IDENTIFYING DATA 2017_18
Subject (*) PRIVACY PROTECTION Code 17685107
Study programme
Computer Security Engineering and Artificial Intelligence (2016)
 Cycle 2nd
Descriptors Credits Type Year Period
4.5 Compulsory First 2Q
Language
Anglès
Department Computer Engineering and Mathematics
Coordinator
DOMINGO FERRER, JOSEP
 E-mail
Lecturers
Web http://http://crises-deim.urv.cat/privprot
General description and relevant information General description Learn the basics of privacy, its legal principles and major design strategies . Gain expertise in database privacy and data anonymization.

Competences
Type A Code Competences Specific
 A1 Integrate the fundamental technology, applications, services and systems of Computer Security and Artificial Intelligence,in a broader, multidisciplinary context.
 A3 Understand and know how to apply the functioning and organisation of the Internet, the technology and protocols of new-generation networks, the models of components, intermediate software and services.
 A4 Design, develop, manage and evaluate mechanisms to certify and guarantee security in handling information and access to it in a local or distributed processing system.
 A5 Analyse the information needs considered in an environment and execute all stages of the construction process of a secure information system.
 G1 Project, calculate and design products, processes and installations in the areas of Computer Security and Artificial Intelligence
 G2 Perform mathematical modelling, calculation and simulation in company technology and engineering centres, particularly in tasks of research, development and innovation in the areas of Computer Security and Artificial Intelligence
Type B Code Competences Transversal
 CT2 Formular valoracions a partir de la gestió i ús eficient de la informació.
 CT3 Resoldre problemes complexes de manera crítica, creativa i innovadora en contextos multidisciplinars.
 CT4 Treballar en equips multidisciplinars i en contextos complexes.
 CT7 Aplicar els principis ètics i de responsabilitat social com a ciutadà i com a professional.
Type C Code Competences Nuclear

Learning outcomes
Type A Code Learning outcomes
 A1 Analitza els problemes i les seves causes des d'un enfocament global i de mitjà i llarg termini.
 A3 Dissenya protocols de xarxes i serveis privats per a aplicacions informàtiques i telemàtiques.
 A4 Dissenya tecnologies de garantia de la privacitat per a escenaris d'aplicacions informàtiques i telemàtiques.
 A5 Identifica els components d'un problema de presa de decisions i saber decidir el tipus de model de presa de decisions més adequat.
 G1 Integra els coneixements teòrics amb les realitats a les quals es poden aplicar.
 G2 Aplica les tècniques apreses en contextos concrets.
Type B Code Learning outcomes
 CT2 Formular valoracions a partir de la gestió i ús eficient de la informació.
 CT3 Resoldre problemes complexes de manera crítica, creativa i innovadora en contextos multidisciplinars.
 CT4 Treballar en equips multidisciplinars i en contextos complexes.
 CT7 Aplicar els principis ètics i de responsabilitat social com a ciutadà i com a professional.
Type C Code Learning outcomes

Contents
Topic Sub-topic
1. Introduction a. Basic concepts of privacy
b. Legal principles
c. Privacy by design
d. Design strategies for privacy
2. Data privacy techniques a. Authentication
b. Attribute-based Credentials.
c. Secure and private communications
d. Anonymity and pseudo-anonymity in communications.
e. Privacy in data storages
f. Privacy-preserving computations.
g. Techniques for improving transparency.
3. Privacy in data bases 3. Privacy in data bases a. Owner's privacy del propietari (Privacy-preserving data mining).
b. User's privacy (private information retrieval).
c. Respondent's privacy (anonymization).

4. User's privacy a. Issues of private information retrieval (PIR).
b. Modifications to PIR based on single users.
c. Modifications to PIR based on p2p networks (P2P PIR).
d. Rational behaviour in P2P PIR.
5. Anonymization in data bases a. Basic concepts
b. Privacy models
c. Protection of tables
d. Protection of interactive data bases.
e. Protection of microdata
g. Evaluation of statistical disclosure control methods.
h. Anonymizing software

Planning
Methodologies  ::  Tests
  Competences (*) Class hours
 Hours outside the classroom
 (**) Total hours
Introductory activities
A3
 1 1.5 2.5
Presentations / expositions
A3
A5
CT4
 1 1.5 2.5
Material reading and studying
A1
A3
CT7
 26 37.5 63.5
Assignments
A3
A4
G1
G2
CT3
CT4
 13 19.5 32.5
Forums of discussion
A1
CT2
CT3
CT4
CT7
 1 1.5 2.5
Personal tuition
A3
 1 0 1
 
Objective multiple-choice tests
A1
CT2
CT7
 2 6 8
 
(*) On e-learning, hours of virtual attendance of the teacher.
(**) The information in the planning table is for guidance only and does not take into account the heterogeneity of the students.

Methodologies
Methodologies
  Description
Introductory activities Difusió de l'actualitat sobre privadesa reflectida als mitjans
Presentations / expositions Presentacions a l'aula per part de grups de 2 o 3 alumnes de temes especialitzats concrets que els encarrega el professor.
Material reading and studying
Assignments
Forums of discussion
Personal tuition Atenció al despatx prèvia visita concertada

Personalized attention
Description
Els estudiants poden concertar per correu electrònic una entrevista amb el professor tan sovint com vulguin. L'entrevista serà via skype o un sistema semblant.

Assessment
Methodologies Competences Description Weight        
Presentations / expositions
A3
A5
CT4
 Presentacions a l'aula per part de grups de 2 o 3 alumnes de temes especialitzats concrets que els encarrega el professor. 20%
Assignments
A3
A4
G1
G2
CT3
CT4
 Implementació d'una tecnologia de preservació de la privadesa per part de cada grup de 2 o 3 alumnes. 60%
Objective multiple-choice tests
A1
CT2
CT7
 20%
Others  
 
Other comments and second exam session

Sources of information

Basic

o   G. D’Acquisto, J. Domingo-Ferrer, P. Kikiras, V. Torra, Y.-A. De Montjoye i A. Bourka (2015) Privacy by Design in Big Data – An overview of privacy enhancing technologies in the era of big data analytics, European Union Agency for Network and Information Security-ENISA.

o   G. Danezis, J. Domingo-Ferrer, M. Hansen, J.-H. Hoepman, D. Le Métayer, R. Tirtea i S. Schiffner (2015) Privacy and Data Protection by Design: From Policy to Engineering, European Union Agency for Network and Information Security-ENISA.

o   J. Domingo-Ferrer, D. Sánchez i J. Soria-Comas (2016) Database Anonymization: Privacy Models, Data Utility and Microaggregation-Based Inter-Model Connections, Morgan & Claypool.

o   A. Hundepool, J. Domingo-Ferrer, L. Franconi, S. Giessing, E. Schulte-Nordholt, K. Spicer i P.-P. de Wolf (2012) Statistical Disclosure Control, Wiley.
Complementary

Recommendations

Subjects that are recommended to be taken simultaneously
CRYPTOGRAPHY AND INFORMATION SECURITY/17685101v

Subjects that it is recommended to have taken before
CRYPTOGRAPHY AND INFORMATION SECURITY/17685101v
(*)The teaching guide is the document in which the URV publishes the information about all its courses. It is a public document and cannot be modified. Only in exceptional cases can it be revised by the competent agent or duly revised so that it is in line with current legislation.