Introduction
Cybersecurity has become a widely used term with variable definitions that are most of the times subjective and at other times uninformative. It is important to understand the concept of cybersecurity has privacy has a strong link with the same. Privacy of data has become a growing concern as it is being said in near future weapons will not be required to destroy enemies, data will be more than enough. In the world of advancing technology it can be said that irrespective of any platform, what matters is privacy. There has been growing number of data breaches thus compromising with the privacy of huge volumes of data. This can be said to be as the reason why cyber-security systems have gained so much of popularity [1]. These systems are required by every organization so that they can protect their networks and computer systems against various cyber attacks which are very common these days. Thus, companies are coming forward and investing a lot on cyber security systems. When it comes to privacy in the digital world, there come a lot of options that can be chosen from to ensure that confidentiality and integrity of data is maintained. There are a lot of terms associated with cyber security that include cloud computing, Internet of Things, Artificial Intelligence and many more. All of these have different issues related to privacy or it can be said that almost similar issues. For instance, with reference to supply chain management it can be said that firms require exchanging various information with contractors, subcontractors and other important stakeholders thus scheduling meetings play a vital role in this. The decisions related to scheduling of meetings are important and in this context artificial intelligence serves as a vital tool helping people to take proper decisions. It has become easy to send informations from one place to other and gradually in every sphere modern technologies specifically digitalization is cropping up. The use of robots at workplace, automation in industries and transportation systems all come under the purview of cyber security [2]. It can be said that wherever or whichever technology is handling volumes of data, comes under the purview of cyber security. Informations, personal or non-personal are required to be safeguarded from cyber criminals as these are misused and result in loss of sensitive data.
In this paper, the different views that are related to privacy definition in the realms of cyber security will be discussed.
1.1 Problem Statement
As cyber security involves many different parts such as cloud computing, automation and many more, studies have discussed all of these differently. There are a lot of researches done on issues with cloud computing and all but there are fewer papers which have considered the privacy definition considering the vast concept of cyber security as a whole. It is difficult to find a single paper which has considered different privacy aspects and thus this paper will try to do the same. The privacy definition in the realms of cyber security will be discussed so that readers get an idea of different aspects [3]. The main objective of the paper is to provide a comprehensive as well as structured overview of the different privacy definition related to cyber security. The literature review will consist of different of distinct privacy definitions including protection of privacy through distributed computation in case of multi-agent decision making, usage of privacy loss for the purpose of guiding various decisions in the distributed CSP search and many more.
1.2. Research Questions
This research seeks to address the research questions that are provided below:
1. What is the escalating sophistication of threat in the cyber space and what are the privacy implications of the same?
2. How different are various privacy definitions in the realms of cyber security?
3. How privacy of data is being compromised with in today’s world?
2. Method of research
In order to get an answer to the above given research questions a systematic literature review has been taken help of. The sources used for reviewing the literature have been taken from sites such as Google Scholar. It can be said that this research is dependent on the secondary data sources. The literature review helped in preparing a strong base that is backed by the available resources or the data on the topic that has been considered for the research. The search string that was used was “privacy and cybersecurity” which yielded many results and some were referred to for initiating the literature review. There were many filters applied while searching for the articles that included customizing the time range from 2015 to 2020 and the search excluded patents and citations. The time range has been chosen from 2015 to 2020 as these are the most recent ones and not researched on by many researchers till date. The search returned 17,500 results and the articles referred to have been chosen from these. After the search result was displayed in order to choose relevant articles, the topics were checked manually and then proceeded with. In case multiple publications were reporting same studies the most recent one was chosen so that the information collected is updated. In this research there was some exclusion that is as follows:
a. The publications that were not in English were not considered in this research.
b. Keywords were searched for in all the articles and an article was selected only if proper keywords were found in it.
c. The publication having specialized content were not considered in the research.
d. The articles available online are the ones included in the research.
These exclusions define the various limitations of the scope of the research paper. The filters and the exclusion criteria are necessary as these set general scope as well as limit of the research that is to be conducted.
Initial literature review suggested that there are many theories and privacy preserving ideas that have been published by different authors linking the privacy definition to cyber security. The search provided a lot of results as stated in the first paragraph but to get accurate and appropriate content articles were not chosen randomly but these were manually checked and then included in the research.
3. Related Work
With the technological development in its peak, one of the major concerns of the contemporary world is the cyber security. New technologies like the cloud computing, big data and the others have shown a new side in the world of technology. All though the technological advancement has helped in the process of the development of various parts of the industry, like the education sector, health sector the biggest concern is data privacy. All the technologies have brought innumerable benefits for these organizations; the threats of the cyber security cannot be avoided here as well.
Different categories of private information:
The private information can be classified as an important aspect for any individual and has a relevance to the personal information of an individual. According to [4], privacy is closely related to the information of an individual and applicable to someone in isolation. One can distinguish this private information into different parts like, personal information, private communications, information about one’s possession, and privacy of the body.
- Personal information: This is relevant to all the categories of professionals and includes that information which refers to a single specific person. These may include name, address, phone number, financial details, and various other details which are sensitive. Any individual has full authority over this information and has the sole right to share them with others according to their will.
- Private communication: It refers to all forms of communication, or any information which a person wises to keep secluded. One such example can be the information exchange between an information professional and user during a reference interview.
- Information about One’s Possession: This refers to all those information which are directly or indirectly related to one’s right to the property. Like personal information and individual has full authority over this information, and may or may not disclose it to anyone. Few such examples will be, a persons’ will, documents related to land property or business or financial information.
- Privacy of the body: According to [5], the privacy of the body usually refers to the information related to one’s medical condition, and has a separate protection from the law. According to the law, a person has the sole right whether or not he or she should share the health related information or the nature of their illness or any other implications with anybody else. A person cannot be forced by the law to make it public for the others, but there is an exception to this. If the disease or illness of the person has a probability of dispersing the disease to others by any means then the person may have to share their medical information. These medical data have a high demand in the black market and are often used for the purpose of the identity theft of an individual.
Hence we can understand the importance of the above mention four categories of information in an individual’s life. Keeping them private and secured is thus a responsibility of not only the individual but also the law. As we all know that the cyber security attack is prevalent due to the emergence of the technology, understanding the mechanism of the cyber security is essential as well. The next section of the review discusses about some of the most important aspect of the cyber security and how various technologies are playing their role in defending the security.
Cyber security mechanism
Different types of the cyber-attacks
- Application Attack: One of the most prevalent attacks in the Application level of the system is the phishing attack and the client side web attack. The primary targets of these attacks are the browsers or the e-mails that are used by the clients for accessing the websites. These are the most exposed part of the internet and phishing is form of email fraud attack which can lead to the entry of the malicious files in to the system just by clicking a link. Once the files are in the system they start gathering sensitive information of the clients from the system or the device. Often these application level attacks are conducted with the help of the social engineering such that the victim can be attack by deceit.
This was supported by [6], who said that the Malwares are also a kind of Application level attack which is intended to gather the information from clients end. The details like the transaction ids, CVV pins and other details which can benefit the attackers in some way or the other.
- Network Attack: The primary target if the attack is to gain access of the network protocols such that the network can be hijacked. This can result in the issues like the denial of the services attacks or the distributed denial of service attack, along with spool, spoofing, and the Man-in-the-middle attacks in the system.
- Hardware Attack: The hardware level attacks include tampering of the hardware, manufacturing backdoors, gaining unauthorized access to the system and few other hardware level attacks. The main ambition of the attack is to compromise the system and access the sensitive information content of the system. These attacks are mainly prevalent in the systems of the industrial controls, or the closed circuit cameras and the network appliances and few more.
Different Cyber Security Technique:
In order to combat with the cyber security issues globally, there are certain technologies that have been introduced.
- Architecture of the system: There are three main types of architecture based upon which the software packages for the protection of the system designed for and they are standalone architecture, Collaborative architecture, and lastly the centralized client-server architecture. The standalone architecture is the architecture in which the system which has to be protected is provided with a cyber-security mechanism. This kind of the configuration can be seen in the first generation of the anti-viruses, where the problems are detected by the system without passing any data or information to the network of the computers in use. In the collaborative architecture, which is implemented upon the distributed system of information such that entire network can be protected. Final system architecture is implemented upon the centralized client server consisting of a client.
- Categories of Detection: There are two major ways in which the security errors in the system can be detected and they are detection based upon anomaly or the behavior of the system. This process determines the faults by detecting the abnormalities in the system based upon their behavior. Any deviation from the usual routine behavior to the system helps in determination of the fact that whether or not the system is attacked or any functionality of the system has been distorted or not. The other form of the detection technique id the signature based detection technique. This technique determines the generic signature of the attack and tries to monitor the system such that any signature similar to the attack’s signature can be identified and resolved. The signature approach can further be classified into the automatic approach and the manual approach of the attack.
- Types of data: The nature of the security can be determined based upon the types of data that is processed by the detection algorithms. With the help of the security techniques, the data can be classified into three major categories and they are File data, Application data and network data.
- Ecosystem: This dimension by which the system of the security can be classified is the ecosystem. In the mobile, enterprise and Internet of things, this security dimension can be applied. The enterprise ecosystem consists of the typical organizational infrastructure like the PCs, servers, Wi-Fi and other networking devices. The ecosystem of the enterprises can be extended to the public clouds, private clouds and a few others as well. The internet of things technology is an emerging technology, but it is still posing enough threats to the system of information in various sectors. Thereby, considering different point of view while designing privacy and security of the system is very important.
Privacy in the robotic technology:
Rapid development of intelligent and advanced technologies have become very popular, especially, robots, which seemed like a fictional technology brought to reality and since then, has taken a significant part in this world as a cutting-edge technology. With increase in times, the use of robots and their intelligence, interactivity and mobility has increased so that we can use them in a variety of ways and these numbers are going to rise further.
But their down sides to it. A robot is getting access to a lot of information which may be private. They can get in and out of places, and receive and send information easily. Thus, people are concerned about their increasing number in the society and fear the lack of privacy that can happen due to them. Thus it is important to find a solution that would increase their effectiveness and also the people are comfortable while using them.
According to [7], there has been a lot of research regarding the privacy issues which humans have with robots. There were experiments, use of previous scenarios, discussions, debates over various topics of security and concerns. According to the research result, several concerns were pointed.
- Size: There was a need to study the appearance of the robots. It was observed that there is a relationship of trust between the humans and robots based on their size, shape and appearance.
- Cameras: Studies suggest that researchers conducted several research and tried improvements so that the surveillance systems of a robot can identify the private parts of human body or their face in complex environment and protect them ensuring the privacy and security of the user.
- Microphones: Protection of audio privacy is also important but the smart speakers in recent times can encrypt and understand words that must be kept secret and thus mute them.
- Movements: Studies suggest that researchers used motion planning system in robots so that they could find their way out in complex environment. Using conceptual data, 3D mapping and other tools, this navigation is possible and also can prevent the robots to go to places where there are privacy issues.
- Authentication: Researchers are of the opinion that several methods for authentication of people like fingerprint, voice scan, iris scan, face scan, metal detectors and others are being used for safeguarding privacy.
Techniques and solutions for privacy- sensitive robots:
Following are some of the solutions which are proposed for the previously mentioned problems like shape movement, authentication and many more. Several surveys have been conducted to find whether these solutions were useful for users interacting with social robots.
- Shape of robots: There is a relationship between the users’ confidence, behavior, privacy perception and trust towards a robot and its appearance. Studies suggest that the human privacy issues occur more when a robot looks more like a human. Several robots have unnecessary sensors in them some robots which resembles humans have their sensors in the exact same place as humans, so it is easy to spot them. Hence, a good mixture of both human and machine like appearance would be ideal to make sure that there are no privacy issues like NAO, ROMEO robots, Pepper and others.
Moreover, if the sensors of the robots are placed appropriately, like surveillance cameras in place of eyes, microphones in ears, speakers in the mouth and close them when not needed is essential to ensure the privacy of the user is not hampered. If additional features are to be added, then they must be visible or known to the user. These robots may also have touch screens allowing users to make changes in them if necessary.
- Perceptions of the robots:
- Cameras: Protection of privacy by constraining the cameras of the robots can be done in several ways like using protective covers like human eyelids so that if the robot needs to avoid seeing something, they can be closed automatically or by user’s instructions. Programming situations or taking voice command from the users to not see certain situations ensures their privacy.
- Microphones: Constraining the microphones to prevent hearing of private conversations can be done also by using covers that could shut the microphones until the robot can pick up any wake up word programmed by the user. If we use smart speakers, then they can simply recognize words that can be muted or beeped or deleted from the memory.
- Movement and navigation of the robots: This problem has been addressed by several users by using methods like use of sensors in workplaces, offices and homes which the robot may use to navigate through the place. Motion sensors and infrared sensors can be used for this purpose.
- Users’ authentication: It is necessary for every user to authenticate their robots to ensure safety, privacy, service and security. A complex of voice, face, passwords, fingerprints and retina scan can be used to authenticate the robots. This level of safety is not maintained by everyone and hence the problems of privacy arise.
- Warning systems in robots: Sometimes, robots may act unexpectedly, performing actions that were not programmed. Hence, a warning system is necessary in order to preserve the privacy of the users using sociable robots by making them aware of the actions of their robots. Thus, the factories must provide the users with proper guidance manual which would mention every feature and capabilities of the robot. These features include the audio and visual surveillance and recording system, sensors, security, programming, applications and others.
There is another type of warning system that can be used. This is the lighting system. The robot may show lights in certain situations giving indication of the task it is performing or the issues which are occurring. There can be lights glowing around the eyes or ears when the cameras and microphones are turned on respectively. There could be lights glowing when the robot is on or charging. They robot can have lights indicating that it is connected to internet and there could be lights turning on when a person enters the room where the robot is or when an unauthorized person tries to gain physical control over a robot or when the sensors are turned on. Another kind of warning can be the warning given to a user when the robot is far away from them. This could be with the help of sound like an alarm for any reason, or with some message, text or notifications regarding any matter.
- Robot Application: There are some specific applications that are designed to control the functioning of the robot. These for example can be volume adjustment of the microphones or speakers, camera adjustments, languages, reboot and security settings, Motion controls, Navigation or any added feature in the robot. These applications are built to make sure that the users’ experience with the robot is smooth and enjoyable.
As per the research done by [9], information privacy is the major concern today for the users. Organizations are investing lot of efforts for maintaining secrecy about their internal costs and strategies for their future development. There is also an increasing need for privacy of the personal information because if information is leaked to the hackers by any means it a threat to an individual as well as to the organization. Information exchange is needed for supply chain management as well wherein organizations share information with the stakeholders and subcontractors regarding the production amount of goods and also the price in which they need for producing the same. When meetings are scheduled with co-workers, there exists a challenge for coordinating the scheduling decisions ensuring the protection of the available schedules respectively. A crucial tool which has helped people for making better decisions is Artificial Intelligence. The Constraint Satisfaction Problems framework forms the core of AI and has found its successful application in problems where decision-making is required. It is also shown that Constraint Satisfaction Problems can provide solution for AI algorithms that are distributed in nature and with it provide guarantee of privacy by using of techniques that have been taken from cryptography. Alternatively the distributed computation which is encrypted and which involves exchange of message incurs a cost in performance terms in such a way that balance between scalability and privacy should be found.
Three examples are taken into consideration which includes computing game equilibrium, scheduling meting and airport slot allocation. When meeting scheduling is required there are possibilities of overlapping so taking that into consideration all the participants should agree on a particular time given for the meeting. An individual can be involved in various meetings and this generates constraints in meetings. Participants today always want their privacy protection of their schedules which reveals their availability and also the meeting list in which they form a part.
Next problem is slot allocation in airport in which airlines are interested in the landing and takeoff time slot combinations which corresponds to the different travel routes of the aircraft. While the main objective of the airports is allocating slots to the airlines efficiently, it is important that this remains private since it points to the intended routes of flight which is sensitive information needed to be hidden from the competitors. Finally the strategic games are considered in which invitation is sent to the players for a party and a decision has to be made on who is attending on the basis of the intrinsic cost of the same.
Different types of private Information
It is seen that the information that individuals need to maintain privacy can be vary in nature so it has been classified into four types as below:
- The privacy of the agents is related to the participant identities. For example the CEO schedules two meetings out of which one is with a journalist and the other with the CEO of a different company. Here if the journalist gets to know about the other CEO’s participation in making of the decision it could result in the leak out of the company’s merge plan.
- Information about the constraints present can be covered by topology privacy. This concerns the airline companies who want to maintain the secrecy of their slot allocation issue. A constraint present in between a particular airport and an airline discloses the strategy of the airlines for offering flights.
- Nature of the constraints concerns the privacy of the constraints: This includes the availability of the participants in scheduling the meetings and in party game where a player shows his liking or dislike for the invites.
- On the basis of the class off problem, the decision-making privacy may not be relevant. In the meeting scheduling issue, selected time for the meeting has to be disclosed to all those who are supposed to attend the meeting; however the organizer may want it to be hidden from non-attendees.
- In the previous work related to privacy, it was assumed that there were honest but curious participants and in that they follow the algorithm honestly but have an interest in learning from different agents’ personal data on the basis of the messages exchanged. It should be noted that this assumption does not indicate every agent is sincerely reporting constraints which vary slightly and in the hope that it would be leading the algorithm for selecting a solution. Further am agent would be taking the risk of reporting constraints which vary from its original constraints.
- Semi-private information can be defined as the information related to a problem which an agent may consider as private but has the possibility of being leaked out to other agents. It can also be referred a information that includes everything a particular agent can find out about the other agents from various inferences on the basis of the primary knowledge about the problem and considering the values that the variables receive in the solution. None of the agents should be capable of discovering the identity or existence of agents who are not neighbors. The result of this privacy type is that only two agents are allowed for communicating directly if they are sharing a constraint.
- In topology privacy none of the agents should have the capability of discovering that the topology constructs exist in the constraint graph like cycles, nodes, edges until it owns an involved variable in the construct.
- In constraint privacy the agents should not be capable of discovering the type of constraint which does not have the involvement of a variable it owns and in Decision privacy none of the agents is should be capable of discovering the value of the variable that other agent considers for the solution.
- Homomorphic encryption forms an important building block of the algorithms that preserve the privacy. The process by which data or information can be converted into cyphertext is known as encryption and it is done in such a way that decryption by any unauthorized user or the one who does not have the knowledge of the encryption key used to produce it is impossible.
As per the research done by [10], there has been increase in the interest in distributed as well as asynchronous search algorithms for the purpose of solving various distributed constraint satisfaction problems that in short are denoted as (DisCSP). Here in this case the motivation for the distributed problem solving can be said as to the ability of the agents’ to keep their individual constraints private. It has been assumed that the agents enforce their privacy by dropping out of search processes wherever the value of the information that requires revelation outnumbers that that which is attached to successful solution of DisCSP. Comparing several distributed search algorithms is required to figure out what are the chances that these algorithms get terminated prematurely for various reasons related to privacy. The most popular solutions to enforce privacy in the distributed computations are the cryptographic protocols. Any function that is provided can certainly be complied in to secured cryptographic protocols. When a specific function needs computing on the shared secrets more often, the various steps can be conducted by making use of associated secure protocols. This is needed to be done in such a way that majority of the attackers neither can find the initial secrets nor can they find out anything else than only the official output that is provided by the protocol. As stated earlier as well any function can certainly be compiled into secure cryptographic protocols. Synchronous backtracking can be said to be as the simplest as well as the complete distributed algorithm. Synchronous Backtracking or SyncBT is considered as distributed counterpart of centralized backtracking. Distributed architecture and the solutions are generally described for different classes of the constraint satisfaction problems that are termed as network consistency problems. The vital concern in this case is what type of the distributed models admit a self stabilizing algorithm one that can easily converge to a specific solution.
According to [11], when an agent collaborates regarding the problem solving process the main aspect that is considered in the section is that there is a proper assessment of the requisite information that is supposed to be shared. It is observed that the agents that are present in the collaboration process will be having a proper assessment of the security of the data that are present in the transaction process. This analysis of the security process ensures that there have proper research and development process being held to resolve the issues that arise regarding the privacy maintenance process. It have been seen that creation of distributed algorithm have been seen due to the processing of the privacy issues that might arise due to constrains solving process. It have also been observed that the security process have been gaining importance nowadays and hence wise the algorithm development process have been considered to be important in the period. It have also been seen that there are several algorithms and strategies that are being used in the security process. However, there have been issues regarding the operational process of the algorithms. It have been seen that the data are protected however there are no such strategies that focuses in covering the data that are least important in order to protect the sensitive sections of the data. Again it have been seen that usage of meeting scheduling tested describes the fact that these knowledge helps in proper assessing of losses that are related to the privacy issues.
Characterization as well as scheduling has been considered to be one of the major aspects that are considered in the process. Mirror view analysis has been one of the major aspects that are considered in the operational process. In this process proper analysis of the data that gets revealed due to the possible schedules are considered. This section also ensures that the schedules as well as the places where schedules have not been arranged are also considered. This section ensures that there is a loss in efficiency. This loss in efficiency is due to the fact that there have been proper analysis of the open slots are done as well. It have been seen that there have been a loss in efficiency, however in many cases, privacy tradeoff is managed in a proper manner. Another aspect that is considered in the process is that there has been introduction of CSPs that have been representing the agent’s current knowledge regarding the agent’s schedule as well as other agent’s schedule. This is one of the major aspects that are to be considered in the process.
Characterization of privacy loss
The basic consideration that is to be seen in the process is that the private information is pertaining to meetings and hence wise this ensures that there is a presence of open slot. It have been seen that in the second case, private information pertains to the existing assignments in the private portions for one’s graph and hence colors that are available in the section are used in the process of the common nodes. In case of the first case the main attribute that have been considered in the section are that there have been proper assessment of the privacy loss that have been considering the assessment of the involvement of the total number of meetings that are considered to be learnt about quickly or this ensures that there has been a proper assessment of the existing assignments. It can be stated that the visible method of privacy loss is performed in terms of information gain. It have been seen that there have been proper assessment of the privacy loss and involves number meetings that are performed. Information gain has been one of the major aspects that are considered. Privacy loss can be analyzed in a better manner with the help of analysis of the effective seats better understanding of actual meeting and open slots are stated. This ensures the facts that there has been better assessment of the effective seats are done. Agent self assessment of the privacy loss also includes the measures of privacy loss regarding the properly defined possibility sets. This also ensures the fact that ensures that guide decision making is utilized in the process in order to better the processing of the security management system. The privacy considerations are also included in the section that privacy issues did not have any kind of proper privacy breach occurs.
As per research done by [12], structuring regarding the representing and making inferences about the other agents are also considered to be important in the process. In case of CSPs, the major aspect that is considered in the process is the kind of possible values that will be ensuring that there have been possible values that are organized in the shadow CSP. Possible domain values as well as the constraint tuple are considered in the process. There are a total of 3 sections that are present in the section. The sections are namely possible existing document, possible conflicting assignments and the possible future assignments.
Again it have been seen that the system of shadow CPS have been bifurcated in 2 major sections. This bifurcation is done due to the presence of the variable assignments. There are 3 major factors that will be generalizing the entire procedure. It have been seen that the entire set of shadow CSPs along with the CSO plus representation have been ensuring the fact that there have been better processing of the versal shadow assessment. This is one of the major aspects that are considered in the process. It have been seen that the data segmentation have been getting performed via the infimum, which is often considered as a null set. This section also ensures the fact that there have been proper assessment of the supremum in the process and hence security measures are performed in a better manner. Again it have been seen that there have been better sectioning of the entire data and hence wise better assessment of the inclusion relations are maintained. Reflexive and transitive actions are performed in this case. It have been observed that there is an additional properties of the good structure and hence wise the domain of CSP X is considered as a sub set of domain x. This section falls corresponding to the CSPX. Hence in this security based process, CSPX will be corresponding to CSP Y. It have been seen that if the domain shadow have been CSPY will be performed and CSP X will be considered as a major security threat testing process.
Again it can be stated that there have been a proper assessment of the quantifying loss and hence enable the estimated own potentials. These are the steps that can be taken however, there have been consideration regarding the potential privacy loss. Proper reasoning of the data segmentation includes the fact that there have been proper and better segmentation of the possible values that are to be incurred. Much of distributed constraint satisfaction section is also included in the process. Usage of the decentralization is yet another process that can be implemented in the process. These are performed with the help of easier and better understanding of the policies that are to be followed for betterment process. Family based aspect has been one of the data breaching situations that might arise in the process. With the help of UDiDS will be getting gained for the section that will be ensuring that there will be better sectioning of the data management process. There are 2 major factors that have been affecting the entire process. The factors are namely policies that recommend the actions for action of the state. The second aspect is based on the sectioning of the mechanism implementation regarding the belief states. It is seen that the parallel can be drawn in between the partially observable marks of decision processing for better establishment of the problems of the universal agent and hence wise it betters the operational process of the UDisCSP. These traditional SisCSP have been ensuring the fact that it has been sectioning better management of the privacy requirement. This process helps in understanding the fact that there have been better sectioning of the privacy requirements and hence synchronous and asynchronous algorithm are well stated in the process. This section also ensures that there are few sections that are to be considered. The pints are namely performing planning and POMDP’s. This section is again subdivided in sections like the multi agent partially observable markov decision process. Another aspect that is considered in the process is namely the Event driven MPOMDPs. Usage of backtracking policies is incremented as well. This section also ensures that there been a proper Privacy assessment. The existing approaches that are used in the process are also considered in the section. The 4 major existing techniques are namely Partially Known Constraints, Valuations of Possible States, Distributed Private Constraint Satisfaction Problem and Synchronous Backtracking.
4. Discussion
While conducting the research, the most time consuming part was going through all the literature available and checking for its relevance with the topic. Different publications had their own style of writing, tone and main objective thus it was tough to keep a check on the topic is not disgraced from. A personal assumption about the authors by checking on their alma mater was also made so that relevant and good informations can be got. There were problems encountered during differentiating papers as already stated some papers written by different authors had almost similar content which made it tough to decide which to proceed with. It was always kept in mind the keywords as necessary and the search was carried on by looking out for keywords which included “privacy and cyber security”, “decision making and cyber security systems”, “algorithms used in cyber security systems”, “cyber security and robots”, “protection of privacy in cyber space” and many more such terms. The complex nature of literature review and the research terms associated sometimes are difficult to handle. A literature review serves many different purposes and not just giving an insight to the topic. Being the most vital element in a research it requires that a researcher conducts the same properly as whole of the research can be said to be majorly dependent on this part. The article that were reviewed for the purpose of this research revealed that the research topic that was chosen has not been discussed in these specific terms yet thus ensuring that there is no such duplication of work. This helps to establish the credibility of a researcher and helps him in explaining the relevance or the rationale of the research that is being conducted by him. The articles that have been chosen from so many of the random articles reveal that a lot of time was allocated for this purpose and in order to get the relevant ones much of reading was done. This definitely expanded the knowledge base related to privacy definitions in the realms of cyber security and gave a chance to know about the various privacy definitions that are available on these scholarly websites.
In order to find out what is important and what is not it was required that the when choosing the literary sources research questions listed above be considered and checked whether the article provides any information aligned to the same. If it was found to give back answer, the article was selected. The articles were judged on the number of times these have been cited by different authors so that their credibility can be understood. Recent information about various privacy definitions in cyber security have been found out by conducting this literature review. Another major thing is how the volumes of information from the sources are managed and this is for what the filters and the exclusions referred earlier have been given for. These helped in identifying the proper articles thus making it easy for collection of relevant content. The search on Google scholar returned endless articles and it was a difficult to figure out proper ones that could support the research questions. In the articles where more than one topic was found, interconnection was searched for and every time the research questions were referred to. Another major aspect in this is that whether the sourced could be relied upon, for this quantitative data was the first criteria that were searched for and the second was proper citations. The search records were traced back to ensure that no important article is missed out and that all the articles that could provide a deeper insight have been considered.
5. Comparison of these viewpoints with that of ideas before 2015
The articles that were published before 2015 were compared and there were some changes noticed in the publications but it cannot be said that there was a huge difference in the content. The reason for some sort of changes can be due to the rapid emergence of the concept such as cloud computing and internet of things that have many privacy implications. The study of the literature did not provide any such hint towards any huge discovery in this field rather it was found that the concepts that were mentioned in the previous publications were taken further and some new things or aspects were added to it. It can be said that the previous works can be considered as base and the works done later have been updated with the changing technologies. The growing number of the security breaches taking place has given rise to different privacy definition associated with cyber security systems. The use of technologies such as cloud computing and smart applications has increased and thus the data of the users are at risk of getting stolen or of being compromised with. The various cryptographic algorithms that have been deployed to networks and applications are a proof that the world is taking the matter of privacy seriously. Many threats that are related to cyber space can be said to be addressed through proper algorithms, nested as well as cumulative techniques along with frameworks that have been proposed and well evaluated. Since the year 2015 privacy has been researched on in order to ensure that smart infrastructures can be built thus making the cities smarter. In the publications the most important thing that was encountered was sharing of data in different networks that is considered as one of the main reasons for the security breaches and the privacy hacks. Apart from just searching and discussing on the privacy discussions the articles focused on various multi-dimensional analytic for privacy mapping. The search revealed that the authors have researched extensively on the cyber security strategies that can help in ensuring privacy. Among the various definitions of cyber security there are many new concepts discussed such as the state-of-the-art of the economics related to cyber-security and privacy implications. The discussions are no more limited to theoretical concepts alone as these have also considered numerical concepts due to the complex algorithms that are linked to the same. Other major aspects that have been discussed are cryptographic algorithms and this is a vital concept as in order to safeguard data, cryptography has been recognized as an important technology. One of the papers in literature review is about the increasing confidence of the users in privacy-sensitive robots. This is a good paper as automation and use of robots are a much researched and talked off topic. The use of robots in the workplace and these being among the human force is a topic that has always attracted researchers. Privacy has a deep link with this as there are a lot of issues related to privacy while making use of social robots. The research mainly focused on making use of comfortable techniques to include security as a part of the social robot utilization.
6. Limitations
There are a lot of limitations while conducting a research and these often hamper the outcomes. In this research it can be said that as literature review was the main source and no other data source was made use of, the most important thing was to cope up with the bias related to internal validity as well as professional bias. The selection of appropriate literature is another important factors in this case thus the inclusion as well as the exclusion factors were referred to during the whole literature review. The whole literature review was based on a single search string that can be drawback for the research. Another major limitation of literature review is linking back the concepts with one another. This is tough and takes a lot of patience to do the same. The time provided for the research is another constraint because in order to conduct a systematic literature review it is required that all the sources is properly validated so that the information got is credible and topic relevant. Due to less time the literature review certainly was done ignoring some aspects which can have an effect on the results. While considering the inclusion and exclusion criteria it is necessary that validity of the results be analyzed as otherwise this could be a threat to the validation of different results. There are so many articles to be chosen from thus many factors should be considered while choosing papers or publication. As stated above the authors where manually selected as per their alma mater and this again is a limitation as it is not always that someone from a popular university will come up with proper content and the one from some averagely rated university will come up with bad content. The research is totally dependent on the previous works of the authors and has no such quantitative method included thus lacks in mathematical and practical data. In this case quantitative research could have helped to understand better as this involves building up concepts about privacy related issues of data. The use of quantitative research could have helped in results duplication which is not possible in this case thus being one of the limitations of the study. The time constraint in the research could have been avoided if quantitative research has been made use of as these yields quick results as the quantitative methods include various experiments, survey questionnaires as well as interviews that provide almost immediate answers becoming useful from a data-centered approach. The research does not focus on facts as it is based on the concepts or theories that are given by the previous authors.
7. Conclusions and Future Work
The paper provides systematic review that has been carried out for fetching answers to the three research questions that have been given above:
1. What is the escalating sophistication of threat in the cyber space and what are the privacy implications of the same?
From the literature review it was identified that as cyber space is a wide set of computer communication network it is vulnerable to cyber attacks. The cyber criminals have become more active as these days there is a growing use of mobile technology or more specifically internet has gained a lot of popularity. The threats in this include sharing of data in between agents that can be one of the reasons for compromising with the privacy. The robots in the social environment also pose a threat to privacy. The privacy implications generally have pointed out to the use of technology and handling lots of data. These data can thus be misused by cyber criminals and disruptions created.
2. How different are various privacy definitions in the realms of cyber security?
In the realms of cyber security some of the identified privacy definitions are as follows:
a. Privacy in distributed constraint satisfaction techniques- Distributed CSP refers to the constraint satisfaction problem that is related to variables and associated constraints which are distributed among many number of agents. Thus as this includes distribution among various agents there ate high chances that the data gets leaked or hacked. In order to keep a check on the same cryptographic protocols are made used of. Thus in this we get that cryptography has been said to be an effective concept.
b. Privacy related to use of robots in social workplace- This is another important privacy definition as use of robots in the workplace are an important concern these days. The cameras used in the robots can compromise with the privacy of the workers at the organizations and can give rise to serious consequences.
c. DisCSPs with privacy recast- This is yet another definition which includes privacy of the intelligent agents in case of distributed problems. This gave a concept of distributed constraint satisfaction problems as in this the agents require finding values for a certain set of shared variables while giving due respect to supplied constraints that are in general assumed to have various privacy implications.
3. How privacy of data is being compromised with in today’s world?
The privacy of data is being compromised with these days as it can be well understood from the literature review that volumes of data is getting generated at a faster rate from more and more devices. The data breaches are happening around these vital and sensitive data as cyber criminals are taking this as an opportunity to disrupt systems. Usage of internet and sharing of personal information is one of the major concerns. The people are unaware of the fact as how they are displaying their own private data on the online medium which can be made use of by cyber criminals to harm them.
The future work on this can consider the mitigation strategies that can certainly be applied to the various privacy definitions that could possible improve the present situation. Though strategies have always been given but it requires further research as to be more effective in safeguarding data.
8. References
[1]. N. Jentzsch. State-of-the-art of the economics of cyber-security and privacy. IPACSO Deliverable D, 4. 2016.
[2]. J. Bhatia, T.D. Breaux, L. Friedberg, H. Hibshi and D. Smullen. Privacy risk in cybersecurity data sharing. In Proceedings of the 2016 ACM on Workshop on Information Sharing and Collaborative Security (pp. 57-64). 2016, October.
[3]. S.J. Shackelford. Protecting intellectual property and privacy in the digital age: the use of national cybersecurity strategies to mitigate cyber risk. Chap. L. Rev., 19, p.445. 2016.
[4]. E., Toch, C., Bettini, E., Shmueli, L., Radaelli, A., Lanzi, D. Riboni, and B., Lepri, The privacy implications of cyber security systems: A technological survey, ACM Computing Surveys (CSUR), 51(2), pp.1-27, 2018.
[5]. S., Al-Janabi, I., Al-Shourbaji, M. Shojafar, and S., Shamshirband, Survey of main challenges (security and privacy) in wireless body area networks for healthcare applications, Egyptian Informatics Journal, 18(2), pp.113-122, 2017.
[6]. J., Al-Muhtadi, B., Shahzad, K., Saleem, W. Jameel, and M.A., Orgun, Cybersecurity and privacy issues for socially integrated mobile healthcare applications operating in a multi-cloud environment, Health informatics journal, 25(2), pp.315-329, 2019.
[7]. R.A., Bamagain, Increasing User Confidence in Privacy-Sensitive Robots (Doctoral dissertation), 2019.
[8]. F.J.R., Lera, C.F., Llamas, Á.M., Guerrero, and V.M., Olivera, Cybersecurity of robotics and autonomous systems: Privacy and safety. Robotics-legal, ethical and socioeconomic impacts, 2017.
[9]. T. Léauté and B. Faltings. Protecting privacy through distributed computation in multi-agent decision making. Journal of Artificial Intelligence Research, 47, pp.649-695. 2013.
[10]. M.C. Silaghi and B. Faltings. A comparison of distributed constraint satisfaction techniques with respect to privacy. In Proceedings of the Distributed Constraint Reasoning Workshop at AAMAS. 2002.
[11]. R. Wallace and M.C. Silaghi. Using privacy loss to guide decisions in distributed CSP search. In FLAIRS’04. 2004.
[12]. J. Savaux, J. Vion, S. Piechowiak, R. Mandiau, T. Matsui, K. Hirayama, M. Yokoo, S. Elmane and M. Silaghi. Discsps with privacy recast as planning problems for self-interested agents. In 2016 IEEE/WIC/ACM International Conference on Web Intelligence (WI) (pp. 359-366). IEEE. 2016, October.