CMSC 818J: Privacy Enhancing Technologies:
From Theory to Practice
Huge volumes of data containing sensitive/private information are
being collected and stored by websites, sensors/monitoring systems,
auditing systems, and so on. Examples include electronic records in
health care systems and location information in ubiquitous computing
applications. How can we protect users' privacy and at the same time
enable effective sharing and utilization of the distributed data? How
can we ensure that cloud services do not misuse users' data or violate
privacy policies? And how can we provide desirable services to users
and protect their privacy even when the servers are untrusted?
The general theme of this course is to explore potential
techniques for building new platforms, services, and tools that protect
users' privacy. In particular, we emphasize
the technical and economic viability, as well as the usability of these
We will study promising component technologies ranging
from advances in secure systems research
(e.g., trusted computing, virtualization),
to theoretic tools like differential privacy and cryptography.
Topics intended for discussion include but are not limited to:
-- Attacks against privacy, including
de-anoymization/re-identification attacks, and side-channel attacks
-- Privacy of user data in the cloud
-- Privacy of user data on mobile devices
-- Trusted computing, code attestation and property attestation
-- Data provenance
-- Privacy-preserving data mining
-- Differential privacy, data anonymization and perturbation techniques
-- Privacy-preserving software systems and applications
-- Cryptographic techniques for privacy
-- Programming language techniques for privacy
The goal of this class is twofold: (1) to arm students with a set of core techniques they can use to address privacy issues in their research areas and application domains, (2) to introduce students to important research questions and prepare them to conduct additional research in these areas.
The class is research oriented.
In each class,
the instructor will give a
lecture and lead discussions
based on materials from 1 to 2 selected papers.
Then, there will be
1-2 short student presentations on additional reading materials.
Students should prepare to work on a class project.
Students should form groups of size 2 to 3 by the end of the 2nd week.
The project proposal is due at the end of the 4th week.
Students will give project presentations and submit a final project
report at the end of the semester.
15% Class participation
15% Reading notes and critique
15% Short presentation
No prerequisite for graduate students,
although sufficient security background is expected. For undergraduate
students, please check with the instructor.
- Intended audience:
This course is intended for
graduate students interested in research in privacy enhancing technologies.
Both first year graduate
students and more senior graduate students are welcome.
This is mostly a systems-oriented class, although we will cover some theorectical concepts and tools such as crypto and differential privacy. But they are there more to expose the students to the state-of-the-art tools that could help them build privacy-preserving systems. The class is geared more towards how to design and build privacy-aware and privacy-preserving systems.
The above information is subject to change.