Privacy verification and enforcement via belief manipulation

Abstract

We study the problem of verifying and enforcing the privacy of a partially observable stochastic system in the presence of an eavesdropping intruder. The intruder has the knowledge of the system model. It also has partial observation to system states and actions based on which it updates the belief which is a probability distribution over the system states. The intruder’s objective is to learn the system’s secrets in terms of whether the system is currently in some critical or sensitive states. We model the system as a partially observableMarkov decision process and propose a notion of privacy with respect to the intruder ‘s belief. Our key observation is that the evolution of the intruder’s belief can be represented as a discrete-time switched system. The privacy verification and enforcement can thus be cast into a reachability problem with respect to the unsafe subset of beliefs defined by the privacy requirement. We showhowto apply control theory to verify and enforce the system’s privacy with two proposed approaches.