filmeu

Class Identity Management Systems

  • Presentation

    Presentation

    The Identity Management Systems course covers the foundations, standards, and technologies underpinning digital identity management in organizational and governmental contexts. It begins with digital identity concepts, trust, and identity lifecycle, progressing to international normative frameworks (NIST SP 800-63-4, eIDAS 2.0, ETSI) that define assurance levels and compliance requirements. Cryptographic fundamentals (symmetric, asymmetric, PKI, X.509 certificates) provide the technical foundation for authentication systems and federated models. The course explores SAML and OpenID Connect as federated solutions, culminating in the decentralized model with DIDs, Verifiable Credentials, and the EUDI Wallet architecture. The course balances theory and practice, preparing students to design, implement, and audit identity systems compliant with current standards.
  • Code

    Code

    ULHT457-1-13322
  • Syllabus

    Syllabus

    1 - Introduction Identity and digital identity Terminology Trust Identity management models 2 - Standards USA: NIST SP 800-63-4 EU: eIDAS, ETSI, EUDI Wallet 3 - Security fundamentals Cryptography Digital certificates 4 - Authentication systems Username and password Challenge-response Private key OTP Passkeys 5 - Classic federated model: SAML XML Security: XML encryption, XML Signature SAML: Profiles, Bindings, Assertions 6 - Web federated model: OpenID Connect JSON Web Tokens (JWT): format, extensions and usage OAuth2 OpenID Connect (OIDC) 7 - Decentralized model: Verifiable Credentials Decentralized Identifiers (DIDs) Verifiable Credentials (VCs) Adjacent technology: mDOC, mDL Wallets and verifiers
  • Objectives

    Objectives

    Upon completing this course, students will be able to: Explain fundamental concepts of digital identity, trust, and the different identity management models (centralized, federated, decentralized) Interpret and apply NIST and European normative frameworks (eIDAS, ETSI), mapping assurance levels to system requirements Understand the cryptographic foundations underlying identity systems, including symmetric and asymmetric cryptography, PKI, and digital certificates Evaluate and select authentication mechanisms appropriate to risk level, including multifactor and phishing-resistant authentication Analyze and implement federated identity solutions using SAML and OpenID Connect Design solutions based on decentralized identity with DIDs and Verifiable Credentials Balance security, privacy, and usability requirements in identity system design
  • Teaching methodologies

    Teaching methodologies

    The course employs methodologies promoting active learning and practical skill development: Problem-based learning: practical exercises in each topic challenge students to apply concepts to realistic scenarios (personal identifier analysis, trust relationship mapping, normative compliance assessment) Hands-on laboratories: configuration and testing of real protocols (SAML, OpenID Connect) in controlled environments Case study analysis: examination of real implementations and documented security incidents to develop critical thinking Continuous formative assessment: review questions and practical exercises throughout each topic enable self-assessment and gap identification
  • References

    References

    Windley, Ph., "Learning Digital Identity: Design, Deploy, and Manage Identity Architectures", 2023, Ed. O'Reilly, ISBN 1098117696 Preukschat, A. Reed, D., "Self-Sovereign Identity: Decentralized digital identity and verifiable credentials", Iª Edição, Ed. Manning, 2021, ISBN 9781617296598  
  • Assessment

    Assessment

    • Trabalhos práticos com demonstração ao longo do semestre
      • Trabalho prático 1: 20%
      • Trabalho prático 2: 20%
      • Trabalho prático 3: 20%
      • Trabalho prático 4: 20%
    • Teste teórico: 20% (nota mínima 9,5)

     

SINGLE REGISTRATION
Lisboa 2020 Portugal 2020 Small financiado eu 2024 prr 2024 republica portuguesa 2024 Logo UE Financed Provedor do Estudante Livro de reclamaões Elogios entidade signataria