About clouds and fogs
The European Union Agency for Cybersecurity (ENISA) has released a report that aims to outline the security aspects of fog and edge computing in the 5G domain. The report covers the technical risks, trust and resilience in the telco-ecosystem related to fog and edge technologies. Fog computing and edge computing are both distributed computing models that enable data processing and storage closer to the devices generating that data. Fog computing refers to a decentralised computing infrastructure that extends from the edge of the network to the cloud. Edge computing, on the other hand, refers to a distributed computing paradigm that brings computation and data storage closer to the location where it is needed, such as on devices or gateways. Both models aim to improve performance, reduce latency and enhance efficiency in data processing and storage.
The report also discusses the multidimensional space of fog and edge, which includes the technology lifecycle processes, stakeholders and applications. It aims to provide support to the experts of the NIS Cooperation Group Work Stream on 5G Cybersecurity on current issues and challenges in the areas of fog and edge computing in 5G and analyses more than 100 documents to outline the main security aspects in the fog and edge domains.
The report also provides an overview of fog and edge technologies in terms of 5G, the different architectural approaches that both paradigms have introduced in the telco domain, along with their relevant applications. It also addresses the various security challenges that have emerged from the fog and edge convergence with 5G, outlines the standardisation efforts of fog and edge computing in regard to security, and analyses the existing literature against an ideal situation of cybersecurity robustness and resilience, and address technical and organisational security aspects. It analyses the current opportunities in terms of scalability, network management, reliability, sustainability and federation for fog computing and details the current opportunities in terms of quality of experience (QoE), protocol standardisation, heterogeneity handling and multi-access edge computing for edge computing. Additionally, the report provides analysis on various application scenarios for fog and edge computing in 5G.
However, the report also stresses that while the technical and organisational standards and specifications analysed can contribute to the security of fog and edge computing for 5G, they should not be treated as an exhaustive list of measures guaranteeing security. It also highlights that there are risks that are not covered by standards, such as residual risks whose cost is neither borne by nor attributable to a specific stakeholder, such as societal risks resulting from network malfunctions.
We believe that standards can be a good supplementary tool to laws by providing more detailed and flexible guidance on best practices, enabling organisations to demonstrate their commitment to quality, and reflecting the latest industry knowledge and best practices. While laws and regulations are essential for setting legal requirements and ensuring compliance, standards can provide a valuable complement to the legal framework.
Veronika
Wolfbauer
Counsel
austria vienna