Privacy and data security
- Overview
- Assessment methods
- Learning objectives
- Contents
- Bibliography
- Teaching methods
- Contacts/Info
Good knowledge of English
The students learning extent is assessed through a written exam and a talk. The written exam lasts approx. 2 hours. Students are not allowed to consult any text book or other learning material during the test. The test is divided into two parts. The first part consists of 4/5 open questions on the conceptual aspects of the course, whereas the second part consists of 3/4 exercises whose goal is to assess the ability of specifying access control/privacy policies with the models, languages, and tools learned during the course. The grade of each part of the written exam is given in thirtieths. The overall grade of the written exam is determined by the following formula: 1/3 * grade of the first part + 2/3 * grade of the second part. The written exam is passed if the student obtains a grade greater than or equal to 18 in both the parts. The talk has the goal of assessing what has been learned during the exercise classes. The grade of the talk is given in thirtieths and it is successful with a grade greater than or equal to 18. The final score of the course will be determined by the following formula: 1/3 * grade of the talk + 2/3 * grade of the written exam.
The course has the main goal of illustrating the models, languages, and tools for the management of access control and privacy policies within a data management system. A part of the course will also be devoted to access control and privacy issues in innovative contexts (such as for instance IoT, social networks and data outsourcing).
1.Privacy and security in data management systems: basic concepts;
2.Access control within DBMSs;
3.Access control support in SQL;
4.Oracle VPD, OLS, and Oracle Vault;
5.Privacy-preserving DBMS;
6.Data privacy and security: research trends (IoT, Social Networks, Cloud computing, Blockchain).
The slides used during classes can be found on the University’s e-learning web site, where the students can also find further materials and links to relevant websites.
Suggested textbook
E. Ferrari. Access Control in Data Management Systems, Synthesis Lectures on Data Management, Morgan & Claypool, 2010.
Lectures and Exercise classes.
During the period in which the course is held, students can meet with the instructor on class days. In the remainder of the year, the students need to contact the instructor by email to set up an appointment.