Privacy Engineering

Module aims

This module will teach you about state-of-the-art privacy-preserving mechanisms and systems and how to attack them. We will then review and discuss improvements and trade-offs.

First, we will review anonymisation strategies for small and big data datasets and their limits. We will then do the same for query-based systems before learning and applying a theory called Differential Privacy. Finally, throughout the module, we will read and discuss research papers on attack and defenses.

Learning outcomes

Upon successful completion of this module you will be able to:

  • anonymise and re-identify small and big data datasets
  • use and extend algorithms to attack query-based/ question-and-answers systems
  • use and develop differentially
  • private functions and evaluate the use of differential privacy on personal data sets
  • build privacy-preserving services using cryptographic methods
  • develop and analyse policies for privacy-preserving services using formal methods

Module syllabus

Upon successful completion of this module you will be able to:
- anonymise and re-identify small and big data datasets
- use and extend algorithms to attack query-based/ question-and-answers systems
- use and develop differentially-private functions and evaluate the use of differential privacy on personal data sets
- build privacy-preserving services using cryptographic methods
- develop and analyse policies for privacy-preserving services using formal methods

Teaching methods

The module is motivated by real-world privacy concerns and aims to introduce the fundamental concepts and techniques for developing solutions that are privacy-preserving. In addition to material prepared by the lecturers you will also be expected to read and discuss selected research papers in privacy and security. The objective is to prepare you to pursue research into privacy as well as to develop and adversarially test privacy-preserving solutions to industry problems.

We use a flipped-classroom model where you watch the lecture on your own before joining live sessions where we discuss the content and answer questions. Lab session are mostly done using JupyterLab and will be done on your own with solutions provided at the end of the week. TAs will hold office hours to answer any questions you might have. Labs are not assessed.

An online service will be used as an open discussion forum for the module.

Assessments

Coursework will consist of the following: a group coursework designed to reinforce the material covered in lectures and give you hands-on experience of solving real privacy problems, and/or a group presentation and debate about a research paper. The coursework counts for 30% of the marks for the module. There will be a final written exam, which will test both theoretical and practical aspects of the subject. This exam counts for the remaining 70% of the marks.

There will be detailed feedback on the coursework exercises which will include written feedback on your submissions and class-wide feedback explaining common pitfalls and suggestions for improvement.   

Reading list

Core reading

Module leaders

Dr Yves-Alexandre de Montjoye