Recommended prerequisite for participation in
the module
The module is offered jointly with the MSc programme in Innovative
Communication Technologies and Entrepreneurship (ICTE). It builds
on knowledge obtained in the ICTE module “Internet technologies and
service architectures” or similar.
Content, progress and pedagogy of the
module
Learning objectives
Knowledge
Must have knowledge about:
- physical identities, digital identities and credentials
- key identity concepts such as linkability, personally
identifiable information, personal data, attributes, claims, and
assertions
- state-of-the-art principles, laws, guidelines and frameworks
for protecting users’ privacy, including fine-grained management of
personal attributes
- security objectives and methods to achieve them
- principles and methods for identification, authentication, and
authorisation, including assurance levels and methods for strong
authentication
- policies, policy architectures, and access control schemes
- identity management systems, identity federation and single
sign-on systems
- state-of-the-art technologies and frameworks for managing
access to protected resources, including identity and access
management (IAM) in enterprises
Skills
Must be able to:
- identify the personal attributes that are needed to perform a
given task
- apply methods and technologies for privacy protection as a part
of service development, including “privacy by design”
principles
- identify resource sets and protect them with secure
interfaces
- apply state-of-the-art technologies for realising advanced
services with authentication, authorisation and access control
- design applications and services incorporating authenticators,
different assurance levels, and management of user identities
(authentication, authorisation, privacy protection)
- analyse and design information flows and architectures for ICT
services and solutions
Competences
Must have the competences to:
- design secure services and policy architectures with controlled
exchange of attributes between stakeholders and minimal disclosure
of personal information
- discuss and reflect on management of personal information for
access to resources and for personalisation of services
Type of instruction
Types of instruction are listed at the start of §17; Structure
and contents of the programme.
Exam
Exams
Name of exam | Identity and Access Management |
Type of exam | Written or oral exam |
ECTS | 5 |
Assessment | 7-point grading scale |
Type of grading | Internal examination |
Criteria of assessment | The criteria of assessment are stated in the Examination
Policies and Procedures |