MPŠ MP&Scaron MP&Scaron MP&Scaron Avtorji

Jo˛ef Stefan
Postgraduate School

Jamova 39
SI-1000 Ljubljana

Phone: +386 1 477 31 00
Fax: +386 1 477 31 10


Course Description

Privacy and Identity Management


Information and Communication Technologies, second-level study programme


doc. dr. Tomaž Klobučar


New personalized services and next generation networks, such as pervasive networks, present new threats to privacy sensitive personal data. The goal of this course is to provide a broad overview of the technologies, services, applications and procedures for privacy protection.

The students will gain theoretical and practical knowledge about privacy protection related measures, e.g. privacy legislation, privacy-enhancing technologies on the user side, on the service provider side and at communication level, or identity management systems.

Gained knowledge will enable the students to use and develop privacy protection measures. The students will be able to analyze an information system with respect to personal data protection, evaluate privacy threats, select appropriate privacy-enhancing measures and implement them. When developing their own information applications and solutions the knowledge will enable the students to meet the privacy requirements imposed by environment, legislation and standards. The students will also be able to continue research and development work in the area of privacy protection and identity management.


basic definitions (privacy, personal data, identity, anonymity, pseudonym, virtual identity etc.), privacy threats and risks, basic privacy principles

Privacy regulation and legislation:
directives 95/46/EC, 2002/58/EC and eIDAS, Slovene legislation

Privacy-enhancing technologies:
- on the user side: identity protectors, anonymous credentials, privacy preference languages, privacy negotiation protocols
- on the service provider side: organisational and monitoring processes, privacy policies, data repositories, data anonymisation.
- at communication level: anonymous communication systems (Mix networks, Onion routing, Crowds, Freenet), remailers (e.g. Mixmaster, Mixminion), anonymising web proxies, blind signature

Identity management:
basics, scenarios, requirements, mechanisms

Identity management systems:
Shibboleth, OpenID, Liberty Alliance

Course literature:

Selected chapters from the following books:

• M. Kovačič, Nadzor in zasebnost v informacijski družbi: filozofski, sociološki, pravni in tehnični vidiki nadzora in zasebnosti na internetu, (Znanstvena knjižnica, 55). Ljubljana: Fakulteta za družbene vede, 2006. 268 pages, graf. prikazi. ISBN 961-235-242-9
• M. Hansen, J.-H. Hoepman, R. Leenes and D. Whitehouse (Eds.), Privacy and Identity Management for Emerging Services and Technologies, Springer, 2013, ISBN 978-3-642-55137-6
• J. Camenisch, S. Fischer-Hübner and K. Rannenberg, Privacy and Identity Management for Life, Springer, 2011, ISBN 978-3-642-14281-9
• A. Acquisti, S. Gritzalis, C. Lambrinoudakis and S. De Capitani di Vimercati, Digital Privacy: Theory, Technologies, and Practices, Auerbach Publications, Taylor & Francis Group, 2008, ISBN 978-1420052176
• D. J. Solove, Understanding Privacy, Harvard University Press, 2010, ISBN 9780674035072

Selected papers from scientific journals, such as Computers & Security, Network Security, Journal of Computer Security

Significant publications and references:

• T. Klobučar, D. Gabrijelčič and V. Pagon, “Cross-border e-learning and academic services based on eIDs: case of Slovenia” in eChallenges 2014: 29-30 October, 2014 Belfast, Ireland. Dublin: IIMC: = International Information Management Corporation, 8 pages, 2014
• V. Seničar, T. Klobučar and B. Jerman-Blažič, “Privacy-enhancing technologies” in B. Jerman-Blažič (Ed.), W. Schneider (Ed.), T. Klobučar (Ed.), Security and privacy in advanced networking technologies, (NATO science series, Series III, Computer and systems sciences, vol. 193). Amsterdam [etc.]: IOS Press, pp. 213-227, 2004
• V. Seničar, B. Jerman-Blažič and T. Klobučar, “Privacy-enhancing technologies - approaches and development,” Comput. stand. Interfaces, [Print ed.], vol. 25, pp. 147-158, 2003
• B. Jerman-Blažič and T. Klobučar, “Privacy provision in e-learning standardized systems: status and improvements,” Comput. stand. Interfaces, [Print ed.], 2005, vol. 27, pp. 561-578
• T. Klobučar, V. Seničar and B. Jerman-Blažič, “Privacy and personalisation in a smart space for learning,” Int. j. contin. eng. educ. life-long learn., vol. 14, pp. 388-401, 2004
• J. Porekar, K. Dolinar, A. Jerman-Blažič and T. Klobučar, “Pervasive systems: enhancing trust negotiation with privacy support” in K. Makki (Ed.), P. Reiher (Ed.), K. Makki (Ed.), N. Pissinou (Ed.) and S. Makki (Ed.), Mobile and Wireless Network Security and Privacy, Springer Science+Business Media, 2007. ISBN: 978-0-387-71057-0
• B. Jerman-Blažič (Ed.), W. Schneider (Ed.) and T. Klobučar (Ed.), Security and privacy in advanced networking technologies, (NATO science series, Series III, Computer and systems sciences, vol. 193). Amsterdam [etc.]: IOS Press, VIII, 250 pages, 2004. ISBN 1-58603-430-8
• T. Klobučar, “Privacy and data protection in technology-enhanced professional learning” in Advanced international conference on telecommunications and International conference on internet and web applications and services (AICT/ICIW 2006): 19-25 February. Piscataway: IEEE, 6 pages, 2006


Seminar work with oral defense (50%)
Oral or written exam (50%)

Students obligations:

Seminar work and oral defense of seminar work.