KYBS2600 Privacy Engineering (5 op)
Avainteksti
Kuvaus
Information privacy is critical and a proper engineering understanding of how to provide systems with privacy as a first-class property will be made in this course.
The course covers the following topics:
Basics of Privacy:
- Privacy by Design,
- Societal aspects,
- Business aspects.
Case Study.
Data Flow Modelling.
Classifying Information:
- Security classifications and their meanings,
- Information types,
- Personal Data and Characteristics, “PII”,
- Location Data,
- Financial and Health Data,
- Identifiers,
- Temporal Data.
Risk and Vulnerability Analysis:
- Privacy Impact Assessments,
- Failure Model and effects Analysis,
- Root Cause Analysis,
- Risk Registers,
- Privacy Accident Investigations.
Requirements:
- Security Requirements,
- Classification of Requirements,
- Applying Requirements and Modelling their interactions.
Notice and Consent.
Privacy Enhancing Techniques:
- Tokenisation, Randomisation,
- Anonymity,
- Cryptography vs Privacy.
Auditing and Inspection:
- Audit Process,
- Modelling Processes,
- Checklists,
Developing a Privacy Programme.
Osaamistavoitteet
The students will obtain an understanding of privacy at an engineering level and be able to link this with legal and technical requirements in a given system.
Knowledge of how to classify and analyse information, and model how information flows within a system will be the main goal.
Further extension to the processes surrounding privacy and how an audit of a system may be made will be done.Esitietojen kuvaus
Basic knowledge of Linux is desirable.