Handbook

The use of access mechanisms and deployment of selected levels of privilege is critical in providing secure access to network and application processes.  Access control is how limits on users or systems are implemented, and is one of the three cornerstones of security (confidentiality, integrity and authentication).

 Although in principal network devices – such as firewalls and routers and even host devices can be set up to authenticate users, in practice there exists two key architectures in widespread use (i) The RSA engine operating in conjunction with the Active Directory Domain Controller and (ii)The  Open Source Shibboleth Federation Authentication Systems with  Identity Provider interworking with Service Provider engines. Thus there are two separate systems to be studied in this Identity and Access Management course.

The course includes working with the following technologies:

·        Active directory and server configurations

·        Domain controller and Kerberos

·        RADIUS authentication

·        RSA authentication engine

·        Multi-factor and token access control

·        Cryptographic front ends to domain controller and clients