Principles of Data Protection
Course code: 2IMS25
Academic Year: 2020/2021
Quartile 1
Time: Tuesday, hours 3 and 4 (from 10:45 till 12:30)
Time: Thursday, hours 5 and 6 (from 13:30 till 15:15)
Lectures
Due to the current COVID situation, lectures will be given in the form of recordings.
The complete set of lectures is available on videocollege.tue.nl:
https://videocollege.tue.nl/Mediasite/Showcase/e67b8e0ccb0b42b5b737321255bb30cf44/Channel/1cb316e0873a43ec91b53cdc2ae64f5e4d
The slides are available at https://svn.win.tue.nl/repos/security_public/teaching/dtm/Slides/
Lecture hours will be used for Q&A sessions held on CANVAS Conference. Questions can also be asked using the discussion section in CANVAS.
Assessment
Grades for the course are based on a final exam.
The final exam is a 3 hours closed-book exam covering ALL topics presented during the course.
There is the possibility that the exam will be online. More information will be provided when available.
Final exam
Date: 30 October 2020 13:30-16:30
Place TBD
Date: 18 January 2021 18:00-21:00
Place: TBD
Course syllabus (numbers correspond to lectures):
- Introduction. (Nicola Zannone)
- Discretionary Access Control. (Nicola Zannone)
- (Obligatory) Michael A. Harrison, Walter L. Ruzzo, and Jeffrey D. Ullman. Protection in Operating Systems.
Communications of the ACM 19(8): 461-471. 1976
- (Obligatory) Butler W. Lampson. Protection. ACM SIGOPS Operating Systems Review 8(1): 18-24. 1974.
- (Suggested) Pierangela Samarati, Sabrina De Capitani di Vimercati. Access Control: Policies, Models, and Mechanisms. Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures.
- Mandatory Access Control. (Nicola Zannone)
- Role-Based Access Control. (Nicola Zannone)
- (Obligatory) R. S. Sandhu, E.J. Coyne, H.L. Feinstein, C.E. Youman. 1996. Role-Based Access Control Models, IEEE Computer 29(2): 38-47
- (Suggested) Pierangela Samarati, Sabrina De Capitani di Vimercati. Access Control: Policies, Models, and Mechanisms. Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures.
- Attribute-Based Access Control. (Nicola Zannone)
- Role-Based Trust Management I. (Sandro Etalle)
- Role-Based Trust Management II. (Sandro Etalle)
- Usage Control. (Nicola Zannone)
- Introduction to Privacy. (Nicola Zannone)
- Privacy-aware Access Control I. (Nicola Zannone)
- Privacy-aware Access Control II. (Nicola Zannone)
- eXtensible Access Control Markup Language (XACML) I. (Nicola Zannone)
- eXtensible Access Control Markup Language (XACML) II. (Nicola Zannone)
-
Reduction of Access Control Decisions (Nicola Zannone)
- (Obligatory) Charles Morisset, Nicola Zannone: Reduction of access control decisions. In Proceedings of the ACM symposium on Access control models and technologies (SACMAT 2014), pages 53-62, ACM, 2014.
Old exams:
Solution for selected exercises.
2019/2020
Exam (November), here.
Exam (January), here.
2018/2019
Exam (November), here.
Exam (January), here.
2017/2018
Exam (November), here.
Exam (January), here.
2016/2017
Exam (November), here.
Exam (January), here.
2015/2016
Exam (October), here.
Exam (January), here.
2014/2015
Exam (January), here.
Exam (April), here.
2013/2014
Exam (January), here.
Exam (April), here.
2012/2013
Exam (January), here.
Exam (April), here.
2011/2012
Exam (February), here.
Exam (April), here.