Principles of Data Protection
Course code: 2IMS25
Academic Year: 2024/2025
Quartile 1
Time: Tuesday, hours 3 and 4 (from 10:45 till 12:30)
Place: Auditorium 7
Time: Friday, hours 7 and 8 (from 15:30 till 17:15)
Place: Luna 1.050
The slides are being updated during the course. They are available on CANVAS.
Assessment
Grades for the course are based on a final exam.
The final exam is a 3 hours closed-book exam covering ALL topics presented during the course and mandatory papers.
Final exam
Date: 6 November 2024 9:00-12:00
Place: Vertigo 3.15 A, Vertigo 3.15 B, Vertigo 4.06 A, Vertigo 4.06 B, Vertigo 4.15 A
Date: 29 January 2025 18:00-21:00
Place: TBD
Course Outline (numbers correspond to lectures):
- (3/9) Introduction. (Nicola Zannone)
- (6/9) Discretionary Access Control. (Nicola Zannone)
- (Obligatory) Michael A. Harrison, Walter L. Ruzzo, and Jeffrey D. Ullman. Protection in Operating Systems.
Communications of the ACM 19(8): 461-471. 1976
- (Obligatory) Butler W. Lampson. Protection. ACM SIGOPS Operating Systems Review 8(1): 18-24. 1974.
- (Suggested) Pierangela Samarati, Sabrina De Capitani di Vimercati. Access Control: Policies, Models, and Mechanisms. Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures.
- (10/9) Mandatory Access Control. (Nicola Zannone)
- (13/9) Role-Based Access Control. (Nicola Zannone)
- (Obligatory) R. S. Sandhu, E.J. Coyne, H.L. Feinstein, C.E. Youman. 1996. Role-Based Access Control Models, IEEE Computer 29(2): 38-47
- (Suggested) Pierangela Samarati, Sabrina De Capitani di Vimercati. Access Control: Policies, Models, and Mechanisms. Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures.
- (17/9) Role-Based Trust Management I. (Sandro Etalle)
- (20/9) Role-Based Trust Management II. (Sandro Etalle)
- (24/9) Attribute-Based Access Control. (Nicola Zannone)
- (27/9) No lecture (MomenTUm)
- (1/10) Usage Control. (Nicola Zannone)
- (4/10) Introduction to Privacy. (Nicola Zannone)
- (8/10) Privacy-aware Access Control I. (Nicola Zannone)
- (11/10) Privacy-aware Access Control II. (Nicola Zannone)
- (15/10) eXtensible Access Control Markup Language (XACML) I. (Nicola Zannone)
- (18/10) eXtensible Access Control Markup Language (XACML) II. (Nicola Zannone)
- (22/10)
Reduction of Access Control Decisions (Nicola Zannone)
- (Obligatory) Charles Morisset, Nicola Zannone: Reduction of access control decisions. In Proceedings of the ACM symposium on Access control models and technologies (SACMAT 2014), pages 53-62, ACM, 2014.
Old exams:
Solution for selected exercises.
2023/2024
Exam (November), here.
Exam (January), here.
2022/2023
Exam (November), here.
Exam (January), here.
2021/2022
Exam (November), here.
Exam (January), here.
2020/2021
Exam (October), Part A Part B.
Exam (January), Part A Part B.
2019/2020
Exam (November), here.
Exam (January), here.
2018/2019
Exam (November), here.
Exam (January), here.
2017/2018
Exam (November), here.
Exam (January), here.
2016/2017
Exam (November), here.
Exam (January), here.
2015/2016
Exam (October), here.
Exam (January), here.
2014/2015
Exam (January), here.
Exam (April), here.
2013/2014
Exam (January), here.
Exam (April), here.
2012/2013
Exam (January), here.
Exam (April), here.
2011/2012
Exam (February), here.
Exam (April), here.