Course Overview:

This highly interactive course is designed to provide a comprehensive understanding of Identity and Access Management (IAM). It incorporates group discussions, case studies, syndicate exercises, role-playing, and hands-on activities, allowing participants to apply theoretical knowledge in practical scenarios. By the end of the program, participants will have developed the skills necessary to manage and implement IAM solutions effectively across various industries.

Learning Objectives:

Upon completing the course, participants will be able to:

• Understand the architecture of IAM and the security risks associated with various deployment options.
• Explore various authentication mechanisms, such as One-Time Passwords (OTP), certificate-based authentication, and device authentication.
• Gain insights into public key infrastructure (PKI) and certification authorities, and how they help mitigate security risks.
• Understand key access control models and the roles of OAuth, OATH, SAML, and OpenID standards in the IAM domain, with a focus on federated Single Sign-On (SSO).
• Demonstrate the implementation of IAM solutions using real-world case studies and industry tools (e.g., e-passports, border control, mobile banking, and EMV schemes).

Course Content:

Day 1: Fundamentals of Information Security and IAM

• IAM Overview: Introduction to Identity and Access Management, its importance, and core principles.
• Information Security Attributes: Understanding confidentiality, integrity, availability, non-repudiation, accountability, and auditability.
• Cryptographic Techniques: Symmetric vs. asymmetric cryptography, hashing, digital signatures, and key management.
• IAM Risks and Framework: An overview of the IAM architecture framework, common security risks, and mitigation strategies.

Day 2: Public Key Infrastructure (PKI)

• PKI Architecture: Key components including certification authority (CA), registration authority (RA), and lifecycle management.
• Certificates: Types of certificates (e.g., client certificates, SSL certificates), usage patterns, and their role in enhancing security.
• Encryption and Digital Signatures: How encryption and digital signatures ensure secure communication and transactions.
• Case Studies: Real-world applications, such as email encryption, mobile banking security, and document signing.

Day 3: Identification and Authentication

• Authentication Mechanisms: Overview of identification, verification, and authentication methods.
• Authentication Methods: OTP, biometrics, smart cards, digital signatures, soft/hard tokens, and mobile devices.
• Risk-Based Authentication: Understanding the principles behind step-up authentication and adaptive authentication.
• Single Sign-On (SSO): Exploring the role of federated SSO and standards like OATH, OpenID, BrowserID, and SAML.
• Security Risks: Assessing risks associated with each authentication mechanism and security strategies to mitigate them.

Day 4: Access Control

• Authorization Principles: Key concepts in authorization and how access is granted or denied.
• Access Control Models: Overview of various access control schemes, including Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC), and others.
• OAuth Protocol: Understanding OAuth and its use in managing third-party access.
• Enterprise Rights Management (ERM): Approaches to digital rights management (DRM) and privileged account management.
• Governance and Compliance: Ensuring compliance with IAM policies and governance standards.

Day 5: Advanced IAM Framework and Use Cases

• IAM Framework: An overview of IAM architecture and the ecosystem, including integration with cloud computing environments.
• Illustrative Use Cases: Exploring practical applications of IAM in border control, e-passports, national IDs, e-banking, and e-health systems.
• IAM and Cloud Security: Understanding the challenges and solutions for implementing IAM in cloud-based infrastructures.

This course provides a rich blend of theoretical knowledge and practical, real-world application, ensuring participants leave with a strong, actionable understanding of Identity and Access Management.