Identity and Access Management

2018/2019

Prerequisite/Recommended prerequisite for participation in the module

The module builds on knowledge obtained in the module “Internet technologies and service archi-tectures” or similar. Knowledge on basic security principles is desirable.

Content, progress and pedagogy of the module

Learning objectives

Knowledge

  • Must be able to explain the concepts of security, privacy and trust
  • Must be able to explain the concepts of attributes, claims, assertion and claims-based identities
  • Must have knowledge about the principles and methods for access control, authentication, authorisation and identification
  • Must be able to explain the key concepts and principles of identity management
  • Must have knowledge of key management, certificates, tokens and credentials
  • Must have knowledge about state-of-the-art principles and guidelines for protecting users’ privacy
  • Must have knowledge of state-of-the-art technologies and frameworks for fine-grained management of personal attributes
  • Must be able to understand the concepts of linkability and unlinkability and state-of-the-art principles for establishing trust
  • Must have knowledge about security architectures, including policies and policy management
  • Must have knowledge of national identity management frameworks such as NemID / MitID

Skills

  • Must be able to discuss the differences between physical identities and online digital, virtual and partial identities
  • Must be able to identify the personal attributes that are needed to perform a given task
  • Must be able to apply methods for privacy protection, encryption, access control, authentication and authorisation as a part of service development, including privacy by design principles
  • Must be apply to apply state-of-the-art technologies for realising advanced services with privacy protection, e.g. OAuth and OpenID Connect
  • Must be able to analyse and design information flow and architectures for secure ICT services and solutions
  • Must be able to design applications and services incorporating security elements (e.g. payment, authentication), different assurance levels, and management of user identities (authentication, authorisation, privacy protection)

Competences

  • Must have the competency to design secure services and security architectures with controlled exchange of attributes between stakeholders and minimal disclosure of personal information
  • Must be able to discuss and reflect on management of personal information for access to resources and for personalisation of services

Type of instruction

Types of instruction are listed at the start of Chapter 3.

Exam

Exams

Name of examIdentify and Access Management
Type of exam
Written or oral exam
ECTS5
Assessment7-point grading scale
Type of gradingInternal examination
Criteria of assessmentAs stated in the Joint Programme Regulations
http:/​/​www.en.tech.aau.dk/​education-programmes/​Education+and+Programmes/​

Facts about the module

Danish titleIdentitets- og adgangshåndtering
Module codeESNICTEK2K2
Module typeCourse
Duration1 semester
SemesterSpring
ECTS5
Language of instructionEnglish
Empty-place SchemeYes
Location of the lectureCampus Copenhagen
Responsible for the module

Organisation

Study BoardStudy Board of Electronics and IT
DepartmentDepartment of Electronic Systems
FacultyTechnical Faculty of IT and Design