AIT 672 – Spring 2018
Identity and Access Management
Research paper Guidelines & Suggested Topics
(Research Paper – Due Date: May 5, 2018)
I have given below a list of suggested topics for the Research Paper. You are not bound to choose any of these topics. However if you choose a different topic, please submit a half a page abstract through email, outlining your scope, focus areas and the overall objective of your paper for my approval and suggestions if any (to enhance or modify the focus, scope etc).
- Research Paper Guidelines
The Research paper must be double spaced, preferably 12-15 pages long (with the minimal font of size 11) including the references, tables, appendix etc. An abstract not exceeding 300 words should also be given just before the introduction section.
The following sections are mandatory:
Summary (or) Conclusions
In the Introduction section you should state the objectives of the Research paper as well as the scope of your research (some topics such as biometric may have a large scope and in a 12-15 paper you may not be able to deal with all issues in the entire topic).
In the Summary (or) Conclusions section you should summarize the content and provide your own observations, insights or lessons learnt etc. This will exhibit your own understanding and comprehension of the particular aspects of the topic you have chosen to concentrate for the Research paper.
The Research paper carries a weight of 20 points and the submission is due on Dec 10, 2017. Please submit the paper through the blackboard with the attached file in MS Word or PDF format. It is not necessary to submit a printed copy of the Research paper.
- Suggested Topics for Research paper
(1) Enterprise PKI Architecture – Core Processes and Technology, Accreditation Requirements and Implementation Issues
(2) Comparison of various biometric technologies (e.g., Fingerprint Minutiae, Retinal Scan, Iris Scan etc) in terms of error characteristics, easy of capture, storage and operations.
(3) Compare the advantages and disadvantages of short lived Vs long lived credentials/tokens taking at least two token types from each category. (Examples of short lived tokens – SAML Assertions, Kerberos Tickets. Examples of long lived tokens – Smart Cards, PKI Certificates)
(4) Describe the type of credentials that can be carried in a smart card. What are the advantages of a smart card compared to other forms of tokens? What are the factors that help you to establish trust in a smart card (Hint: Procedures adopted before a card is issued must be addressed here).
(5) Describe in detail the deployment of a standards-based Identity Federation Scheme such as OAuth for mobile device environments.
(6) Describe the functions and responsibilities of the Identity provider (IdP) in the various authentication schemes – as a CA/RA in PKI, STS in some federated identity schemes etc.
(7) Describe the mechanisms needed for setting up “Identity as a Service” as a cloud-based Service. In particular describe what information does this require from its clients (subscribers) and what information it may be required to provide to Relying parties (type of tokens, assertions etc).
(8) Analyze the state of technology for providing authentication services for mobile devices & applications.
(9) An Analysis of identity management architectures for cloud services such as Infrastructure as a Service (IaaS) and/or Software as a Service (SaaS). Describe in terms of deployment methods, architectures and protocols.
(10) Privacy Issues and how they are addressed in Identity Management systems.
(13) Enterprise Directories – Configuration and Deployment as an integral part of Enterprise Identity & Access Management Solutions.
(14) Identity Theft – Case Studies, Attack Vectors, Business Impact. How it could have been prevented and counter measures taken to avoid such incidents in the future.
(15) Compare access control models such as DAC, MAC, Chinese Wall etc. Describe the security strengths and weaknesses of each of the models.
(16) Describe the application of RBAC or ABAC access control model for securing the resources of a distributed system – Web services, Workflow systems etc.