Directed Information as Privacy Measure in Cloud-based Control

Abstract

We consider cloud-based control scenarios in which clients with local control tasks outsource their computational or physical duties to a cloud service provider. In order to address privacy concerns in such a control architecture, we first investigate the issue of finding an appropriate privacy measure for clients who desire to keep local state information as private as possible during the control operation. Specifically, we justify the use of Kramer's notion of causally conditioned directed information as a measure of privacy loss based on an axiomatic argument. Then we propose a methodology to design an optimal "privacy filter" that minimizes privacy loss while a given level of control performance is guaranteed. We show in particular that the optimal privacy filter for cloud-based Linear-Quadratic-Gaussian (LQG) control can be synthesized by a Linear-Matrix-Inequality (LMI) algorithm. The trade-off in the design is illustrated by a numerical example.