Certifications
There are only two widely recognized vendor-neutral certifications for IAM that frequently appear in job postings:
- Certified Information Systems Security Professional (CISSP) by ISC2 (exam – $749, annual fee – $125)
- Certified Identity and Access Manager (CIAM) by the Identity Management Institute (exam – $390, annual fee – $100)
(although other IAM certifications, such as CIDPRO, can be valuable for learning, they are not commonly listed in job postings)
Free Education / Publications / Research
A comprehensive guide to IAM – Understanding IAM by Okta
Introduction of Zero Trust – “Formalising Trust as a Computational Concept” by Stephen Paul Marsh (1994)
NIST publication on Zero Trust – “Zero Trust Architecture” by Scott Rose et al. (2020)
Introduction of RBAC – “Role-Based Access Control Models” by Ravi Sandhu et al. (1996)
Standardization of RBAC – “The NIST Model for Role-Based Access Control: Towards a Unified Standard” by David F. Ferraiolo et al. (2000)
Introduction of ABAC – “Attribute-Based Access Control” by Vincent C. Hu et al. (2014)
Key document for understanding SAML 2.0 – “Security Assertion Markup Language (SAML) V2.0 Technical Overview” by Nick Ragouzis et al. (2008)
Introduction of OAuth 2.0 – “The OAuth 2.0 Authorization Framework” by Dick Hardt (2012)
Feasibility of going passwordless – “The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes” by Joseph Bonneau et al. (2012)