Skip main navigation

Hurry, only 1 day left to get one year of Unlimited learning for £249.99 £174.99. New subscribers only. T&Cs apply

Find out more

Wrap-up

Summary of the week on the rapid changes in IdAM technology.

Let’s wrap up what you have learned.

  • We’ve looked at the assorted technical standards and the solutions that exist to help meet the broad range of requirements of a modern identity and access management system implementation. There are solutions that meet the needs of our traditional local area network, and some of these are very long-standing, like Kerberos.
  • Increasingly, we are looking for integration and the ability to cater to services like the cloud and its different types of cloud service. These are driving the use and the development of standards like SAML, OAuth, and OpenID Connect. We are no longer dealing with a single security realm. Typically, now we’re trying to join different pieces of technology, and SAML, OAuth, and OpenID Connect are important for that reason.
  • Many of the newer integration technologies are based on open standards, which is helpful in terms of encouraging their adoption and their use. But a range of software vulnerabilities exist that can be exploited by attackers. So, we need to be careful when we are looking to manage our vulnerabilities. This requires us to try to minimize risk.
  • Typically, compliance regimes like PCI DSS or ISO 27000 will mandate some sort of formal approach to vulnerability management, partly, for this reason. Many of the newer integration technologies that we see in use are based on these open standards.
  • Integration and cloud services are driving the use and development of standards like SAML, OAuth, and OpenID Connect. A lot of these modern technologies are well worth investing time and energy in learning because they are growing rapidly. The consumption and the use of these technologies is, usually, commoditized using IDP technologies.
  • Be aware of how SAML, OAuth, and OpenID Connect work because it enables us to ask the right questions when we’re commissioning these services, when we’re buying them, and when we’re implementing them.
This article is from the free online

Cyber Security Foundations: Reinforcing Identity and Access Management

Created by
FutureLearn - Learning For Life

Reach your personal and professional goals

Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.

Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.

Start Learning now