book

Identity and Access Management

by Ertem Osmanoglu

November 2013

Intermediate to advanced

648 pages

13h 27m

English

Syngress

Read now

Unlock full access

AbstractBusiness Case and Business RequirementsIAM Framework, Key Principles, and DefinitionCurrent State and Capability MaturityKey Challenges and Critical Success FactorsFuture State and IAM RoadmapImplementation Methodology and ApproachRoles and RulesIAM Product SelectionTechnology and IAM ForecastCase StudiesCompanion Materials
Author and EditorAdvisory TeamContributing Authors

IntroductionAn IAM Business Case: What Is It, Exactly? Why Is It Important?Types of Business Cases for IAMA Strategic Approach to Developing an IAM Business CaseSummaryAppendix A Sample Table of Contents for RequirementsAppendix B Sample Requirements DocumentAppendix A Sample Table of Contents for RequirementsAppendix B Sample Requirements Document
IAM DefinedIAM Framework
IAM Capability Maturity FrameworkSample Work-Products and ArtifactsAppendix A Sample Current State Assessment ReportAppendix B Sample Maturity Assessment—Summary View
Theme 1 GovernanceTheme 2 Program DeliveryTheme 3 Sustain ComplianceTheme 4 Identity LifecycleTheme 5 Control AccessTheme 6 OperationsConclusion
Case Study Questions
IntroductionStages of IAM Future State DefinitionConclusion
Developing an IAM RoadmapKey Components of an IAM RoadmapConclusion
A Risk-Based Approach to IAMPeer Group and Outlier AnalysisRole AnalysisResource Allocation and AnalysisRisk and Fraud Systems IntegrationConclusion
IntroductionIAM Cloud Deployment ModelsIAM Cloud Service ModelsIAM Cloud Security and Risk ManagementConclusion
Case Study Questions
Implementation MethodsConclusionChapter 11 Appendix 1 IAM Implementation Toolkit
System Overview and Key ComponentsIAM Data ManagementConclusion
IntroductionAuthenticationAuthentication Implementation ApproachesAuthorizationLogging and MonitoringConclusion
Benefits and ObjectivesAccess Review and Certification ProcessesConclusion
Understanding Privileged AccessKey Business DriversPrivileged Access Management ProgramConclusion
Rules and EnforcementThe RBAC Model and the Access Management Life CycleRBAC Implementation ConsiderationsGuiding Principles and Lessons LearnedConclusionAppendix Sample RBAC Work Products and ArtifactsAppendix A Sample—Processes and Governance ProcessAppendix B Sample—RBAC Role Management Processes
The IAM Product Selection and Decision FrameworkConclusion
Background and IssuesWhat Happened?Final Results and Impact on the OrganizationLessons LearnedCase Study Questions
1 Password-Based Authentication. To Paraphrase Mark Twain, the Reports of its Death Have Been Greatly Exaggerated2 It’s Not Your Voice That Will Be Your Password, but It Will Be Your Phone3 Biometrics Authentication Will Remain a Niche for Primary Authentication4 Access Decision-Making Will Become Context Aware5 The Identity Ecosystem Will Finally Emerge6 Privacy Will Take a Back Seat to Security7 Increasing Use of Cloud Services Will Drive Adoption of Federated Authentication8 Entitlement Management Will Shift from Being Technology Centric to Business Centric9 Access Governance Will Become (Near) Real Time10 Identity Repositories Will Move Out of HRConclusion