Information Security Technology
Course Details
KTO KARATAY UNIVERSITY
Trade and Industry Vocational School
Programme of Information Security Technology
Course Details
Trade and Industry Vocational School
Programme of Information Security Technology
Course Details
| Course Code | Course Name | Year | Period | Semester | T+A+L | Credit | ECTS |
|---|---|---|---|---|---|---|---|
| 08131113 | Identity and Access Management | 2 | Autumn | 3 | 2+2+0 | 5 | 5 |
| Course Type | Elective |
| Course Cycle | Associate (Short Cycle) (TQF-HE: Level 5 / QF-EHEA: Short Cycle / EQF-LLL: Level 5) |
| Course Language | Turkish |
| Methods and Techniques | - |
| Mode of Delivery | Face to Face |
| Prerequisites | - |
| Coordinator | - |
| Instructor(s) | Lect. Merve AKIN |
| Instructor Assistant(s) | - |
Course Instructor(s)
| Name and Surname | Room | E-Mail Address | Internal | Meeting Hours |
|---|---|---|---|---|
| Lect. Merve AKIN | C-129 | [email protected] | 7869 | Wednesday 14.00-16.00 |
Course Content
The course content focuses on the core components of Identity and Access Management (IAM). Key topics include Identity Lifecycle Management (user account provisioning and deprovisioning), Single Sign-On (SSO) mechanisms, and Multi-Factor Authentication (MFA) implementations. Furthermore, identity infrastructure technologies such as access control models (RBAC - Role-Based Access Control), Privileged Access Management (PAM), and directory services (Active Directory, LDAP) are examined in detail. The content is rounded out with the application of authorization policies and access auditing processes.
Objectives of the Course
The primary goal of the "Identity and Access Management (IAM)" course is to teach students the principles of managing digital identities and granting users the minimum access rights necessary for the resources they require, which is key to securing modern enterprise IT systems. This course aims to equip students with the skills to establish, manage, and audit the centralized authentication and authorization mechanisms needed to prevent security breaches and maintain regulatory compliance (such as KVKK/GDPR).
Contribution of the Course to Field Teaching
| Basic Vocational Courses | |
| Specialization / Field Courses | |
| Support Courses | X |
| Transferable Skills Courses | |
| Humanities, Communication and Management Skills Courses |
Weekly Detailed Course Contents
| Week | Topics |
|---|---|
| 1 | Introduction to IAM: Definition, Purpose, and Role in Enterprise Security |
| 2 | Core Components: Identity, Authentication, and Authorization |
| 3 | Authentication Methods: Password, Biometrics, One-Time Passwords (OTP) |
| 4 | Multi-Factor Authentication (MFA) and Adaptive/Conditional Access Mechanisms |
| 5 | Access Control Models: RBAC, DAC, and ABAC |
| 6 | Centralized Directory Services: Active Directory (AD) and LDAP (Lab Exercises) |
| 7 | Identity Lifecycle Management (ILM): Provisioning and De-Provisioning |
| 8 | Midterm Exam |
| 9 | Privileged Access Management (PAM): Concepts, Tools, and Securing Superuser Accounts |
| 10 | Single Sign-On (SSO) and Identity Federation Technologies |
| 11 | Federation Protocols: SAML, OAuth 2.0, and OpenID Connect (OIDC) |
| 12 | Cloud Identity Management: Azure AD / Microsoft Entra ID and AWS IAM Fundamentals |
| 13 | Enterprise Digital Rights Management (DRM) and Zero Trust Architecture |
| 14 | Access Auditing and Compliance: Logging, Reporting, and Regulatory Requirements (GDPR/KVKK) |
| 15 | Current Trends in IAM: Biometric Authentication and AI Applications |
| 16 | Final Exam |
Textbook or Material
| Resources | Mike Chapple, "Access Control and Identity Management" |
| Chris Dotson, "Practical Cloud Security" |
Evaluation Method and Passing Criteria
| In-Term Studies | Quantity | Percentage |
|---|---|---|
| Attendance | - | - |
| Laboratory | - | - |
| Practice | - | - |
| Field Study | - | - |
| Course Specific Internship (If Any) | - | - |
| Homework | - | - |
| Presentation | - | - |
| Projects | - | - |
| Seminar | - | - |
| Quiz | - | - |
| Listening | - | - |
| Midterms | - | - |
| Final Exam | - | - |
| Total | 0 (%) | |
ECTS / Working Load Table
| Quantity | Duration | Total Work Load | |
|---|---|---|---|
| Course Week Number and Time | 16 | 4 | 64 |
| Out-of-Class Study Time (Pre-study, Library, Reinforcement) | 14 | 5 | 70 |
| Midterms | 1 | 6 | 6 |
| Quiz | 0 | 0 | 0 |
| Homework | 0 | 0 | 0 |
| Practice | 0 | 0 | 0 |
| Laboratory | 0 | 0 | 0 |
| Project | 0 | 0 | 0 |
| Workshop | 0 | 0 | 0 |
| Presentation/Seminar Preparation | 0 | 0 | 0 |
| Fieldwork | 0 | 0 | 0 |
| Final Exam | 1 | 10 | 10 |
| Other | 0 | 0 | 0 |
| Total Work Load: | 150 | ||
| Total Work Load / 30 | 5 | ||
| Course ECTS Credits: | 5 | ||