Cybersecurity and Privacy Preservation Techniques and Digital Security and Privacy
A.Y. 2019/2020
Learning objectives
The objective of this course is to introduce the essential elements of data protection law, as well as the principles, rights and duties set by the General Data Protection Regulation (GDPR). The course will also study privacy risks arising in public and semi-public data release and in emerging scenarios, illustrating solutions aimed at mitigating these risks.
Expected learning outcomes
The student will have knowledge and understanding of the fundamental legal concepts of data protection; autonomous ability to read the new European regulatory standards; ability to understand the goals and technological motivations that led to their adoption; ability to understand the implementation logic of the new regulatory framework. The student will also be able to identify privacy risks in data publication and in outsourcing scenarios, and to propose and evaluate solutions able to mitigate such risks.
Lesson period: First trimester
Assessment methods: Esame
Assessment result: voto verbalizzato in trentesimi
Single course
This course cannot be attended as a single course. Please check our list of single courses to find the ones available for enrolment.
Course syllabus and organization
Single session
Responsible
Lesson period
First trimester
Course syllabus
Unit I: Data Protection Law
- Introduction
- The European concept of privacy between EU and ECHR
- The relevant data subjects
- Territorial and material scope
- Principles and conditions relating to processing of personal data
- Rights of the data subject
- The Member States' Independent Supervisory Authorities and the European Data Protection Board
- Competence, tasks and powers, Remedies and penalties
- Transfers of personal data to third countries (non-EU countries)
- IA and Data protection
Unit II: Cybersecurity and Privacy Preservation Techniques
- Introduction
- Macrodata and microdata protection
- Privacy in data publication
- Authentication and access control
- Data protection in the cloud
- Introduction
- The European concept of privacy between EU and ECHR
- The relevant data subjects
- Territorial and material scope
- Principles and conditions relating to processing of personal data
- Rights of the data subject
- The Member States' Independent Supervisory Authorities and the European Data Protection Board
- Competence, tasks and powers, Remedies and penalties
- Transfers of personal data to third countries (non-EU countries)
- IA and Data protection
Unit II: Cybersecurity and Privacy Preservation Techniques
- Introduction
- Macrodata and microdata protection
- Privacy in data publication
- Authentication and access control
- Data protection in the cloud
Prerequisites for admission
None
Teaching methods
Frontal lessons
Teaching Resources
Web site:
http://sforesticpptdsp.ariel.ctu.unimi.it
Slides and reading lists made available on the course web site.
http://sforesticpptdsp.ariel.ctu.unimi.it
Slides and reading lists made available on the course web site.
Assessment methods and Criteria
The exam consists of two tests, one for each unit.
For the "Data Protection Law" Unit, attending students can sustain intermediate verifications, which will be held at the end of each module. The verifications are composed of multiple choice questions and an open-ended question. For students not attending intermediate verifications, the exam is oral. The oral exam consists of an interview on program topics. The exam is aimed at ascertaining the preparation and argumentative capacity of the student.
For the "Cybersecurity and Privacy Preservation Techniques" Unit, the exam consists of a written test (1 hour and 30 minutes), including both questions and exercises covering the topics of the course. Questions and exercises are aimed at evaluating the knowledge and understanding of the student of the course.
The evaluation is expressed on a 1-30 scale and is computed considering the evaluation obtained in each of the two tests.
The results of the exams are available on the Ariel web page of the course.
For the "Data Protection Law" Unit, attending students can sustain intermediate verifications, which will be held at the end of each module. The verifications are composed of multiple choice questions and an open-ended question. For students not attending intermediate verifications, the exam is oral. The oral exam consists of an interview on program topics. The exam is aimed at ascertaining the preparation and argumentative capacity of the student.
For the "Cybersecurity and Privacy Preservation Techniques" Unit, the exam consists of a written test (1 hour and 30 minutes), including both questions and exercises covering the topics of the course. Questions and exercises are aimed at evaluating the knowledge and understanding of the student of the course.
The evaluation is expressed on a 1-30 scale and is computed considering the evaluation obtained in each of the two tests.
The results of the exams are available on the Ariel web page of the course.
Unit Cybersecurity and Privacy Preservation Techniques
IUS/01 - PRIVATE LAW
IUS/09 - PUBLIC LAW
IUS/14 - EUROPEAN UNION LAW
IUS/09 - PUBLIC LAW
IUS/14 - EUROPEAN UNION LAW
Lessons: 20 hours
Professor:
Foresti Sara
Shifts:
-
Professor:
Foresti Sara
Unit Digital Security and Privacy
IUS/01 - PRIVATE LAW
IUS/09 - PUBLIC LAW
IUS/14 - EUROPEAN UNION LAW
IUS/09 - PUBLIC LAW
IUS/14 - EUROPEAN UNION LAW
Lessons: 20 hours
Professor:
De Angelis Andrea
Shifts:
-
Professor:
De Angelis AndreaProfessor(s)