Book – Signed Copy of CIAM Design Fundamentals

£30.00

SKU: tch-book-signed-ciam-design Category:

Description

A signed paperback copy of the book.

A CISO and architect view on designing the fundamental building blocks of a scaleable, secure and usable consumer identity and access management (CIAM) system. Covering: business objectives, drivers, requirements, CIAM life-cycle, implementer toolkit of standards, design principles and vendor selection guidance.

Description:

Consumer identity and access management (CIAM) is a critical component of any modern organisation’s digital transformation initiative.  If you used the Internet yesterday, you would very likely have interacted with a website that had customer identity and access management at its foundation.

Making an online purchase, checking your bank balance, getting a quote for car insurance, logging into a social media site or submitting and paying your income tax return.  All of those interactions require high scale, secure identity and access management services.

But how are those systems designed?  Modern organisations need to not only meet end user privacy, security and usability requirements, but also provide business enablement opportunities that are agile and can respond to market changes rapidly.

The modern enterprise architect and CISO is no longer just focused upon internal employee security – they now need to address the growing need for digital enablement across consumers and citizens too.

 

About The Author:

Simon Moffatt is a recognised expert in the field of digital identity and access management, having spent nearly 20 years working in the sector, with experience gained in consultancies, startups, global vendors and within industry. He has contributed to identity and security standards for the likes of the National Institute of Standards and Technology and the Internet Engineering Task Force. Simon is perhaps best well known as a public speaker and industry commentator via his site The Cyber Hut.

He is a CISSP, CCSP, CEH and CISA and has a collection of vendor related qualifications from the likes Microsoft, Novell and Cisco. He is an accepted full member of the Chartered Institute of Information Security (M.CIIS), a long time member of the British Computer Society and a senior member of the Information Systems Security Association. He is also a postgraduate student at Royal Holloway University, studying for a Masters of Science in Information Security.

Since 2013, he has worked at ForgeRock, a leading digital identity software platform provider, where he is currently Global Technical Product Management Director.

 

Reviews:

  • “Consumer identity is at the very core of many a successful digital transformation project. Simon blends first hand experience, research and analysis, to create a superbly accessible guide to designing such platforms” – Scott Forrester CISSP, Principal Consultant, UK.

 

  • “This is the book that needs to be on every Identity Architect’s Kindle. Simon does a great job of laying the foundation and history of Consumer Identity and Access Management and then gives you the roadmap that you need as an architect to deliver success on a project” – Brad Tumy, Founder & Principal Architect, Tumy Technology, Inc, USA.

 

  • “Leveraging his strong security and industry background, Simon has created a must-have book for any Identity and Access Management professional looking to implement a CIAM solution. I strongly recommend the Consumer Identity & Access Management Design Fundamentals book!” – Robert Skoczylas, Chief Executive Officer, Indigo Consulting Canada Inc.

(NB Paperback is available from Amazon)

Language: English

Number of Pages:  359

Table of Contents:

CHAPTER 1………………………………………………………………….15
Identity Evolution……………………………………………………….16
Time Before Automation…………………………………………16
Industrialization of IAM……………………………………………19
Comparison of CIAM to IAM……………………………………25
Outside-in -v- Inside-out……………………………………..25
Functional & Non-functional…………………………………29
Business & Budget Owners…………………………………31
Savings -v- Earnings………………………………………….33
CIAM─Why Now?………………………………………………………36
Drivers…………………………………………………………………36
The Digital Journey…………………………………………….36
Outbound Marketing………………………………………36
Self Service…………………………………………………..37
Multi-channel………………………………………………..37
Omnichannel…………………………………………………38
Competitive Agility……………………………………………..39
Benefits of CIAM………………………………………………………..42
For The Provider……………………………………………………42
For The End User………………………………………………….44
Challenges……………………………………………………………….46
Real World Examples…………………………………………………47
ACME Bank………………………………………………………….48
Government of the United Mountains………………………..50
Summary………………………………………………………………….53

CHAPTER 2………………………………………………………………….55
Home Grown Solutions……………………………………………….55
Why Do Home Grown CIAM Solutions Exist?…………….56
The Implications of Home Grown……………………………..60
Home Grown CIAM Checklist…………………………………..63
Employee Identity Systems…………………………………………65
Specialist Suppliers……………………………………………………68
Core CIAM Capabilities…………………………………………..69
Functional…………………………………………………………69
Non Functional………………………………………………….73
Market Breakdown…………………………………………………75
Origins within IAM……………………………………………..76
Broadcom (formerly CA Technologies)……………..77
ForgeRock……………………………………………………77
IBM……………………………………………………………..78
Micro Focus………………………………………………….78
Okta…………………………………………………………….79
Ping Identity………………………………………………….79
Origins within Marketing……………………………………..80
Akamai Technologies (formerly Janrain)……………81
LoginRadius………………………………………………….81
SAP Customer Data Cloud (formerly Gigya)………82
PaaS Big 3: “AmaGooMi”……………………………………82
Amazon………………………………………………………..83
Google…………………………………………………………84
Microsoft………………………………………………………85
Emergent Suppliers……………………………………………85
Auth0…………………………………………………………..86
Cloudentity……………………………………………………87
Idaptive………………………………………………………..87
Open Source…………………………………………………88
Market Breakdown Summary………………………………88
Future Trends……………………………………………………………90
Convergence…………………………………………………………91
Commoditization……………………………………………………96
4Conflict…………………………………………………………………99
Summary………………………………………………………………..109

CHAPTER 3………………………………………………………………..111
Getting to Know Your Customers……………………………….111
AML…………………………………………………………………..112
Fraud…………………………………………………………………114
Behaviour……………………………………………………………118
Personalisation……………………………………………………122
How?……………………………………………………………..123
Humanise, Offer Choice & Predict………………….123
Reduce………………………………………………………125
Be Continuous, Be Seamless………………………..126
Data on Demand……………………………………………………..127
Data Lifecycle……………………………………………………..128
Why & How……………………………………………………..128
Generating………………………………………………….128
Sharing………………………………………………………129
Accessing…………………………………………………..131
When……………………………………………………………..132
Data in Motion……………………………………………..132
Data at Rest………………………………………………..134
Identify, classify and tag CIAM related data……..134
Data in Use…………………………………………………135
Any X – Location, Time & Device…………………………….136
Multi-platform Journeys…………………………………………….136
Device Types………………………………………………………137
The What………………………………………………………..137
Mobile………………………………………………………..137
Laptop………………………………………………………..139
Internet of Things…………………………………………141
Constrained…………………………………………….142
Smart……………………………………………………..142
The How…………………………………………………………143
Standards Based APIs………………………………….144
SDKs…………………………………………………………146
Applying the CIA Triad………………………………………………148
What is the CIA triad?…………………………………………..148
Adding in Usability……………………………………………….153
Consent Management………………………………………………157
Privacy -v- Personalisation…………………………………….157
Regulation…………………………………………………………..160
GDPR…………………………………………………………….160
CCPA…………………………………………………………….163
Consent Lifecycle…………………………………………………164
Privacy as a Differentiator……………………………………..167
Summary………………………………………………………………..170

CHAPTER 4………………………………………………………………..171
Onboarding…………………………………………………………173
Bot Detection…………………………………………………..173
Anonymous User……………………………………………..175
Manual Entry…………………………………………………..177
BYOI………………………………………………………………178
Migration…………………………………………………………181
Account Validation……………………………………………183
Proofing……………………………………………………………..184
Secure Login……………………………………………………….186
MFA……………………………………………………………….188
Passwordless………………………………………………….201
SSO……………………………………………………………….204
Device Binding…………………………………………………….206
BYOD…………………………………………………………….207
IoT…………………………………………………………………209
Constrained………………………………………………..209
Smart…………………………………………………………210
Contextual & Adaptive Access……………………………….212
Zero Trust……………………………………………………….214
CARTA…………………………………………………………..216
Fraud Detection & Management…………………………217
Transactional Authorization……………………………….218
Profile Management……………………………………………..219
Progressive Profiling…………………………………………220
Password Management…………………………………….223
Delegated Administration………………………………….226
Consent Management…………………………………………..229
Preference Capture………………………………………….230
Dashboarding………………………………………………….232
Data Management……………………………………………….233
Integration………………………………………………………234
User Data Sharing……………………………………………239
Privacy Preservation…………………………………………241
Account Removal…………………………………………………244
Summary…………………………………………………………….249

CHAPTER 5………………………………………………………………..251
Business Objectives Mapping………………………………..251
Stakeholder Analysis…………………………………………….255
CMO………………………………………………………………255
CIO………………………………………………………………..256
CISO……………………………………………………………..257
Identity Architect………………………………………………257
What Are You Building? (And For Whom?)………………258
Design Principles…………………………………………………261
Summary…………………………………………………………….265

CHAPTER 6………………………………………………………………..267
User Coverage…………………………………………………….267
Application Coverage……………………………………………271
Data Management……………………………………………….274
Authentication……………………………………………………..277
Authorization……………………………………………………….280
Scale & Capacity………………………………………………….285
7Future Roadmap………………………………………………….287
Summary…………………………………………………………….290

CHAPTER 7………………………………………………………………..293
Cryptography Crash Course…………………………………..293
Encryption………………………………………………………298
Symmetric Key Encryption…………………………….300
Asymmetric Encryption…………………………………301
Hashing………………………………………………………….302
Signatures………………………………………………………304
Message Authentication Codes………………………….305
APIs, REST and JSON…………………………………………306
APIs……………………………………………………………….306
REST……………………………………………………………..307
JSON……………………………………………………………..308
OAuth2……………………………………………………………….309
OAuth2 MTLS………………………………………………….311
OAuth2 PKCE…………………………………………………312
OAuth2 Device Grant……………………………………….314
UMA………………………………………………………………315
OIDC………………………………………………………………….317
JWT…………………………………………………………………..318
FIDO & FIDO2/WebAuthn……………………………………..321
FIDO………………………………………………………………321
FIDO2 / WebAuthn…………………………………………..323
SCIM………………………………………………………………….324
LDAP…………………………………………………………………325
Summary…………………………………………………………….327

CHAPTER 8………………………………………………………………..329
Vendor Selection Process……………………………………..329
Sample RFP………………………………………………………..334
PoC Design…………………………………………………………341
Summary…………………………………………………………….347

CHAPTER 9………………………………………………………………..349
Why Metrics Matter………………………………………………349
Success Samples………………………………………………..353
User Acquisition………………………………………………353
Shopping Cart Abandonment…………………………….354
Agent Assisted Support…………………………………….355
Compliance Costs……………………………………………356
Data Breach Reduction…………………………………….356
Summary…………………………………………………………….357

 

 

 

Additional information

Weight 0.5 kg