Generalised Context Privacy

The Lancashire Cyber Festival 2023 brought together academic researchers, industry and defence in the Lancashire region to continue to build upon the concentration of cyber skills, experience and leadership in the region. The event was also used to launch the Lancashire Cyber Partnership of which Lancaster University is a partner.

There has been significant effort on addressing data content threats, whether this be to data in motion, data at rest or a private release of data. However, for systems being directly observed by an adversary, risks exist in the form of information revealed by the actions a system takes and the context in which it takes them. Thus, considering the context privacy of a system is important from a holistic viewpoint. Context privacy techniques already exist in a wide range of different domains (e.g., onion routing, location privacy in ad-hoc networks), but we lack the ability to rapidly develop novel techniques when new context privacy threats are identified. To address this, privacy quantification approaches and techniques will be developed for an arbitrary system, which will subsequently be used in translators for specific systems of interest. This presentation sets out the problem and explores initial work on quantification being performed in a recently funded EPSRC project.