You are previewing Identity and Access Management.
O'Reilly logo
Identity and Access Management

Book Description

Identity and Access Management: Business Performance Through Connected Intelligenceprovides you with a practical, in-depth walkthrough of how to plan, assess, design, and deploy IAM solutions. This book breaks down IAM into manageable components to ease systemwide implementation. The hands-on, end-to-end approach includes a proven step-by-step method for deploying IAM that has been used successfully in over 200 deployments. The book also provides reusable templates and source code examples in Java, XML, and SPML.

  • Focuses on real-word implementations
  • Provides end-to-end coverage of IAM from business drivers, requirements, design, and development to implementation
  • Presents a proven, step-by-step method for deploying IAM that has been successfully used in over 200 cases
  • Includes companion website with source code examples in Java, XML, and SPML as well as reusable templates

Table of Contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. Foreword
  6. Preface
  7. Introduction
    1. Abstract
    2. Business Case and Business Requirements
    3. IAM Framework, Key Principles, and Definition
    4. Current State and Capability Maturity
    5. Key Challenges and Critical Success Factors
    6. Future State and IAM Roadmap
    7. Implementation Methodology and Approach
    8. Roles and Rules
    9. IAM Product Selection
    10. Technology and IAM Forecast
    11. Case Studies
    12. Companion Materials
  8. Acknowledgments
  9. Author and Editor Biographies
    1. Author and Editor
    2. Advisory Team
    3. Contributing Authors
  10. Section 1: Business Case and Current State
    1. Chapter 1. Business Requirements and Business Case Development
      1. Introduction
      2. An IAM Business Case: What Is It, Exactly? Why Is It Important?
      3. Types of Business Cases for IAM
      4. A Strategic Approach to Developing an IAM Business Case
      5. Summary
      6. Appendix A Sample Table of Contents for Requirements
      7. Appendix B Sample Requirements Document
      8. Appendix A Sample Table of Contents for Requirements
      9. Appendix B Sample Requirements Document
    2. Chapter 2. IAM Framework, Key Principles, and Definitions
      1. IAM Defined
      2. IAM Framework
    3. Chapter 3. Current State and Capability Maturity
      1. IAM Capability Maturity Framework
      2. Sample Work-Products and Artifacts
      3. Appendix A Sample Current State Assessment Report
      4. Appendix B Sample Maturity Assessment—Summary View
    4. Chapter 4. Common Challenges and Key Considerations
      1. Theme 1 Governance
      2. Theme 2 Program Delivery
      3. Theme 3 Sustain Compliance
      4. Theme 4 Identity Lifecycle
      5. Theme 5 Control Access
      6. Theme 6 Operations
      7. Conclusion
    5. Chapter 5. Case Study: Access Reviews
      1. Case Study Questions
  11. Section 2: Future State and Roadmap
    1. Chapter 6. Future State Definition
      1. Introduction
      2. Stages of IAM Future State Definition
      3. Conclusion
    2. Chapter 7. IAM Roadmap and Strategy
      1. Developing an IAM Roadmap
      2. Key Components of an IAM Roadmap
      3. Conclusion
    3. Chapter 8. Identity and Access Intelligence: A Risk-Based Approach
      1. A Risk-Based Approach to IAM
      2. Peer Group and Outlier Analysis
      3. Role Analysis
      4. Resource Allocation and Analysis
      5. Risk and Fraud Systems Integration
      6. Conclusion
    4. Chapter 9. Enabling Business Through Cloud-Based IAM
      1. Introduction
      2. IAM Cloud Deployment Models
      3. IAM Cloud Service Models
      4. IAM Cloud Security and Risk Management
      5. Conclusion
    5. Chapter 10. Case Study: Future State—Finding a Way Out of the Labyrinth
      1. Case Study Questions
  12. Section 3: Implementation
    1. Chapter 11. Implementation Methodology and Approach
      1. Implementation Methods
      2. Conclusion
      3. Chapter 11 Appendix 1 IAM Implementation Toolkit
    2. Chapter 12. Access Request, Approval, and Provisioning
      1. System Overview and Key Components
      2. IAM Data Management
      3. Conclusion
    3. Chapter 13. Enforcement
      1. Introduction
      2. Authentication
      3. Authentication Implementation Approaches
      4. Authorization
      5. Logging and Monitoring
      6. Conclusion
    4. Chapter 14. Access Review and Certification
      1. Benefits and Objectives
      2. Access Review and Certification Processes
      3. Conclusion
    5. Chapter 15. Privileged Access Management
      1. Understanding Privileged Access
      2. Key Business Drivers
      3. Privileged Access Management Program
      4. Conclusion
    6. Chapter 16. Roles and Rules
      1. Rules and Enforcement
      2. The RBAC Model and the Access Management Life Cycle
      3. RBAC Implementation Considerations
      4. Guiding Principles and Lessons Learned
      5. Conclusion
      6. Appendix Sample RBAC Work Products and Artifacts
      7. Appendix A Sample—Processes and Governance Process
      8. Appendix B Sample—RBAC Role Management Processes
    7. Chapter 17. IAM Product Selection
      1. The IAM Product Selection and Decision Framework
      2. Conclusion
    8. Chapter 18. Case Study: Implementation
      1. Background and Issues
      2. What Happened?
      3. Final Results and Impact on the Organization
      4. Lessons Learned
      5. Case Study Questions
  13. Section 4: Identity and Access Management Forecast
    1. Chapter 19. The Future of Identity and Access Management
      1. 1 Password-Based Authentication. To Paraphrase Mark Twain, the Reports of its Death Have Been Greatly Exaggerated
      2. 2 It’s Not Your Voice That Will Be Your Password, but It Will Be Your Phone
      3. 3 Biometrics Authentication Will Remain a Niche for Primary Authentication
      4. 4 Access Decision-Making Will Become Context Aware
      5. 5 The Identity Ecosystem Will Finally Emerge
      6. 6 Privacy Will Take a Back Seat to Security
      7. 7 Increasing Use of Cloud Services Will Drive Adoption of Federated Authentication
      8. 8 Entitlement Management Will Shift from Being Technology Centric to Business Centric
      9. 9 Access Governance Will Become (Near) Real Time
      10. 10 Identity Repositories Will Move Out of HR
      11. Conclusion
  14. Bibliography
  15. Index