Data Security & Privacy
Scientific Disciplinary Sector (SSD)
INF/01 - INFORMATICS
Secondo semestre dal Mar 7, 2022 al Jun 10, 2022.
The course aims to provide students with an introduction to the main security and privacy issues related to the collection, storage and processing of Big Data and the technical and organizational solutions that can be adopted to protect such data. The course also aims to give an overview of the ethical, legal and social aspects related to the processing of Big Data. At the end of the course the student has to show to have acquired the following skills: ▪understanding of the main security and privacy attacks on Big Data ▪ knowledge of the techniques to make systems for collecting, storing and processing Big Data, resistant to such attacks and the limitations of these techniques ▪ knowledge of the ethical principles concerning the processing of Big Data ▪ knowledge of the principles for data protection imposed by existing legislation ▪ ability to identify the main attacks and compare different techniques for Big Data protection and choose among the most suitable ones according to the a-specific context.
The syllabus of the course includes the following topics:
- Introduction to information security: definitions, security properties, cyber attacks related to collection, storage and processing of Big Data
- Authentication: digital certificates, public key infrastructures, single sign on, challenge-response protocols.
- Access Control: access control models, specification and enforcement of policies. Applications to systems
for the elaboration of Big Data
-Cryptographic techniques to protect data access: symmetric, e public key cryptography, multiparty computation, secret sharing schemes, oblivious transfer, homomorphic and functional encryption, private set intersection.
- Data provenance: models to represent data provenance, query languages and mechanisms to store and visualize provenance data and their application to Big Data
- Introduction to Privacy: definitions, Solove's Taxonomy, privacy attacks related to collection, storage and processing of Big Data
-Anonymization techniques: pseudoanonymity and hashing, k-anonymity, l-diversity, t-closeness and their attacks. Limitations of anonymization techniquest for Big Data.
- Privacy preserving data mining: clustering, classification, association rule/pattern mining, outliers.
- Differential Privacy: main concepts, Laplace mechanism, privacy budget, global sensitivity, group privacy.
- Privacy Ethics: behavioural economics of privacy, trust frameworks and transparency, fairness.
- Data Protection: principles of data protection, GDPR, compliance techniques.
Students will be assessed through a project /assigned to them in agreement with the teachers on the topics of the course. The results of the project will then be presented orally to the teachers who will be able to request and deepen the student's training on the various topics covered during the course.