The Data Protection group is a new research group in the Security cluster of the Department of Mathematics and Computer Science at the Eindhoven University of Technology.

Privacy and security of electronic data (e.g., electronic health records, financial data, demographic data) has become a hugely important issue. Access control is often employed as the first line of defense for data protection. Existing access control models and mechanisms, however, are often not suited for the challenges introduced by modern IT systems. Moreover, access control can be circumvented, for instance, by insiders exploiting policy miscofiguration or by attackers gaining unauthorized access through social engineering attacks against legitimate users.

The mission of the Data Protection group is to realize novel theories, methods and technology that enable the realization of an adaptive authorization infrastructure capable to respond to security threats. To achieve this goal, we focus on three orthogonal and complementary research lines: Access Control, Data analytic for security and Social Engineering.