Principles of Data Protection
Course code: 2IMS25
Academic Year: 2024/2025
Quartile 1
Time: Tuesday, hours 3 and 4 (from 10:45 till 12:30)
Place: Auditorium 7
Time: Friday, hours 7 and 8 (from 15:30 till 17:15)
Place: Luna 1.050
The slides are being updated during the course. They are available on CANVAS.
Assessment
Grades for the course are based on a final exam.
The final exam is a 3 hours closed-book exam covering ALL topics presented during the course and mandatory papers.
There is the possibility that the exam will be online. More information will be provided when available.
Final exam
Date: 6 November 2024 9:00-12:00
Place: TBD
Date: 29 January 2025 18:00-21:00
Place: TBD
Course Outline (numbers correspond to lectures):
- (3/9) Introduction. (Nicola Zannone)
- (6/9) Discretionary Access Control. (Nicola Zannone)
- (Obligatory) Michael A. Harrison, Walter L. Ruzzo, and Jeffrey D. Ullman. Protection in Operating Systems.
Communications of the ACM 19(8): 461-471. 1976
- (Obligatory) Butler W. Lampson. Protection. ACM SIGOPS Operating Systems Review 8(1): 18-24. 1974.
- (Suggested) Pierangela Samarati, Sabrina De Capitani di Vimercati. Access Control: Policies, Models, and Mechanisms. Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures.
- (10/9) Mandatory Access Control. (Nicola Zannone)
- (13/9) Role-Based Access Control. (Nicola Zannone)
- (Obligatory) R. S. Sandhu, E.J. Coyne, H.L. Feinstein, C.E. Youman. 1996. Role-Based Access Control Models, IEEE Computer 29(2): 38-47
- (Suggested) Pierangela Samarati, Sabrina De Capitani di Vimercati. Access Control: Policies, Models, and Mechanisms. Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures.
- (17/9) Role-Based Trust Management I. (Sandro Etalle)
- (20/9) Role-Based Trust Management II. (Sandro Etalle)
- (24/9) Attribute-Based Access Control. (Nicola Zannone)
- (27/9) No lecture (MomenTUm)
- (1/10) Usage Control. (Nicola Zannone)
- (4/10) Introduction to Privacy. (Nicola Zannone)
- (8/10) Privacy-aware Access Control I. (Nicola Zannone)
- (11/10) Privacy-aware Access Control II. (Nicola Zannone)
- (15/10) eXtensible Access Control Markup Language (XACML) I. (Nicola Zannone)
- (18/10) eXtensible Access Control Markup Language (XACML) II. (Nicola Zannone)
- (22/10)
Reduction of Access Control Decisions (Nicola Zannone)
- (Obligatory) Charles Morisset, Nicola Zannone: Reduction of access control decisions. In Proceedings of the ACM symposium on Access control models and technologies (SACMAT 2014), pages 53-62, ACM, 2014.
Old exams:
Solution for selected exercises.
2023/2024
Exam (November), here.
Exam (January), here.
2022/2023
Exam (November), here.
Exam (January), here.
2021/2022
Exam (November), here.
Exam (January), here.
2020/2021
Exam (October), Part A Part B.
Exam (January), Part A Part B.
2019/2020
Exam (November), here.
Exam (January), here.
2018/2019
Exam (November), here.
Exam (January), here.
2017/2018
Exam (November), here.
Exam (January), here.
2016/2017
Exam (November), here.
Exam (January), here.
2015/2016
Exam (October), here.
Exam (January), here.
2014/2015
Exam (January), here.
Exam (April), here.
2013/2014
Exam (January), here.
Exam (April), here.
2012/2013
Exam (January), here.
Exam (April), here.
2011/2012
Exam (February), here.
Exam (April), here.