Usable Security and Privacy (Sommersemester 2020)
Dozent:
Prof. Dr. Christoph Meinel
(Internet-Technologien und -Systeme)
,
Dr. Anne Kayem
(Internet-Technologien und -Systeme)
Allgemeine Information
- Semesterwochenstunden: 4
- ECTS: 6
- Benotet:
Ja
- Einschreibefrist: 20.04.2020 - 12.05.2020
- Lehrform: Seminar
- Belegungsart: Wahlpflichtmodul
- Lehrsprache: Englisch
- Maximale Teilnehmerzahl: 25
Studiengänge, Modulgruppen & Module
- IT-Systems Engineering
- IT-Systems Engineering
- ISAE: Internet, Security & Algorithm Engineering
- HPI-ISAE-T Techniken und Werkzeuge
- ISAE: Internet, Security & Algorithm Engineering
- HPI-ISAE-K Konzepte und Methoden
- ISAE: Internet, Security & Algorithm Engineering
- HPI-ISAE-S Spezialisierung
- DSEC: Data Security
- DSEC-Konzepte und Methoden
- DSEC: Data Security
- DSEC-Techniken und Werkzeuge
- DSEC: Data Security
- HDAS: Health Data Security
- HPI-HDAS-C Concepts and Methods
- HDAS: Health Data Security
- HPI-HDAS-T Technologies and Methods
- HDAS: Health Data Security
- HPI-HDAS-S Specialization
- Cybersecurity
- HPI-CS-PE Data Protection & Ethics
Beschreibung
Legislation on data protection raises the issue of how to design effective and usable solutions to the problem of keepling personal data private. On the one hand, personal data is crucial to maintaining the quality-of-service provided by web applications, but on the other hand, preventing misuse of private information, and exposure remains a concern. For instance, Statistica reports that in 2019, a primary fear of Internet users is the disclosure of sensitive personal information which could be used for identity theft.
During the course of this seminar, we will study the usability and user-interface problems that emerge in the field of data protection. We will approach the issue from the organisational and user perspectives. Invited industry experts from FoundersLane, SAP, and McKinsey, will give a series of talks on the daily challenges in protecting personal data. While our teahing team will provide lectures on the methodology used to design privacy preserving algorithms.
Coursework will be organised on a group-work model. In the pre-mid-semester phase, participant will work on anonymising a semi-syntactic dataset. Following the mid-semster, based on discussed de-anonymisation principles, each group's anonymised dataset will be assigned to a randomly selected group to de-anonymise. Finally, each group will seek to develop a solution to counter (repair) the loophole that made the de-anonymisation possible.
Meetings:
The first lecture will hold on 30.04.2020 from 9.15 -11.00am. Subsequent lectures beginning May 8 will hold as indicated below.
| | Time | Location |
| Lectures | Fridays, 11.00 -12.30 | Online (Zoom) + Content (OwnCloud) or A.1.1 (Potentially) |
| Project Work | Fridays, 12.30 - 14.00 | Online (Zoom) |
Instructors' (contact information):
Voraussetzungen
- Knowledge of Probability and Statistics
- Strong programming skills (e.g. Python, R, Java, ...)
Literatur
Relevant literature will be provided to you.
Lern- und Lehrformen
Following the "Topics in Data Privacy" course offered in the Wintersemester (2019/2020), this seminar is aimed at students who are interested in learning about the practical usability problems that emerge in generating data sets that are useful for data analytics operations but that are at the same time privacy preserving. Understanding how privacy preserving mechanism are implemented and how user behaviours affect their success or failure is an important step in effective privacy preserving algorithm design.
Learning Objectives:
At the end of this seminar you should be able to do the following:
- Critically assess privacy-preserving algorithms for robustnessness to disclosure attacks
- Design privacy preserving algorithms to protect against disclosures
- Analyse privacy-preserving datasets for usability with respect to querying and/or assorted data analytics tasks
Leistungserfassung
Evaluations towards the final grade, will be based on presentations of results (mid-point and final), as well as a technical report of 12 - 15 pages (6000-7500 words) on the findings drawn from the coursework. Presentations will count for 50% and the report for 50%. The grading rubric is summarised below:
| Grading Rubric | Grade % |
| Mid-Semester Presentation | 20% |
| Final Presentation | 30% |
| Technical Report | 50% |
Termine
30.04.2020: Course Overview and Introductory Lecture (9.15 -11.00am)
01.05.2020: No Lecture (Public Holiday)
08.05.2020: Designing Privacy Preserving Algorithms (I)
15.05.2020: Usability of Anonymised Data (& Project and Team Assignments)
22.05.2020: Anonymising Medical Data
29.05.2020: Designing Privacy Preserving Algorithms (II)
05.06.2020: Privacy Guarantees - Challenges (I)
12.06.2020: Mid-Semester Presentations
19.06.2020: Privacy Guarantees - Challenges (II)
26.06.2020: Hands-on Examples of Re-identification
03.07.2020: Addressing Re-Identification Vulnerabilities
10.07.2020: Outlier and Anomaly Detection
17.07.2020: Making Anonymity Tools Usable
24.07.2020: Final Presentations (Group I)
31.07.2020: Final Presentations (Group II)
31.08.2020: Report Submission
Zurück
