Generalised Context Privacy

New cyber physical systems and new ways of using existing systems are increasingly being introduced, this include retrofitting physical systems with cyber capabilities. A risk is that new threats are introduced to these systems, including by revealing sensitive information to an adversary making observations on the system and the context in which the system takes actions.

Many domains have independently had context privacy preserving techniques developed for these threats (e.g., onion routing, change in identity). However, developing context privacy preserving techniques is a lengthy process and does not allow for rapid responses to novel context privacy threats. This poses a danger to users of systems which operate without suitable context privacy controls and potentially leads to sensitive operational information being revealed.

In this project, instead of developing techniques as novel context privacy threats are identified, a suite of context privacy controls will be developed for an arbitrary system, their efficacy will be demonstrated via suitable quantification, and then using example systems, domain-specific translators will be developed such that the general context privacy techniques can applied to real-world systems. By having these foundations available, when novel context privacy threats are identified, only domain-specific translators need to be developed. This allows for faster and more agile responses to future novel context privacy threats, thus minimising information conveyed by system actions to an adversary - protecting both the system and its users.