IAM Books
14 books in this category
Identity Management Design Guide with IBM Tivoli Identity Manager
Axel Buecker
Identity Management Design Guide with IBM Tivoli Identity Manager
Axel Buecker, Dr. Paul Ashley, Martin Borrett
This IBM Redbooks publication provides a comprehensive guide to designing and implementing identity management solutions using IBM Tivoli Identity Manager. It covers the full identity lifecycle from provisioning to deprovisioning, role-based access control, compliance reporting, and integration patterns with enterprise directories and applications.
Solving Identity Management in Modern Applications
Yvonne Wilson
Solving Identity Management in Modern Applications
Yvonne Wilson, Abhishek Hingnikar
This book provides a practical guide to identity management for modern applications. It covers the fundamentals of authentication, authorization, OAuth 2.0, OpenID Connect, and SAML 2.0, explaining when and how to use each. The second edition includes updated coverage of passwordless authentication, passkeys, and decentralized identity.
Identity Attack Vectors
Morey J. Haber
Identity Attack Vectors
Morey J. Haber, Darran Rolls
Identity Attack Vectors explores the threat landscape targeting identity systems and provides practical guidance for implementing effective IAM solutions. It covers privileged access management, identity governance, attack patterns targeting credentials and identity stores, and defensive strategies.
Keycloak - Identity and Access Management for Modern Applications
Stian Thorgersen
Keycloak - Identity and Access Management for Modern Applications
Stian Thorgersen, Pedro Igor Silva
This practical guide covers Keycloak from installation to advanced configuration. Learn how to secure applications using OpenID Connect and OAuth 2.0, configure social login, implement fine-grained authorization, manage users and roles, and integrate Keycloak with existing infrastructure.
NIST SP 800-63 Digital Identity Guidelines
Paul Grassi
NIST SP 800-63 Digital Identity Guidelines
Paul Grassi, James Fenton, Elaine Newton, Ray Perlner, Andrew Regenscheid
The NIST SP 800-63 Digital Identity Guidelines provide technical requirements for federal agencies implementing digital identity services. Revision 4 covers identity proofing (800-63A), authentication and lifecycle management (800-63B), and federation and assertions (800-63C). It defines Identity Assurance Levels (IAL), Authenticator Assurance Levels (AAL), and Federation Assurance Levels (FAL).
Privileged Attack Vectors
Morey J. Haber
Privileged Attack Vectors
Morey J. Haber
This book examines how attackers exploit privileged accounts and provides comprehensive guidance on building a privileged access management program. It covers PAM architecture, credential vaulting, session management, just-in-time access, and measuring PAM program effectiveness.
Zero Trust Security
Jason Garbis
Zero Trust Security
Jason Garbis, Jerry W. Chapman
This enterprise guide provides a comprehensive framework for planning and implementing zero trust security. It covers the strategic, architectural, and operational aspects of zero trust, including identity-centric security, microsegmentation, software-defined perimeters, and continuous verification.
Self-Sovereign Identity
Alex Preukschat
Self-Sovereign Identity
Alex Preukschat, Drummond Reed
Self-Sovereign Identity provides a comprehensive overview of decentralized identity concepts including verifiable credentials, decentralized identifiers (DIDs), and the trust-over-IP stack. It explores how SSI can transform digital identity by giving individuals control over their own identity data.
IAM for Cloud Infrastructure
Marcus Young
IAM for Cloud Infrastructure
Marcus Young
A practical guide to identity and access management across major cloud platforms. Covers AWS IAM, Azure AD (Entra ID), and GCP IAM including policies, roles, service accounts, cross-cloud identity federation, and infrastructure-as-code for IAM.
Enterprise IAM Guidebook
Jeff Lombardo
Enterprise IAM Guidebook
Jeff Lombardo
A practical guide to building and maturing an enterprise IAM program. Covers program strategy, technology selection, role management, access governance, compliance, and organizational change management for IAM.
The CIAM Handbook
Martin Kuppinger
The CIAM Handbook
Martin Kuppinger, Anne Bailey
A comprehensive guide to Customer Identity and Access Management covering user registration, progressive profiling, consent management, social login, identity verification, and the balance between security and user experience in consumer-facing applications.
SCIM: System for Cross-domain Identity Management
Phil Hunt
SCIM: System for Cross-domain Identity Management
Phil Hunt, Kelly Grizzle
The implementer's guide to SCIM (System for Cross-domain Identity Management), the standard protocol for automating user provisioning and deprovisioning across cloud applications. Covers the SCIM schema, operations, filtering, bulk operations, and implementation best practices.
Identity Is the New Perimeter
Jason Garbis
Identity Is the New Perimeter
Jason Garbis
This book makes the case that identity has replaced the network perimeter as the primary security boundary and provides a practical framework for implementing identity-first security. It covers identity-centric architecture, continuous authentication, adaptive access control, and identity threat detection.
Mastering Active Directory
Dishan Francis
Mastering Active Directory
Dishan Francis
A comprehensive guide to Active Directory Domain Services covering design, deployment, group policy, certificate services, federation (AD FS), Azure AD integration, security hardening, and troubleshooting in enterprise environments.