CS 465/765 Privacy in a Networked World

CS 465A / CS 765A Privacy in a Networked World

Spring 2005

Time:	Tuesday and Thursdays, 9:30am - 10:45am
Location:	Tuesdays, Burchard 430
	Thursdays, Pierce 116

Back to course home page.

Projects

Half of your grade will be determined by a privacy-related course project, which is due in four "deliverables", as detailed below. Projects are largely student-directed, and can include activities such as a programming project, a research paper describing new results (or documenting failed attempts to obtain such results), a survey article describing the state of the art in a particular research area, a "term paper", or an article suitable for the popular press.

You may work single, in pairs, or in triples. Such groups must be formed for the initial proposals, and remain the same throughout all four of the project deliverables. Each pair or triple will turn in only one product for each deliverable. All members of a given pair or triple will receive the same grade for each deliverable. The expectations, in quantity and quality, will be correspondingly higher for pairs than individuals, and for triples than pairs. You should expect to spend an average of at least five hours per week on your project.

Schedule

10%	Project: initial proposals.	Due Feb. 3
10%	Project: revised proposals.	Due Feb. 17
15%	Project: status reports.	Due Mar. 31
15%	Project: final reports:
	written reports	Due Apr. 28
	oral presentations	Apr. 26 and 28

Project final reports consist both of a written report and an oral presentation, to be given in class on April 26 or April 28. Both the written and the oral parts are required.

Each project component is due at the start of class on the specified day. Lateness on any project deliverable will be penalized at a rate of 5% of the available points per day.

Initial Proposals

In your initial proposal, you should explain, in 3-5 pages, detailed goals and plans for your project, including issues and answers to questions such as the following.

Background and motivation
The problem you hope to solve, question you hope to address, capability you hope to provide, etc.
The approach you plan to take, both at a general level and in detail.
What form will your finished product take?
How will you know if you've been successful? How will demonstrate your success?
A schedule: what steps will you take, and in what order?
What are your intermediate goals for your status report?
References to suitable books, papers, or other materials.

Revised Proposals

Based on comments received on your initial proposals, as well as any ideas for improvements you may have had during the elapsed time, you will revise your initial proposals. Comments may ask you, for example, to increase or decrease the scope of your project to better fit the allotted time, to provide more detail, or to consider aspects of a question you may not have considered.

Status Reports

Your status report should explain the progress you have made towards your goals, how you may have deviated from your initial plans, and any resulting changes you foresee in your final plans. Describe any interesting results you have obtained so far, any unexpected obstacles you encountered, and how you overcame them.

Status reports should be 3-5 pages of the main body of the report, with additional pages allowed for additional materials such as references, source code, screen shots, experimental data, etc.

Final Reports

Your final reports contain two parts: written and oral.

Written Reports

Written final reports should be self-contained, describing the motivation for your work, your methodology, and your results. Reports should be 10-15 pages, again with additional pages allowed for additional materials such as references, source code, screen shots, experimental data, etc. You are allowed (in fact, encouraged) to borrow freely from your own project proposal and status report in order to create your final report. Where possible, use visually interesting materials to describe your work, such as tables, drawings, screen shots, or whatever else is appropriate. You should address issues and questions such as:

Background and motivation
The problem you solved, partially solved, or attempted to solve, or the question you addressed, partially addressed, or attempted to address, etc.
The approach you took, both at a general level and in detail.
What is your finished product?
What are the good and bad properties of your solution/approach/whatever, and how does it compare to different solutions/approaches/whatevers?
If you encountered any unexpected obstacles to a natural approach, perhaps describe them, what you learned from them, how you overcame them, etc.
What did you learn, and/or find interesting?
References to suitable books, papers, or other materials.
Source code, screen shots, experimental data, etc, as appropriate.

Oral Presentations

Final oral presentations will be given in class on the last two class days, April 26 and 28. Individuals will be given 10 minutes, pairs 15 minutes, and triples 20 minutes. For pairs and triples, each person in the group should be an active participant in the presentation.

You should thoroughly prepare and rehearse your presentations, including any demo component, both for content and for timing. You will probably not be able to describe everything that you did, but make sure to explain:

Background needed to describe the goal(s) of your project
The goal(s) of your project
The main findings of your project
More detail of some aspect of your project as time permits (perhaps a demo)
A brief conclusion: what you did, what you learned, perhaps what further work or interesting questions remain.

You should also be prepared to answer a brief question or two from the class.

We will add around 20 minutes of additional time after our regularly scheduled class time on the last two classes in order to accommodate all the final presentations.

Sample Project Ideas

Here are some sample project ideas. You may use any of these ideas, or may choose others ideas. Note that going from a brief statement of the project such as those below to an actual project proposal will take at least several hours of thought, effort, and initial research.

Implementation of privacy-enhancing technologies: look at papers from recent conferences and workshops such as Privacy-Enhancing Technologies, Workshop on Privacy in the Electronic Society, Workshop on Secure Data Management, or others. Choose one or more papers that describe a proposed system or method for providing privacy, and implement a prototype of the system. Think about how to address issues like: how easy or hard is the system to use? how does it compare to other systems that achieve the same or similar goals? If appropriate, have others act as users of your implementation and describe their experiences. If there are different options for making certain choices, perhaps try one or more and compare the results, etc.
A comparative study of privacy in different countries. This might focus on cultural differences, perhaps with a historical perspective, legislative differences, etc. Options include broad coverage of several countries, or an in-depth focus on a specific topic (such as medical privacy) in two or three countries.
The role of Privacy Commissioners (for federal or local government) and/or Chief Privacy Officers (for companies): how can they help privacy? how can they hurt privacy? Topics might address both case studies of privacy successes and privacy failures from the past as well as speculation on what might be possible.
A research paper describing new results: again, start by reading papers from recent privacy conferences, such as those mentioned above, as well as perhaps conferences such as Computers, Freedom, and Privacy. Identify one or more open questions (papers often mention their own suggestions for open questions, but you need not limit your attention to these), and try to address them. Proposals should describe the open problem or problems in detail, perhaps give an annotated bibliography of relevant references, and suggest one or more possible approaches that seem promising. Given the uncertain nature of certain kinds of scholarly research, a documentation of tried approaches, failed approaches, and lessons learned is a valid final product, if it is sufficiently deep.
A survey paper of the state of the art in a particular research area, such as systems for providing anonymity, systems for protecting against spam, issues of privacy vs usability, P3P, etc. Obviously, such papers must be well-researched, include references beyond only URLs, and must be careful to attribute all quoted materials.
A magazine-type article, describing various issues, solutions, and proposals surrounding one or more particular topic, such as biometrics, RFID, privacy and public databases, identity theft, HIPAA, surveillance and privacy, etc. (There may not be a clear distinction between a survey paper and a magazine-type article, except that perhaps the magazine-type article may be more opinionated.) As above, such papers must be well-researched, include references beyond only URLs, and must be careful to attribute all quoted materials.
A user study of Stevens students, addressing their opinions and practices surrounding privacy issues.
Practical investigation of privacy instructions: while there is potential learning value in such activities, there are also ethical/legal issues that must be properly handled. Any such proposals must explain how the ethical issues are properly addressed. For example: a project that is NOT OK would be to try to listen in on a Stevens wireless network to see how many interesting things can be learned, along with a writeup of any juicy tidbits discovered. Maybe ok: deploy your own wireless network and implement various tools for listening in on cleartext and/or encrypted information.

You may find some of the reading material and resources listed on the main course web page useful for your projects.