It’s Thursday and that means it’s tutorial time again in the European Centre on Privacy and Cybersecurity (ECPC) “EU and Global Cybersecurity Fundamentals” course within the Advanced Master in Privacy, Cybersecurity and Data Management!

This afternoon, we will stimulate the students to operationalise the knowledge gained during Fernando Silva’s lecture on Monday with a case study and a group presentation. More specifically, following the problem-based learning methodology we have adopted for the course tutorials, students will be presented with a fictional scenario in which they work for an IT department of a hospital and are tasked with establishing a matrix role base for implementation of a PACS System (e.g., a Picture Archive and Communication System – medical imaging technology which provides digital storage, retrieval, management, distribution and presentation of medical images where reports are also associated with the images) which is deployed and maintained on site by an external company with the PACSs’ servers located inside of the Hospital data center.

Working in groups, students will establish the role-based matrix access control creating the Identity and Access Management (IAM) of the organisation using ACL, RBAC, or another method, assigning roles according to principles established by the group. They will then brainstorm primary concerns in terms of database design and functionalities and major risks to be mitigated for the data center and present three possible scenarios in which something goes amiss.

Looking forward to it!