A Dynamic Obfuscation Framework for Privacy and Utility

Abstract:  With growing concerns over the privacy of networked systems, many mechanisms for enforcing opacity as a form of privacy have been developed. In particular, obfuscating a system’s outputs can preserve privacy when it is unfeasible to restrict a system’s behavior. However, privacy must also be balanced with the oftentimes conflicting goal of utility. Specifically, observations of the system must reveal secrets to intended recipients while hiding them from unintended ones. In this talk, we will discuss a new framework for the obfuscation of discrete event systems and inference of intended recipients. Modeling these processes as a distributed system, we will show how utility and notions of opacity, including K-step opacity, can be formulated as temporal specifications. Leveraging techniques from distributed reactive synthesis, we will then present how both an obfuscator for the system and inference process used by the intended recipients can be synthesized.

This seminar is based on the work of PhD student Andrew Wintenberg, co-advised by the speaker and Necmiye Ozay.

Bio:  Stéphane Lafortune received his degrees from École Polytechnique de Montréal (B.Eng., 1980), McGill University (M.Eng., 1982), and the University of California at Berkeley (PhD, 1986). His research interests are in discrete event systems and cover multiple domains: supervisory control, fault diagnosis, cyber-security, privacy, with applications to cyber and cyber-physical systems. He is a Fellow of IEEE (1999) and of IFAC (2017). He co-authored (with Christos Cassandras) the textbook “Introduction to Discrete Event Systems” (3rd Edition, Springer, 2021) and authored “A Guide to Signals and Systems in Continuous Time” (Springer, 2022).