Natarajan Meghanathan et al. (Eds) : CCSEA, CLOUD, SIPRO, AIFU, SEA, DKMP, NCOM - 2019 pp. 187-194, 2019. © CS & IT-CSCP 2019 DOI: 10.5121/csit.2019.90915 SECURITY CONSIDERATIONS FOR EDGE COMPUTING John M. Acken 1 and Naresh K. Sehgal 2 1 ECE Department, Portland State University, Portland, OR 2 Data Centre Group, Intel Corp, Santa Clara, CA ABSTRACT Present state of edge computing is an environment of different computing capabilities connecting via a wide variety of communication paths. This situation creates both great operational capability opportunities and unimaginable security problems. This paper emphasizes that the traditional approaches to security of identifying a security threat and developing the technology and policies to defend against that threat are no longer adequate. The wide variety of security levels, computational capabilities, and communication channels requires a learning, responsive, varied, and individualized approach to information security. We describe a classification of the nature of transactions with respect to security based upon relationships, history, trust status, requested actions and resulting response choices. Problem is that the trust evaluation has to be individualized between each pair of devices participating in edge computing. We propose that each element in the edge computing world utilizes a localized ability to establish an adaptive learning trust model with each entity that communicates with the element. Specifically, the model we propose increments or decrements the value of trust score based upon each interaction. KEYWORDS Edge Computing, Security, Adaptive learning, Trust model, Threats, Cloud Computing, Information Security 1. INTRODUCTION Edge Computing represents a combination of distributed computing connected to centralized servers. Historically, centralized versus distributed models have alternated as computing and communication capabilities have grown, while the limiting factor has alternated between computational capability and communication capacity. The present environment of cloud and edge computing is a complex mixture of computing capability, communication capacity, and security considerations. In this paper, we will focus on the security aspects of edge computing. Any such investigation must include multiple subtopics, e.g., protecting information content from observation and alteration, protection of operational capability from unauthorized access, protection of normal operation in the presence of malicious overloaded requests etc. Solution components need to consider prevention from and response to any security threats [1]. Examples of prevention include encryption to protect content from observation and alteration, access checking protocols to prevent unauthorized accesses, tracking mechanisms to identify attempted attacks, and blocking messages except from trusted devices.