IT Systems: Identity and Access Management

Why Attend

We are living in the age of the Internet of Things (IoT) which provides seamless integration and ease of access between various objects regardless of their physical proximity. The IoT is spreading across different vertical domains such as healthcare systems, government services, banks, and telecommunications, just to name a few. We are no longer only vulnerable to attacks against valuable enterprises’ digital content but also to life-threatening attacks, terrorist attacks, espionage attacks, etc. The need for providing identity assurance and stringent access control, as a result, is of utmost importance. This course covers the fundamental principles and architecture framework for an end-to-end IT identity and access management system. This includes identity assurance, authentication, authorization, accountability, Single Sign-On (SSO) and identity federation. It also discusses practical case studies such as e-passport, mobile banking, e-government services, EMV systems, and other selected cases.

Course Methodology

This course is highly interactive and includes group discussions, case studies and syndicate work. It also includes practical exercises and role playing that allow all participants to use the knowledge they gained to demonstrate their skills in identity and access management.

Course Objectives

By the end of the course, participants will be able to:

Illustrate the identity and access management architecture framework and discuss the security risks associated with its various deployment options
Discuss the different mechanisms for establishing strong authentication (e.g. OTP, certificate-based authentication, device authentication, etc)
Explain the principles of key public infrastructure and certification authorities, and demonstrate their value in mitigating the security risks facing modern societies
Explain the most well-known access control mechanisms and the roles of OAuth, OATH, SAML and OpenID standards in the IAM domain and apply the concepts of (federated) SSO
Demonstrate the building of IAM using selected industrial tools and practical case studies (e.g. e-passport and border gate, mobile-banking, EMV scheme, and e-movement services)

Target Audience

This course has been designed for IT professionals such as IT Strategic Planners, Project Managers, Security Managers, Security Architects and Risk Managers.Although the course is technical in nature, complex concepts are discussed at an abstract level to fit the needs of participants from various technical backgrounds.

Target Competencies

Information security management
Impelementing public key infrastructure

Identification and authentication management
Identity Access Management (IAM)

Location:

South Africa

Training Dates:

Each course starts every Monday of each week. Please book your training on a date that is a Monday.

Course Duration:

Unit Standard:

NQF Level:

Number of Credits:

Course Fees

Note: Please fill in the online application form on the left or bottom if this page to receive a quotation with detailed pricing from AATICD.

How to Apply:

To Apply Simply Fill in the Online Enquiries / Applications form on the Right Sidebar or Bottom of this website https://www.aaticd.co.za

NB: Terms and Conditions for Payment and Refunds

1.1. Full payment for the training workshop must be made at least 5 days before the scheduled workshop date.

1.2. Payment can be made via bank transfer, credit card, or any other agreed-upon method.

1.3. A confirmation of payment will be issued upon receipt of funds.

1.4. Any form of Payment means that trainee / delegate / client receiving the training accepts the training and agrees to these terms and conditions.

2. Cancellation and Refund Policy

2.1. Cancellations made 30 days or more before the workshop date will be eligible for a full refund, minus any administrative fees.

2.2. Cancellations made 15 to 29 days before the workshop date will be eligible for a 50% refund of the total payment.

2.3. Cancellations made less than 14 days before the workshop date will not be eligible for a refund.

2.4. Participants who fail to attend the workshop without prior notice will not be eligible for a refund.

3. Rescheduling

3.1. If a participant wishes to reschedule, a request must be submitted at least 14 days in advance, subject to availability.

3.2. A rescheduling fee may apply.

4. Workshop Cancellation by the Organizer

4.1. AATICD reserves the right to cancel or reschedule the workshop due to unforeseen circumstances, including but not limited to low enrolment, trainer unavailability, or force majeure events.

4.2. In the event of cancellation by AATICD, participants will be offered a full refund or the option to attend a rescheduled session.

4.3. AATICD is not responsible for any additional costs incurred by participants, such as travel or accommodation expenses.

5. Refund Processing

5.1. Approved refunds will be processed within 7 business days from the date of cancellation approval.

5.2. Refunds will be issued using the original payment method unless otherwise agreed.

6. Contact Information

For any questions regarding payments and refunds, please contact us at:

Email: apply@aaticd.co.za

Phone: +27 73 016 5042

By registering for the workshop, participants agree to abide by these terms and conditions.

In-House Trainings are also available for 3 or more delegates for any duration. Please consult with our Administration for such In-House training bookings.

Course Outline

Introduction and principles of information security:
- Identity and access management (IAM) overview
- Attributes of information security:
  - Confidentiality
  - Integrity
  - Availability
  - Non-repudiation
  - Accountability
  - Auditability
- Symmetric and asymmetric cryptography
- Hashing and digital signature
- Key management
Public Key Infrastructure (PKI)
- Architecture: certification and registration authority
- Life cycle management
- Types of certificates and usage patterns
  - Encryption
  - Digital signature
  - Client certificate
  - SSL server certificate
- Attribute-based certificate
- Case studies (e.g. email protection, mobile banking, and document signing)
Identification and authentication
- Identification, verification and authentication overview
- Mechanisms of identification and authentication
  - One time password
  - Biometric
  - Digital signature
  - Smartcard
  - Soft/hard tokens
- Mobile device
- Risk-based authentication
- Step-up authentication
- Single-sign on and federated single-sign-on
- OATH, OpenID, BorwserID, and SAML
- Architecture framework and industrial tools
- Trusted computing role in identity assurance
- Security risks associated with the discussed mechanisms

Access control
- Principles of authorization
- Access control schemes
- OAuth protocol
- Enterprise rights management and digital rights management
- Privileged account management
- Governance and compliance
IAM framework and use cases
- IAM architecture framework
- IAM echo system
- IAM and cloud computing
- Illustrative use cases
  - Border control
  - E-passport
  - National ID
  - E-banking
  - E-health system
  - EMV scheme