Privacy-Friendly Services and Apps

privacy

The objective of this project is to re-imagine how modern on-line services and applications may be engineered to provide a higher degree of technical privacy protection. Supporting stronger privacy and user control involves a serious redesign of key protocols and architectures that underlie these services, as well as the development of principled definitions of privacy, tools to realize them, and methods to evaluate the degree of protection afforded.

We consider two categories of services: The first one consists of those systems that process personal information but generate information that is publicly disclosed. A typical example is aggregating the data of multiple individuals, and extracting higher level information and statistics. For example, the likelihood of customers buying two items together, or the correlation between a certain disease and obesity. For those features, the objective of this project is to devise generic techniques to compute and make available such statistical data while minimizing the exposure of personal information.

The second category of services both processes personal information and also generates personal information. For example, the insurance premium to be paid by an individual on the basis of their health may be both the result of processing sensitive information, as well as sensitive itself. For those applications, we aim to devise generic architectures that (a) minimize the exposure of private information and (b) allow for flexible policies to determine under what conditions the resulting sensitive information is shared, and with whom.

A fundamental objective, common to both categories, is to develop principled and robust definitions of privacy, as well as methods for evaluating the quality of protection offered by different proposed mechanisms. We intend to consider variants of differential privacy, cryptography and other established privacy technologies, augmented by rigorous proofs of correctness.

We plan to dedicate particular attention to the domain of location-based services. We aim at designing mechanisms that will allow a user to get information from such services, such as point of interest, or nearby friends, without exposing his precise location. To this aim, we plan to develop obfuscation techniques that will provide strong privacy guarantees, such as geo-indistinguisghability, a variant of differential privacy suitable for geo-location.

Finally, we intend to prototype high quality software tools for developing and evaluating privacy-friendly services. These include tools and libraries that implement high value computations in a privacy preserving manner; language based tools, such as compilers and runtimes, to support building higher level services; and platforms and API that support privacy features out of the box. These should be capable of inter-operating to produce larger and richer services that process location, medical, or financial data without exposing them to third parties. While this is not a core objective of the project, we hope to achieve synergies with other Microsoft Research-Inria projects that focus on automatic verification to validate the code that implements protection mechanisms.

 

  • Cédric Fournet
    Cédric Fournet
    I am interested in security, programming, and distributed systems. I am a member of the Programming Principles and Tools and Security groups at Microsoft Research in Cambridge, UK. Since 2006, I also lead a project on Secure Distributed ...
  • Catuscia
    Catuscia Palamidessi
    Catuscia Palamidessi is Research Director at Inria Saclay Ile de France and head of the Comète team ...

2016

Communication dans un congrès

titre
Axioms for Information Leakage
auteur
Mário S. Alvim, Konstantinos Chatzikokolakis, Annabelle Mciver, Carroll Morgan, Catuscia Palamidessi, Geoffrey Smith
article
29th Computer Security Foundations Symposium (CSF 2016), Jun 2016, Lisbon, Portugal. pp.16, 2016
Accès au texte intégral et bibtex
http://hal.inria.fr/hal-01330414/file/csf16-FinalVersion-CameraReady.pdf BibTex
titre
Up-To Techniques for Generalized Bisimulation Metrics
auteur
Konstantinos Chatzikokolakis, Catuscia Palamidessi, Valeria Vignudelli
article
27th International Conference on Concurrency Theory (CONCUR), Aug 2016, Québec City, Canada. 2016, <10.4230/LIPIcs.CONCUR.2016.35>
Accès au texte intégral et bibtex
http://hal.inria.fr/hal-01335234/file/paper.pdf BibTex

2015

Article dans des revues

titre
On the information leakage of differentially-private mechanisms
auteur
Mário Sérgio Alvim, Miguel E. Andrés, Konstantinos Chatzikokolakis, Pierpaolo Degano, Catuscia Palamidessi
article
Journal of Computer Security, IOS Press, 2015, 23 (4), pp.427-469. <10.3233/JCS-150528>
Accès au texte intégral et bibtex
http://hal.inria.fr/hal-00940425/file/full%28numbered_pages%29.pdf BibTex
titre
Abstract Interpretation of Temporal Concurrent Constraint Programs
auteur
Moreno Falaschi, Carlos Olarte, Catuscia Palamidessi
article
Theory and Practice of Logic Programming, Cambridge University Press (CUP), 2015, 15 (3), pp.312-357
Accès au texte intégral et bibtex
http://hal.inria.fr/hal-00945462/file/utcc-abs-tplp-CR.pdf BibTex
titre
Constructing elastic distinguishability metrics for location privacy
auteur
Konstantinos Chatzikokolakis, Catuscia Palamidessi, Marco Stronati
article
Proceedings on Privacy Enhancing Technologies, De Gruyter Open, 2015, 2015 (2), pp.156-170. <10.1515/popets-2015-0023>
Accès au bibtex
https://arxiv.org/pdf/1503.00756 BibTex

Communication dans un congrès

titre
Geo-indistinguishability: A Principled Approach to Location Privacy
auteur
Konstantinos Chatzikokolakis, Catuscia Palamidessi, Marco Stronati
article
Raja Natarajan, Gautam Barua and Manas Ranjan Patra. ICDCIT 2015 – Proceedings of the 11th International Conference on Distributed Computing and Internet Technology, Feb 2015, Bhubaneswar, India. Springer, 8956, pp.49-72, 2015, Lecture Notes in Computer Science. <10.1007/978-3-319-14977-6_4>
Accès au texte intégral et bibtex
http://hal.inria.fr/hal-01114241/file/paper.pdf BibTex
titre
Location Privacy via Geo-Indistinguishability
auteur
Konstantinos Chatzikokolakis, Catuscia Palamidessi, Marco Stronati
article
Martin Leucker; Camilo Rueda; Frank D. Valencia. Proceedings of the 12th International Colloquium on Theoretical Aspects of Computing (ICTAC), 2015, Cali, Colombia. Springer, 9399, pp.28-38, 2015, Lectures Notes in Computer Science
Accès au bibtex
BibTex
titre
Quantitative Approaches to the Protection of Private Information: State of the Art and Some Open Challenges
auteur
Catuscia Palamidessi
article
Riccardo Focardi; Andrew C. Myers. Proceedings of the 4th International Conference on Principles of Security and Trust (POST), 2015, London, United Kingdom. Springer, 9036, pp.3-7, Lecture Notes in Computer Science
Accès au bibtex
BibTex

Chapitre d’ouvrage

titre
A Declarative View of Signaling Pathways
auteur
Davide Chiarugi, Moreno Falaschi, Catuscia Palamidessi
article
Chiara Bodei; Gian Luigi Ferrari; Corrado Priami. Programming Languages with Applications to Biology and Security, 9465, Springer, pp.183-201, 2015, Lecture Notes in Computer Science, 978-3-319-25526-2
Accès au bibtex
BibTex

Ouvrage (y compris édition critique et traduction)

titre
Special Issue on Quantitative Information Flow
auteur
Miguel E. Andrés, Geoffrey Smith, Catuscia Palamidessi
article
Cambridge University Press, 25 (2), 2015, Mathematical Structures in Computer Science, <10.1017/S0960129513000583>
Accès au bibtex
BibTex

2014

Article dans des revues

titre
Compositional methods for information-hiding
auteur
Konstantinos Chatzikokolakis, Catuscia Palamidessi, Christelle Braun
article
Mathematical Structures in Computer Science, Cambridge University Press (CUP), 2014, FirstView, pp.1-25. <10.1017/S0960129514000292>
Accès au texte intégral et bibtex
http://hal.inria.fr/hal-01006384/file/journal.pdf BibTex

Communication dans un congrès

titre
Additive and multiplicative notions of leakage, and their capacities
auteur
Mário S. Alvim, Konstantinos Chatzikokolakis, Annabelle Mciver, Carroll Morgan, Catuscia Palamidessi, Geoffrey Smith
article
27th Computer Security Foundations Symposium (CSF 2014), Jul 2014, Vienna, Austria. IEEE, pp.308–322, 2014, <10.1109/CSF.2014.29>
Accès au texte intégral et bibtex
http://hal.inria.fr/hal-00989462/file/csf14.pdf BibTex
titre
Compositionality Results for Quantitative Information Flow
auteur
Yusuke Kawamoto, Konstantinos Chatzikokolakis, Catuscia Palamidessi
article
Gethin Norman and William H. Sanders. Proceedings of the 11th International Conference on Quantitative Evaluation of SysTems (QEST 2014), Sep 2014, Florence, Italy. Springer, 8657, pp.368-383, 2014, Lecture Notes in Computer Science. <10.1007/978-3-319-10696-0>
Accès au texte intégral et bibtex
http://hal.inria.fr/hal-01006381/file/QEST2014long.pdf BibTex
titre
Optimal Geo-Indistinguishable Mechanisms for Location Privacy
auteur
Nicolás E. Bordenabe, Konstantinos Chatzikokolakis, Catuscia Palamidessi
article
Gail-Joon Ahn and Moti Yung and Ninghui Li. CCS – 21st ACM Conference on Computer and Communications Security, Nov 2014, Scottsdale, Arizona, United States. ACM, pp.251-262, 2014, Proceedings of the 21st ACM Conference on Computer and Communications Security. <10.1145/2660267.2660345>
Accès au bibtex
https://arxiv.org/pdf/1402.5029 BibTex
titre
Generalized bisimulation metrics
auteur
Konstantinos Chatzikokolakis, Daniel Gebler, Catuscia Palamidessi, Lili Xu
article
Paolo Baldan; Daniele Gorla. CONCUR – 25th Conference on Concurrency Theory, Sep 2014, Rome, Italy. Springer, 8704, pp.32-46, 2014, Lecture Notes in Computer Science. <10.1007/978-3-662-44584-6_4>
Accès au texte intégral et bibtex
http://hal.inria.fr/hal-01011471/file/concur.pdf BibTex
titre
A Predictive Differentially-Private Mechanism for Mobility Traces
auteur
Konstantinos Chatzikokolakis, Catuscia Palamidessi, Marco Stronati
article
Emiliano De Cristofaro and Steven J. Murdoch. PETS 2014 – 14th Privacy Enhancing Technologies Symposium, Jul 2014, Amsterdam, Netherlands. Springer, 8555, pp.21-41, 2014, Lecture Notes in Computer Science. <10.1007/978-3-319-08506-7_2>
Accès au bibtex
https://arxiv.org/pdf/1311.4008 BibTex

Chapitre d’ouvrage

titre
Generalized differential privacy: regions of priors that admit robust optimal mechanisms
auteur
Ehab Elsalamouny, Konstantinos Chatzikokolakis, Catuscia Palamidessi
article
van Breugel, Franck and Kashefi, Elham and Palamidessi, Catuscia and Rutten, Jan. Horizons of the Mind. A Tribute to Prakash Panangaden, 8464, Springer International Publishing, pp.292-318, 2014, Lecture Notes in Computer Science, 978-3-319-06879-4. <10.1007/978-3-319-06880-0_16>
Accès au texte intégral et bibtex
http://hal.inria.fr/hal-01006380/file/main.pdf BibTex

Direction d’ouvrage, Proceedings

titre
Proceedings of the 34th International Conference on Formal Techniques for Distributed Objects, Components, and Systems
auteur
Erika Ábrahám, Catuscia Palamidessi
article
Erika Abraham; Catuscia Palamidessi. 2014, France. 8461, Springer, 2014, Lecture Notes in Computer Science
Accès au bibtex
BibTex