-
Presentation
Presentation
In order to access services in the web, which are essential component of the cloud computing paradigm, it must be assured that access to information is performed securely by authenticated entities that have authorization for the operations requested. This need is common to institutional environments and individual users, and explains why identity management, which is present in most of large enterprise infrastructures, has evolved to the concept of user centric identity management. This Curricular Unit addresses the recent evolutions of identity management platforms, detailing the main aspects of security that they guarantee and the technological paradigms on which they are based. It is therefore inserted as a relevant area in a cycle of studies, which is at the convergence between the engineering of applications and the information systems that support them.
-
Class from course
Class from course
-
Degree | Semesters | ECTS
Degree | Semesters | ECTS
Master Degree | Semestral | 7
-
Year | Nature | Language
Year | Nature | Language
1 | Mandatory | Português
-
Code
Code
ULHT457-1-13322
-
Prerequisites and corequisites
Prerequisites and corequisites
Not applicable
-
Professional Internship
Professional Internship
Não
-
Syllabus
Syllabus
Introduction Needs, objectives and evolution Identification and Authentication: authentication factors, security contexts Authentication & Authorization Infrastructures Identity Management (IdM) Models Evolution of Identity Management models Authorization and Access Control: Policies, models and mechanisms Local, networked, federal and decentralized models Trust Models Trusted Third Party Centralized Trust: PKI Federative Model: IdP / SP Decentralized Model: Trust over IP (ToIP) Technologies for Trust Propagation XML Security: XML encryption, XML Signature SAML: Profiles, Bindings, Assertions JSON Web Tokens (JWT): format, extensions and usage Decentralized Identifiers (DIDs) Verifiable Credentials (VCs) IdM Models and Platforms Shibboleth: federative institutional model OAuth2, OpenID: user centric web model DID, Dock, Sovrin: decentralized and self-sovereign model
-
Objectives
Objectives
The purpose of this course is to present the principles for establishing trust relationships between applications in distributed and potentially unsafe environments, leading to an important modification of Identity Management technologies, in order to allow federative, distributed and decentralized aggregations of user attributes and access policies. At the end of this course, students should: Identify the various components of an Identity Management System Understand the security technologies on which Authentication and Authorization infrastructure rely Identify ways to propagate trust among the various stakeholders of a access transaction Understand the principles of decentralized identity management and be familiar with its the current implementations Use the concepts acquired in the course in their professional or academic activities, implementing or participating in R&D projects in the area of Identity Management in distributed computing environments.
-
Teaching methodologies and assessment
Teaching methodologies and assessment
In this course, specific and controlled assistance from Artificial Intelligence applications will be allowed, for suggestion and validation of source code. In particular, the use of Github Copilot will be encouraged, since it is already available in many Integrated Development Environments (IDEs). In assessments, the teacher will always certify that the students have actually implemented and understood their programs.
-
References
References
Windley, Ph., "Learning Digital Identity: Design, Deploy, and Manage Identity Architectures", 2023, Ed. O'Reilly, ISBN 1098117696 Preukschat, A. Reed, D., "Self-Sovereign Identity: Decentralized digital identity and verifiable credentials", Iª Edição, Ed. Manning, 2021, ISBN 9781617296598
-
Office Hours
Office Hours
-
Mobility
Mobility
No
