Solutions Review finds the highest-rated books for identity management engineers available on Amazon right now. You need to add these to your collection today.
Solutions Review frequently shares our finds for essential cybersecurity titles and books every InfoSec professional and IT security team should have on the shelf. Here’s one of our lists.
For this list, we wanted to zoom in on a specific profession in cybersecurity – Identity Management Engineer – and share the highest-rated titles that might appeal to members of said profession. These books qualify for this list by providing essential perspectives and information beneficial to Identity Management Engineers and by having a four and having a four-star rating on Amazon at minimum.
These books are intended for professionals, whether just beginning their careers or already established as experts. All are written by authors with proficiency and/or recognition in the field of cybersecurity.
The Highest-Rated Books for Identity Management Engineers
Book Title: Solving Identity Management in Modern Applications: Demystifying OAuth 2.0, OpenID Connect, and SAML 2.0
Our Take: Yvonne Wilson and Abhishek Hingnikar both have extensive experience in software development and identity management. Their expertise is evident throughout the text.
Description: This book takes you from account provisioning to authentication to authorization, and covers troubleshooting and common problems to avoid. The authors include predictions about why this will be even more important in the future. Application best practices with coding samples are provided. Solving Identity and Access Management in Modern Applications gives you what you need to design identity and access management for your applications and to describe it to stakeholders with confidence. You will be able to explain account creation, session and access management, account termination, and more.Go to this book
Book Title: OAuth 2 in Action
Our Take: Justin Richer is a systems architect, software engineer, standards editor, and service designer. Antonio Sanso works as Security Software Engineer.
“OAuth 2 in Action teaches you the practical use and deployment of this HTTP-based protocol from the perspectives of a client, authorization server, and resource server. You’ll learn how to confidently and securely build and deploy OAuth on both the client and server sides…Think of OAuth 2 as the web version of a valet key. It is an HTTP-based security protocol that allows users of a service to enable applications to use that service on their behalf without handing over full control. And OAuth is used everywhere, from Facebook and Google, to startups and cloud services.”
Book Title: Password Authentication for Web and Mobile Apps: The Developer’s Guide To Building Secure User Authentication
Our Take: Dmitry Chestnykh has been writing software for over twenty years, and now consults on applied cryptography and software security.
“Authenticating users with passwords is a fundamental part of web and mobile security. It is also the part that’s easy to get wrong. This book is for developers who want to learn how to implement password authentication correctly and securely. It answers many questions that everyone has when writing their own authentication system or learning a framework that implements it.”
Book Title: Hacking Multifactor Authentication
Our Take: Roger Grimes is a Principal Security Architect at Microsoft, and works with Microsoft Windows, Linux, and BSD. He is also a prolific author and speaker.
“This book covers over two dozen ways that various MFA solutions can be hacked, including the methods (and defenses) common to all MFA solutions. You’ll learn about the various types of MFA solutions, their strengthens and weaknesses, and how to pick the best, most defensible MFA solution for your (or your customers’) needs. Finally, this book reveals a simple method for quickly evaluating your existing MFA solutions. If using or developing a secure MFA solution is important to you, you need this book.”
Book Title: Identity Attack Vectors: Implementing an Effective Identity and Access Management Solution
Our Take: Morey J. Haber is Chief Technology Officer at BeyondTrust and Darran Rolls is CISO and Chief Technology Officer at SailPoint. Greater experts are hard to come by.
Description: As a solution, Identity Access Management (IAM) has emerged as the cornerstone of enterprise security. Managing accounts, credentials, roles, certification, and attestation reporting for all resources is now a security and compliance mandate. When identity theft and poor identity management is leveraged as an attack vector, risk and vulnerabilities increase exponentially. As cyber-attacks continue to increase in volume and sophistication, it is not a matter of if, but when, your organization will have an incident. Threat actors target accounts, users, and their associated identities, to conduct their malicious activities through privileged attacks and asset vulnerabilities.
Our Take: Simon Moffatt is a recognized expert in the field of digital identity and access management, having spent nearly 20 years working in the sector. It comes through in the book.
Description: Modern organizations need to not only meet end-user privacy, security, and usability requirements but also provide business enablement opportunities that are agile and can respond to market changes rapidly. The modern enterprise architect and CISO is no longer just focused upon internal employee security – they now need to address the growing need for digital enablement across consumers and citizens too. A CISO and architect view on designing the fundamental building blocks of a scalable, secure and usable consumer identity and access management (CIAM) system. Covering: business objectives, drivers, requirements, CIAM life-cycle, implementer toolkit of standards, design principles, and vendor selection guidance.
Our Take: Phillip J. Windley is an Associate Professor of Computer Science at Brigham Young University.
Description: Author Phil Windley likens IMA to good city planning. Cities define uses and design standards to ensure that buildings and city services are consistent and workable. Within that context, individual buildings–or system architectures–function as part of the overall plan. With Windley’s experience as VP of product development for Excite@Home.com and CIO of Governor Michael Leavitt’s administration in Utah, he provides a rich, real-world view of the concepts, issues, and technologies behind identity management architecture.
Those were our picks of the highest-rated books for Identity Management Engineers available on Amazon now. For more on identity management, check out the Solutions Suggestion Engine or the Buyer’s Guide.
Solutions Review participates in affiliate programs. We may make a small commission from products purchased through this resource.
- The Best Books for Identity Security Available Now - September 16, 2021
- Authentication Apps: Best of 2021 and Beyond from Solutions Review - September 15, 2021
- Authentication Platforms: Best of 2021 and Beyond from Solutions Review - September 14, 2021