Building a Privacy Testbed

Partha Das Chowdhury; Joe Gardiner; Maria Sameen; Maysara K M Alhindi; Graham J Peden; Winston Ellis H V Ellis; Anthony C Mazeli; Mohammad Tahaei; Awais Rashid

Building a Privacy Testbed

Partha Das Chowdhury, Joe Gardiner, Maria Sameen, Maysara K M Alhindi, Graham J Peden, Winston Ellis H V Ellis, Anthony C Mazeli, Mohammad Tahaei, Awais Rashid

Research output: Chapter in Book/Report/Conference proceeding › Conference Contribution (Conference Proceeding)

Abstract

How do we assure that a software application preserves privacy properties – whether it is with regards to contact tracing in a pandemic, information flows from AI assistants or leakage from client-side scanning of end-to-end encryption services? Formal verification is one means but often not within the purview of most software developers and intractable for end-users and regulators. Privacy researchers also require easy and repeatable ways of generating data on privacy properties of applications and third party APIs. We present experiences of building a first of its kind privacy testbed as part of the UK’s National Research Centre on Privacy, Harm Reduction and Adversarial Influence Online. We will discuss our software-defined networking architecture, design challenges encountered, how these have been overcome and ongoing work on integrating the captured traffic with privacy frameworks. We will also discuss plans for the testbed to be widely accessible to the privacy research community.

Original language	English
Title of host publication	2022 USENIX Conference on Privacy Engineering Practice and Respect
Publisher	USENIX Association
Publication status	Accepted/In press - 2022

Handle.net

Persistent link

Cite this

@inproceedings{3d4d716d825a4228a0315e4dff131fbc,

title = "Building a Privacy Testbed",

abstract = "How do we assure that a software application preserves privacy properties – whether it is with regards to contact tracing in a pandemic, information flows from AI assistants or leakage from client-side scanning of end-to-end encryption services? Formal verification is one means but often not within the purview of most software developers and intractable for end-users and regulators. Privacy researchers also require easy and repeatable ways of generating data on privacy properties of applications and third party APIs. We present experiences of building a first of its kind privacy testbed as part of the UK{\textquoteright}s National Research Centre on Privacy, Harm Reduction and Adversarial Influence Online. We will discuss our software-defined networking architecture, design challenges encountered, how these have been overcome and ongoing work on integrating the captured traffic with privacy frameworks. We will also discuss plans for the testbed to be widely accessible to the privacy research community.",

author = "{Das Chowdhury}, Partha and Joe Gardiner and Maria Sameen and Alhindi, {Maysara K M} and Peden, {Graham J} and Ellis, {Winston Ellis H V} and Mazeli, {Anthony C} and Mohammad Tahaei and Awais Rashid",

year = "2022",

language = "English",

booktitle = "2022 USENIX Conference on Privacy Engineering Practice and Respect",

publisher = "USENIX Association",

address = "United States",

}

TY - GEN

T1 - Building a Privacy Testbed

AU - Das Chowdhury, Partha

AU - Gardiner, Joe

AU - Sameen, Maria

AU - Alhindi, Maysara K M

AU - Peden, Graham J

AU - Ellis, Winston Ellis H V

AU - Mazeli, Anthony C

AU - Tahaei, Mohammad

AU - Rashid, Awais

PY - 2022

Y1 - 2022

N2 - How do we assure that a software application preserves privacy properties – whether it is with regards to contact tracing in a pandemic, information flows from AI assistants or leakage from client-side scanning of end-to-end encryption services? Formal verification is one means but often not within the purview of most software developers and intractable for end-users and regulators. Privacy researchers also require easy and repeatable ways of generating data on privacy properties of applications and third party APIs. We present experiences of building a first of its kind privacy testbed as part of the UK’s National Research Centre on Privacy, Harm Reduction and Adversarial Influence Online. We will discuss our software-defined networking architecture, design challenges encountered, how these have been overcome and ongoing work on integrating the captured traffic with privacy frameworks. We will also discuss plans for the testbed to be widely accessible to the privacy research community.

AB - How do we assure that a software application preserves privacy properties – whether it is with regards to contact tracing in a pandemic, information flows from AI assistants or leakage from client-side scanning of end-to-end encryption services? Formal verification is one means but often not within the purview of most software developers and intractable for end-users and regulators. Privacy researchers also require easy and repeatable ways of generating data on privacy properties of applications and third party APIs. We present experiences of building a first of its kind privacy testbed as part of the UK’s National Research Centre on Privacy, Harm Reduction and Adversarial Influence Online. We will discuss our software-defined networking architecture, design challenges encountered, how these have been overcome and ongoing work on integrating the captured traffic with privacy frameworks. We will also discuss plans for the testbed to be widely accessible to the privacy research community.

UR - https://www.usenix.org/conference/pepr22/presentation/das-chowdhury

M3 - Conference Contribution (Conference Proceeding)

BT - 2022 USENIX Conference on Privacy Engineering Practice and Respect

PB - USENIX Association

ER -

Building a Privacy Testbed

Abstract

Handle.net

Other files and links

Fingerprint

REPHRAIN: REsearch centre on Privacy, Harm Reduction and Adversarial INfluence online

Cite this

Building a Privacy Testbed

Abstract

Handle.net

Other files and links

Fingerprint

Projects

REPHRAIN: REsearch centre on Privacy, Harm Reduction and Adversarial INfluence online

Cite this