Principles of Data Protection
Course code: 2IMS25
Academic Year: 2017/2018
Quartile 1
Time: Tuesday, hours 3 and 4 (from 10:45 till 12:30)
Place: LUNA 1.050
Time: Thursday, hours 5 and 6 (from 13:45 till 15:30)
Place: LUNA 1.056
The slides are being updated during the course.
Assessment
Grades for the course are based on 2 assignments (10%) and a final exam (90%).
- The assignments include problems to be solved.
- The final exam is a 3 hours closed-book exam covering ALL topics presented during the course.
During the course, homeworks will be given.
Homeworks are not graded.
They can be submitted in class at the beginning of the lecture or sent by email.
Assignment 1
Assignment 1
Deadline: 22 September 2017
Assignment 2
Assignment 2
Deadline: 19 October 2017
How to submit the assignments:
- send a pdf file with the solution by email (n.zannone at tue dot nl)
Final exam
Date: 30 October 2017 9:00-12:00
Place: FLUX 0.01, FLUX 1.03, FLUX 1.04, FLUX 1.05, FLUX 1.06
Date: 22 January 2018 18:00-21:00
Place: Auditorium 14
Course Outline (numbers correspond to lectures):
- (5/9) Introduction. (Nicola Zannone)
- (7/9) Discretionary Access Control. (Nicola Zannone)
- (Obligatory) Michael A. Harrison, Walter L. Ruzzo, and Jeffrey D. Ullman. Protection in Operating Systems.
Communications of the ACM 19(8): 461-471. 1976
- (Obligatory) Butler W. Lampson. Protection. ACM SIGOPS Operating Systems Review 8(1): 18-24. 1974.
- (Suggested) Pierangela Samarati, Sabrina De Capitani di Vimercati. Access Control: Policies, Models, and Mechanisms. Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures.
- (12/9) Mandatory Access Control. (Nicola Zannone)
- (14/9) Role Based Access Control. (Nicola Zannone)
- (Obligatory) R. S. Sandhu, E.J. Coyne, H.L. Feinstein, C.E. Youman. 1996. Role-Based Access Control Models, IEEE Computer 29(2): 38-47
- (Suggested) Pierangela Samarati, Sabrina De Capitani di Vimercati. Access Control: Policies, Models, and Mechanisms. Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures.
- (19/9) Usage Control. (Nicola Zannone)
- (21/9) No lecture
- (26/9) CANCELLED
- (28/9) Role-Based Trust Management I. (Sandro Etalle)
- (3/10) Introduction to Privacy. (Nicola Zannone)
- (5/10) Privacy-aware Access Control I. (Nicola Zannone)
- (10/10) Privacy-aware Access Control II. (Nicola Zannone)
- (12/10) eXtensible Access Control Markup Language (XACML) I. (Nicola Zannone)
- (17/10) eXtensible Access Control Markup Language (XACML) II. (Nicola Zannone)
- (19/10) Role-Based Trust Management II. (Sandro Etalle)
- (24/10)
Reduction of Access Control Decisions (Nicola Zannone)
- (Obligatory) Charles Morisset, Nicola Zannone: Reduction of access control decisions. In Proceedings of the ACM symposium on Access control models and technologies (SACMAT 2014), pages 53-62, ACM, 2014.
- (26/10)
Summary. (Nicola Zannone)
Old exams:
2016/2017
Assignment 1, here.
Assignment 2, here.
Exam (November), here.
Exam (January), here.
2015/2016
Assignment 1, here.
Assignment 2, here.
Exam (October), here.
Exam (January), here.
2014/2015
Assignment 1, here.
Assignment 2, here.
Exam (January), here.
Exam (April), here.
2013/2014
Assignment 1, here.
Assignment 2, here.
Exam (January), here.
Exam (April), here.
2012/2013
Assignment 1, here.
Assignment 2, here.
Exam (January), here.
Exam (April), here.
2011/2012
Assignment 1, here.
Assignment 2, here.
Exam (February), here.
Exam (April), here.