Identity and Access Management

2019/2020

Prerequisite/Recommended prerequisite for participation in the module

The module builds on knowledge obtained in the module “Internet technologies and service architectures”.

Content, progress and pedagogy of the module

Learning objectives

Knowledge

  • Must be able to explain the concepts of security, privacy and trust
  • Must be able to explain the differences between physical identities and online digital identities
  • Must be able to explain the key concepts and principles of digital identities and identity management, e.g. attributes, claims, assertion and claims-based identities
  • Must have knowledge about state-of-the-art principles, guidelines, technologies and frameworks for protecting users’ privacy, including fine-grained management of personal attributes
  • Must have knowledge of key management, certificates, tokens and credentials
  • Must have knowledge about the principles and methods for identification, authentication, authorisation and access control
  • Must have knowledge about role-based, attribute-based and other access control schemes
  • Must have knowledge about security architectures, including policies and policy management
  • Must be able to understand the concepts of linkability and unlinkability and state-of-the-art principles for establishing trust
  • Must have knowledge of national identity management frameworks such as NemID / MitID

Skills

  • Must be able to identify the personal attributes that are needed to perform a given task
  • Must be able to apply methods and technologies for privacy protection as a part of service development, including “privacy by design” principles
  • Must be able identify resource sets and protect them with secure interfaces
  • Must be able to apply state-of-the-art technologies for realising advanced services with authentication, authorisation and access control, e.g. OAuth and OpenID Connect
  • Must be able to analyse and design information flow and architectures for secure ICT services and solutions
  • Must be able to design applications and services incorporating security elements (e.g. payment, authentication), different assurance levels, and management of user identities (authentication, authorisation, privacy protection)

Competences

  • Must have the competency to design secure services and policy architectures with controlled exchange of attributes between stakeholders and minimal disclosure of personal information
  • Must have the competency to discuss and reflect on management of personal information for access to resources and for personalisation of services

Type of instruction

Types of instruction are listed at the start of §17; Structure and contents of the programme.

Exam

Exams

Name of examIdentity and Access Management
Type of exam
Written or oral exam
ECTS5
Assessment7-point grading scale
Type of gradingInternal examination
Criteria of assessmentThe criteria of assessment are stated in the Examination Policies

Facts about the module

Danish titleIdentitets- og adgangshåndtering
Module codeESNICTEK2K2N
Module typeCourse
Duration1 semester
SemesterSpring
ECTS5
Language of instructionEnglish
Empty-place SchemeYes
Location of the lectureCampus Copenhagen
Responsible for the module

Organisation

Study BoardStudy Board of Electronics and IT
DepartmentDepartment of Electronic Systems
FacultyTechnical Faculty of IT and Design