IT Systems- Identity and Access Management

Created by LEC Team
Last updated Mon, 27-Mar-2023
Download as pdf

Course Objectives of IT Systems: Identity and Access Management:

  • Illustrate the identity and access management architecture framework and discuss the security risks associated with its various deployment options

  • Discuss the different mechanisms for establishing strong authentication (e.g. OTP, certificate based authentication, device authentication, etc)

  • Explain the principles of key public infrastructure and certification authorities, and demonstrate their value in mitigating the security risks facing modern societies

  • Explain the most well-known access control mechanisms and the roles of oauth, OATH, SAML and OpenID standards in the IAM domain and apply the concepts of (federated) SSO

  • Demonstrate the building of IAM using selected industrial tools and practical case studies (e.g. e-passport and boarder gate, mobile-banking, EMV scheme, and e-movement services)



Day 1
Introduction and principles of information security:

  • Identity and access management (IAM) overview

  • Attributes of information security:

  • Confidentiality

  • Integrity

  • Availability

  • Non-repudiation

  • Accountability

  • Auditability

  • Symmetric and asymmetric cryptography

  • Hashing and digital signature

  • Key management



Day 2
Public Key Infrastructure (PKI)

  • Architecture: certification and registration authority

  • Life cycle management

  • Types of certificates and usage patterns

  • Encryption

  • Digital signature

  • Client certificate

  • SSL server certificate

  • Attribute based certificate

  • Case studies (e.g. email protection, mobile banking, and document signing)



Day 3
Identification and authentication

  • Identification, verification and authentication overview

  • Mechanisms of identification and authentication

  • One time password

  • Biometric

  • Digital signature

  • Smartcard

  • Soft/hard tokens

  • Mobile device

  • Risk based authentication

  • Step-up authentication

  • Single-sign on and federated single-sign-on

  • OATH, OpenID, BorwserID, and SAML

  • Architecture framework and industrial tools

  • Trusted computing role in identity assurance

  • Security risks associated with the discussed mechanisms



Day4
Access control

  • Principles of authorization

  • Access control schemes

  • OAuth protocol

  • Enterprise rights management and digital rights management

  • Privileged account management

  • Governance and compliance



Day 5
IAM framework and use cases

  • IAM architecture framework

  • IAM echo system

  • IAM and cloud computing

  • Illustrative use cases

  • Border control

  • E-passport

  • National ID

  • E-banking

  • E-health system

Enquiry form
+ View more
Other related courses
00:00:00 Hours
Updated Mon, 27-Mar-2023
0 0 $0
00:00:00 Hours
Updated Mon, 27-Mar-2023
0 0 $0
00:00:00 Hours
Updated Mon, 27-Mar-2023
0 0 $0
00:00:00 Hours
Updated Mon, 27-Mar-2023
0 0 $0
Dates Venues Price Details