MC Press Online
Welcome to the MC Press Online!
Need help withour eBooks?
Click here, to go to our main store

  MC Press Online eBookStore  

Identity Management: A Primer
preview of book Identity Management: A Primer
text of book Identity Management: A Primer

Identity Management: A Primer

Publisher: MC Press Online
Publication Date: September 2009
Subject: Computer: Information Technology
Category: System Admin
Number of Pages: 234

Free Preview    Email to Friend   Add to wish list
 Available as: (for format`s description click on its name)
Individual E-Version (PDF) Individual E-Version (PDF) ISBN: 9781583470930  
 Reg.: $
49.95 per N pages
 You Save: 
$11.73 (23%)
 Online  Open CopyPrint    
all time
Printed Edition   see MC Press Online    
About this title
The boundaries between the real and the virtual are becoming increasingly blurred. In a corporate setting, it is more important than ever to identify and control the way the organization deals with customers, suppliers, employees, and other users who may interact with information systems.

Identity Management, or IDM, refers to how humans are identified and authorized across computer networks. It encompasses issues such as the way users are given an identity, the protection of that identity, and the technologies supporting that protection, such as network protocols, digital certificates, passwords, and so on. Proper identity management is, of course, an essential component of any security strategy.

Identity Management: A Primer provides a complete and comprehensive overview of the elements required for a properly planned identity environment. In it, the authors cover the entire gamut of IDM-related matters, including directories; authentication; provisioning; role-based access control; single sign-on; governance, risk, and compliance; implementation and roadmap; public key infrastructure; electronic identity smartcards; and a wealth of other important topics. As the title indicates, this book is a primer in which the key issues of identity management are identified and appropriate strategies and preventative measures are covered in an easy-to-understand format with extensive use of real-world case study examples. Students and IT professionals alike will appreciate this resource as they seek to understand and master the complexity of identity in a virtual world.

With Identity Management, you will:
  • Understand the concept of identity management in planning an environment that will manage identities in order to improve compliance to governance requirements.
  • Discover the best way to scope the IDM task to construct a roadmap that moves toward the desired goal.
  • Learn to plan an environment that interfaces systemically rather than grow disparate and isolated components.
  • Find a case study and discussion questions in each chapter for real-world grounding of the topics.
About authors
Graham Williamson
Graham Williamson has more than 20 years of experience in the information technology industry, with expertise in identity management, electronic directories, public key infrastructure, smartcard technology, and enterprise architecture. Graham has completed identity management projects for the state government in Queensland, Australia, the worldwide operations of Orica, and the University of Western Sydney. His areas of expertise are electronic directories, identify management, public key infrastructure and smartcard technology. CEO of Internet Commerce Australia, he is a seasonal lecturer at Bond University, Australia, lecturing in ICT Project Management and Information Systems Management.

Graham holds an engineering degree from the University of Toronto and a Master of Business Administration degree from Bond University. He holds the Professional Engineering designation (PEng) with the Professional Engineers of Ontario, Canada, and he is a Certified Management Consultant (CMC) with the Australian Institute of Management Consultants.

David Yip
David S. Y. Yip has more than 25 years of experience working in the information technology industry. His work experience includes identity management engagements with Standard and Chartered Bank, Hong Kong Jockey Club, Hong Kong Police, and a number of universities, including the University of Western Sydney. His work experience covers all the major suppliers of identity management suites, including Sun, Oracle, IBM, and CA. Dave's focus of expertise is in identity management security, secure remote access, single sign-on, authentication and authorization, directory service technologies, PKI, smart card technology, as well as security audit and assessment.

Dave is General Manager of SkyworthTTG (Hong Kong and South East Asia), Prior SkyworthTTG. Previously, Dave was founder and president of Gamatech, Ltd., a security solution IT firm and a subsidiary of Karin Technology. Before Gamatech, Dave was employed in various enterprises, including Standard Chartered Bank, PCCW, Wang Computer, and Olivetti. Dave holds an Honors Bachelor of Mathematics degree from the University of Waterloo, Canada.

Ilan Sharoni
Ilan Sharoni is Director of pre sales for the security role management unit with Computer Associates in Israel. Before the acquisition by CA, Ilan held the position of sales director with Eurekify, a leading supplier of role management software. Ilan's area of expertise is IT/security access rights, and he is an expert in the field of role management, compliance, and privileges auditing.

Before Eurekify, Ilan worked with BMC Software, a leading provider of enterprise management solutions, where he managed Latin America as Marketing and Sales Director. Ilan served as the Product Manager for New Dimension Software, Ltd.'s Enterprise Scheduling Management Solution, prior to the company's acquisition by BMC Software. Ilan holds an M.Sc. in Business and Information Systems and a B.Sc. in Physics and Computer Science from Tel-Aviv University.

Kent Spaulding
Kent Spaulding has more than 20 years in software development and engineering, with leading-edge expertise in identity management, distributed computing, and object-oriented technologies on a variety of computing platforms, including PDAs, PCs, and workstations.

Kent's area of expertise is in identity management. He is the CTO of Skyworth TTG Holdings, Inc. and is the current Chair of the OASIS Provisioning Services Technical Committee. Prior to joining Skyworth TTG, Kent was the technical lead for the SPML 2.0 implementation in Sun's Identity Manager Product and the community leader of He was also the technical lead for the Sun Java Systems Identity Synchronization for Windows product and designed and developed core components of the Sun ONE Registry Server product.

Kent holds a Master of Science degree in Electrical Engineering, focusing on Software Engineering, from the University of Texas at Austin and has a Bachelor of Arts in Computer Science Applications and Russian from the University of Colorado at Boulder.



Chapter 1: Identity
What Are the Components of a Person's Identity?
So Where Does Privacy Fit In?
Where Do Roles Fit Into the Concept of an Identity?
Can I Have Multiple Identities in an Identity Management Environment?
Discussion Questions
Case Study

Chapter 2: Managing Identities and Identity Stores
Identities and User Accounts
What Is an Identity Store?
Why Multiple Stores Are a Fact of Life
Strategies for Multiple-Store Environments
Managing Roles
Role Modeling
Delegated Administration and Self-Service
Discussion Questions
Case Study

Chapter 3: Directories
Schemas and Namespace Planning
The Power of a DIT
Issues to Be Aware Of
Authoritative Sources
Directory and Database Design
Virtual Directory
The M Word
Selecting a Configuration
Discussion Questions
Case Study

Chapter 4: Authentication and Access Control
Methods of Authentication
Levels of Authentication
Authentication Assurance Levels
Registration Assurance Levels
Access Control
Discussion Questions
Case Study

Chapter 5: Provisioning
The Mark of a Robust Process
Zero-day Start
Business System Issues
The Role of Roles
The Benefits of Roles
Automating a Provisioning System
Sequential and Parallel Authorization
Discussion Question
Case Study

Chapter 6: Role-Based Access Control
So What Is RBAC?
Why Is RBAC Important
How Should RBAC Be Implemented?
Role Discovery
A Word of Caution
Discussion Questions
Case Study

Chapter 7: Single Sign-on and Federated Authentication
Single Sign-on for the Enterprise
Federated Authentication
Discussion Questions
Case Study

Chapter 8: Governance, Risk, and Compliance
HR Pattern-based Auditing
Pattern Reporting
Business Policies (IT Controls and SoD Rules)
Best Practices for System Cleansing and Auditing
Sample Graphs
Federated Authentication Auditing
Discussion Questions
Case Study

Chapter 9: Implementation and Roadmap
Getting Started
Setting Out
Physical Implementation
Typical Project Structure
Sample Roadmap
Navigating the Political Landscape
Discussion Questions
Case Study

Chapter 10: Public Key Infrastructure
Why Do We Need PKI?
How Does PKI Work?
How Is PKI Used?
The Components
Key Generation
Certificate Management
Certificate Issues
Implementation Considerations
A Final Comment
Discussion Questions
Case Study

Chapter 11: Electronic Identity Smartcards
Deployment Issues
An Ideal Platform
Discussion Questions
Case Study

Appendix A: Case Scenario
The As-Is Situation
The To-Be Requirement
System Descriptions
Data Repositories
Program of Work

Appendix B: Standards
Directory Standards
Authentication Standards

Appendix C: Glossary

Appendix D: Public Key Cryptography Standards

Appendix E: X.509 Specification

Appendix F: Key Lengths
"...a valuable tool in understanding the complexity of identity in a virtual world."
— Gavin Finnie, Professor of Information Systems, Bond University, Queensland, Australia

Related titles
Fundamentals of Technology Project ManagementFundamentals of Technology Project Management
IBM i Security Administration and ComplianceIBM i Security Administration and Compliance
MDM for Customer DataMDM for Customer Data
System i Disaster Recovery PlanningSystem i Disaster Recovery Planning
IBM Data Governance Unified Process, TheIBM Data Governance Unified Process, The
  Special Offer Code  
Enter your Special Offer Code here:
  Search for  

  Our Products  
Browse all »»
IBM i Security Administration and Compliance
From Idea to Print, Chapter 02: First Steps--Technical Articles
Programming in ILE RPG

If download option is selected, Adobe Acrobat 5.0 or lateris requiredto read our e-books*

*Windows PC, Mac OS9/OSX, and Linux