Kies de Nederlandse taal
Course module: 2IMS25
Principles of data protection
Course info
Course module2IMS25
Credits (ECTS)5
Course typeGraduate School
Language of instructionEnglish
Offered byEindhoven University of Technology; Mathematics and Computer Science; Computer Science;
Is part of
Computer Science and Engineering
Data Science in Engineering (CSE)
Information Security Technology
Contact persondr. N. Zannone
Responsible lecturer
dr. N. Zannone
Other course modules lecturer
Contactperson for the course
dr. N. Zannone
Other course modules lecturer
Academic year2016
1  (05/09/2016 to 13/11/2016)
Starting block
TimeslotA1: A1 - Mo 1-2, Th 5-6
C2: C2 - Tu 3-4, Fr 7-8
Course mode
Registration openfrom 15/06/2016 up to and including 28/08/2016
Application procedureYou apply via OSIRIS Student
Registration using OSIRISYes
Registration open for students from other department(s)Yes
Waiting listNo
Number of insufficient tests-
Number of groups of preference0
Learning objectives
fter completing this course
  • the student is able to understand the relevance of data protection in real settings;
  • the student is able to have a detailed understanding of most important access control models;
  • the student has knowledge of the well-established privacy principles;
  • the student is able to specify access control and privacy policies;
  • the student is able to evaluate access control and privacy policies;
The digitalization of information and the Internet have dramatically changed the nowadays society. New business models and technologies have been deployed to provide users with new services (e.g., eBusiness, eHealth, eGoverment). However, this new trend has to increasingly face the risk of unauthorized access to personal information and consequently of misuses of personal information. This course focuses on data protection technologies designed to prevent dissemination of sensitive information of individuals. The course will provide a solid introduction to most important access control models (e.g., DAC, MAC, RBAC) and their extensions for distributed systems (e.g., RT) and usage control (e.g., UCON). Subsequently, the course will introduce the privacy principles defined in the European Directive and provide insights on how access control models can be extended to address privacy issues. Different models and frameworks will be presented. The last part of the course will focus on industry standards in the area of access control and privacy (e.g., XACML and EPAL).
Entrance requirements
Entrance requirements tests
Assumed previous knowledge
2IC60 Computer networks and security
Previous knowledge can be gained by
Resources for self study
Bachelor College or Graduate School
Graduate School
URL study guide
URL study guide
Required materials
Recommended materials
Slides and various seminal articles, links will be provided on the course website
Instructional modes
College / course


Test weight100
Minimum grade6
Test typeWritten
Number of opportunities2
OpportunitiesBlock 1, Block 2
Test duration in minutes180


Assignment is 10% and written exam 90% of the final grade

Kies de Nederlandse taal