
e) Should it be allowed to govern other perspectives of operate on the keys anonymously. However, it has been
stored details like accuracy, levels of safety, etc.? discussed in [11, 40] and is very clear that Blockchain will
f) Does usage of native details be another middleman never assure transactional privacy as the values of all
like carriers create an atmosphere of unfair transactions and payment history for each key will be
advantage for malicious use of information? publicly visible. Moreover, in [40, 41], authors have
g) Up to what proximity should the users be permitted portrayed how a users’ bitcoin transactions and payment
to choose their own degrees of anonymity? accounts can be related to reveal the users’ personal details.
h) What levels of exposure can be efficiently handled Furthermore, Biryukov et al. [11] presented a methodology
by the government? to connect user ids to the IP addresses in spite of the users
i) What are the regulations and norms which are being masked behind the Network Address Translation
rightly put together to assure rights of privacy to the (NAT)/ firewalls. In this work, they showcase that each
citizens? individual client need to be distinctly identified by the node
j) Will the unparliamentary standards along with set it is connected to which can be apprehended and used to
industries/trade groups be strict enough to be find the point of origin if a transaction.
effectively accepted by consumers and industries? Moreover this, multiple methods like Mixing,
k) Would the public interest groups be sufficient for Anonymous, etc., have been proposed to improve anonymity
monitoring the industries and safe guarding the of Blockchain, but none of the approaches work sufficiently.
public interests? Hence, this section discusses several issues like security,
l) Will the demands be satisfied by the providers privacy in Blockchain technology. Now, next section will
corresponding to their respective features, products conclude this work in brief with some suggestions, necessary
and services? for future computing environment.
Some of the other Privacy and Security issues in LBSs have
been discussed by the Tyagi, A.K and N. Sreenath in [1, 6]. XV. CONCLUSIONS
Hence, this section discusses several serious issues like Security, i.e., the secrecy, uprightness, and
security, privacy, etc., in LBSs. Now, next section will validness of data are frequently a vital fixing to protection,
identify some security and privacy concerns in Blockchain as it encourages the control of data streams (i.e., who
technology concept (especially used for building trust). becomes acquainted with what when?) and guarantees the
accuracy of information. It is conceivable to have abnormal
XIV. BLOCKCHAIN TECHNOLOGY amounts of security yet no protection (think observation
Blockchain is a new technology developed to build trust state), or even some kind of security without security (e.g., a
among users, decentralized and distributed in nature. Popular private table discussion in a Taj Hotel). The imperative
example of Blockchain based in Bit coin, a cryptocurrency knowledge is that just actualizing some type of security is
launched in 2009 [29]. In spite of the generic use of insufficient to guarantee protection. Guaranteeing the
Blockchain techniques, it possesses a number of threats. classification and genuineness of a specific data does not say
Here are a few major challenges which have been commonly anything in regards to how and when this specific bit of data
found: will be utilized by its assigned beneficiary. Security of a
calculation used to signify “the PC running the calculation
A. Security Issues of the Blockchain Technology ought to be shielded from pernicious bargain”, and
Security proves to be the topmost attractive feature of a protection of information used to infer unapproved
Blockchain technology and it is completely founded on the substances could not access that information. Several
basis of public ledger and distributed consensus [11, 29]. scientists/ researchers have proposed several mechanisms to
However, fraudulent issues and hacking are still prevalent. overcome above discussed issues. In last, meaning and
51% attack, where in a Bitcoin is made use of for assessing importance of security, privacy and trust is troublesome.
the computational measures with respect to the hash rate, is a Protection is identified with, however not indistinguishable
frequently observed one. When hash rate is managed by with: mystery, isolation, freedom, self-rule, flexibility,
more than 51% of an individual node or a pool of miners, closeness, and personhood. Protection is a non-monotonic
blockchains are vulnerable to malicious acts, thus leading to capacity and social process. Security, Privacy and Trust are
a fork, i.e., when there’s a presence of two contradicting easy to lose, but yet difficult to rebuild/ protect. Note that e-
blocks. A great chunk of the mining power has to healthcare/ Medicare or healthcare sector faces several
complement the attackers’ block which would further be sent security, privacy and trust issues in today’s smart era [43].
to the Blockchain. Double-spending attack is a very well- Because of the recent advancement of systems
known security issue [39, 40, AND 42] and it easily occurs a administration and interchanges innovations and its open
large number of people make use of the same body to pay nature, today's security, protection and trust has gotten to be
their funds (cryptocurrencies like bitcoin [29]). This is made significant issues. Everybody require security and assurance
fruitful in a Peer to Peer network as there are high chances of from assailants, i.e., require dependable connections. As
processing delays when the remaining payments are future work, we want to provide reliable experiences/
published in a distributed manner to the nodes in the services to human beings (as an extended version of
network. Miners require only ten minutes to obtain the carpooling where drivers allow passengers to dictate their
solution of the problem. So, these issues are the necessary priorities). So, everybody is heartily welcomed to extend
their research in this field.
14 Tyagi et al.

Acknowledgment [15] L. Sweeney.k-anonymity: a model for protecting

privacy.International Journal on Uncertainty, Fuzziness
This Research is Funded by Anumit Academy’s Research
and Knowledge-based Systems,10 (5), 2002; 557-570
and Innovation Network (AARIN), India. The Author
[16] Machanavajjhala, Ashwin & Gehrke, Johannes & Kifer,
Would Like To Thank AARIN, India, a Research Network
Daniel & Venkitasubramaniam, Muthurama krishnan.
For Supporting The Project Through Its Financial Assistance.
(2006). l-Diversity: Privacy Beyond k-Anonymity. ACM
Transactions on Knowledge Discovery From Data -
References TKDD. 1. 24. 10.1145/1217299.1217300.
[1] Amit Kumar Tyagi, Sreenath N., “Future challenging [17] Amit Kumar Tyagi, N. Sreenath, “Providing Trust
issues in location based services”, International Journal of Enabled Services in Vehicular Cloud Computing
Computer Applications, Vol. 114 (5), 2015. (extended version)”, 25-26 August, 2016, in proceeding
[2] Abid Shahzad1 and Mureed Hussain, “Security Issues of ACM/ International Conference on Informatics and
and Challenges of Mobile Cloud Computing”, Analytics (ICIA), Pondicherry, India, pp. 1-10.
International Journal of Grid and Distributed Computing [18] W.Brujin, M.Spruit and M.Heuvel, “ Iddentifying the
Vol.6, No.6, pp. 37-50, 2013. cost of security”, Journal of Information Assurance and
[3] Muhammad Asif Habib and Michael Thomas Krieger, Security , Vol.5, 2010.
“Security in Grid Computing” (http://www.fim.uni- [19] Kevin Ashton, That 'Internet of Things' Thing. RFID
linz.ac.at/lva/SE_Netzwerke_und_Sicherheit_Comm_Infr Journal, June 22, 2009.
astructure/gridcomputing.pdf) [20] Tyagi, Amit Kumar and Sharma, Sonam and Anuradh,
[4] Anirban Chakrabarti, Grid Computing Security, book, Nandula and Sreenath, N. and G, Rekha, How a User will
ACM, 2007. Look the Connections of Internet of Things Devices?: A
[5] Buyya, Rajkumar & Broberg, J. & Goscinski, Andrzej. Smarter Look of Smarter Environment (March 11, 2019).
(2011). Cloud Computing: Principles and Paradigms. Proceedings of 2nd International Conference on Advanced
10.1002/9780470940105. Computing and Software Engineering (ICACSE) 2019.
[6] Amit Kumar Tyagi, N. Sreenath, “A Comparative Study [21] P P Ray, A survey on Internet of Things architectures,
on Privacy Preserving Techniques for Location Based Journal of King Saud University - Computer and
Services”, BJMCS, July, 2015 10(4), pp. 1-25, 2015. Information Sciences, Volume 30, Issue 3, July 2018,
[7] B.David “3 security risks posed by the Internet of Pages 291-319
Everything” [22] Tyagi, Amit & Rekha, Gillala & Sreenath, N.. (2020).
(https://www.federaltimes.com/opinions/2015/03/10/3- Beyond the Hype: Internet of Things Concepts, Security
security-risks-posed-by-the-internet-of-everything/) Mar, and Privacy Concerns. 10.1007/978-3-030-24322-7_50.
2015. [23] N. Li, T. Li and S. Venkatasubramanian, "t-Closeness:
[8] Rajendra Kumar Dwivedi, “From Grid Computing to Privacy Beyond k-Anonymity and l-Diversity," 2007
Cloud Computing & Security Issues in Cloud IEEE 23rd International Conference on Data Engineering,
Computing”, TECHNIA – International Journal of Istanbul, 2007, pp. 106-115.
Computing Science and Communication Technologies, [24] T. M. Truta and B. Vinay, "Privacy Protection: p-
Vol.5 No. 1, July 2012 (ISSN 0974-3375). Sensitive k-Anonymity Property," 22nd International
[9] T.Kavitha and D.Sridharan ,“ Security Vulnerabilities in Conference on Data Engineering Workshops
wireless sensor networks : A survey,” Journal of (ICDEW'06), Atlanta, GA, USA, 2006, pp. 94-94.
Information Assurance and security , Vol.5 2010. [25] Tyagi, Amit & Sreenath, N.. (2015). Preserving Location
[10] Amit Kumar Tyagi, N. Sreenath, R Priya “Never Trust Privacy in Location Based Services against Sybil Attacks.
Anyone: Trust-Privacy Trade-Offs in Vehicular Ad hoc International Journal of Security and Its Applications. 9.
Network”, British Journal of Mathematics and Computer 175-196.
Science (BJMCS), Vol. 19, No. 6, pp. 1-23, November [26] Tyagi, Amit Kumar and M, Shamila, Spy in the Crowd:
2016. How User’s Privacy Is Getting Affected with the
[11] Biryukov, Alex & Khovratovich, Dmitry & Pustogarov, Integration of Internet of Thing’s Devices (March 20,
Ivan. (2014). Deanonymisation of Clients in Bitcoin P2P 2019). Proceedings of International Conference on
Network. Proceedings of the ACM Conference on Sustainable Computing in Science, Technology and
Computer and Communications Security. Management (SUSCOM), Amity University Rajasthan,
10.1145/2660267.2660379 Jaipur - India, February 26-28, 2019.
[12] Tyagi, Amit & Krishna, A. & Malik, Shaveta & Nair, [27] CISCO – IoE report,
Meghna & Niladhuri, Sreenath. (2020). Trust and https://www.cisco.com/c/dam/global/en_my/assets/ciscoi
Reputation Mechanisms in Vehicular Ad-Hoc Networks: nnovate/pdfs/IoE.pdf
A Systematic Review. Advances in Science, Technology [28] Sravanthi Reddy, Kavita Agarwal and Amit Kumar Tyagi,
and Engineering Systems Journal. 5. 387-402. “Beyond Things: A Systematic Study of Internet of
10.25046/aj050150. Everything”, Internet of Things, 16-18 December 2019,
[13] Diebold, Francis. (2012). On the Origin(s) and in Proceeding of Springer/ 8th World Congress on
Development of the Term 'Big Data'. SSRN Electronic Information and Communication Technologies, GIET
Journal. 10.2139/ssrn.2152421. University, Odisha, India.
[14] Amit Kumar Tyagi, Meghna N Nair, and N.Sreenath, [29] S. Nakamoto, “Bitcoin: A peer-to-peer electronic cash
“Where Is Current Research on Big data?— A Systematic system,” 2008
Review”, IJICIC (Communicated).
Security, Privacy Research issues in Various Computing Platforms: A Survey and the Road Ahead 15
[30] Rekha G., Tyagi A.K., Anuradha N. (2020) Integration of Authors Biographies
Fog Computing and Internet of Things: An Useful
Overview. In: Singh P., Kar A., Singh Y., Kolekar M., Amit Kumar Tyagi is Assistant Professor
Tanwar S. (eds) Proceedings of ICRIC 2019. Lecture (Senior Grade), and Senior Researcher at
Notes in Electrical Engineering, vol 597. Springer, Cham Vellore Institute of Technology (VIT), Chennai
[31] F. Bonomi, R. Milito, J. Zhu, and S. Addepalli, Campus, India. His current research focuses on
Machine Learning with Big data, Blockchain
“Fog computing and its role in the internet of things,” in
Technology, Data Science, Cyber Physical
Proceedings of the 2012 ACM first edition of the MCC Systems, and Smart and Secure Computing,
workshop on Mobile cloud computing.ACM,2012, pp. Privacy). He has contributed to several projects
13–16. such as “AARIN” and “P3-Block” to address
[32] M. Aazam and E.-N. Huh, “Dynamic resource some of the open issues related to the privacy
provisioning through fog micro datacenter,” in breaches in Vehicular Applications (like
Parking) and Medical Cyber Physical Systems.
Proceedings of the 2015 IEEE International Conference
He received his Ph.D. Degree from Pondicherry
on Pervasive Computing and Communication Central University, India. He is a member of the
Workshops (PerCom Workshops). IEEE, 2015, pp. IEEE.
105–110.
[33] Ahamed, Sheikh, Security in Pervasive Computing: Meghna Manoj Nair is a student currently
Current Status and Open Issues. International Journal of pursuing B.Tech course in Computer Science
Network Security, 2006. and Engineering at VIT Chennai. Venturing into
completely different aspects in the field of
[34] Ivanović, M., Vidaković, M., Budimac, Z. et al. A
Computer Science and following a plethora of
scalable distributed architecture for client and server-side other incorporations with respect to Artificial
software agents. Vietnam J Comput Sci 4, 127–137 Intelligence, Machine Learning, Blockchain,
(2017). https://doi.org/10.1007/s40595-016-0083-z. Robotics, etc. which glamorizes and enhances
[35] M.Fowler, “Patterns of Enterprise Application the existing developments is one of the things
Architecture Addison Wesley, 2002. ISBN: 978-0-321- She is passionate about. She has also had golden
12742-6. opportunities to share her bit of work to some of
the trending research topics which include
[36] Weiser, Mark: The Computer for the 21st Century.
Cyber Physical Systems, Blockchain, Deep
Scientific American 265(3), pp. 94-104, September 1991. Learning etc. under the guidance of Dr. Amit
[37] Steffen, S., Bharat, B., Leszek, L., Arnon, R., Marianne, Kumar Tyagi.
W., Morris, S., et al., (2004) “The pudding of trust”.
IEEE Intelligent Systems, 19(5), pp. 74-88. Dr. Niladhuri Sreenath is a Professor in
[38] Steen, M.V., Pierre, G., & Voulgaris, S. (2011). Computer Science and Information Technology
at Pondicherry Engineering College affiliated to
Challenges in very large distributed systems. Journal of
Pondicherry University. He obtained my Ph. D.
Internet Services and Applications, 3, pp. 59-66. in Computer Science from Indian Institute of
[39] A Mohan Krishna and Amit Kumar Tyagi, “Intrusion Technology, Madras under the guidance of Prof.
Detection in Intelligent Transportation System and its C. Siva Ram Murthy. His primary research
Applications using Blockchain Technology", 24-25 interest lies in WDM Optical Networks, Privacy
February 2020, in Proceeding of IEEE/ International and Trust.
Conference on Emerging Trends in Information
Dr. Abraham is the Director of Machine
Technology and Engineering, VIT Vellore, Tamilandu,
Intelligence Research Labs (MIR Labs), a Not-
India. for-Profit Scientific Network for Innovation and
[40] Rui Zhang, Rui Xue, and Ling Liu. 2019. Security and Research Excellence connecting Industry and
Privacy on Blockchain. ACM Comput. Surv. 52, 3, Academia. As an Investigator / Co-Investigator,
Article 51 (July 2019), 34 pages. he has won research grants worth over 100+
DOI:https://doi.org/10.1145/3316481 Million US$ from Australia, USA, EU, Italy,
[41] Yli-Huumo J, Ko D, Choi S, Park S, Smolander K (2016) Czech Republic, France, Malaysia and
China. Dr. Abraham works in a multi-
Where Is Current Research on Blockchain disciplinary environment involving machine
Technology?—A Systematic Review. PLoS ONE 11(10): intelligence, cyber-physical systems, Internet of
e0163477. https://doi.org/10.1371/journal.pone.0163477 things, network security, sensor networks, Web
[42] Bruno Tavares, Filipe Figueiredo Correia, and Andre intelligence, Web services, data mining and
Restivo, A survey on Blockchain technologies and applied to various real world problems. In these
research, Journal of Information Assurance and Security, areas he has authored / coauthored more than
1,300+ research publications out of which there
(JIAS), ISSN 1554-1010 Volume 14 (2019) pp. 118-128.
are 100+ books covering various aspects of
[43] Joao Pedro Dias, Angelo Martins, and Hugo Sereno Computer Science. One of his books was
Ferreira, A Blockchain-based Approach for Access translated to Japanese and few other articles
Control in eHealth Scenarios, Journal of Information were translated to Russian and Chinese. About
Assurance and Security (JIAS). ISSN 1554-1010 Volume 1000+ publications are indexed by Scopus and
13 (2018) pp. 125-136. over 800 are indexed by Thomson ISI Web of
Science. Dr. Abraham has more than 37,000+
academic citations (h-index of 90 as per google
scholar). He has given more than 100 plenary
lectures and conference tutorials (in 20+
countries). Since 2008, Dr. Abraham is the
16 Tyagi et al.
Chair of IEEE Systems Man and Cybernetics
Society Technical Committee on Soft
Computing (which has over 200+ members) and
served as a Distinguished Lecturer of IEEE
Computer Society representing Europe (2011-
2013). Currently Dr. Abraham is the editor-in-
chief of Engineering Applications of Artificial
Intelligence (EAAI) and serves/served the
editorial board of over 15 International Journals
indexed by Thomson ISI. Dr. Abraham received
Ph.D. degree in Computer Science from Monash
University, Melbourne, Australia (2001) and a
Master of Science Degree from Nanyang
Technological University, Singapore (1998).