MDA521 - Data Security and Privacy

Credit Points: 20 credit points

Workload: 60 hours

Prerequisite: N/A

Co-requisite: N/A

Aims & Objectives

This is a core unit out of a total of 12 units in the Master of Data Analytics (MDA). This unit addresses the course learning outcomes and complements other units in a related field by developing students’ specialised knowledge of data security and privacy technologies, issues, management and legislation. For further course information refer to: This unit is part of the AQF level 9 (MDA) course.

Students will gain insight into information and data security core concepts, terminologies such as OSI security architecture, relevant number theory and finite fields. This will extend to discussions of various encryption and data integrity techniques, analysing their security and privacy strengths and weaknesses. Students will explore risks associated with data security and privacy issues and the management of risks. Data protection and privacy legislation on using and disseminating information security technologies are also covered in this unit.   

This unit will cover the following topics:

  • OSI Security Architecture
  • Fundamental number theory and finite fields as required for cryptography
  • Cryptographic and data integrity techniques
  • Analysis of security strength and network security protocols
  • Security risks management
  • Data protection legislation and information security technologies

Learning Outcomes

4.1 Course Learning Outcomes
The Course learning outcomes applicable to this unit in respect of the course being studied are listed on the Melbourne Institute of Technology website: 

4.2 Unit Learning Outcomes
At the completion of this unit students should be able to:
a. Apply information and data security paradigms onto real-world issues in data security and privacy.
b. Analyse security architecture by discussing assets, security threats, attacks and privacy concerns.
c. Analyse and discuss network security protocols and federated authentication systems.
d. Evaluate security and privacy risks, and apply management controls to create security policies and procedures in an organisational context. 
e. Demonstrate data protection and privacy legislation, including regulations on the usage and dissemination of information security technologies.

Weekly Topics

This unit will cover the content below:

Week Topics
1 Introducing information, data security and security issues and generic security attributes
2 OSI security architecture – assets, threats and various types of attacks
3 Fundamentals of number theory and finite fields as required for cryptography
4 Classical encryption techniques, Block ciphers
5 DES, AES, RSA algorithms, Mid-term review / in-class test
6 Security and privacy requirements - cryptographic and data integrity techniques
7 Security strength of encryption; data integrity techniques and their analysis
8 Network security protocols, digital signatures, digital certificates
9 Authentication system architecture and federated authentication systems
10 Model building strategies and performance documentation
11 Risk assessment management, data protection legislation and information security technologies
12 Review and future trends


Assessment Task Due Date Release Date A B Learning Outcomes Assessed
Assignment 1 (Formative) Week 3 Week 1 5%   a
In-class test Week 6 Week 6   10% a-b
Assignment 2 Week 11 Week 7 25%   c-d
Laboratory and Problem Based Learning participation & submission Week 2-11 Week 2-11 10%   a-e
Final Examination (3 hours)       50% a-e
TOTALS     40% 60%  

Task Type: Type A: unsupervised, Type B: supervised.

Contribution and participation (in class) (10%)
Students are expected to attend each scheduled session, arrive on time and remain for the entire session. Adherence to this requirement will be reflected in the marks awarded for this assessment. Students are also strongly encouraged to actively participate in the class discussions and tutorial activities by answering questions, expressing their opinions, insights and their learnings from the course.

Presentations (if applicable)
For presentations conducted in class, students are required to wear business attire.

Textbook and Reference Materials


  • W. Stallings, Cryptographic and Network Security, Pearson 7th Edition, 2016.


  • Bruce Schneier, Applied Cryptography: Protocols, Algorithms and Source Code in C, Wiley 20th Anniversary Edition 2015.
  • Jeff Kosseff, Cybersecurity Law, Wiley 1st Edition 2017.
  • G. E. Kennedy and L. S. P. Prabhu, Data Privacy Law: A Practical Guide, Interstice; 2 ed., 2017.
  • W. Leichter, D. Berman, et al., Global Guide to Data Protection Laws: Understanding Privacy & Compliance Requirements in More Than 80 Countries, CreateSpace Independent Publishing Platform, GDPR edition, 2017.
  • N. Venkataramanan and A. Shriram, Data Privacy: Principles and Practice, Chapman and Hall/CRC, 1st ed., 2016.


  • IEEE Transactions on Neural Networks and Learning Systems
  • IEEE Transactions on Pattern Analysis and Machine Intelligence
  • Foundations and Trends in Machine Learning
  • Journal of Machine Learning Research
  • Artificial Intelligence
  • International Journal of Machine Learning and Cybernetics
  • International Journal of Artificial Intelligence
  • Intelligent Data Analysis
  • Applied Artificial Intelligence
  • Journal of Experimental and Theoretical Artificial Intelligence
  • Journal of Artificial Intelligence

Adopted Referencing Style: IEEE. For IEEE Style referencing guidance go to:

Graduate Attributes

MIT is committed to ensure the course is current, practical and relevant so that graduates are “work ready” and equipped for life-long learning. In order to accomplish this, the MIT Graduate Attributes identify the required knowledge, skills and attributes that prepare students for the industry.
The level to which Graduate Attributes covered in this unit are as follows:

Ability to communicate Independent and Lifelong Learning Ethics Analytical and Problem Solving Cultural and Global Awareness Team work Specialist knowledge of a field of study


Levels of attainment Extent covered
The attribute is covered by theory and practice, and addressed by assessed activities in which the students always play an active role, e.g. workshops, lab submissions, assignments, demonstrations, tests, examinations.
The attribute is covered by theory or practice, and addressed by assessed activities in which the students mostly play an active role, e.g. discussions, reading, intepreting documents, tests, examinations.
The attribute is discussed in theory or practice; it is addressed by assessed activities in which the students may play an active role, e.g. lectures and discussions, reading, interpretation, workshops, presentations.
The attribute is presented as a side issue in theory or practice; it is not specifically assessed, but it is addressed by activities such as lectures or tutorials.
The attribute is not considered, there is no theory or practice or activities associated with this attribute.