SIT719 Security and Privacy Issues in Analytics Assessment 2: Technology Assessment Report Key information • Due: by Friday 13 September 23:59 (AEST) • Weight: 30% of total mark for this unit •...

SIT719 Security and Privacy Issues in Analytics

Assessment 2: Technology Assessment Report

Key information

• Due: by Friday 13 September 23:59 (AEST)
• Weight: 30% of total mark for this unit
• Length: Between 2500 and 3000 words
• Submit: Electronically via Turnitin during Week 9 (FutureLearn Course 5, Week 1).
Learning outcomes

In this assignment, you will be focusing on the following unit learning outcome (ULO) and related
Graduate Learning Outcomes (GLO):

Unit Learning Outcome (ULO) Graduate Learning Outcome (GLO)
ULO3: Apply and justify the use of a range of
appropriate technological and organisational
approaches to mitigate security risks associated with
data analytics.
GLO1: Discipline knowledge and capabilities
GLO4: Critical thinking
GLO5: Problem solving
ULO 4: Apply and justify the use of a range of
appropriate technological and organisational
approaches to mitigate privacy risks associated with
data analytics.
GLO1: Discipline knowledge and capabilities
GLO4: Critical thinking
GLO5: Problem solving
ULO 5: Evaluate vulnerabilities in organization and
personal data and justify appropriate strategies to
attack and defend.
GLO1: Discipline knowledge and capabilities
GLO2: Communication
GLO4: Critical thinking
GLO5: Problem solving
Brief description of the task

You are required to write a XXXXXXXXXXword technology assessment report for the Dumnonia
Corporation.
The report relates to the implementation of k-anonymity as a model for protecting privacy of
sensitive data for Dumnonia Corporation.


Instructions
For this assessment, you have been interviewing the following Dumnonia staff, interview notes of
which shall be made available through the FutureLearn/CloudDeakin platform:
 Caradoc – CEO – Interview notes based upon the use of k-anonymity by Dumnonia from an
organisational perspective;
 Guinevere – CIO - Interview notes based upon the use of k-anonymity and implementation
of k-anonymity for Dumnonia. This interview will be a technical perspective;
 Constantine – CSO – Interview notes based upon the implementation of k-anonymity for
Dumnonia. This interview will be a technical perspective;



The k-anonymity technique allows for clustering of data based on the publicly known handle of each
data sample of a given dataset, whilst keeping the sensitive part of the data sample a secret.
Consequently, the clustering of data is achieved, such that each cluster contains k items and the
sensitive data associated with each item is kept a secret. k-anonymity mitigates the requirement for
encrypting data, which could otherwise prove to be a costly operation.

For this assignment, prepare a report that addresses the following points:
1. Organisational drivers for Dumnonia that require anonymization techniques to solve their
problems.
2. Description of technology solutions that can be employed to implement k-anonymity within
Dumnonia Corporation.
3. Development of an implementation guide for Dumnonia that can be followed in order to
apply k-anonymity to the sensitive data of Dumnonia.
4. Additionally, you should compare two different implementations of k-anonymity (either by
unning experiments on the adult and INFORMS datasets) or by reporting a detailed study of
two types of k-anonymity techniques.
For implementation: either download two implementations of k-anonymity code, or write
code of your own. You can download the adult and INFORMS datasets from
https:
github.com/qiyuangong/Mondrian, and produce the Normalised Certainty Penalty (NCP)
percentage for each dataset for K=10, and also record the execution times.
For comparison of two approaches: Some examples you could compare are Mondrian vs
Clustering Based approaches, but any published algorithm would be acceptable.
5. Compare the two methods to suggest which approach Dumnonia Corporation may wish to
adopt. If you implemented your own method, you do not need to compare and contrast
approaches, simply report the NCP percentage and the execution code of your code in the
eport. Otherwise, report on the comparison of the two methods in terms of which one best
suits the problem faced by Dumnonia Corporation.
Report structure
The report should be structured in the following way:
• Executive Summary of your report findings (250 words)
• Organisational Drivers for Dumnonia (250 words)
• Discussion of the organisational drivers for Dumnonia relating to the implementation of k-
anonymity (400 words)
• Technology Solution Assessment (500 words)
• Detailed assessment of the technologies that Dumnonia have selected on how to implement
k-anonymity for protecting privacy of their sensitive data (500 words)
• k-anonymity Implementation Guide (500 words)
• Comparison of two publically available implementations or k-anonymity techniques, or
writing and discussion of your own code. (500 words)

What do I do now?

• Start collecting and researching information.
• Read the information provided by the Dumnonia staff
• Think out of box!
• Develop the report in Microsoft Word.
• Look at the assessment ru
ic and the unit learning outcomes to ensure that you understand
what you are being assessed (and marked) on.

Submission details
Your assessment should be submitted as a Microsoft Word document via CloudDeakin.

Extension requests
Requests for extensions should be made to Unit/Campus Chairs well in advance of the assessment due date.
Please follow the link for detailed information and form: http:
www.deakin.edu.au/students/faculties/sebe

Special consideration
You may be eligible for special consideration if circumstances beyond your control prevent you from
undertaking or completing an assessment task at the scheduled time. See the following link for advice on the
application process: http:
www.deakin.edu.au/students/studying/assessment-and-results/special-
consideration

Assessment feedback
You will receive a mark and feedback on your assessment task in the form of a ru
ic within two weeks of
submission of your assessment.

Referencing, plagiarism and collusion

You must co
ectly use the Harvard method in this assessment. See the Deakin referencing guide.
https:
github.com/qiyuangong/Mondrian
http:
www.deakin.edu.au/students/faculties/sebe

Any work that you submit for assessment must be your own work. Please note that this unit
has systems in place to detect plagiarism and all submissions are submitted to this system.
Submitting work, in whole or in part, that is copied or paraphrased from other authors (including
students), without co
ect acknowledgement, is considered one of the most serious academic
offences. This practice is equivalent to cheating in examinations and it may lead to expulsion
from the University. For further information, you should refer to Regulation 4.1(1), Part 2—
Academic Misconduct, via (Cu
ent university legislation).
Please note that these regulations are not intended to discourage group work and exchange of
views and information with other students and staff. Such interaction is most desirable,
provided that you ultimately write your own answers and acknowledge any quoted sources.
We see responsible attitudes to plagiarism as part of general good ethical practice. Ensure
you have familiarised yourself with the rules and regulations on plagiarism and collusion.
http:
www.deakin.edu.au/about-deakin/faculties-and-divisions/administrative-divisions/university-solicitors-office/legislation
SIT719 Security and Privacy Issues in Analytics
Assessment Task 2 ru
ic: Technology Assessment Report

CRITERIA PERFROMANCE INDICATOR
EXCEEDS STANDARD MEETS STANDARD YET TO ACHIEVE
MINIMUM STANDARD
High distinction 80– Distinction 70–79 Credit 60–69 Pass 50–59 Fail 0-49
Criteria 1:
Executive
summary &
technology
overview
20%
The report excels at addressing the
esearch question and report
equirements. Excellent depth and
insight is clearly shown and
eloquently expressed.
The report clearly and succinctly
addresses the research question
and report requirements. Depth and
insight is clearly shown and well
expressed.
The report adequately addresses
the research question and report
equirements. Depth and insight is
sometimes shown but not always
well expressed.
The report marginally
addresses the research
question and report guidelines.
Depth and insight is sometimes
shown but not well expressed.
Provides no meaningful
information related to
the task. The report is
poorly structured and
does not adhere to the
eport guidelines.
Criteria 2:
Technology
Solution
Assessment

40%
Provides an assessment which excels
at showing initiative and originality
in identifying relevant privacy and
security issues. The use of
technological solutions is extensively
supported by theory and practical
examples.
Provides an assessment which
shows high levels of initiative and
originality in identifying relevant
privacy and security issues. The use
of technological solutions is
comprehensively supported by
theory and practical examples.
Provides an assessment which
shows well-developed initiative
and originality in identifying
elevant privacy and security
issues. The use of technological
solutions is adequately supported
y theory and practical examples.
Provides an assessment which
shows some initiative in
identifying relevant privacy
and security issues. The use of
technological solutions is
marginally supported by
theory and practical examples.
Provides an assessment
which shows little
initiative in identifying
elevant privacy and
security issues. The use
of technological
solutions is not
supported by theory
and practical examples.
Criteria 3: k-
Anonymity
Implementation
Guide

30%

The guide provides sophisticated
advice for implementation, which is
well thought out and highly relevant
to the organisation. Excellent depth
and insight is clearly shown and
eloquently expressed.
The guide provides practical advice
for implementation, which is well
thought out and relevant to the
organisation. Depth and insight is
clearly shown and well expressed.
The guide provides some practical
advice for implementation, which
shows consideration for the
organisation’s requirements.
Depth and insight is shown but not
always well expressed.
The guide provides some
advice for implementation, but
is not tailored to the needs of
the organisation. Depth and
insight is sometimes shown
ut not well expressed.
Provides no meaningful
information related to
the task. The report is
poorly structured and
does not adhere to the
eport guidelines.
Criteria 4: k-
Anonymity
Algorithm
Performance
Comparison

10%
The report clearly contrasts two
different k-anonymity techniques or
two publicly available
implementations of k-anonymity,
while providing an in-depth and
detailed explanation of each
algorithm and the tradeoffs
involved, or provides a fully
implemented code in working order.
The report somewhat clearly
contrasts two different k-anonymity
techniques or two publicly available
implementations of k-anonymity,