MPŠ MP&Scaron MP&Scaron MP&Scaron Avtorji

Jožef Stefan
Postgraduate School

Jamova 39
SI-1000 Ljubljana

Phone: +386 1 477 31 00
Fax: +386 1 477 31 10


Course Description

Security in Internet Technologies


Information and Communication Technologies, third-level study programme


doc. dr. Tomaž Klobučar


The main objective of this course is to present security problems in Internet and basic security services and mechanisms that can be used to increase security level in internet technologies.

Students should be able to:
• Analyze an information system with respect to security and evaluate security threats
• Select appropriate methods for internet technology security provision
• Design how to protect an information system and its resources
• Ensure that security requirements are met when developing information applications and solutions
• Develop security measures
• Continue research and development work in the area of information system security


presentation of basic concepts, threats, attacks, security services and mechanisms

Security models:
formal security models, security design principles

Advanced cryptographic mechanisms:
symmetric and asymmetric cryptography, key management, one-way hash functions, digital signature, timestamp, authentication mechanisms

Authorisation and access control:
management and implementation of access control, firewall, intrusion detection system, SAML, XACML

Network security protocols:
security services and mechanisms at different network layers (e.g. IPsec), protection in different types of networks, wireless networks security (IEEE 802.11, IEEE 802.16)

Security infrastructures:
public-key infrastructure, privilege management infrastructure, infrastructure for cross-border services

Selected topics in advanced internet technologies security (e.g. security in cloud computing)

Course literature:

Selected chapters from the following books:

• W. Stallings and L. Brown, Computer Security – Principles and Practice. Pearson International Edition, 2008, ISBN 978-0-13-513711-6
• R. Anderson, Security Engineering: A Guide to Building Dependable Distributed Systems, Second Edition. Wiley Computer Publishing, 2008, ISBN 978-0470068526
• M. Bishop, Computer security: art and science. Addison-Wesley, 2003, ISBN 978-0201440997

Selected scientific articles in the area of information technologies security, e.g. Computers & Security, Network Security, Journal of Computer Security, International Journal of Information Security.

Significant publications and references:

• V. Jovanovikj, D. Gabrijelčič and T. Klobučar, “A conceptual model of security context,” International journal of information security, ISSN 1615-5262, vol. 13, no. 6, pp. 571-581, 2014
• B. Ivanc and T. Klobučar, “Attack modeling in the critical infrastructure = Modeliranje napadov v kritični infrastrukturi,” Elektrotehniški vestnik, ISSN 0013-5852. [Slovenska tiskana izd.], vol. 81, no. 5, pp. 285-292, 2014
• T. Klobučar, D. Gabrijelčič and V. Pagon, “Cross-border e-learning and academic services based on eIDs: case of Slovenia” in eChallenges 2014 : 29-30 October, 2014 Belfast, Ireland. Dublin: IIMC: = International Information Management Corporation, 8 pages, 2014
• P. Cigoj and T. Klobučar, “Cloud security and OpenStack” in R. Trobec (Ed.). Proceedings of the 1st International Conference on CLoud Assisted ServiceS, Bled, Slovenia, October 22 -25: CLASS. 1st ed. Ljubljana: Univerza v Ljubljani, pp. 20-27, 2012
• V. Jovanovikj, D. Gabrijelčič and T. Klobučar, “Access control in BitTorrent P2P networks uisng the enhanced closed swarms protocol” in Netware 2011: August 21-27, 2011, Nice - Saint Laurent du Var, France. [S. l.], pp. 97-102, 2011
• B. Jerman-Blažič (Ed.), W. Schneider (Ed.) and T. Klobučar (Ed.), Security and privacy in advanced networking technologies, (NATO science series, Series III, Computer and systems sciences, vol. 193). Amsterdam [etc.]: IOS Press, VIII, 250 pages, 2004. ISBN 1-58603-430-8
• A. Jerman-Blažič, T. Klobučar and B. Jerman-Blažič, “Long-term trusted preservation service using service interaction protocol and evidence records,” Comput. stand. interfaces. [Print ed.], vol. 29, no. 3, pp. 398-412, 2007
• T. Klobučar and B. Jerman-Blažič, “A formalization and evaluation of certificate policies,” Comput. commun.. [Print ed.], vol. 22, pp. 1104-1110, 1999
• T. Klobučar and B. Jerman-Blažič, “An infrastructure for support of digital signatures,” Informatica (Ljublj.), vol. 23, spec. issue, no. 4, pp. 447-481, 1999


Seminar work with oral defense (50%)
Oral or written exam (50%)

Students obligations:

Seminar work and oral defense of seminar work.