PRiMMA: Privacy Rights Management for Mobile Applications

epsrclogoThe project investigated privacy requirements, developing a variety of novel techniques to capture and elicit user activity as part of field studies that involved real mobile applications. These techniques were used in conjunction with traditional methods such as focus group studies, interviewing and online questionnaires. We tracked user behavior to see how people interacted particularly with social networks, but also with monitoring location information relating to friends and family. These requirements were used to produce a privacy management framework that enables users to specify privacy preferences, to help visualize them, to learn from the user’s behaviour what their likely preferences are, and to enforce privacy policies. From the perspective of the Imperial research team, the emphasis of the work was on learning privacy policies which can automate the privacy related actions taken by users, by monitoring their past behavior. This was complemented by the work of the OU research team, who focussed on developing techniques for eliciting and analysing privacy requirements for mobile applications; conducting field studies to gain an in-depth understanding of users’ privacy concerns and to evaluate technologies for enhancing end-user privacy management.

CityCrowds – an integrated and service rich crowd-sourcing platform for Digital Cities

2013, Funded by EIT ICT Labs
Partners: Inria (Lead), Alcatel Lucent, Cap Digital, Imperial College, SAP, KTH, LiquidMedia

crowdCrowd-sourcing, if used properly, is a very powerful instrument to collect, enrich and exploit data and knowledge in Digital Cities. The aim of this project is to build, deploy and assess novel services on crowd-sourcing platforms that integrate both data capture facilities and core services enabling the turstworthiness of the crowd to be dynamically evaluated, offering rich workflow modeling for hybrid processing and ensuring privacy guarantees on crowdsourced data.


Emil Lupu

Emil Lupu is Professor of Computer Systems in the Department of Computing at Imperial College London where he leads the Academic Centre of Excellence in Cyber Security Research and the Resilient Information Systems Security (RISS) Group. He serves as Associate Director with the Institute for Security Science and Technology and is the Deputy Director of the PETRAS IoT Security Research Hub – Cybersecurity of the Internet of Things.

His research interests focus on the cyber security and resilience of systems including their physical, digital and human characteristics and their ability to continue operating even when they have been partially compromised. Emil has made numerous contributions in the area of policy-based network and systems management and security  including the Ponder and Ponder2 policy systems, policy analysis refinement, deployment, implementation and learning.

He serves on the editorial boards of the IEEE Transactions on Network and Service ManagementJournal of Network and Systems Management and the International Journal of Network Management, and on the program committee of numerous conferences.

Emil obtained his PhD from Imperial College London and his first degree from the ENSIMAG (École Nationale Supérieure d’Informatique and Mathématiques Appliquées de Grenoble).

His publications can be found on Google Scholar and DBLP.

Contact: <hyphens removed>


Secure and Opportunistic Information Dissemination in Crisis Management

Secure dissemination of data in crisis management scenarios is always difficult to achieve because network connectivity is intermittent or absent. In this work we have combined data-centric information protection techniques based on usage control, sticky policies and rights management with opportunistic networking to enable the dissemination of information between first responders in crisis management situations. The dissemination of keys for access to the information is controlled by a policy hierarchy that describes the permitted devolution of control. Policies are evaluated whenever two users are in proximity in the field and keys are distributed upon successful evaluation. Simulations with conservative mobility models show that the delay on information access i.e., the difference between the distribution of information and the distribution of keys remains small for realistic densities of users in the geographical areas.


Enrico Scalavino, Giovanni Russello, Rudi Ball, Vaibhav Gowadia, Emil Lupu. An opportunistic authority evaluation scheme for data security in crisis management scenarios. ASIACCS 2010: 157-168.

PAQMAN: Policy Analysis for Quality of service MANagement


Policy-based management has been proposed in recent years as a suitable means for managing Quality of Service (QoS) in IP networks. Yet despite research projects, standardisation efforts, and substantial interest from industry, policy-based management is still not a reality. One of the reasons for the reticence to adopt this technology is that it is difficult to analyse policies to determine that they will actually work, given the capabilities of managed network devices, and to guarantee the stability of the network configuration, given that policies may have conflicts leading to unpredictable effects. This project aims to address the challenges of policy analysis, policy validation and policy refinement within the specific application domain of Quality of Service for IP networks. …

AMUSE: Autonomic Management of Ubiquitous Systems for e-Health


Future e-science and e health applications will involve mobile users, possibly with on-body sensors interacting with a ubiquitous computing environment which detects their activity, current context and adapts accordingly. However, the promise of such ubiquitous computing environments will not be realised unless these systems can effectively disappear and for this they need to become autonomous by managingtheir own evolution and configuration changes without explicit user or administrator action. This project will develop the architecture, tools and techniques which permit these environments to become self-managing. To provide self-managment at varying levels (for individual devices, for simple body-areaor home-area networks, as well as large scale network infrastructures) we advocate the concept of a self managed cell (SMC) as the basic architecture pattern at both local and intergrated levels. We will define, prototype and evaluate architectures based on the SMC pattern and their use in e-health applications. To this end we will: define and implement the core SMC pattern in terms of the monitoring, service-discovery, context and policy-control services required for basic adaptation mechanisms, investigate how SMC’s can be dynamically structured into large structures and specialise SMC’s and their interactions for two e-health application scenarios.

This project was in Collaboration with Prof. Joe Sventek at the University of Glasgow