Credits: 5EC
Prerequisites: Linear Algebra (201500292) and Security and Cryptography (201500027)
Motivation: The importance of secure data management is growing due to open data networks such as the Internet combined with a wide variety of applications that handle large amounts of sensitive data. Nowadays we read in newspapers almost on a daily basis about data security and privacy issues. Classical data protection methods do no longer suffice and the security research community is increasingly working on new approaches towards to securely manage data on open networks such as the Internet. Security and privacy of data has thus become a cornerstone for the further development of the Internet and governments are increasingly sharpening the rules around protection of data. GDPR being an example of this.
Synopsis: The course looks into modern challenges and state-of-the-art solutions in the area of secure data management. On the one hand, it deals with security weaknesses in currently deployed access control techniques and explains their inappropriateness in the context of the above described emerging technologies. On the other hand, it introduces the most recent developments in access control that can be used to mitigate the shortcomings of classical technologies. Special focus is put on cryptographically-enforced data management tools, e.g., through attribute-based encryption or searchable encryption.
Learning objectives: The student will acquire:
- An appreciation of the security challenges in modern data management;
- A good understanding of diverse data protection mechanisms, and their strengths and shortcomings in different settings especially in open interconnected networks;
- The ability to analyse, evaluate and apply data protection mechanisms in different application settings;
- A deep understand and mastering of principles and current trends in techniques, protocols, implementation schemes regarding: (1) access control, (2) search in encrypted data, (3) secure distributed data protection;
- Hands-on experience regarding the above topics with cryptographically-enforced data management tools that can be used to achieve security in applications dealing with highly sensitive data.
Lecturers: Prof dr Willem Jonker (UT)
Examination: Written exam (70%) and two practical assignments (30%)
Contents:
- Security Building Blocks: Security proofs; Attribute & Identity based encryption; Homomorphic Encryption & Bi-linear mappings.;
- Access Control: Classical Database Access Control: RBAC etc. Access Control in Open Environments, such as Attribute, Identity Based Encryption etc;
- Secure Distributed Data Protection: DRM; Private Data Aggregation; Detection of Anomalous outbound HTTP traffic; Blockchain;
- Search in Encrypted Data: Searchable Encryption Overview; Selected Schemes on Searchable Encryption.
Core text: On-line Reader containing various papers from the literature