11
Investigation of Holistic Approaches for Privacy Aware Design of Cyber-Physical Systems
Manas Kumar Yogi1*, A.S.N. Chakravarthy2 and Jyotir Moy Chatterjee3
1Computer Science and Engineering, Pragati Engineering College (Autonomous), Surampalem, India
2Computer Science & Engineering, JNTUK Kakinada, India
3IT, Lord Buddha Education Foundation, Kathmandu, Nepal
Abstract
It is imagined that future cyber-physical systems will give a more helpful living and work space. Nonetheless, such systems need unavoidably to gather furthermore, measure privacy-touchy data. That implies the advantages accompany potential privacy spillage hazards. These days, this privacy issue gets more consideration as a legitimate necessity of the users who participate in a CPS ecosystem. In this postulation, privacy-by-plan approaches are examined where privacy improvement is figured it out through considering privacy in the physical layer plan. We have presented a comprehensive study regarding the current challenges in the field of CPS privacy. We throw light towards the design principles which are not focussed by majority of the CPS designers due to their non-exposure to such tactics. This chapter will act as a readymade guide to researchers who want to know how to lay foundations towards a privacy aware CPS architecture.
Keywords: Authentication, privacy, security, smart, identity
11.1 Introduction
A cyber-physical framework (CPS) comprises of two significant segments: a physical measure and a cyber-framework. The physical interaction, which can be a characteristic marvel or a man-made physical framework, is observed and constrained by the cyber framework, which regularly is an organized arrangement of a few small gadgets with detecting, calculation, and correspondence capacities. There have been countless proposed CPS applications, like smart house, smart grid, e-Health, assisted living, and so forth. They are imagined to shape a smart climate which will significantly profit the clients. A common CPS frequently gathers a colossal measure of privacy-delicate data for information examination and dynamic. The data empowers the framework to settle on smart choices through complex calculations. In any case, a privacy spillage might actually occur in any stage(s) of information assortment, information transmission, information preparing, or information stockpiling. Data security laws advocate an approved information beneficiary to hold and handle just the information totally fundamental for the fruition of its obligations just as restricting the admittance to individual information to those expecting to showcase the handling [1]. To this end, GDPR advocates the privacy-by-design approach which can “intrinsically” protect privacy through the incorporation of information assurance from the beginning of the designing of systems instead of an expansion thereafter [2, 4]. Contingent upon the physical-layer tasks, privacy-by-design approaches can additionally be classified into various classes. As of now, most privacy-by-design moves toward center around the information transmission stage, which compares to detecting and correspondence in the physical layer of a CPS. The examination on the wire-tap channel determines the mystery limit. Based on the hypothesis of wire-tap channel, individuals have created privacy plans, for example, fake commotion and helpful sticking [3]. As of late, secure information pressure in source coding additionally draws in much consideration.
11.2 Popular Privacy Design Recommendations
11.2.1 Dynamic Authorization
Dynamic authorization is an innovation where authorization and access rights to an association’s organization, applications, information, or other delicate resources are conceded dynamically progressively utilizing trait based standards and strategies. With customary Role-Based Access Control (RBAC), or rundown based authorization frameworks, heads need to continually screen and re-evaluate changes in client status, reassign and renounce jobs, or even screen and reassign consents on singular documents or records [5]. With dynamic authorization, admittance to information is allowed or denied continuously by strategy as indicated by factors, like the most recent client status, information arrangements, and climate data. A dynamic authorization framework with ABAC fundamentally smoothes out the administration cycle [6]. It eliminates the need to exclusively direct thousands or even countless access-control records as well as job and job tasks consistently. Furthermore, associations don’t have to convey costly and complex character administration arrangements. With ABAC, many jobs can be supplanted by only a couple arrangements. These arrangements are overseen midway across every delicate application and frameworks, giving a solitary sheet of glass over the “who, what, where, when, and why.” Centralized administration makes it simple to add or refresh approaches and rapidly convey them across the endeavour. Authorization arrangements are overseen remotely from the secured application (otherwise known as “Externalized Authorization Management”), so they can be altered without requiring code changes or application vacation [7]. This empowers associations to respond rapidly to changes in business or administrative conditions, enormously expanding deftness and adaptability, and upgrading generally speaking information assurance. Dynamic authorization with ABAC additionally gives focal observing and following of client action and information access furnishing consistence and security officials with knowledge into client conduct and dubious exercises [8].
11.2.2 End to End Security
This mechanism protection assists you with keeping away from misrepresentation and information theft [9]. With the right defensive measures, you can build your general wellbeing while at the same time dealing with your PC with web association.
11.2.3 Enrollment and Authentication APIs
Since API is a significant element with an outside asset that has the capacity of tolerating and reacting to secured asset demands by clients and customers, they should be prepared to guarantee that applications and customers attempting to get to information are valid, so they can continue to approve full access when character is affirmed. The cycles of affirming the character of clients attempting to get to assets on the worker and this is the thing that is known as API verification. API Key authentication is a strategy that was designed to conquer the shortcomings of shared qualifications which was a major issue in HTTP Basic authentication [10]. The API key is typically a long series of numbers and letters that you either remember for the solicitation header or solicitation URL. At the point when the customer validates the API key, the worker stamps their character and permits them to get to information. API merchants may furnish you with a public and private key contingent upon your necessities, where the previous can be utilized to restrict clients to specific capacities, and the last behaves like a secret key that permits you full access.
11.2.4 Distributed Authorization
Somewhat recently, many exploration efforts on access control have been never really stored, share and send information while guaranteeing its trustworthiness, legitimacy and realness. Incorporated regulator issues might be tended to by adjusting an answer dependent on a Distributed Ledger Technologies for the confirmation of access authorizations to an entrance control instrument [11]. In any case, when information volumes and sharing develops as quick as in online social networks or smart cities, it becomes hard to oversee access control and manage individual information. A potential methodology is safely store access control arrangements on Distributed Ledger Technologies, whereby the candidate can be made mindful of their consents to get to their own information. Specifically, CPS fashioners can utilize the utilization of a Secret Sharing plan to divide individual information in pieces among network hubs, anyway their creative arrangement is costly and not GDPR consistent because of the storing of individual information on the Distributed Ledger Technologies.
In CPS plan for protection, the authorization administration is responsible for enforcing the entrance rights that are indicated in the smart agreements ACLs [12]. At the point when this help is worked by a solitary focal supplier, trust should be given to this one, since the keys are kept in one spot as it were. Expecting that this supplier can be straightforward however inquisitive, security might be undermined, for example an online social network website sharing a client geo-location with his/her companions, if inquisitive, can admittance to this information. In this manner, we propose to decentralize the assistance to move the trust to the convention. For this situation, hubs in a network are viewed as semi-or un-trusted, yet an information protection/cryptographical instrument, incorporated into their execution convention, permit the entire framework to be trusted.
11.2.5 Decentralization Authentication
Numerous specialists say that a secret phrase based login is an unreliable way to deal with online communications and that multifaceted plans add erosion that decrease client selection and efficiency [13]. Acquiring guaranteed validation of an individual’s personality while clinging to new information protection laws and guidelines presents a minefield of safety and client encounters gives that are expensive and incapable. Many organizations have effectively understood that two-factor verification is a blemished bandage. Things being what they are, are there more powerful options for online confirmation? A few associations inside the self-sovereign character (SSI) people group have consolidated to work together on the approval of decentralized personality ways to deal with the basic secret phrase based verification issue. ATB Financial, Evernym, IBM, the Sovrin Foundation and Workday have met up in a joint multi-stage work to consider and brood working instances of unquestionable qualifications for the motivations behind mindfulness and training [14].
11.2.6 Interoperable Privacy Profiles
As the name proposes, an Interoperable Privacy Profile is a design that is acknowledged across an undertaking or across numerous associations. To be “Interoperable,” the profile follows a set administration measure that approves profile construction and commands its utilization to convey a particular mission or business need across the undertaking. The profile, once finished, follows a change the executives interaction, like that of a living archive, and should be discoverable across associations sharing a typical (mission or business) interest.
The Interoperable Privacy Profile contains three perspectives that are utilized to distinguish the mission or business need of the undertaking, alongside functional and specialized parts to accomplish that need. The Interoperable Privacy Profile sees are: Reference View, Technical Guidance View, and Implementation Instance View [15]. These perspectives are characterized as follows:
Reference View: Serves as the undeniable level conceptual model or reference for the profiled undertaking part. It incorporates fundamental credits, undertaking elements, and direction data. The reference see is execution autonomous, seller free, and in some cases innovation autonomous. The reference view ought to contain appropriate mission needs explanations, use cases and reference design.
Specialized Guidance View: A bunch of at least one base principles, and where appropriate, the meaning of picked classes, subsets, alternatives, and boundaries of those base guidelines important for setting up the practices of a specific capacity or undertaking segment. The specialized direction see is merchant autonomous and incorporates essential credits, endeavour substances, execution references, direction, and consistence data.
Execution Instance View: Portrays a particular example of an execution and characterizes discrete setups and boundaries for the given occasion. It incorporates fundamental ascribes, venture substances, consistence data, and explicit strategies and methods. The execution occasion view might possibly be merchant autonomous. This is the most itemized and explicit perspective on a profile.
11.3 Current Privacy Challenges in CPS
In most of the cases, limitations in CPS design knowledge results in poor or weaker privacy designs. Even though the companies deploying CPS might not gather personal data initially, after sometime it could be possible to track the data usage, if the communication is not secured through encryption [16]. The healthy design practise is to include both encryption and anonymization techniques rather than depending on only one of them. These two approaches act as multiple lines of defense against the attackers. Without authorization, the data becomes unreadable due to encryption. However, even if a corrupt user manages to decrypt the data, he will have to overcome the additional barrier of de-anonymizing the data in order to cause a privacy breach as the data is anonymized.
The following table shows some of the current challenges in the privacy preservation mechanisms.
| Sl. no. | Approach | Challenges |
| 1 | Cryptography based methods, Blockchain based methods | Computational cost, Scalability, Communicational complexity |
| 2 | Statistical model, Perturbation based methods | Time consuming, Data utility reduces as perturbation increases, Maintaining balance between privacy and data correctness is difficult |
| 3 | Authentication based control mechanisms | Increasing in processing time, storage need escalates, reduction in system reliability |
| 4 | Machine Learning, Deep learning methods | Complex to achieve data utility, high communication overhead, high effort in parameter setting |
11.4 Privacy Aware Design for CPS
Recommendation 1: Privacy first!
First thing first, privacy ought to be important for the extent of the arranging and advancement cycles. Make it a propensity to thoroughly consider how you need to manage privacy and information during the primary phase of the venture. Brief those inquiries during the underlying gathering or meetings to generate new ideas. Additionally, keep away from the utilization of dim examples however much as could be expected during the UI design. Indeed, those unobtrusive pre-stamped checkboxes arrangement/promotion thingy toward the finish of the installment structure are useful for transient advantages. In any case, the eventual outcome can be serious for your item’s straightforwardness issue. More irate clients, more grumbling tickets.
Recommendation 2: Think like a Hacker
Attempt to list down a wide range of information that will be gathered. And afterward distinguish the potential manners by which the information could be abused or abused. Run a progression of assessments and assessment with your group to recognize those defects and potential section focuses.
Commonly, most hackers have two kinds of outlook: explorative and manipulative. Put on the comparable attitude when dealing with your inner assessment meetings. Investigate and recognize however much weaknesses as could reasonably be expected from the beginning to stay away from significant security mishaps.
Recommendation 3: Collect as little information as possible
At whatever point your administrations are going to do some information assortment, disclose to the clients in layman words. Reveal to them which specific information you are going to gather and how are you going to manage them. No languages. Keep it basic. A model, feature the writings under the sign-up CTA that you will send them news and updates to their inboxes. Try not to shock them!
Approximately 90% of application clients show that having clear data about how applications will access or utilize their own information is “very” or “fairly” imperative to them when choosing to download an application.
From the guideline perspective, a very much designed item watches out for gather ‘barely enough’ information from the clients. Ensure that the gathered information is not put away for more than proposed timeframe. Nonetheless, on the off chance that you should store those information for seemingly forever, you need to design cautiously on the most proficient method to store them safely to abstain from spilling or abusing.
Recommendation 4: Protect the Information
Separated information assortment, we additionally need to zero in on encryption. A large portion of our information is put away on the web or ‘in a cloud’. Nonetheless, a great many people don’t understand that putting away information in a cloud is really similar to putting away them in another person’s PCs in somewhere else.
In this manner, make a point to scramble your information accurately prior to putting away them on the web. Obviously, we are not looking at wrapping your entire pieces of information like air pocket wrapping a house. As a standard practice, apply the 80/20 Pareto principle. Which level of information is really delicate? Recognize them and plan the encryption in like manner.
Recommendation 5: Respect Identity
The quintessence of privacy is about decision. Ensure that the client can handle over their online personality (anonymous or genuine name). They ought to likewise have the option to choose by themselves however much as could be expected how much information (names, age and so forth) ought to be uncovered or be covered up.
An exemplary terrible model is when web-based media Google+ reported that it didn’t let clients to pick their own social character, which caused a shock on the web. From the design viewpoint, clients ought to have the option to refresh their privacy settings through clear UI design. Try not to shroud them somewhere down in the screens. Keep in mind, permitting pseudonymity or secrecy is additionally a decent method to shield clients from genuine outcomes like provocations and separation.
11.5 Limitations
Limitations for following Recommendation 1:
Our study indicated that CPS designers don’t consider privacy as a top of the line resident in their application designs. This legitimizes our choice to foster a privacy aware design system to control the manner of thinking of programmers. We accept that this outlook of gathering as much information as potential should be altered towards a privacy attitude where just the most fundamental information things are accumulated and handled. Another study flagged that it is adequate to gather information with no control saying that ‘If it’s totally anonymized, and it’s simply business information about who’s come and come out.’ This outlook is additionally not steady of PbD and makes extra issues like asset wastage (e.g., for capacity, information cleaning, information handling and so on) Further, anonymizing is a danger moderation approach, not a danger disposal approach. Anonymization additionally could prompt privacy infringement because of unlawful de-anonymization draws near. We heard comparable perspectives concerning information stockpiling too.
Limitations for following Recommendation 2:
Most of the CPS designers think from a business point of view. Developing mindset of a hacker is difficult for them. Developing misuse cases becomes a challenge for them. The CPS designers have a superficial viewpoint regarding privacy. For instance, few designers do not want to include privacy preserving techniques thinking that his design actions would jeopardise the device outcomes which may hinder the usage experience. For example if we consider a medical CPS, the designers may be wary to apply category-based aggregation as it may cause reduction in precision in a medical context’.
Limitations for following Recommendation 3:
While ensuring CPSs unique information utilizing privacy saving models, finding the initial origins of cyber assaults [17] needs anomaly-based detection components that produce high bogus caution rates. This issue is identified with achieving the high dependability versus privacy of a framework on the grounds that most existing privacy-saving models add clamor and plans for completely anonymizing and keeping their characters get yet corrupt the location exactness of anomaly-based detection components. It is critical to foster exceptionally proficient privacy-protecting anomaly-distinguishing strategies that can defend CPSs information and recognize new assault information without unveiling any touchy data across their networks.
Limitations for following Recommendation 4:
Perceiving which information to stow away and which information to uncover in order to expand the security level remaining parts a consistently developing test, the analysts cancel its exchange between information utility and Privacy. Most security saving systems, similar to anonymization, k-lack of clarity and differential protection, depends on specific kind of heterogeneity of the data, either pre or post computation. Various CPS designers assume the general setting where a user wishes to convey a lot of assessments to an inspector support (for instance an idea structure), while keeping data that is related with these assessments private. On one hand, the examiner is a real gatherer for these assessments, from which he desires to construe some utility. Of course, the relationship of these assessments with the customer’s private data empowers the analyst to misguidedly infer private information.
Limitations for following Recommendation 5:
Few CPS designers have already proposed cloud-based validation plot utilizing a modular exponential strategy initially encodes a label’s data with respect to interchanges among IoV and radar. At that point, the obscurity of the tag is created as a productive method of guaranteeing information privacy by shielding its data from vindictive activities. Contrasted and different conventions, it shows that it is successful and solid as far as having a lower computational overhead and less correspondence associations. Some confirmation work is based on access control, for example, a self-versatile access control strategy for safely seeing patients records in both ordinary and crisis cases is proposed, with a de-duplication technique used to save the capacity of indistinguishable clinical documents. Initially, the clinical information is scrambled by an entrance strategy and afterward the technique applied based on a break-glass control one. The test results show that this procedure is productive and functional however that the time it burns-through increments with the spans of the characteristics.
11.6 Converting Risks of Applying AI Into Advantages
Artificial intelligence (AI) can possibly tackle numerous normal business challenges—from rapidly recognizing a couple of problematic charges in huge number of solicitations to foreseeing customers’ necessities and needs. Be that as it may, there might be a flipside to these advances. Protection concerns are springing up as organizations feed more and more shopper and vendor information into cutting edge, AI-fuelled algorithms to make new pieces of touchy information, unbeknownst to influenced customers and workers. The reach and variety of AI applications implies that the issues and dangers are complex. These are included in the following subsections.
11.6.1 Proof of Recognition and De-Anonymization
Simulated intelligence applications can be used to recognize and thusly track individuals across different contraptions, in their homes, at work, and out in the open spaces. For example, while singular data is routinely (pseudo-)anonymized inside datasets, AI can be used to de-anonymize this data. Facial affirmation is another means by which individuals can be followed and perceived, which can change suspicions for lack of clarity out in the open space.
11.6.2 Segregation, Shamefulness, Mistakes
Identification using AI mechanisms, profiling, and robotized dynamic may in like manner brief inappropriate, oppressive, or uneven outcomes. People can be misclassified, misidentified, or judged conversely, and such mistakes or tendencies may excessively impact certain social affairs of people.
11.6.3 Haziness and Bias of Profiling
In certain situations, the modest utilizations of AI can be dark to people, regulators, or even the creators of the actual framework, making it hard to challenge or question results. While there are specific responses for dealing with the interpretability and furthermore the ability to survey of specific structures for different accomplices, a key test remains where this is crazy, and the outcome in a general sense influences people’s lives.
11.6.4 Abuse Arising From Information
Hardly any people are consistently unable to totally get what sorts and how much data their contraptions, organizations, and stages make, association, or offer. As we bring keen and related devices into our homes, work environments, public spaces, and even bodies, the need quite far on data misuse ends up being continuously crushing. In this scene, vocations of AI for purposes like profiling, or to follow and recognize people across contraptions and shockingly transparently spaces, improve this deviation.
The new development, use, investigation, and improvement of AI ought to be reliant upon the base essential of with respect to, progressing, and getting worldwide fundamental opportunities standards. Different sorts of AI and different spaces of use raise express upright and administrative normal opportunities issues. To ensure that they safeguard individuals from the risks acted by AI like well as address the normal gathering and social harms, existing laws ought to be reviewed, and if fundamental braced, to address the effects of new and emerging threats to rights, including setting up clear cutoff focuses, securities and oversight and obligation instruments.
11.6.5 Tips for CPS Designers Including AI in the CPS Ecosystem
Urge the board to isolate AI from investigation of other innovation dangers to separate the privatized information the innovation makes and any dangers that the information can be compromised.
Ensure security conventions are trailed by vendors long get-togethers for administrations are agreed upon. Urge the board to keep standard timetables to ensure innovation accomplices are staying faithful to their commitments to secure individual information.
Push the board to consent to the toughest arrangement of security guidelines, regardless of whether the organization isn’t right now in the EU or different business sectors with broad prerequisites. That way, if the organization ventures into those spaces, it will not be an enormous weight to retrofit security conventions.
Circle back to innovation contractors to ensure security conventions are being followed. On the off chance that an AI apparatus created by a vendor should erase incidental information, request check that those cancellations occur. The dependable guideline of protection law master Imran Ahmad, a Toronto-based attorney with Blake, Cassels and Graydon who has some expertise in innovation and network safety issues, is to “trust yet check” that settled upon security rehearses are being followed.
A new part of AI research called adversarial learning tries to further develop AI technologies so they’re less vulnerable to such avoidance assaults. For instance, we have done some underlying exploration on the most proficient method to make it harder for malware, which could be utilized to disregard an individual’s privacy, to avoid discovery. One technique we concocted was to add uncertainty to the AI models so the assailants can’t precisely anticipate what the model will do. Will it examine for a certain information arrangement? Or will it run the sandbox? Preferably, a pernicious piece of programming will not know and will accidentally uncover its intentions.
Another way we can utilize AI to further develop privacy is by examining the weaknesses of profound neural networks. No algorithm is awesome, and these models are powerless in light of the fact that they are frequently extremely touchy to little changes in the information they are perusing. For instance, analysts have shown that a Post-it note added to a stop sign can deceive an AI model into intuition it is seeing a speed limit sign all things being equal. Unpretentious adjustments like that exploit the manner in which models are trained to decrease error. Those error-decrease methods open a weakness that permits assailants to track down the littlest changes that will trick the model.
These weaknesses can be utilized to further develop privacy by adding clamor to individual information. For instance, specialists from the Max Planck Institute for Informatics in Germany have planned shrewd approaches to modify Flickr pictures to thwart facial acknowledgment programming. The changes are amazingly inconspicuous, to such an extent that they’re imperceptible by the natural eye.
The third way that AI can assist with relieving privacy issues is by protecting information privacy when the models are being assembled. One promising improvement is called federated learning, which Google utilizes in its Gboard smart console to anticipate which word to type straightaway. Federated learning fabricates a last profound neural network from information stored on various gadgets, like cell phones, instead of one focal information repository. The vital advantage of federated learning is that the original information never leaves the nearby gadgets. Along these lines privacy is secured somewhat. It’s anything but an ideal arrangement, however, in light of the fact that while the nearby gadgets complete a portion of the calculations, they don’t complete them. The transitional outcomes could uncover a few information about the gadget and its client.
Federated learning offers a brief look at a future where AI is more deferential of privacy. We are cheerful that proceeded with examination into AI will discover more ways it very well may be essential for the arrangement as opposed to a cause of issues.
11.7 Conclusion and Future Scope
Most of the privacy design issues can be faced by using patterns. The patterns provide the users with intrinsic privacy features which should not be bypassed at any cost. Obviously, if these are bypassed during design phase privacy attribute of the overall system weakens. Also, when the companies related to CPS design perform acquisition of user consent, it should not become an excuse for poor design of privacy within the system. Privacy patterns will be very much the dominant force in coming future with respect to CPS design. The objective of the designers should be minimum data collection to complete the operation of the device. We conclude that in future a hybrid design approach will be a primitive of privacy aware design for CPS. Due to the complex nature of CPS architecture and heterogeneous nature of sensor data involved in a CPS, privacy threat agnostic principles will lead to a better system design.
New strategies may address a portion of the privacy issues innate in AI, however they’re in their earliest stages and not without their shortcomings. Federated learning trains algorithms across decentralized edge gadgets without trading their information tests, yet it’s hard to assess and helpless before variances in force, calculation, and web. Differential privacy, which uncovered information about an informational index while retaining information about the people, endures plunges in exactness brought about by infused clamour. With respect to homomorphic encryption—a form of encryption that permits calculation on scrambled information—it’s to some degree moderate and computationally requesting. All things considered; analysts accept every one of the three methodologies are positive developments.
References
1. Rajesh, N., Sujatha, K., Lawrence, A.A., Survey on privacy preserving data mining techniques using recent algorithms. Int. J. Comput. Appl., 133, 7, 30–33, Jan. 2016.
2. Giraldo, J., Sarkar, E., Cardenas, A.A., Maniatakos, M., Kantarcioglu, M., Security and privacy in cyber-physical systems: A survey of surveys. IEEE Des. Test, 34, 4, 7–17, Aug. 2017.
3. Fan, K., Jiang, W., Luo, Q., Li, H., Yang, Y., Cloud-based RFID mutual authentication scheme for efficient privacy preserving in IoV. J. Franklin Inst., 358, 1, 193–209, Jan. 2021.
4. Yang, Y., Zheng, X., Guo, W., Liu, X., Chang, V., Privacy preserving smart IoT-based healthcare big data storage and selfadaptive access control system. Inf. Sci., 479, 567–592, Apr. 2019.
5. Wang, J., Cai, Z., Li, Y., Yang, D., Li, J., Gao, H., Protecting query privacy with differentially private k-anonymity in location-based services. Pers. Ubiquit. Comput., 22, 3, 453–469, Jun. 2018.
6. Sangogboye, F.C., Jia, R., Hong, T., Spanos, C., Kjaergaard, M.B., A framework for privacy-preserving data publishing with enhanced utility for cyber-physical systems. ACM Trans. Sens. Netw., 14, 3–4, 1–22, Dec. 2018.
7. Min, Z., Yang, G., Sangaiah, A.K., Bai, S., Liu, G., A privacy protection-oriented parallel fully homomorphic encryption algorithm in cyber physical systems. EURASIP J. Wirel. Commun. Netw., 2019, 1, 15, Dec. 2019.
8. Marano, S., Matta, V., Willett, P.K., Distributed detection with censoring sensors under physical layer secrecy. IEEE Trans. Signal Process., 57, 5, 1976– 1986, 2009.
9. Mhanna, M. and Piantanida, P., On secure distributed hypothesis testing, in: Proceedings of ISIT 2015, pp. 1605–1609, 2015.
10. Molina-Markham, A., Shenoy, P., Fu, K., Cecchet, E., Irwin, D., Private memoirs of a smart meter, in: Proceedings of the 2nd ACM Workshop on Embedded Sensing Systems for Energy-Efficiency in Building, pp. 61–66, 2010.
11. Nadendla, V., Secure distributed detection in wireless sensor networks via encryption of sensor decision, Master’s thesis, Louisiana State University, 2009.
12. Nadendla, V.S.S., Chen, H., Varshney, P.K., Secure distributed detection in the presence of eavesdroppers, in: Proceedings of ASILOMAR 2010, pp. 1437– 1441, 2010.
13. Nielsen, F., An information-geometric characterization of Chernoff information. IEEE Signal Process. Lett., 20, 3, 269–272, 2013.
14. Nikaidô, H., On von Neumann’s minimax theorem. Pac. J. Math., 4, 1, 65–72, 1954.
15. Schmidt, S., Krahn, H., Fischer, S., Wätjen, D., A security architecture for mobile wireless sensor networks, in: Proceedings of the First European Conference on Security in Ad-hoc and Sensor Networks, pp. 166–177, 2005.
16. Smallwood, R.D. and Sondik, E.J., The optimal control of partially observable Markov processes over a finite horizon. Oper. Res., 21, 1071–1088, 1973.
17. Le, D.N., Kumar, R., Mishra, B.K., Chatterjee, J.M., Khari, M. (Eds.), Cyber Security in Parallel and Distributed Computing: Concepts, Techniques, Applications and Case Studies, John Wiley & Sons, Hoboken, NJ: John Wiley & Sons, Inc.; Beverly, MA: Scrivener Publishing LLC, 2019.
- *Corresponding author: [email protected]