Skip to main content

Privacy

We look to detect, measure, and mitigate sensitive information leakage in various scenarios including data publishing, internet of things, mobile and cloud applications, and training machine learning algorithms.

In order to support data-driven innovation, we need to record, collect, share and process vast amounts of data. That data, however, are frequently sensitive.

Therefore, when handling them, there is a risk that sensitive information about individuals and organisations will leak, causing emotional distress, reputational damage, disclosure of trade secrets and financial repercussions.

Our research involves the detection of information and data leakage risks in modern systems, recording and quantifying the leakage, and mitigating it with appropriate techniques (such as data obfuscation).

Aims

  • Elicit privacy requirements from stakeholders (individuals, organisations with large data collections).
  • Detect privacy leakage in existing systems.
  • Develop practical sociotechnical solutions for preserving privacy without degrading data/application quality.
  • Disseminate and deploy privacy solutions and recommendations to influence policy and innovation.
  • Inter-disciplinary collaboration on human, social, legal, and business aspects of privacy.
  • Provide advice on creating and developing systems that are private by design.

The focus of our research is on the following topics:

  • Privacy-preserving data publishing, including the generation of synthetic data with differential privacy guarantees.
  • Privacy for machine learning algorithms.
  • Privacy for internet of things devices and applications.

Selected publications

Recent and ongoing projects:

Privacy-Aware Cloud Ecosystems (PACE)

This project was funded by EPSRC and led by:

With increasing take up of externally provisioned and managed services (from government, finance, entertainment), often hosted over cloud computing infrastructure, there is a realisation that online electronic services can involve an interlinked range of providers. As more people move online globally over the next decade, both opportunities and threats grow. Consider, for instance, a coffee chain that initially provided wifi services to customers, now working in collaboration with data centre providers to offer additional services to users (such as edge data storage, multimedia caching, etc).

This project addresses security and privacy requirements of such environments, where multiple cloud computing providers need to work collaboratively to offer services to a user. Users of these services only interact with a web interface rather than the larger distributed service ecosystem, and are often unfamiliar with the ecosystem of providers that are involved in offering them a particular capability. Their visibility beyond the first service provider is often missing, requiring them to trust the provider in handling and managing their data. This is a significant challenge, and often deters the use of online services (especially for data providers which are new in the market place).

We aim to improve transparency, enable an audit trail of providers and facilitate greater trust between users and service providers. We propose a technological solution in the form of a mobile software "container" that will ensure that all access instances are securely logged on a blockchain, where they can be checked for compliance against the permissions the user has given.

Lead researcher

Dr George Theodorakopoulos

Dr George Theodorakopoulos

Senior Lecturer

Email
theodorakopoulosg@cardiff.ac.uk
Telephone
+44 (0)29 2087 4855

Academic staff

Dr Charith Perera

Dr Charith Perera

Senior Lecturer

Email
pererac@cardiff.ac.uk
Telephone
+44 (0)29 2251 0987
Dr Jianhua Shao

Dr Jianhua Shao

Senior Lecturer

Email
shaoj@cardiff.ac.uk
Telephone
+44 (0)29 2087 6757
Dr Christian Arnold

Dr Christian Arnold

Senior Lecturer in Politics

Email
arnoldc6@cardiff.ac.uk
Telephone
+44 (0)29 2068 8824

Postgraduate students

No profile image

Alanoud Subahi

Research student

Email
subahiat@cardiff.ac.uk

Associated staff

Dr Masoud Barati

Dr Masoud Barati

Research Associate

Email
baratim@cardiff.ac.uk