PAPRiCaS: Programming technology foundations for Accountability, Privacy-by-design & Robustness in Context-aware Systems

The PAPRiCAS research project is affiliated with the Software, Data, People & Society research group at Department of Computer Science, Copenhagen University, funded by Independent Research Fund Denmark (2020-2025). The overall aim is to provide new knowledge and build research capacity in the foundations for programming technologies supporting privacy-by-design, robustness, and accountability, that is converted into education, dissemination and innovation in the public and private sector.

News: Paper published on challenges for micro-services at VLDB 2021 and papers on declarative process modelling at BPM 2021 and DEC2H 2021.

Project Background and Objectives

Software systems today control our interactions with both public and private institutions and increasingly process personal data from various sources to provide context-aware, personalized services. Moreover, these systems often consist of numerous distributed, continuously updated and possibly failing components, running on different platforms and developed by different programmers. This has led to governmental strategies, initiatives and laws requiring privacy-by-design, robustness and accountability of software systems. Indeed, the General Data Protection Regulation (GDPR) has made it a legal requirement at the time of designing software systems to ‘implement appropriate technical and organisational measures … in an effective way … in order to … protect the rights of data subjects’. There is, however, no native support for accountability and privacy in state-of-the-art programming technologies, and the present techniques for achieving robustness are not designed for the highly distributed and dynamically evolving systems being build today.

The research objectives of PAPRiCaS are to provide foundational concepts for novel programming technology natively supporting privacy-by-design, robustness, and accountability for Context-aware Systems (CaS) and validate the concepts and technology in the lab.

Participants

Thomas T. Hildebrandt (Professor, Principal Investigator)

Yongluan Zhou (Professor, Head of WP 2)

Tijs Slaats (Associate Prof., Head of WP 3)

Boris Düdder (Associate Prof.)

Ana Carolina Almeida (Postdoc)

Yibin Xu (PhD Student)

Tilman Zuckmantel (PhD Student)

Former members:

Yiwen Wang (Research Assistant)

Marcos Antonio Vaz Salles (Associate Prof.,)

WP 1: Programming Abstractions for Security & Privacy in CaS .

This work package focus on the formal foundation for programming abstractions for privacy and security in CaS, proposing and prototyping new abstractions, and validating the use of the programming abstractions on scenarios. Our starting point will be review of formal models and programming abstractions for privacy and security in context-aware systems, and the identification of a geo-distributed scenario (jointly with the other sub projects) using proximity. Key researchers: Marcos Vaz Salles (lead), Thomas Hildebrandt, Postdoc (to be announced).

WP 2: Efficient and Robust Run-time monitors for Security & Privacy

This work package focus on developing novel foundations, prototyped as tools, for automatic generation of run-time monitors from the formal specification of security policies (behavioural types and declarative process models) and describing obligations and prohibited behaviour, and mechanized integrity and consistency proofs. Key researchers: Yongluan Zhou (lead), Thomas Hildebrandt, Boris Düdder, Tilman Zuckmantel

WP 3: Accountability for Security& Privacy in Evolvable CaS

This work package focus on accountability for security & privacy in evolvable CaS and investigating if it can be achieved by extending monitors to collect information for audits by regulators and certified public auditors in a tamper-proof way, e.g .by recording events and actions on a GDPR-compliant distributed ledger to establish a trusted environment allowing audits and forensics. Effects of applied data transformation processes on privacy as well as privacy policies may then be be specified as smart contracts. Key researchers: Tijs Slaats (lead), Boris Düdder, Thomas Hildebrandt, Yibin Xu

Recent Publications

Data Management in Microservices: State of the Practice, Challenges, and Research Directions, Nunes Laigner, Rodrigo; Zhou, Yongluan; Vaz Salles, Marcos Antonio; Liu, Yijian; Kalinowski, Marcos, VLDP 2021
Zoom and Enhance: Action Refinement via Subprocesses in Timed Declarative Processes, Håkon Normann, Søren Debois, Tijs Slaats and Thomas T. Hildebrandt, BPM 2021
Decision Modelling in Timed Dynamic Condition Response Graphs with Data, Thomas T. Hildebrandt, Søren Debois, Tijs Slaats, Håkon Normann, Morten Marquard, DEC2H 2021 Workshop, affiliated to BPM 2021

Full list of publications

Contact

Enquiries can be send to the PI or heads of work packages.

hilde@di.ku.dk