info@commonwealthtca.com
Language  
English
French
Spanish
German
Italian
Russina
Arabic
Turkish
Home
Courses
Cities
Associations
Services
About Us
Contact Us
Course Category
Accounting and Finance
Administration and Secretarial
Auditing and Governance, Risk and Compliance
Banking, Insurance and Financial Services
Business Continuity and Crisis Management
Communication and Writing Skills
Construction Management
Contracts Management
Customer Service
Data Management and Business Intelligence
Digital Innovation and Transformation
Financial Technology (FinTech)
Health, Safety and Environment
Human Resources and Training
Interpersonal Skills and Self Development
IT Management
Leadership and Management
Legal
Maintenance and Engineering
Marketing and Sales
Monetary Economics
Monitoring and Evaluation
Oil and Gas
Planning and Strategy Management
Port and Shipping Management
Procurement and Supply Chain Management
Project Management
Public Relations
Quality and Productivity
Security Management
Tourism Management
Transport and Logistics
More Links
Public Training Courses
Certified Training Courses

IT Systems: Identity and Access Management

Why Attend

We are living in the age of the Internet of Things (IoT) which provides seamless integration and ease of access between various objects regardless of their physical proximity. The IoT is spreading across different vertical domains such as healthcare systems, government services, banks and telecommunications, just to name a few. We are no longer only vulnerable to attacks against valuable enterprises' digital content but also to life threatening attacks, terrorist attacks, espionage attacks, etc. The need for providing identity assurance and stringent access control, as a result, is of utmost importance. This course covers the fundamental principles and architecture framework for an end-to-end IT identity and access management system. This includes identity assurance, authentication, authorization, accountability, auditability, Single Sign-On (SSO) and identity federation. It also discusses practical case studies such as e-passport, mobile banking, e-government services, EMV systems and other selected cases.

Overview

Course Outline

Schedule & Fees

Course Methodology

This course is highly interactive and includes group discussions, case studies and syndicate work. It also includes practical exercises and role playing that allow all participants to use the knowledge they gained to demonstrate their skills in identity and access management.

Course Objectives

By the end of the course, participants will be able to:

  • Illustrate the identity and access management architecture framework and discuss the security risks associated with its various deployment options
  • Discuss the different mechanisms for establishing strong authentication (e.g. OTP, certificate based authentication, device authentication, etc)
  • Explain the principles of key public infrastructure and certification authorities, and demonstrate their value in mitigating the security risks facing modern societies
  • Explain the most well-known access control mechanisms and the roles of oauth, OATH, SAML and Open ID standards in the IAM domain and apply the concepts of (federated) SSO
  • Demonstrate the building of IAM using selected industrial tools and practical case studies (e.g. e-passport and boarder gate, mobile-banking, EMV scheme, and e-movement services)


Target Audience

This course has been designed for IT professionals such as IT Strategic Planners, Project Managers, Security Managers, Security Architects and Risk Managers. Although the course is technical in nature, complex concepts are discussed at an abstract level to fit the needs of participants from various technical backgrounds.

Target Competencies

  • Information security management
  • Implementing public key infrastructure
  • Identification and authentication management
  • Identity Access Management (IAM)


Introduction and principles of information security:

  • Identity and access management (IAM) overview
  • Attributes of information security:
    • Confidentiality
    • Integrity
    • Availability
    • Non-repudiation
    • Accountability
    • Auditability
  • Symmetric and asymmetric cryptography
  • Hashing and digital signature
  • Key management

Public Key Infrastructure (PKI)

  • Architecture: certification and registration authority
  • Life cycle management
  • Types of certificates and usage patterns
    • Encryption
    • Digital signature
    • Client certificate
    • SSL server certificate
  • Attribute based certificate
  • Case studies (e.g. email protection, mobile banking, and document signing)

Identification and authentication

  • Identification, verification and authentication overview
  • Mechanisms of identification and authentication
    • One time password
    • Biometric
    • Digital signature
    • Smartcard
    • Soft/hard tokens
  • Mobile device
  • Risk based authentication
  • Step-up authentication
  • Single-sign on and federated single-sign-on
  • OATH, Open ID, Browser ID, and SAML
  • Architecture framework and industrial tools
  • Trusted computing role in identity assurance
  • Security risks associated with the discussed mechanisms

Access control

  • Principles of authorization
  • Access control schemes
  • OAuth protocol
  • Enterprise rights management and digital rights management
  • Privileged account management
  • Governance and compliance

IAM framework and use cases

  • IAM architecture framework
  • IAM echo system
  • IAM and cloud computing
  • Illustrative use cases
    • Border control
    • E-passport
    • National ID
    • E-banking
    • E-health system
    • EMV scheme
Kuala Lumpur
Kuala Lumpur (Malaysia)2025-09-22$3775
Manila
Manila (Philippines)2026-06-22$3775