Course Objectives
IT Systems: Identity and Access Management - Virtual Learning
Course Objectives
By the end of the course, participants will be able to:
Illustrate the identity and access management architecture framework and discuss the security risks associated with its various deployment options
Discuss the different mechanisms for establishing strong authentication (e.g. OTP, certificate based authentication, device authentication, etc)
Explain the principles of key public infrastructure and certification authorities, and demonstrate their value in mitigating the security risks facing modern societies
Explain the most well-known access control mechanisms and the roles of oauth, OATH, SAML and OpenID standards in the IAM domain and apply the concepts of (federated) SSO
Demonstrate the building of IAM using selected industrial tools and practical case studies (e.g. e-passport and boarder gate, mobile-banking, EMV scheme, and e-movement services)
Target Audience
This course has been designed for IT professionals such as IT Strategic Planners, Project Managers, Security Managers, Security Architects and Risk Managers.Although the course is technical in nature, complex concepts are discussed at an abstract level to fit the needs of participants from various technical backgrounds.
Target Competencies
Information security management
Impelementing public key infrastructure
Identification and authentication management
Identity Access Management (IAM)
Course Outline
Introduction and principles of information security:Identity and access management (IAM) overviewAttributes of information security:ConfidentialityIntegrityAvailabilityNon-repudiationAccountabilityAuditabilitySymmetric and asymmetric cryptographyHashing and digital signatureKey management
Public Key Infrastructure (PKI)Architecture: certification and registration authorityLife cycle managementTypes of certificates and usage patternsEncryptionDigital signatureClient certificateSSL server certificateAttribute based certificateCase studies (e.g. email protection, mobile banking, and document signing)
Identification and authenticationIdentification, verification and authentication overviewMechanisms of identification and authenticationOne time passwordBiometricDigital signatureSmartcardSoft/hard tokensMobile deviceRisk based authenticationStep-up authenticationSingle-sign on and federated single-sign-onOATH, OpenID, BorwserID, and SAMLArchitecture framework and industrial toolsTrusted computing role in identity assuranceSecurity risks associated with the discussed mechanisms
Access controlPrinciples of authorizationAccess control schemesOAuth protocolEnterprise rights management and digital rights managementPrivileged account managementGovernance and compliance
IAM framework and use casesIAM architecture frameworkIAM echo systemIAM and cloud computingIllustrative use casesBorder controlE-passportNational IDE-bankingE-health systemEMV scheme