We look to detect, measure, and mitigate sensitive information leakage in various scenarios including data publishing, internet of things, mobile and cloud applications, and training machine learning algorithms.
In order to support data-driven innovation, we need to record, collect, share and process vast amounts of data. That data, however, are frequently sensitive.
Therefore, when handling them, there is a risk that sensitive information about individuals and organisations will leak, causing emotional distress, reputational damage, disclosure of trade secrets and financial repercussions.
Our research involves the detection of information and data leakage risks in modern systems, recording and quantifying the leakage, and mitigating it with appropriate techniques (such as data obfuscation).
- Elicit privacy requirements from stakeholders (individuals, organisations with large data collections).
- Detect privacy leakage in existing systems.
- Develop practical sociotechnical solutions for preserving privacy without degrading data/application quality.
- Disseminate and deploy privacy solutions and recommendations to influence policy and innovation.
- Inter-disciplinary collaboration on human, social, legal, and business aspects of privacy.
- Provide advice on creating and developing systems that are private by design.
The focus of our research is on the following topics:
- Privacy-preserving data publishing, including the generation of synthetic data with differential privacy guarantees.
- Privacy for machine learning algorithms.
- Privacy for internet of things devices and applications.
- Azad, M. A. , Perera, C. and Barhamgi, M. 2021. Privacy-preserving crowd-sensed trust aggregation in the user-centeric internet of people networks. ACM Transactions on Cyber-Physical Systems 5 (1) 4. (10.1145/3390860)
- Barhamgi, M. et al., 2020. Privacy in data service composition. IEEE Transactions on Services Computing 13 (4), pp.639-652. (10.1109/TSC.2019.2963309)
- Theodorakopoulos, G. et al. 2020. On-the-fly privacy for location histograms. IEEE Transactions on Dependable and Secure Computing (10.1109/TDSC.2020.2980270)
- Loukides, G. and Theodorakopoulos, G. 2020. Location histogram privacy by sensitive location hiding and target histogram avoidance/resemblance. Knowledge and Information Systems 62 , pp.2613-2651. (10.1007/s10115-019-01432-4)
- Shao, J. and Ong, H. 2017. Exploiting contextual information in attacking set-generalized transactions. ACM Transactions on Internet Technology 17 (4) 40. (10.1145/3106165)
- Loukides, G. , Gkoulalas-Divanis, A. and Shao, J. 2013. Efficient and flexible anonymization of transaction data. Knowledge and Information Systems 36 (1), pp.153-210. (10.1007/s10115-012-0544-3)
Recent and ongoing projects:
Privacy-Aware Cloud Ecosystems (PACE)
This project was funded by EPSRC and led by:
- Professor Omer Rana (Principal investigator)
- George Theodorakopoulos (Co-investigator)
- Pete Burnap (Co-investigator).
With increasing take up of externally provisioned and managed services (from government, finance, entertainment), often hosted over cloud computing infrastructure, there is a realisation that online electronic services can involve an interlinked range of providers. As more people move online globally over the next decade, both opportunities and threats grow. Consider, for instance, a coffee chain that initially provided wifi services to customers, now working in collaboration with data centre providers to offer additional services to users (such as edge data storage, multimedia caching, etc).
This project addresses security and privacy requirements of such environments, where multiple cloud computing providers need to work collaboratively to offer services to a user. Users of these services only interact with a web interface rather than the larger distributed service ecosystem, and are often unfamiliar with the ecosystem of providers that are involved in offering them a particular capability. Their visibility beyond the first service provider is often missing, requiring them to trust the provider in handling and managing their data. This is a significant challenge, and often deters the use of online services (especially for data providers which are new in the market place).
We aim to improve transparency, enable an audit trail of providers and facilitate greater trust between users and service providers. We propose a technological solution in the form of a mobile software "container" that will ensure that all access instances are securely logged on a blockchain, where they can be checked for compliance against the permissions the user has given.