Building a Privacy Testbed

Partha Das Chowdhury; Joe Gardiner; Maria Sameen; Maysara K M Alhindi; Graham J Peden; Winston Ellis; Anthony C Mazeli; Mohammad Tahaei; Awais Rashid

Building a Privacy Testbed

Partha Das Chowdhury, Joe Gardiner, Maria Sameen, Maysara K M Alhindi, Graham J Peden, Winston Ellis, Anthony C Mazeli, Mohammad Tahaei, Awais Rashid

Bristol Doctoral College

Research output: Contribution to conference › Conference Paper

Abstract

How do we assure that a software application preserves privacy properties – whether it is with regards to contact tracing in a pandemic, information flows from AI assistants or leakage from client-side scanning of end-to-end encryption services? Formal verification is one means but often not within the purview of most software developers and intractable for end-users and regulators. Privacy researchers also require easy and repeatable ways of generating data on privacy properties of applications and third party APIs. We present experiences of building a first of its kind privacy testbed as part of the UK’s National Research Centre on Privacy, Harm Reduction and Adversarial Influence Online. We will discuss our software-defined networking architecture, design challenges encountered, how these have been overcome and ongoing work on integrating the captured traffic with privacy frameworks. We will also discuss plans for the testbed to be widely accessible to the privacy research community.

Original language	English
Publication status	Published - 24 Jun 2022
Event	2022 USENIX Conference on Privacy Engineering Practice and Respect - Santa Clara, United States Duration: 23 Jun 2022 → 24 Jun 2022 https://www.usenix.org/conference/pepr22

Conference

Conference	2022 USENIX Conference on Privacy Engineering Practice and Respect
Abbreviated title	PEPR '22
Country/Territory	United States
City	Santa Clara
Period	23/06/22 → 24/06/22
Internet address	https://www.usenix.org/conference/pepr22

Access to Document

https://www.usenix.org/conference/pepr22/presentation/das-chowdhury

Handle.net

Persistent link

Cite this

@conference{3d4d716d825a4228a0315e4dff131fbc,

title = "Building a Privacy Testbed",

abstract = "How do we assure that a software application preserves privacy properties – whether it is with regards to contact tracing in a pandemic, information flows from AI assistants or leakage from client-side scanning of end-to-end encryption services? Formal verification is one means but often not within the purview of most software developers and intractable for end-users and regulators. Privacy researchers also require easy and repeatable ways of generating data on privacy properties of applications and third party APIs. We present experiences of building a first of its kind privacy testbed as part of the UK{\textquoteright}s National Research Centre on Privacy, Harm Reduction and Adversarial Influence Online. We will discuss our software-defined networking architecture, design challenges encountered, how these have been overcome and ongoing work on integrating the captured traffic with privacy frameworks. We will also discuss plans for the testbed to be widely accessible to the privacy research community.",

author = "\{Das Chowdhury\}, Partha and Joe Gardiner and Maria Sameen and Alhindi, \{Maysara K M\} and Peden, \{Graham J\} and Winston Ellis and Mazeli, \{Anthony C\} and Mohammad Tahaei and Awais Rashid",

year = "2022",

month = jun,

day = "24",

language = "English",

note = "2022 USENIX Conference on Privacy Engineering Practice and Respect, PEPR '22 ; Conference date: 23-06-2022 Through 24-06-2022",

url = "https://www.usenix.org/conference/pepr22",

}

TY - CONF

T1 - Building a Privacy Testbed

AU - Das Chowdhury, Partha

AU - Gardiner, Joe

AU - Sameen, Maria

AU - Alhindi, Maysara K M

AU - Peden, Graham J

AU - Ellis, Winston

AU - Mazeli, Anthony C

AU - Tahaei, Mohammad

AU - Rashid, Awais

PY - 2022/6/24

Y1 - 2022/6/24

N2 - How do we assure that a software application preserves privacy properties – whether it is with regards to contact tracing in a pandemic, information flows from AI assistants or leakage from client-side scanning of end-to-end encryption services? Formal verification is one means but often not within the purview of most software developers and intractable for end-users and regulators. Privacy researchers also require easy and repeatable ways of generating data on privacy properties of applications and third party APIs. We present experiences of building a first of its kind privacy testbed as part of the UK’s National Research Centre on Privacy, Harm Reduction and Adversarial Influence Online. We will discuss our software-defined networking architecture, design challenges encountered, how these have been overcome and ongoing work on integrating the captured traffic with privacy frameworks. We will also discuss plans for the testbed to be widely accessible to the privacy research community.

AB - How do we assure that a software application preserves privacy properties – whether it is with regards to contact tracing in a pandemic, information flows from AI assistants or leakage from client-side scanning of end-to-end encryption services? Formal verification is one means but often not within the purview of most software developers and intractable for end-users and regulators. Privacy researchers also require easy and repeatable ways of generating data on privacy properties of applications and third party APIs. We present experiences of building a first of its kind privacy testbed as part of the UK’s National Research Centre on Privacy, Harm Reduction and Adversarial Influence Online. We will discuss our software-defined networking architecture, design challenges encountered, how these have been overcome and ongoing work on integrating the captured traffic with privacy frameworks. We will also discuss plans for the testbed to be widely accessible to the privacy research community.

UR - https://www.usenix.org/conference/pepr22

M3 - Conference Paper

T2 - 2022 USENIX Conference on Privacy Engineering Practice and Respect

Y2 - 23 June 2022 through 24 June 2022

ER -

Building a Privacy Testbed

Abstract

Conference

Access to Document

Handle.net

Other files and links

Fingerprint

REPHRAIN: REsearch centre on Privacy, Harm Reduction and Adversarial INfluence online

Cite this

Building a Privacy Testbed

Abstract

Conference

Access to Document

Handle.net

Other files and links

Fingerprint

Projects

REPHRAIN: REsearch centre on Privacy, Harm Reduction and Adversarial INfluence online

Cite this