IDENTIFYING DATA 2016_17
Subject (*) PRIVACY PROTECTION Code 17685107
Study programme
Computer Security Engineering and Artificial Intelligence (2016)
 Cycle 2nd
Descriptors Credits Type Year Period
4.5 Compulsory First 2Q
Language
Anglès
Department Computer Engineering and Mathematics
Coordinator
DOMINGO FERRER, JOSEP
 E-mail josep.domingo@urv.cat
0
Lecturers
DOMINGO FERRER, JOSEP
SALAS PIÑÓN, JULIÁN
Web http://http://crises-deim.urv.cat/privprot
General description and relevant information Learn the basics of privacy, its legal principles and major design strategies . Gain expertise in database privacy and data anonymization.

Competences
Type A Code Competences Specific
 A1 Integrate the fundamental technology, applications, services and systems of Computer Security and Artificial Intelligence,in a broader, multidisciplinary context.
 A3 Understand and know how to apply the functioning and organisation of the Internet, the technology and protocols of new-generation networks, the models of components, intermediate software and services.
 A4 Design, develop, manage and evaluate mechanisms to certify and guarantee security in handling information and access to it in a local or distributed processing system.
 A5 Analyse the information needs considered in an environment and execute all stages of the construction process of a secure information system.
 G1 Project, calculate and design products, processes and installations in the areas of Computer Security and Artificial Intelligence
 G2 Perform mathematical modelling, calculation and simulation in company technology and engineering centres, particularly in tasks of research, development and innovation in the areas of Computer Security and Artificial Intelligence
Type B Code Competences Transversal
 CT2 Formular valoracions a partir de la gestió i ús eficient de la informació.
 CT3 Resoldre problemes complexes de manera crítica, creativa i innovadora en contextos multidisciplinars.
 CT4 Treballar en equips multidisciplinars i en contextos complexes.
 CT7 Aplicar els principis ètics i de responsabilitat social com a ciutadà i com a professional.
Type C Code Competences Nuclear

Learning outcomes
Type A Code Learning outcomes
 A1 Analitza els problemes i les seves causes des d'un enfocament global i de mitjà i llarg termini.
 A3 Dissenya protocols de xarxes i serveis privats per a aplicacions informàtiques i telemàtiques.
 A4 Dissenya tecnologies de garantia de la privacitat per a escenaris d'aplicacions informàtiques i telemàtiques.
 A5 Identifica els components d'un problema de presa de decisions i saber decidir el tipus de model de presa de decisions més adequat.
 G1 Integra els coneixements teòrics amb les realitats a les quals es poden aplicar.
 G2 Aplica les tècniques apreses en contextos concrets.
Type B Code Learning outcomes
 CT2 Formular valoracions a partir de la gestió i ús eficient de la informació.
 CT3 Resoldre problemes complexes de manera crítica, creativa i innovadora en contextos multidisciplinars.
 CT4 Treballar en equips multidisciplinars i en contextos complexes.
 CT7 Aplicar els principis ètics i de responsabilitat social com a ciutadà i com a professional.
Type C Code Learning outcomes

Contents
Topic Sub-topic
1. Introduction a. Basic concepts of privacy
b. Legal principles
c. Privacy by design
d. Design strategies for privacy
2. Data privacy techniques a. Authentication
b. Attribute-based Credentials.
c. Secure and private communications
d. Anonymity and pseudo-anonymity in communications.
e. Privacy in data storages
f. Privacy-preserving computations.
g. Techniques for improving transparency.
3. Privacy in data bases a. Owner's privacy del propietari (Privacy-preserving data mining).
b. User's privacy (private information retrieval).
c. Respondent's privacy (anonymization).
4. User's privacy a. Issues of private information retrieval (PIR).
b. Modifications to PIR based on single users.
c. Modifications to PIR based on p2p networks (P2P PIR).
d. Rational behaviour in P2P PIR.
5. Anonymization in data bases a. Basic concepts
b. Privacy models
c. Protection of tables
d. Protection of interactive data bases.
e. Protection of microdata
g. Evaluation of statistical disclosure control methods.
h. Anonymizing software

Planning
Methodologies  ::  Tests
  Competences (*) Class hours
 Hours outside the classroom
 (**) Total hours
Introductory activities
A3
 1 1.5 2.5
Lecture
A1
A3
CT7
 26 38.5 64.5
Presentations / expositions
A3
 1 1.5 2.5
Problem solving, classroom exercises
A1
G1
G2
CT3
CT4
 4 6 10
ICT practicals
A3
A4
CT3
CT4
 10 15 25
Personal tuition
A3
 1 0 1
 
Objective short-answer tests
A1
CT2
CT7
 2 5 7
 
(*) On e-learning, hours of virtual attendance of the teacher.
(**) The information in the planning table is for guidance only and does not take into account the heterogeneity of the students.

Methodologies
Methodologies
  Description
Introductory activities Difusió de l'actualitat sobre privadesa reflectida als mitjans
Lecture Sessions de teoria
Presentations / expositions Presentacions a l'aula per part de grups de 2 o 3 alumnes de temes especialitzats concrets que els encarrega el professor.
Problem solving, classroom exercises Resolució a l'aula per part de grups de 2 o 3 alumnes de problemes relacionats amb cada tema.
ICT practicals Implementació d'una tecnologia de preservació de la privadesa per part de cada grup de 2 o 3 alumnes.
Personal tuition Atenció al despatx prèvia visita concertada

Personalized attention
Description
Els estudiants poden concertar per correu electrònic una entrevista amb el professor tan sovint com vulguin.

Assessment
Methodologies Competences Description Weight        
Presentations / expositions
A3
 Presentacions a l'aula per part de grups de 2 o 3 alumnes de temes especialitzats concrets que els encarrega el professor. 20%
Problem solving, classroom exercises
A1
G1
G2
CT3
CT4
 Resolució a l'aula per part de grups de 2 o 3 alumnes de problemes relacionats amb cada tema. 20%
ICT practicals
A3
A4
CT3
CT4
 Implementació d'una tecnologia de preservació de la privadesa per part de cada grup de 2 o 3 alumnes. 20%
Objective short-answer tests
A1
CT2
CT7
 Proves de les sessions de teoria 40%
Others  
 
Other comments and second exam session

Sources of information

Basic

o   G. D’Acquisto, J. Domingo-Ferrer, P. Kikiras, V. Torra, Y.-A. De Montjoye i A. Bourka (2015) Privacy by Design in Big Data – An overview of privacy enhancing technologies in the era of big data analytics, European Union Agency for Network and Information Security-ENISA.

o   G. Danezis, J. Domingo-Ferrer, M. Hansen, J.-H. Hoepman, D. Le Métayer, R. Tirtea i S. Schiffner (2015) Privacy and Data Protection by Design: From Policy to Engineering, European Union Agency for Network and Information Security-ENISA.

o   J. Domingo-Ferrer, D. Sánchez i J. Soria-Comas (2016) Database Anonymization: Privacy Models, Data Utility and Microaggregation-Based Inter-Model Connections, Morgan & Claypool.

o   A. Hundepool, J. Domingo-Ferrer, L. Franconi, S. Giessing, E. Schulte-Nordholt, K. Spicer i P.-P. de Wolf (2012) Statistical Disclosure Control, Wiley.
Complementary

Recommendations

Subjects that are recommended to be taken simultaneously
CRYPTOGRAPHY AND INFORMATION SECURITY/17685101

Subjects that it is recommended to have taken before
CRYPTOGRAPHY AND INFORMATION SECURITY/17685101
(*)The teaching guide is the document in which the URV publishes the information about all its courses. It is a public document and cannot be modified. Only in exceptional cases can it be revised by the competent agent or duly revised so that it is in line with current legislation.