Personal communication

E-Privacy - Privacy in the Electronic Society

Course at ETH Zurich, Department of Computer Science, Spring Semester 2009

251-0466-00L

Dates.
Lecture: Tuesdays, 15:15-17:00, ML F 40
Exercises: Tuesdays, 17:00-18:00, ML F 40

Web page. http://www.zurich.ibm.com/~gka/ePrivacy/

Organization

Lecturers.
Dr. Jan Camenisch, IBM Zurich Research Lab
Dr. Günter Karjoth, IBM Zurich Research Lab

Assistent.
Anna Zych (anna.zych AT inf.ethz.ch)

Description
Privacy issues have been the subject of public debates since years. In particular, as new technologies are developed, they increasingly raise privacy concerns - the Web 2.0, wireless location-based services, and RFID chips are just a few examples. Thus, the need for privacy-aware policies, regulations, and techniques has been widely recognized by law makers, regulators, and the media. As a result, businesses are under pressure to draft privacy policies, chief privacy officers are becoming essential members of many organizations, and companies are taking pro-active steps to avoid the potential reputation damage of a privacy mistake. This course provides an in-depth look into privacy laws and regulations as well as into technologies for achieving privacy in an electronic world.

Prerequisites. Basic knowledge of cryptology is recommended to follow some of the topics of the course.

Tentative List of Topics

  1. Introduction
  2. Laws and Regulations
  3. Privacy Seals
  4. Privacy Policies
  5. Policy negotiation
  6. k-Anonymity
  7. RFID
  8. Anonymous Credentials
  9. Encryption, Verifiable Encryption and Anonymous Communication

Announcements

Office consultation hours:

Course Material

There is no main textbook for the course. See Supplemental Texts at the end of this Web page.

Class Schedule

Date Lecturer Topic References Exercises
Feb 17 Günter Karjoth Introduction Exercise #1
Feb 24 Günter Karjoth Laws and Regulations, Privacy Seals Exercise #2
Mar 3 Günter Karjoth Privacy Policy Languages (P3P) Exercise #3
Mar 10 Günter Karjoth Privacy Policy Languages (Enterprise) Exercise #4
Mar 17 Günter Karjoth Database Privacy Exercise #5
Mar 24 Günter Karjoth Privacy in Sensor Networks (RFID) Exercise #6
Mar 31 Günter Karjoth Privacy in Sensor Networks (RFID)
Apr 7 Jan Camenisch Identity and Trust Management
Apr 14 No lecture (ETH Osterferien)
Apr 21 Jan Camenisch Anonymous Credentails I Number Theory Exercise B
Apr 28 Günter Karjoth Privacy Practices and Economics
May 5 Jan Camenisch Anonymous Credentails II Exercise C
May 12 Jan Camenisch Anonymous Credentails III [Camenisch, 2008],[BaCaLy04] Exercise D
May 19 Jan Camenisch Encryption, Verifiable Encryption and Anonymous Communication
May 26 Nathalie Weiler (Invited Lecturer) To be announced.

Cartoons and other interesting stuff


News from the Press


Optional Supplemental Texts

Privacy in General
Books on Aspects of E-Privacy:

Selected articles
[Camenisch, 2008]
J. Camenisch: The Camenisch-Lysyanskaya Private Credential System Explained, Work in Progress.
[BeCaLy0]
A. Bengerter, J. Camenisch and A. Lysyanskaya: A Cryptographic Framework for the Controlled Release Of Certified Data. In Twelfth International Workshop on Security Protocols 2004.
[Barth&Mitchell, 2005]
A. Barth and J.C. Mitchell: Enterprise pricavy Promises and Enforcement. WITS'05, 2005.
[Moores, 2005]
T. Moores: Do consumers understand the role of privacy seals in e-commerce? CACM 48(3) 86-91, 2005
[Hochheiser, 2004]
H. Hochheiser: The Platform for Privacy Preferences as a Social Protocol: An Examination Within the U.S. Policy Context. ACM Trans. on Internet Technology 2(4) 276-306, Nov. 2002.
[Molnar&Wagner, 2004]
D. Molnar and D. Wagner. Privacy and Security in Library RFID: Issues, Practices, and Architectures. In 11th ACM Conference on Computer and Communications Security (CCS), pages 210V219. ACM Press, 2004
[Juels et al, 2005]
A. Juels, D. Molnar, and D. Wagner: Security and Privacy Issues in E-passports. Cryptology ePrint Archive, Report 2005/095 http://eprint.iacr.org/
[BSI, 2005]
Bundesamt für Sicherheit in der Informationstechnik, Digitale Sicherheitsmerkmale im elektronischen Reisepass. 11.05.2005
[Agrawal et al, 2004]
R. Agrawal, R. Bayardo, C. Faloutsos, J. Kiernan, R. Rantzau, R. Srikant: Auditing Compliance with a Hippocratic Database, VDLB 2004
[Agrawal et al, 2002]
R. Agrawal, J. Kiernan, R. Srikant, Y. Xu: Hippocratic Databases, VDLB 2002
[LeFevere et al, 2004]
K. LeFevre, R. Agrawal, V. Ercegovac, R. Ramakrishnan, Y. Xu, D. DeWitt: Limiting Disclosure in Hipplocratic Databases, VLDB 2004
[Asonov&Freytag, 2002]
D. Asonov, J.-C. Freytag: Almost Optimal Private Information Retrieval, PET 2002
[Agrawal&Srikant, 2000]
R. Agrawal, R. Srikant: Privacy-preserving Data Mining, SIGMOD 2000
[Samarati, 2001]
P. Samarati, Protecting Respondent's Privacy in Microdata Release, IEEE Transactions on Knowledge and Data Engineering, 13(6), 2001; 1010-1027.
Gildas Avoine's Web page related to Security and Privacy Issues in RFID Systems: lasecwww.epfl.ch/~gavoine/rfid/.

Last modified: Wed Feb 18 13:45:46 MDT 2009  
IBM doesn't necessarily share my personal opinions stated on this page. 
[ Zurich home page | Research home page ]
[ Home | Order | Search | Contact IBM | Privacy | Legal ]