IT Systems: Identity and Access Management|Online

Course Methodology

This course is highly interactive and includes group discussions, case studies and syndicate work. It also includes practical exercises and role playing that allow all participants to use the knowledge they gained to demonstrate their skills in identity and access management.

Course Objectives

By the end of the course, participants will be able to:

Illustrate the identity and access management architecture framework and discuss the security risks associated with its various deployment options
Discuss the different mechanisms for establishing strong authentication (e.g. OTP, certificate based authentication, device authentication, etc)
Explain the principles of key public infrastructure and certification authorities, and demonstrate their value in mitigating the security risks facing modern societies
Explain the most well-known access control mechanisms and the roles of oauth, OATH, SAML and OpenID standards in the IAM domain and apply the concepts of (federated) SSO
Demonstrate the building of IAM using selected industrial tools and practical case studies (e.g. e-passport and boarder gate, mobile-banking, EMV scheme, and e-movement services)

Target Audience

This course has been designed for IT professionals such as IT Strategic Planners, Project Managers, Security Managers, Security Architects and Risk Managers.Although the course is technical in nature, complex concepts are discussed at an abstract level to fit the needs of participants from various technical backgrounds.

Target Competencies

Information security management
Impelementing public key infrastructure
Identification and authentication management
Identity Access Management (IAM)

Introduction and principles of information security:
- Identity and access management (IAM) overview
- Attributes of information security:
  - Confidentiality
  - Integrity
  - Availability
  - Non-repudiation
  - Accountability
  - Auditability
- Symmetric and asymmetric cryptography
- Hashing and digital signature
- Key management
Public Key Infrastructure (PKI)
- Architecture: certification and registration authority
- Life cycle management
- Types of certificates and usage patterns
  - Encryption
  - Digital signature
  - Client certificate
  - SSL server certificate
- Attribute based certificate
- Case studies (e.g. email protection, mobile banking, and document signing)
Identification and authentication
- Identification, verification and authentication overview
- Mechanisms of identification and authentication
  - One time password
  - Biometric
  - Digital signature
  - Smartcard
  - Soft/hard tokens
- Mobile device
- Risk based authentication
- Step-up authentication
- Single-sign on and federated single-sign-on
- OATH, OpenID, BorwserID, and SAML
- Architecture framework and industrial tools
- Trusted computing role in identity assurance
- Security risks associated with the discussed mechanisms
Access control
- Principles of authorization
- Access control schemes
- OAuth protocol
- Enterprise rights management and digital rights management
- Privileged account management
- Governance and compliance
IAM framework and use cases
- IAM architecture framework
- IAM echo system
- IAM and cloud computing
- Illustrative use cases
  - Border control
  - E-passport
  - National ID
  - E-banking
  - E-health system
  - EMV scheme

2023 Schedule & Fees

Fees

Per participant

USD 2450

Fees + VAT as applicable

Discount Plans & Cancellations Policy

Location & Date

18 - 21 Sep, 2023

English

Virtual Learning

25 - 28 Dec, 2023

English

Virtual Learning

Meirc reserves the right to alter dates, content, venue, trainer, and to offer courses in an integrated virtual learning (IVL) format whereby face to face classroom participants and virtual learners participate simultaneously in the same course in an interactive learning experience.

Tax Registration Number: 100239834300003

This course is also offered in face-to-face courses, click on the course below.

IT Systems: Identity and Access Management

18 - 21 Sep, 2023

English

Dubai

IT Systems: Identity and Access Management

25 - 28 Dec, 2023

English

Dubai

Overview

Course Methodology

Course Objectives

By the end of the course, participants will be able to:

Illustrate the identity and access management architecture framework and discuss the security risks associated with its various deployment options
Discuss the different mechanisms for establishing strong authentication (e.g. OTP, certificate based authentication, device authentication, etc)
Explain the principles of key public infrastructure and certification authorities, and demonstrate their value in mitigating the security risks facing modern societies
Explain the most well-known access control mechanisms and the roles of oauth, OATH, SAML and OpenID standards in the IAM domain and apply the concepts of (federated) SSO
Demonstrate the building of IAM using selected industrial tools and practical case studies (e.g. e-passport and boarder gate, mobile-banking, EMV scheme, and e-movement services)

Target Audience

Target Competencies

Information security management
Impelementing public key infrastructure
Identification and authentication management
Identity Access Management (IAM)

Course Outline

Introduction and principles of information security:
- Identity and access management (IAM) overview
- Attributes of information security:
  - Confidentiality
  - Integrity
  - Availability
  - Non-repudiation
  - Accountability
  - Auditability
- Symmetric and asymmetric cryptography
- Hashing and digital signature
- Key management
Public Key Infrastructure (PKI)
- Architecture: certification and registration authority
- Life cycle management
- Types of certificates and usage patterns
  - Encryption
  - Digital signature
  - Client certificate
  - SSL server certificate
- Attribute based certificate
- Case studies (e.g. email protection, mobile banking, and document signing)
Identification and authentication
- Identification, verification and authentication overview
- Mechanisms of identification and authentication
  - One time password
  - Biometric
  - Digital signature
  - Smartcard
  - Soft/hard tokens
- Mobile device
- Risk based authentication
- Step-up authentication
- Single-sign on and federated single-sign-on
- OATH, OpenID, BorwserID, and SAML
- Architecture framework and industrial tools
- Trusted computing role in identity assurance
- Security risks associated with the discussed mechanisms
Access control
- Principles of authorization
- Access control schemes
- OAuth protocol
- Enterprise rights management and digital rights management
- Privileged account management
- Governance and compliance
IAM framework and use cases
- IAM architecture framework
- IAM echo system
- IAM and cloud computing
- Illustrative use cases
  - Border control
  - E-passport
  - National ID
  - E-banking
  - E-health system
  - EMV scheme