Rejoinder forthcoming in April.
Modern distributed wireless edge networks, such as Internet of Things (IoT), data center, cloud systems with wireless edges and mobile devices, and so on, represent one of the most innovative networking technologies, which aim at handling data storage, transmission, processing, learning, and inference in a decentralized, secure, and efficient way. The unique features of such networks, such as infrastructure-free, decentralization, mobility, and so on, allow us to network various physical devices with maximum flexibility, but also make it extremely difficult, if not impossible, to protect such systems from various malicious attacks. The manuscript by Hero et al. (2023) has summarized critical security issues arising in these systems. Here, we will focus on the confidentiality and privacy issues arising during the information transmissions and communications among agents in the system.
Distributed edge networks generally consist of mobile devices equipped with wireless communication transceivers. The wireless communication environment is especially susceptible to security problems because of the open nature of the medium. It is hence very difficult to establish secret keys among nodes in networks using standard cryptographic approaches alone, because keys themselves may need to be distributed over networks via this open medium and so may themselves be eavesdropped upon or jammed by malicious nodes. We note that alternative secret key distillation and distribution approaches (see, e.g., Maurer, 1993, and Maurer & Wolf, 1999) at the physical layer have also been proposed in the literature and are gaining increased interest, which can be a promising direction to pursue for securing edge networks in addition to what we discuss here. Security issues in edge networks become even worse due to the dynamic topology resulting from node mobility and changing association, stringent latency requirements in various time-sensitive applications such as emergency operations, and mixture of diverse traffic flows. Thus, securing communications in such a system requires a practical approach with dynamic adaptability, light computation, and minimum infrastructure requirements.
As discussed in Hero et al. (2023), physical layer security approach initiated by Wyner (1975) can serve as a promising approach for distributed edge networks. In Wyner (1975), it was shown that secure communication can be provably achieved via a well-designed information-theoretic coding technique, and the optimality of such an approach with respect to the efficiency of using channel resources was also established. Such an approach has been shown to be very powerful for simple wireless networks with centralized architectures (see, e.g., Liang et al., 2008), such as single-user, broadcast (see, e.g., Csiszar & Korner, 1978), multiaccess (see, e.g., Liang & Poor, 2008), and relay (see, e.g., Lai & El Gamal, 2008) systems. It becomes very challenging to extend such an approach to distributed wireless edge networks for a few reasons: (a) The information-theoretic approach requires channel states for setting the design parameters, and it is very difficult to keep track of all channel states of users in a large distributed system and then further adapt the underlying coding design of the system accordingly over time, (b) the design complexity becomes extremely large as the number of users in the system increases, and (c) it becomes almost impossible for all uses in such a distributed system to implement the well-coordinated approach due to the flexibility that these users need.
To deal with these challenges, a more feasible approach was proposed a few years ago in Liang et al. (2011), where the key idea is to convert the end-to-end secure communication problem in a wireless network to an equivalent virtual wiretap channel model, as in Wyner (1975), studied in information theory. Here, rather than relying on channel states of all users in the system, the virtual channel depends only on the general information of a network such as the number of users and how these users move statistically, both of which are much easier to track. Thus, the information-theoretic security techniques can be applied to design secure communication schemes for such a virtual wiretap channel representation.
While Liang et al. (2011) suggested a promising perspective to leverage the physical layer security design to secure distributed wireless edge networks, there are still many challenges ahead that require future investigation. First, many features of a distributed edge network can determine its corresponding channel representation, such as general mobility patterns, heterogeneous traffic flows, and various attack behaviors. It is important to accurately connect these features to the parameters of the channel representation, so that these features can be further incorporated into the information-theoretic security design. Second, the channel representations derived from distributed edge networks will pose new channels that have not been studied before in information-theoretic security, such as channels with memory, channels with compound states, multi-hop relay wiretap networks, and models with quality of security service (QoSS) constraints, and so on. It will then be intriguing to design security schemes and characterize the fundamental secure communication limits for these new channels from an information-theoretic viewpoint. Furthermore, the information-theoretic security design will also suggest how the network protocols at the higher layers, such as routing and scheduling, should be designed to facilitate the physical layer security. In particular, since the fundamental communication limits of physical layer security can be established, it is possible to establish a benchmark performance limit on the secrecy throughput of distributed edge networks, which can be used for gauging all designs of secure communication approaches. We anticipate that many new open problems will still arise toward implementing information-theoretic security approaches to real practice, which will require continuous efforts in the future to address.
Yingbin Liang has no financial or non-financial disclosures to share for this article.
Csiszar, I., & Korner, J. (1978). Broadcast channels with confidential messages. IEEE Transactions on Information Theory, 24(3), 339–348. https://doi.org/10.1109/TIT.1978.1055892
Hero, A., Kar, S. Moura, J., Neil, J., Vincent Poor, H., Turcotte, M., & Xi, B. (2023). Statistics and data science for cybersecurity. Harvard Data Science Review, 5(1). https://doi.org/10.1162/99608f92.a42024d0
Lai, L., & El Gamal, H. (2008). The relay-eavesdropper channel: Cooperation for secrecy. IEEE Transactions on Information Theory, 54(9), 4005–4019. https://doi.org/10.1109/TIT.2008.928272
Liang, Y., & Poor, H. V. (2008). Multiple access channels with confidential messages. IEEE Transactions on Information Theory, 54(3), 976–1002. https://doi.org/10.1109/TIT.2007.915978
Liang, Y., Poor, H. V., & Shamai (Shitz), S. (2008). Information theoretic security. Foundations and Trends in Communications and Information Theory, 5(4–5), 355–580. http://dx.doi.org/10.1561/0100000036
Liang, Y., Poor, H. V., & Ying, L. (2011). Secrecy throughput of MANETs under passive and active attacks. IEEE Transactions on Information Theory, 57(10), 6692–6702. https://doi.org/10.1109/TIT.2011.2165800
Maurer, U. M. (1993). Secrete key agreement by public discussion based on common information. IEEE Transactions on Information Theory, 39(5), 733–742. https://doi.org/10.1109/18.256484
Maurer, U. M., & Wolf, S. (1999). Unconditionally secure key agreement and the intrinsic conditional information. IEEE Transactions on Information Theory, 45(2), 499–514. https://doi.org/10.1109/18.748999
Wyner, A. D. (1975). The wire-tap channel. Bell System Technical Journal, 54(8), 1355–1387. https://doi.org/10.1002/j.1538-7305.1975.tb02040.x
©2023 Yingbin Liang . This article is licensed under a Creative Commons Attribution (CC BY 4.0) International license, except where otherwise indicated with respect to particular material included in the article.