Edge computing enables the processing of data closer to where it’s being generated, which means it can be done faster and in higher volumes. In the field of video games in particular, edge computing offers several advantages, such as (for players) improved latency, reduced reliance on network connectivity and (for developers) better scalability and efficiency.
However, there are fears that the cost of increased performance and better connectivity could come at the expense of creating loopholes for security breaches.
It’s easy to see why this belief is common; having multiple devices, nodes and systems could, in theory, give hackers multiple points of entry. And one successful attack could, in theory, spread around an infrastructure ecosystem, affecting everything. Right?
It’s not actually that simple. Because while it’s certainly prudent to be aware of the risks of edge computing (as it is with any security paradigm), it is unfair to label it as more insecure. Security risks exist in all forms of computing – including centralised cloud-based solutions.
And, just like with other forms of computing, the edge can be secured using a variety of measures. In fact, some of its unique traits can even make it less vulnerable to attacks. Let’s explore how.
The alleged vulnerability of edge computing
Primarily, security concerns relating to edge computing stem from the scale of the network. Data passes rapidly through hundreds of different server locations across the globe, which is said to pave the way for a number of different cyber-attacks, particularly those commonly associated with cloud technology.
One of the most worrisome concerns is authentication. One of the biggest benefits of adopting edge technology is its scalability, meaning it can go from zero to hundreds of instances on-demand, allowing developers to reduce costs as they’re only paying for what they require. The fear is that with this, there lies a temptation to save in other areas, which may result in the implementation of weaker authentication measures when communicating with devices or networks at the edge.
Another concern is distributed denial-of-service (DDoS) attacks, where cybercriminals effectively flood a network with an overwhelming amount of traffic so that it grinds to a halt, leaving gamers unable to play while exposing further vulnerabilities. The worry with edge computing is that having an increased number of powerful servers will provide a wider surface area for DDoS attacks.
Similarly, with a more distributed network comes an increased number of locations and devices that are physically accessible, which may open the network up to side-channel and cache attacks. Some also argue that having such a distributed network will make it much harder to catch breaches occurring in real-time, such as with man-in-the-middle attacks (MITM).
How edge can be part of the security solution
These concerns, however, fail to factor in how the very nature of edge technology actually reduces security vulnerabilities. By distributing the process and storage of data across multiple nodes or devices in the network, edge technology makes it harder for attackers to target a single vulnerability or failure as they might with conventional servers. Having multiple entry points and distributed resources also means that if any attacks do happen, they can be isolated and resolved without the service going down, limiting the blast impact of a breach.
Edge technology also enables proximity-based security, which means data is processed and encrypted close to the user or device. This means it isn’t being transmitted over long distances, so there is less chance of any unauthorized access or data being intercepted and tampered with. This has the added benefit of improving performance, as data is delivered faster and more efficiently.
Regarding side-channel and cache attacks specifically, edge computing can provide better protection by isolating workloads and reducing the exposure of sensitive data. This is achieved through the use of non-defined ports, which involves using a different URL link for each individual game session. This makes it substantially more difficult for attackers to exploit vulnerabilities and launch attacks against edge devices, as connecting will require a valid port each time.
Security risks go beyond the edge
In addition to the above, there are also many extra precautions that organisations (and game developers in particular) can take to enhance their security even further at the edge. For one, the edge should be seen as small execution of code to make computations done where they need to be, not in a central location. This code should be airtight, exposing only what is necessary, with results sent back to the central location when needed.
Penetration testing can be used at the edge too. It’s slightly harder because of the distributed nature of edge infrastructure, but can still simulate attacks on specific edge devices and monitor their responses in a similar vein as vulnerability scanning. We can actually enhance this through a scanner on the container registry, which helps to identify problematic code running on the infrastructure that could present a security risk.
Security enhancements also shouldn’t be seen as an exclusive priority for those implementing edge technology, as all businesses can benefit from the added safety that comes from having the latest cybersecurity measures in place. This is especially important in online gaming because of the sensitive nature of user information transmitted.
With that in mind, organisations should start by ensuring they have strong authorisation measures in place when communicating with each server site across the globe. These include the use of strict certificates, which encrypt all communication between the device and server, as well as trusted IP, which limits communications to specific devices or networks. These certificates should also be refreshed automatically to ensure that in the unlikely event a leak was to occur, the impact is minimised.
Choosing the right provider of edge technology
With the market forecast to hit $101 billion in the next five years, experts broadly agree that the widespread adoption of edge technology is only a matter of time. This is especially true for the gaming industry due to the vast amount of benefits it offers both players and developers, from drastically streamlining the management of multiplayer games by scaling for any number of players to lowering costs while reducing lag and latency.
Those making the jump both now and in the near future must ensure that they choose a provider with the right credentials who are employing the security methods we’ve discussed above, or else they risk opening themselves up to a litany of security risks. No technology is infallible, but with the right measures in place, we can get as close to it as possible, even on the edge.
By Edgegap CEO Mathieu Duperré