Defining, addressing and managing privacy in modern ICT

In the current world economic scenario progress depends on how information is obtained, codified, processed and finally exchanged. Now the transformation of matter into form involves the synergy between technologies and theoretical approaches. Sensors and signal conditioning determine the information that is subsequently processed in any production chain, and we have to take into account that both sensing and conditioning stages are theory-laden. Thus, our effort should be aimed to empower our theoretical tools as we adjust our observation and actuation instruments. This is the core of my research, which has been addressed through new computer-based methods to characterize and control complex dynamics.

Along my research career I proposed and applied computational procedures to improve key enabling technologies in the context of security information, electromechanical devices, and neuroscience. In all cases my focus is on implementing bidirectional protocols to extract information and control nonlinear time-varying dynamical systems. Those procedures are based on information theory, statistics, cybernetics, formal analysis, and machine learning. Indeed, the analysis and classification of time series to identify the main components of a dynamical system is of major importance for mechanics and computational neuroscience, but also for the evaluation of security properties of modern ICT. The quantification of the functional interrelationship among components of a system is essential to design efficient electromechanical devices, to propose activity-dependent stimulation protocols to reveal dynamics in neurophysiology, and to ponder confidentiality and privacy in communication networks.

On the basis of my multidisciplinary background, my future work is intended to design and evaluate new privacy-preserving security protocols. This aim is addressed by extending my previous results on the use of dynamical systems theory in the cryptanalysis of encryption systems, along with the outcomes derived from coding neural activity and modeling cooperation and information flow in complex networks. These three inverse problems involve the inferring of hidden information from restricted and partial observations, which is the goal when assessing confidentiality and privacy in communication networks. Now partial observations correspond to the information intercepted by an attacker, and the security assessment must confirm that the attacker cannot derive confidential and/or private information from intercepted data. Moreover, the rigorous examination of security cannot be performed unless the attack model is described exhaustively. In this concern, we recently published several works for the design and evaluation of security protocols. We underline that the design of security protocols must be conducted by a Plan-Do-Check-Act methodology that is continuously revaluating our security assumptions and requirements. Furthermore, our models of communication channels has to be refined to extract anonymous and covert information flows, but also to study information flow using formal techniques built upon pi-calculus. Finally, since our socioeconomic model is very dependent on the use and acceptability of ICT, our work offers wide possibilities to foster users’ trust in ICT.