COSC755 - Topics in Computer Security (Spring 2011)
Privacy Enhancing Technologies

Georgetown University
Prof. Micah Sherr


Mondays and Wednesdays
St. Mary's Hall, room 326

Course Description

Ubiquitous computing and networking enable new methods of communication, commerce, research, learning, search, and socialization. New and increasingly accessible technologies allow us to communicate and exchange large quantities of data with many parties at fast speeds. The dissemination, storage, and mining of mass quantities of information has had transformative effects on society.

In this special topics class, we will explore the privacy implications of our connected world from the perspective of academic computer scientists. We will examine threats to civil liberties, implications of privacy enhancing technologies to law enforcement investigations and national security, and the impact of data collection to personal and financial safety. Students will study various aspects of information and network privacy, and will read, analyze, discuss, and debate both foundational research as well as recent results relating to privacy enhancing technologies. In particular, this class will focus on the following core areas:
  • Data storage and access, including: confidentiality in the cloud; privacy and social networking; private information retrieval; identity theft
  • Anonymous credentials, including: e-cash; pseudoidentities
  • Traffic analysis, including: network eavesdropping; anonymous routing and anonymity systems; web fingerprinting
  • Location privacy, including: geo-tagging and social networking; toll systems
  • Biometrics, including: authentication schemes; privacy-preserving biometrics

Classes are held every Monday and Wednesday from 7pm until 8:15pm in St. Mary's Hall, room 343.

Class Organization

This will not be a lecture-oriented class in which I spew information that you will later regurgitate to me during exams. Classes will be discussion-focused and will be highly interactive. Participation will be a large component of students' grades.

The bulk of the classes will consist of one or two paper presentations from either a student or myself (depending upon class enrollment), followed by rigorous discussion and debate. Presenters are expected to moderate classroom discussion, with my assistance. Presenters will be graded based on their clarity of presentation and ability to motivate classroom discussion (e.g., through discussion questions).

Additionally, students are required to complete a project (described in more detail below) either individually or in small groups. The last two classes are reserved for project presentations.


Students should have some exposure to computer networking and network security. Expert knowledge of either area is not required. Additionally, students will be expected to analyze academic research papers, and should be familiar with the scientific method as applied to computer science. Importantly, students should be prepared to actively participate in classroom and online discussions.


Instructor: Prof. Micah Sherr
Email: click here
Office: St. Mary's Hall, Room 337
Office Hours: Tuesdays, 5pm-6pm (preferred), and by appointment

Course Learning Goals

This course seeks to achieve the following learning goals:
  • Develop a better understanding of the privacy risks of computer networking, data collection, and storage
  • Identify the privacy threats of new technologies
  • Learn methods and techniques for quantifying various forms of privacy and anonymity
  • Understand surveillance technologies and methods of counter-surveillance

Course Readings

There is no required textbook for this special topics course.

Be prepared to read a lot of academic computer security and privacy papers. This is a special topics seminar: the time you save not doing homeworks or studying for exams should be spent carefully reading the course readings.

A major goal of this graduate-level class is to familiarize students with academic research in information and network privacy. Students will read several seminal research papers throughout the semester. Reading assignments are listed below and should be completed the day before the class that covers the material.

Important: Twenty-four hours before each class, students should email answers to the following questions to the instructor:
  • "What problem does this paper address?"
  • "What is the contribution of this work?"
  • "What are the shortcomings of the proposed approach?" Or, alternatively, "How could the paper be improved?"
  • "Was this a good paper to assign?"

Your reading responses will be graded and will constitute a sizable percentage of your overall grade.

Course Resources / Listserv

We will make extensive use of a class listserv. Students are expected to read every post to the listserv and to contribute to the discussion. Be prepared to receive a lot of email -- in my previous classes, several hundred listserv messages were posted in a single semester.

At the start of the semester, please email me your preferred email address. To post to the newsgroup, send an email to

Grading and Other Class Policies
Class presentations 25%
Participation 25%
Reading questions 15%
Course Project 35%

Other miscellaneous (but hopefully not arbitrary) policies:
  • Please turn off cell phones during class.
  • I will do my best to respond to emails within 24 hours. Please also consider posting your questions to the class listserv.
  • Behave civilly: don't be late for class; don't read newspapers/blogs/etc. during class; don't solve Sudoku puzzles during class; don't struggle with crossword puzzles during class; respect others' opinions, even if they are clearly wrong.
  • Adhere to good scientific principles and practices, and uphold the Georgetown Honor System.

A Note about Academic (Dis)Honesty

Please do not cheat. Dealing with cheating is by far the worst part of a professor's responsibilities, and it's one that I'd greatly like to avoid. If you are caught cheating, you will be referred to the Honor Council, without exception. It doesn't matter if you plagiarized one part of one answer in a homework assignment or outsourced your entire semester project to Telling me that I'm ruining your future/career/life will make me feel wicked bad, but won't stop me from referring you to the Honor Council.

The following -- taken from the Graduate Bulletin -- is a partial list of the things you cannot do: plagiarism; unacknowledged paraphrase; cheating, fabrication of data; fabrication, alteration, or misrepresentation of academic records; facilitating academic dishonesty; unauthorized collaboration; misuse of otherwise valid academic work; misuse of academic resources; depriving others of equal access to academic resources.

Please see the Georgetown Graduate Bulletin for all the nasty things that will happen to you if you are caught cheating.

Bottom Line: If you are unsure whether or not something is permissible, ask me beforehand.


Students must participate in a novel research project related to computer or network privacy. Projects that merely implement existing protocols or that attempt to solve problems that have existing, well-understood, and widely-accepted solutions will not be accepted. The topic and scope of the project must be approved by the instructor, and the project itself will be graded based on its novelty, student effort, technical depth and correctness, and the clarity of the project presentation. The output of the project should be a workshop-length paper that addresses a novel computer privacy research topic. Students may work in groups, so long as the scope of the project is proportional to the size of the group. All students in a group will receive the same grade.

Additional information about the course project will be posted here during the semester.

Syllabus and Schedule

The syllabus is available here.



This page was last modified on 02/1/11 06:08pm