Web access management (WAM) is a form of identity management that controls access to web resources, providing authentication management, policy-based authorizations, audit and reporting services (optional) and single sign-on convenience
Authentication management is the process of determining a user’s (or application’s) identity. This is normally done by prompting for a user name and a password. Additional methods of authentication can also include access tokens (which generate one-time passwords) and digital certificates.
Once a user's (or process') identity is confirmed, policy-based authorization comes into play. A web resource can have one or more policies attached to it that say "only allow internal employees to access this resource" and/or "only allow members of the Admin Group to access this resource." The requested resource is used to look up the policy, and then the policy is evaluated against the user’s identity. If the user passes the policy evaluation, she/he is granted access to the resource. If the user fails the evaluation, access is denied.
After an authentication or authorization policy decision is made, the outcome can be recorded for auditing purposes, such as:
- determining the last login time of a user
- identifying attempts to gain access to protected resources
- logging any administrative actions
As a benefit to the end user, a web access management product can then tie this security together (which is more of a benefit to IT and administrative staff), and offer single sign on, the process by which a user logs in only once to a web resource, and then is automatically logged in to all related resources. Users can be inconvenienced when attempting to get authenticated to multiple websites throughout the course of a day (potentially each with different user names and passwords). A web access management product can record the initial authentication, and provide the user with a cookie that acts as a temporary token for authentication to all other protected resources, thereby requiring the user to log in only once.
Read more about Web Access Management: History, Architectures, Costs
Famous quotes containing the words web, access and/or management:
“Ye whose clay-cold heads and luke-warm hearts can argue down or mask your passions—tell me, what trespass is it that man should have them?... If nature has so wove her web of kindness, that some threads of love and desire are entangled with the piece—must the whole web be rent in drawing them out?”
—Laurence Sterne (1713–1768)
“The professional celebrity, male and female, is the crowning result of the star system of a society that makes a fetish of competition. In America, this system is carried to the point where a man who can knock a small white ball into a series of holes in the ground with more efficiency than anyone else thereby gains social access to the President of the United States.”
—C. Wright Mills (1916–1962)
“The Management Area of Cherokee
National Forest, interested in fish,
Has mapped Tellico and Bald Rivers
And North River, with the tributaries
Brookshire Branch and Sugar Cove Creed:
A fishy map for facile fishery....”
—Allen Tate (1899–1979)