A statistical approach to the design of privacy-preserving services

  1. Oya, Simón
Dirixida por:
  1. Carmela González Troncoso Director
  2. Fernando Pérez González Director

Universidade de defensa: Universidade de Vigo

Fecha de defensa: 05 de xullo de 2019

Tribunal:
  1. Catuscia Palamidessi Presidente/a
  2. Pedro Comesaña Alfaro Secretario
  3. Steven J. Murdoch Vogal
Departamento:
  1. Teoría do sinal e comunicacións

Tipo: Tese

Teseo: 590079 DIALNET lock_openInvestigo editor

Resumo

Electronic services have become an indispensable part of society. Billions of users rely on these services every day to communicate with friends, meet new people, buy products, and keep track of their activities. Electronic services provide many comforts to society, but also pose new threats to the privacy of their users. This is due to the fact that users of electronic services send their sensitive information over a communication channel (typically, the Internet), and this information can many times be observed by an unwanted party. Even though encryption can protect the content of communications against unwanted observers, there are other privacy problems that encryption does not solve. In this thesis, we study two of these problems. First, we tackle the problem of meta-data leakage against a passive eavesdropper. Meta-data is information related to a communication other than the content of the communication itself, such as who the communicating parties are, how often they communicate, or where they are located. Meta-data is usually sensitive, so it is important that users hide it from eavesdroppers. In the first part of this thesis, we study a particular solution to meta-data leakage: mix-based anonymous communication systems. We analyze these systems, and find out how to optimally configure their parameters so as to maximize the users' privacy. In the second part of the thesis, we study how to protect users against an adversarial service provider. We consider the particular case of Location-Based Services (LBS), where users want to obtain some service that depends on their real location (e.g., finding nearby points of interest), but do not want to share this location with the service provider. We study obfuscation-based location privacy mechanisms, that allow users to obtain some utility from the LBS without revealing their actual location. We find weaknesses in the approach that previous works follow to design and evaluate location privacy-preserving mechanisms, and propose solutions to mend these issues and improve current designs. Throughout the thesis we follow a statistical approach to improve the privacy of electronic services: we model both the system operation and the users' behavior, and leverage these models to optimize the privacy of the systems. This approach provides theoretical guarantees that our results will be universally valid as long as the models that we assume for user behavior hold. Also, our methodology can be easily adapted to other privacy problems, and we hope it will inspire future research in this direction.