Usable Security and Privacy (Sommersemester 2021)
Dozent:
Prof. Dr. Christoph Meinel
(Internet-Technologien und -Systeme)
,
Dr. Anne Kayem
(Internet-Technologien und -Systeme)
Allgemeine Information
- Semesterwochenstunden: 4
- ECTS: 6
- Benotet:
Ja
- Einschreibefrist: 18.03.2021 - 09.04.2021
- Lehrform: Seminar
- Belegungsart: Wahlpflichtmodul
- Lehrsprache: Englisch
Studiengänge, Modulgruppen & Module
- IT-Systems Engineering
- IT-Systems Engineering
- ISAE: Internet, Security & Algorithm Engineering
- HPI-ISAE-T Techniken und Werkzeuge
- ISAE: Internet, Security & Algorithm Engineering
- HPI-ISAE-K Konzepte und Methoden
- ISAE: Internet, Security & Algorithm Engineering
- HPI-ISAE-S Spezialisierung
- DSEC: Data Security
- DSEC-Konzepte und Methoden
- DSEC: Data Security
- DSEC-Techniken und Werkzeuge
- DSEC: Data Security
- HDAS: Health Data Security
- HPI-HDAS-C Concepts and Methods
- HDAS: Health Data Security
- HPI-HDAS-T Technologies and Methods
- HDAS: Health Data Security
- HPI-HDAS-S Specialization
- Cybersecurity
- HPI-CS-PE Data Protection & Ethics
Beschreibung
This seminar will focus on the practical usability issues that emerge in designing privacy preserving algorithms to handle large high-dimensional datasets. Examples of such datasets emerge in the healthcare, education, and online marketing domains, where oftentimes datasets can be characterised by several describing attributes that are comparatively sparsely populated. Furthermore, in the light of current data privacy legislation, reports from statistical organisations such as Statistica, indicate that Internet users are very concerned about the disclosure of the sensitive personal data and the fact that such information can be exploited for identity theft. Platforms such as Identity-Leak Checker, bring to the fore the fact that these concerns are strongly grounded in that the risk of malicious players getting access to personal data grows with the number of applications (e.g. social media and personalised healthcare) using personal data to operate.
As such we will consider usability from both the perspective of generating privacy preserving data to support data analytics operations, and methods of handling human-centered privacy issues.
Coursework will be organised on a group-work model. In the pre-mid-semester phase, participants will work on designing a privacy-preserving mechanism. The results of this will be presented during the mid-semester presentations. In the period following the mid-semester, each group's mechanism will be randomly assigned to an alternative group to test for vulnerabilities. Finally each group will seek to develop countermeasures to address the discovered loopholes that made breaching the privacy-preserving mechanism possible.
===
- Lecture #1 (15.04.2021): Course Overview and Introductory Lecture
----
Block #1: Designing Privacy Preserving Mechanisms
===
- Lecture #2 (22.04.2021): Designing Privacy Preserving Mechanisms
- Lecture #3 (29.04.2021): Privacy versus Usability of Anonymised Data
- Lecture #4 (06.05.2021): User-End Privacy Methods - Pros and Cons
- Lecture #5 (13.05.2021): Enabling Privacy Preserving Machine Learning (I)
- Lecture #6 (20.05.2021): Enabling Privacy Preserving Machine Learning (II)
- Lecture #7 (27.05.2021): Identifying Vulnerabilities in Privacy-Preserving Mechanisms (I)
===
- Lecture #8 (03.06.2021): Mid-Semester Presentations (Group I)
- Lecture #9 (10.06.2021): Mid-Semester Presentations (Group II)
===
Block #2: Vulnerabilities, Usability, and Mitigations
---
- Lecture #10 (17.06.2021): Identifying Vulnerabilities in Privacy-Preserving Mechanisms (II)
- Lecture #11 (24.06.2021): Usability Testing
- Lecture #12 (01.07.2021): Automated Data Collection Methods
- Lecture #13 (08.07.2021): Analysing Qualitative and Quantitative Data
===
- Lecture #14 (15.07.2021): Final Presentations (Group I)
- Lecture #15 (22.07.2021): Final Presentations (Group II)
===
- 15.08.2021: Report Submission
Voraussetzungen
- Some knowledge of Probability and Statistics
- Good programming skills (e.g. Python, R, Java, ...)
Literatur
Relevant literature will be provided to you.
Lern- und Lehrformen
At the end of this seminar you should be able to do the following:
- Critically assess privacy-preserving mechanisms vis-a-vis usability and privacy
- Design usable privacy preserving mechanisms to support user-end privacy
- Design privacy preserving systems to support data analytics operations (e.g. Machine Learning)
- Design automated user-support privacy/security mechanisms to ensure sensitive data collection / protection
Leistungserfassung
Evaluations towards the final grade, will be based on presentations of results (mid-point and final), as well as a technical report of 12 - 15 pages (6000-7500 words) on the findings drawn from the coursework. Presentations will count for 50% and the report for 50%. The grading rubric is summarised below:
| Grading Rubric | When? & Where | Grade % |
| Mid-Semester Presentation | 03.06 & 10.06.2021 (Online - Zoom) | 20% |
| Final Presentation | 15.07 & 22.07.2021 (Online - Zoom) | 30% |
| Technical Report | 15.08.2021 (Moodle - submission) | 50% |
Termine
Lectures will hold on Thursdays, beginning 15.04.2021 via Zoom as follows:
| | Time | Location |
| Lectures | Thursdays, 13.30 -15.00 | Online (Zoom) |
| Project Work | TBD on a per group basis | Online (Zoom) |
Lecture materials and further details on course modalities will be accessible on Moodle.
Note: To participate in the course you must be registered on the University of Potsdam's Moodle platform, and have registered to attend this course. Search for the course using "Usable Security and Privacy" or "USP-SoSe-2021" and enroll using "USP-SoSe-2021".
Zurück
