Generalised Context Privacy

广义上下文隐私

• 批准号: EP/X040038/1
• 负责人: Matthew Bradbury
• 金额: $ 49.37万
• 依托单位: Lancaster University
• 依托单位国家: 英国
• 项目类别: Research Grant
• 财政年份: 2024
• 资助国家: 英国
• 起止时间: 2024 至 无数据
• 项目状态: 未结题
• 来源: https://gtr.ukri.org/projects?ref=EP%2FX040038%2F1
• 关键词: Generalised; Context; Privacy

New cyber physical systems and new ways of using existing systems are increasingly being introduced, this include retrofitting physical systems with cyber capabilities. A risk is that new threats are introduced to these systems, including by revealing sensitive information to an adversary making observations on the system and the context in which the system takes actions.Many domains have independently had context privacy preserving techniques developed for these threats (e.g., onion routing, change in identity). However, developing context privacy preserving techniques is a lengthy process and does not allow for rapid responses to novel context privacy threats. This poses a danger to users of systems which operate without suitable context privacy controls and potentially leads to sensitive operational information being revealed.In this project, instead of developing techniques as novel context privacy threats are identified, a suite of context privacy controls will be developed for an arbitrary system, their efficacy will be demonstrated via suitable quantification, and then using example systems, domain-specific translators will be developed such that the general context privacy techniques can applied to real-world systems. By having these foundations available, when novel context privacy threats are identified, only domain-specific translators need to be developed. This allows for faster and more agile responses to future novel context privacy threats, thus minimising information conveyed by system actions to an adversary - protecting both the system and its users.

新的网络物理系统和使用现有系统的新方法越来越多地被引入，这包括用网络功能改造物理系统。风险在于，新的威胁被引入到这些系统中，包括通过向对系统和系统采取动作的上下文进行观察的对手泄露敏感信息。洋葱路由、身份改变）。然而，开发上下文隐私保护技术是一个漫长的过程，并且不允许对新的上下文隐私威胁做出快速响应。这对没有合适的上下文隐私控制的系统的用户构成了危险，并可能导致敏感的操作信息被泄露。在这个项目中，而不是开发新的上下文隐私威胁被识别的技术，一套上下文隐私控制将被开发用于任意系统，它们的功效将通过适当的量化来证明，然后使用示例系统，将开发特定于域的翻译器，使得一般上下文隐私技术可以应用于现实世界的系统。有了这些基础，当发现新的上下文隐私威胁时，只需要开发特定于域的翻译器。这允许对未来新的上下文隐私威胁做出更快、更敏捷的响应，从而最大限度地减少系统动作向对手传达的信息，从而保护系统及其用户。