Privacy has become an increasingly important topic as our data and data about us is both increasing and more and more being collected and mined. This course will give an overview of privacy concepts and terminology as well as concrete examples of privacy-enhancing technologies (PET) and some of their applications.
Course topics will include: Legal privacy basics, basic PET terms& concepts, anonymous communication (Mixes, Onion Routing, TOR, DC-Nets, etc.), data minimization technologies (blind signatures, zero-knowledge proofs, anonymous credentials, PIR, multi-party secure computation), Privacy policy languages (P3P, PPL, etc.), privacy-enhanced access control, transparency-enhancing tools, privacy-enhanced applications (privacy-enhanced identity management, PET for SNS, Cloud Computing, Smart Grids, eHealth systems etc.).
SWITS is a network for security researchers, primarily PhD students, in Sweden. This course on Privacy-Enhancing Technologies (PET) has been designed to accommodate SWITS PhD students from any location.
The course objectives and learning outcomes are as follows.
Objectives
The students should be able to:
such that the students can:
Course Content
Prerequisites
This course is for PhD students in Computer Science or related subjects. There are no other special prerequisites.
This document will contain the topics distribution over dates, fixed dates and locations, and the reading lists before each meeting.
SWITS PET PhD course 2012 - suggested list of sessions including topics
By default, all sessions start at 10 am and end at 4 pm to allow for travel time, individual sessions can deviate from this depending on the location. Lunch is included at least at the first meeting and we might get support for others and perhaps travel cost subsidies.
Session 1 (5 hours) May 3, 2012, KTH, E35, Osquars Backe 2, 100 40 Stockholm, 3rd floor
Reading assignment before the session:
Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Official Journal L 281 , 23/11/1995 P. 0031 - 0050 http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:31995L0046:en:HTML Optionally, this can be replaced by secondary sources on the EU directive. For example, it is summarized in Simone Fischer-Hübner’s book listed below.
Andreas Pfitzmann, Marit Hansen, “A terminology for talking about privacy by data minimization: Anonymity, Unlinkability, Undetectability, Unobservability,Pseudonymity, and Identity Management”, Version v0.34 Aug. 10, 2010, http://kantarainitiative.org/confluence/download/attachments/45059055/terminology+for+talking+about+privacy.pdf
David Chaum, “Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms”, Communications of the ACM, 24 (2). 1981, pp. 84-88.
Additional Reading:
Session 2 (5 hours), 8 June 2012, KAU:
To accomodate travel times, this session will start at 10.30 (10.15 if manageable) and stop at 16.30 or 16.45 depending on the starting time.Location: Karlstad university in room 21 A 345 (house 21), see map.
For several people traveling together, it is recommended to take a taxi from the train station.
General Reading assignment before Session 2:
Roger Dingledine and Nick Mathewson, The Free Haven Project; Paul Syverson, Naval Research Lab, “Tor: The Second-Generation Onion Router”, 13th USENIX Security Symposium, 2004, pdf
(recommended, but optional: Mike Reiter, Avi Rubin, “Anonymous Web Transactions with Crowds”, Communications of the ACM, Vol.42, No.2, February 1999, pp. 32-38, pdf)
David Chaum, The dining cryptographers problem: Unconditional sender and recipient untraceability, Journal of cryptology, 1988 - Springer, html
Reading assignment before student presentations:
Kevin P. Dyer, Scott E. Coull, Thomas Ristenpart, and Thomas Shrimpton, "Peek-a-Boo, I Still See You: Why Efficient Traffic Analysis Countermeasures Fail", which was presented at this years IEEE Security & Privacy, pdf.
Session 3, 30. August or 27. September Chalmers
Session 4, 27. September, or 4. October KTH
Session 5, 18. October, KAU
Session 6, 29. October, Chalmers
Session 7, 12. November, KTH
Session 8, 4. December, KAU
For remote participation, we will use Adobe Connect or Skype. Log-in information will be posted here.
For the first meeting, we use Adobe Connect, join here.Short quizzes will be given at the start of each meeting to check that the course participants have read the assigned papers.
At each meeting, there will be presentations with papers assigned for prior reading to make sure the presentations are better understood and to enable a more in-depth discussion. For each student presentation topic, there will be 3 papers assigned to be read by everyone.
There will be a place to collect relevant related reading.
Topics and group assignment will be done as follows. At the first meeting, Simone and Sonja will give an overview of the available topics.
There can be groups of 2 (preferred) or 1. Each group does the following.
The topics that have not been selected for presentations will either be covered by (guest) lectures or additional reading lists.
Each meeting will have roughly the same structure. The following are the basic components of each meeting. The order is not yet finalized.
All course information will be available on the KTH social web site for the course DD3344.
At KTH, the course has the number DD3344 and is registered with 7.5 ECTS.
The grades are pass/fail - P/F.
The criteria are as follows. To pass the course, the students successfully complete the following tasks.
The writing assignment consists of 4 pages of text, reflecting on any topic presented in the course (including privacy in general) and, if applicable, how it relates to the participant’s own research, otherwise how it relates to the participant’s own experience.
There will be a guest lecture at most meetings. We invite a mix of people, representing academic, industrial, or policy experts on a particular privacy topic.
The first guest lecture will be given by Douglas Wikstrom on e-voting.
The first lunch will be provided, we are working on the rest.
The course is led jointly by Sonja Buchegger at KTH and Simone Fischer-Hübner at KAU. If you have any questions, please write to both buc at csc dot kth dot se and simone dot fischer-huebner at kau dot se.