SIT719 Security and Privacy Issues in Analytics Assessment 2: Technology Assessment Report Key information • Due: by Friday 13 September 23:59 (AEST) • Weight: 30% of total mark for this unit •...

Please see the attached assignment files and please see the Version2 for all the instructions.


SIT719 Security and Privacy Issues in Analytics Assessment 2: Technology Assessment Report Key information • Due: by Friday 13 September 23:59 (AEST) • Weight: 30% of total mark for this unit • Length: Between 2500 and 3000 words • Submit: Electronically via Turnitin during Week 9 (FutureLearn Course 5, Week 1). Learning outcomes In this assignment, you will be focusing on the following unit learning outcome (ULO) and related Graduate Learning Outcomes (GLO): Unit Learning Outcome (ULO) Graduate Learning Outcome (GLO) ULO3: Apply and justify the use of a range of appropriate technological and organisational approaches to mitigate security risks associated with data analytics. GLO1: Discipline knowledge and capabilities GLO4: Critical thinking GLO5: Problem solving ULO 4: Apply and justify the use of a range of appropriate technological and organisational approaches to mitigate privacy risks associated with data analytics. GLO1: Discipline knowledge and capabilities GLO4: Critical thinking GLO5: Problem solving ULO 5: Evaluate vulnerabilities in organization and personal data and justify appropriate strategies to attack and defend. GLO1: Discipline knowledge and capabilities GLO2: Communication GLO4: Critical thinking GLO5: Problem solving Brief description of the task You are required to write a 2500-3000 word technology assessment report for the Dumnonia Corporation. The report relates to the implementation of k-anonymity as a model for protecting privacy of sensitive data for Dumnonia Corporation. Instructions For this assessment, you have been interviewing the following Dumnonia staff, interview notes of which shall be made available through the FutureLearn/CloudDeakin platform:  Caradoc – CEO – Interview notes based upon the use of k-anonymity by Dumnonia from an organisational perspective;  Guinevere – CIO - Interview notes based upon the use of k-anonymity and implementation of k-anonymity for Dumnonia. This interview will be a technical perspective;  Constantine – CSO – Interview notes based upon the implementation of k-anonymity for Dumnonia. This interview will be a technical perspective; The k-anonymity technique allows for clustering of data based on the publicly known handle of each data sample of a given dataset, whilst keeping the sensitive part of the data sample a secret. Consequently, the clustering of data is achieved, such that each cluster contains k items and the sensitive data associated with each item is kept a secret. k-anonymity mitigates the requirement for encrypting data, which could otherwise prove to be a costly operation. For this assignment, prepare a report that addresses the following points: 1. Organisational drivers for Dumnonia that require anonymization techniques to solve their problems. 2. Description of technology solutions that can be employed to implement k-anonymity within Dumnonia Corporation. 3. Development of an implementation guide for Dumnonia that can be followed in order to apply k-anonymity to the sensitive data of Dumnonia. 4. Additionally, you should compare two different implementations of k-anonymity (either by running experiments on the adult and INFORMS datasets) or by reporting a detailed study of two types of k-anonymity techniques. For implementation: either download two implementations of k-anonymity code, or write code of your own. You can download the adult and INFORMS datasets from https://github.com/qiyuangong/Mondrian, and produce the Normalised Certainty Penalty (NCP) percentage for each dataset for K=10, and also record the execution times. For comparison of two approaches: Some examples you could compare are Mondrian vs Clustering Based approaches, but any published algorithm would be acceptable. 5. Compare the two methods to suggest which approach Dumnonia Corporation may wish to adopt. If you implemented your own method, you do not need to compare and contrast approaches, simply report the NCP percentage and the execution code of your code in the report. Otherwise, report on the comparison of the two methods in terms of which one best suits the problem faced by Dumnonia Corporation. Report structure The report should be structured in the following way: • Executive Summary of your report findings (250 words) • Organisational Drivers for Dumnonia (250 words) • Discussion of the organisational drivers for Dumnonia relating to the implementation of k- anonymity (400 words) • Technology Solution Assessment (500 words) • Detailed assessment of the technologies that Dumnonia have selected on how to implement k-anonymity for protecting privacy of their sensitive data (500 words) • k-anonymity Implementation Guide (500 words) • Comparison of two publically available implementations or k-anonymity techniques, or writing and discussion of your own code. (500 words) What do I do now? • Start collecting and researching information. • Read the information provided by the Dumnonia staff • Think out of box! • Develop the report in Microsoft Word. • Look at the assessment rubric and the unit learning outcomes to ensure that you understand what you are being assessed (and marked) on. Submission details Your assessment should be submitted as a Microsoft Word document via CloudDeakin. Extension requests Requests for extensions should be made to Unit/Campus Chairs well in advance of the assessment due date. Please follow the link for detailed information and form: http://www.deakin.edu.au/students/faculties/sebe Special consideration You may be eligible for special consideration if circumstances beyond your control prevent you from undertaking or completing an assessment task at the scheduled time. See the following link for advice on the application process: http://www.deakin.edu.au/students/studying/assessment-and-results/special- consideration Assessment feedback You will receive a mark and feedback on your assessment task in the form of a rubric within two weeks of submission of your assessment. Referencing, plagiarism and collusion You must correctly use the Harvard method in this assessment. See the Deakin referencing guide. https://github.com/qiyuangong/Mondrian http://www.deakin.edu.au/students/faculties/sebe Any work that you submit for assessment must be your own work. Please note that this unit has systems in place to detect plagiarism and all submissions are submitted to this system. Submitting work, in whole or in part, that is copied or paraphrased from other authors (including students), without correct acknowledgement, is considered one of the most serious academic offences. This practice is equivalent to cheating in examinations and it may lead to expulsion from the University. For further information, you should refer to Regulation 4.1(1), Part 2— Academic Misconduct, via (Current university legislation). Please note that these regulations are not intended to discourage group work and exchange of views and information with other students and staff. Such interaction is most desirable, provided that you ultimately write your own answers and acknowledge any quoted sources. We see responsible attitudes to plagiarism as part of general good ethical practice. Ensure you have familiarised yourself with the rules and regulations on plagiarism and collusion. http://www.deakin.edu.au/about-deakin/faculties-and-divisions/administrative-divisions/university-solicitors-office/legislation SIT719 Security and Privacy Issues in Analytics Assessment Task 2 rubric: Technology Assessment Report CRITERIA PERFROMANCE INDICATOR EXCEEDS STANDARD MEETS STANDARD YET TO ACHIEVE MINIMUM STANDARD High distinction 80– Distinction 70–79 Credit 60–69 Pass 50–59 Fail 0-49 Criteria 1: Executive summary & technology overview 20% The report excels at addressing the research question and report requirements. Excellent depth and insight is clearly shown and eloquently expressed. The report clearly and succinctly addresses the research question and report requirements. Depth and insight is clearly shown and well expressed. The report adequately addresses the research question and report requirements. Depth and insight is sometimes shown but not always well expressed. The report marginally addresses the research question and report guidelines. Depth and insight is sometimes shown but not well expressed. Provides no meaningful information related to the task. The report is poorly structured and does not adhere to the report guidelines. Criteria 2: Technology Solution Assessment 40% Provides an assessment which excels at showing initiative and originality in identifying relevant privacy and security issues. The use of technological solutions is extensively supported by theory and practical examples. Provides an assessment which shows high levels of initiative and originality in identifying relevant privacy and security issues. The use of technological solutions is comprehensively supported by theory and practical examples. Provides an assessment which shows well-developed initiative and originality in identifying relevant privacy and security issues. The use of technological solutions is adequately supported by theory and practical examples. Provides an assessment which shows some initiative in identifying relevant privacy and security issues. The use of technological solutions is marginally supported by theory and practical examples. Provides an assessment which shows little initiative in identifying relevant privacy and security issues. The use of technological solutions is not supported by theory and practical examples. Criteria 3: k- Anonymity Implementation Guide 30% The guide provides sophisticated advice for implementation, which is well thought out and highly relevant to the organisation. Excellent depth and insight is clearly shown and eloquently expressed. The guide provides practical advice for implementation, which is well thought out and relevant to the organisation. Depth and insight is clearly shown and well expressed. The guide provides some practical advice for implementation, which shows consideration for the organisation’s requirements. Depth and insight is shown but not always well expressed. The guide provides some advice for implementation, but is not tailored to the needs of the organisation. Depth and insight is sometimes shown but not well expressed. Provides no meaningful information related to the task. The report is poorly structured and does not adhere to the report guidelines. Criteria 4: k- Anonymity Algorithm Performance Comparison 10% The report clearly contrasts two different k-anonymity techniques or two publicly available implementations of k-anonymity, while providing an in-depth and detailed explanation of each algorithm and the tradeoffs involved, or provides a fully implemented code in working order. The report somewhat clearly contrasts two different k-anonymity techniques or two publicly available implementations of k-anonymity,