Hasso-Plattner-Institut25 Jahre HPI
Hasso-Plattner-Institut25 Jahre HPI

Usable Security and Privacy (Sommersemester 2021)

Dozent: Prof. Dr. Christoph Meinel (Internet-Technologien und -Systeme) , Dr. Anne Kayem (Internet-Technologien und -Systeme)

Allgemeine Information

  • Semesterwochenstunden: 4
  • ECTS: 6
  • Benotet: Ja
  • Einschreibefrist: 18.03.2021 - 09.04.2021
  • Lehrform: Seminar
  • Belegungsart: Wahlpflichtmodul
  • Lehrsprache: Englisch

Studiengänge, Modulgruppen & Module

IT-Systems Engineering MA
  • IT-Systems Engineering
    • HPI-ITSE-E Entwurf
  • IT-Systems Engineering
    • HPI-ITSE-K Konstruktion
  • ISAE: Internet, Security & Algorithm Engineering
    • HPI-ISAE-T Techniken und Werkzeuge
  • ISAE: Internet, Security & Algorithm Engineering
    • HPI-ISAE-K Konzepte und Methoden
  • ISAE: Internet, Security & Algorithm Engineering
    • HPI-ISAE-S Spezialisierung
Data Engineering MA
Digital Health MA
Cybersecurity MA


This seminar will focus on the practical usability issues that emerge in designing privacy preserving algorithms to handle large high-dimensional datasets. Examples of such datasets emerge in the healthcare, education, and online marketing domains, where oftentimes datasets can be characterised by several describing attributes that are comparatively sparsely populated. Furthermore, in the light of current data privacy legislation, reports from statistical organisations such as Statistica, indicate that Internet users are very concerned about the disclosure of the sensitive personal data and the fact that such information can be exploited for identity theft. Platforms such as Identity-Leak Checker, bring to the fore the fact that these concerns are strongly grounded in that the risk of malicious players getting access to personal data grows with the number of applications (e.g. social media and personalised healthcare) using personal data to operate.

As such we will consider usability from both the perspective of generating privacy preserving data to support data analytics operations, and methods of handling human-centered privacy issues.

Coursework will be organised on a group-work model. In the pre-mid-semester phase, participants will work on designing a privacy-preserving mechanism. The results of this will be presented during the mid-semester presentations. In the period following the mid-semester, each group's mechanism will be randomly assigned to an alternative group to test for vulnerabilities. Finally each group will seek to develop countermeasures to address the discovered loopholes that made breaching the privacy-preserving mechanism possible. 


  • Lecture #1 (15.04.2021): Course Overview and Introductory Lecture 


Block #1: Designing Privacy Preserving Mechanisms


  • Lecture #2 (22.04.2021): Designing Privacy Preserving Mechanisms 
  • Lecture #3 (29.04.2021): Privacy versus Usability of Anonymised Data 
  • Lecture #4 (06.05.2021): User-End Privacy Methods - Pros and Cons
  • Lecture #5 (13.05.2021): Enabling Privacy Preserving Machine Learning (I)
  • Lecture #6 (20.05.2021): Enabling Privacy Preserving Machine Learning (II)
  • Lecture #7 (27.05.2021): Identifying Vulnerabilities in Privacy-Preserving Mechanisms (I)


  • Lecture #8 (03.06.2021): Mid-Semester Presentations (Group I)
  • Lecture #9 (10.06.2021): Mid-Semester Presentations  (Group II)


Block #2: Vulnerabilities, Usability, and Mitigations


  • Lecture #10 (17.06.2021): Identifying Vulnerabilities in Privacy-Preserving Mechanisms (II)
  • Lecture #11 (24.06.2021): Usability Testing 
  • Lecture #12 (01.07.2021): Automated Data Collection Methods
  • Lecture #13 (08.07.2021): Analysing Qualitative and Quantitative Data


  • Lecture #14 (15.07.2021): Final Presentations (Group I)
  • Lecture #15 (22.07.2021): Final Presentations (Group II)


  • 15.08.2021: Report Submission


  • Some knowledge of Probability and Statistics
  • Good programming skills (e.g. Python, R, Java, ...)


Relevant literature will be provided to you.

Lern- und Lehrformen

At the end of this seminar you should be able to do the following:

  • Critically assess privacy-preserving mechanisms vis-a-vis usability and privacy
  • Design usable privacy preserving mechanisms to support user-end privacy
  • Design privacy preserving systems to support data analytics operations (e.g. Machine Learning)
  • Design automated user-support privacy/security mechanisms to ensure sensitive data collection / protection


Evaluations towards the final grade, will be based on presentations of results (mid-point and final), as well as a technical report of 12 - 15 pages (6000-7500 words) on the findings drawn from the coursework. Presentations will count for 50% and the report for 50%. The grading rubric is summarised below:

Grading Rubric When? & Where Grade %
Mid-Semester Presentation 03.06 & 10.06.2021 (Online - Zoom) 20%                                                  
Final Presentation 15.07 & 22.07.2021 (Online - Zoom) 30%
Technical Report 15.08.2021 (Moodle - submission) 50%


Lectures will hold on Thursdays, beginning 15.04.2021 via Zoom as follows:

  Time Location
Lectures  Thursdays, 13.30 -15.00 Online (Zoom) 
Project Work  TBD on a per group basis Online (Zoom)

Lecture materials and further details on course modalities will be accessible on Moodle.

Note: To participate in the course you must be registered on the University of Potsdam's Moodle platform, and have registered to attend this course. Search for the course using "Usable Security and Privacy" or "USP-SoSe-2021" and enroll using "USP-SoSe-2021".