**1. Introduction**

The goal of having a huge capacity for storage with efficient scalability has recently been the driving force for different enterprises, organizations, and small companies when switching to Cloud, Edge, and Fog paradigms from standalone execution [1]. Significantly, this shift brings numerous challenges along the way. This work mainly focuses on how security in Cloud, Edge, and Fog Computing systems is achieved and users' privacy protected from attackers. Essentially, the vision is a holistic managemen<sup>t</sup> style for personal data at the global centers hosting Edge, Fog, and Cloud.

As of today, security and privacy issues have become a major concern when Cloud providers holding large amounts of data and essential applications share them with customers. As a result of these concerns, related topics present major problems in the computing paradigms research field [2]. Currently, the most attention in each computing model is on protecting users' privacy from unauthorized groups or individuals gaining access and hindering attacks. Moreover, keeping data integrity intact and also maintaining it is a very vital aspect. This research takes an approach to review the security and privacy aspects in Cloud, Edge, and Fog paradigms [3–5].

The rapid and ever-increasing need for novel computational offloading strategies is a grea<sup>t</sup> challenge when it comes to protecting personal information and other important data [6]. Historically, Cloud customers possess legitimate access to their individual information and data (in other words, users should have the right as to how, when, and to what extent other people can gain access to their personal information) [7]. Importantly, five

**Citation:** Ometov, A.; Molua, O.L.; Komarov, M.; Nurmi, J. A Survey of Security in Cloud, Edge, and Fog Computing. *Sensors* **2022**, *22*, 927. https://doi.org/10.3390/s22030927

Academic Editors: Leandros Maglaras, Helge Janicke and Mohamed Amine Ferrag

Received: 22 December 2021 Accepted: 18 January 2022 Published: 25 January 2022

**Publisher's Note:** MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.

**Copyright:** © 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https:// creativecommons.org/licenses/by/ 4.0/).

5

different features relating to security and privacy aspects are raised in any order: integrity, accountability, confidentiality, availability, and the preservation of privacy [7–9].

Recently, there has been a sharp, universal shift from traditional operations in organizations to embracing innovations such as Cloud Computing and other paradigms. These different paradigms have been the subject of many academic studies and reviews from students and researchers. It is both difficult and very challenging for different Information and Communication Technology (ICT) engineers, researchers, and students to generally keep up with the ever-growing pace of new journals, literature, and article reviews. One important area concerning the various paradigms is the security and privacy aspect, which we shall systematically review based on PRISMA guidelines [10].

The rest of the paper is organized as follows. First, Section 2 briefly outlines the explanation of different computing paradigms. Next, Section 3 provides an outlook on the specifics of security and privacy for each paradigm and their similarities. Furthermore, Section 4 provides the major identified challenges and vulnerabilities. Section 5 concludes the discussion.

### **2. Background on Computing Paradigms**

Before diving deeper into the main sections of the paper, a general overview of the different mentioned paradigms needs to be provided. For clarity and consistency, each paradigm is carefully discussed concisely. The reason for discussing each of these paradigms is to have an overview that will guide the understanding of the research goal for this paper, which is primarily the information security and privacy aspects for each paradigm.
