Web access management (WAM)[1] is a form of identity management that controls access to web resources, providing authentication management, policy-based authorizations, audit and reporting services (optional) and single sign-on convenience.
Authentication management is the process of determining a user’s (or application’s) identity. This is normally done by prompting for a user name and a password. Additional methods of authentication can also include access tokens (which generate one-time passwords) and digital certificates.
Once a user's (or process') identity is confirmed, policy-based authorization comes into play. A web resource can have one or more policies attached to it that say e.g. "only allow internal employees to access this resource" and/or "only allow members of the Admin Group to access this resource." The requested resource is used to look up the policy, and then the policy is evaluated against the user’s identity. If the user passes the policy evaluation, she/he is granted access to the resource. If the user fails the evaluation, access is denied.
After an authentication or authorization policy decision is made, the outcome can be recorded for auditing purposes, such as:
determining the last login time of a user
identifying attempts to gain access to protected resources
logging any administrative actions
As a benefit to the end user, a web access management product can then tie this security together (which is more of a benefit to IT and administrative staff), and offer single sign on, the process by which a user logs in only once to a web resource, and then is automatically logged into all related resources. Users can be inconvenienced when attempting to get authenticated to multiple websites throughout the course of a day (potentially each with different user names and passwords). A web access management product can record the initial authentication, and provide the user with a cookie that acts as a temporary token for authentication to all other protected resources, thereby requiring the user to log in only once.
^"Gartner names Oracle for WAM". The Financial Daily. Vol. 3, no. 154. January 8, 2010.
and 26 Related for: Web access management information
Identity management (IdM), also known as identity and accessmanagement (IAM or IdAM), is a framework of policies and technologies to ensure that the right...
content. Uses of deep web sites include web mail, online banking, cloud storage, restricted-access social-media pages and profiles, and web forums that require...
A web content management system (WCM or WCMS) is a software content management system (CMS) specifically for web content. It provides website authoring...
immediate access to other web resources. Web navigation, or web surfing, is the common practice of following such hyperlinks across multiple websites. Web applications...
performed in web development. For example, many web frameworks provide libraries for database access, templating frameworks, and session management, and they...
removal, and querying of file information. Namespace management deals with the ability to copy and move web pages within a server's namespace. Collections deal...
and a Webaccessmanagement tool to manage access to on-premise applications, but require Identity-as-a-Service (IDaaS) solutions to manage access for cloud...
content management product called WebCenter Content (formerly known as Universal Content Management). Links – Provides the ability to view, access, and associate...
for individuals or organizations to access or use applications such as email and the World Wide Web. Internet access is offered for sale by an international...
(IaaS) and platform as a service (PaaS). SaaS apps are typically accessed by users of a web browser (a thin client). SaaS became a common delivery model for...
user's computer or other device by the user's web browser. Cookies are placed on the device used to access a website, and more than one cookie may be placed...
Customer (or consumer) identity and accessmanagement (CIAM) is a subset of the larger concept of identity accessmanagement (IAM) that focuses on managing...
A web page (or webpage) is a document on the Web that is accessed in a web browser. A website typically consists of many web pages linked together under...
Microsoft Access is a database management system (DBMS) from Microsoft that combines the relational Access Database Engine (ACE) with a graphical user...
used to access and manage a user's email. A web application which provides message management, composition, and reception functions may act as a web email...
Videoconferencing Management Centre. The first Access Grid (AG) node was built at the University of Manchester in 2001, with Jisc-funded support from the Access Grid...
A web application (or web app) is application software that is accessed using a web browser. Web applications are delivered on the World Wide Web to users...
for applications like forums and content management. Web hosting packages often include a web content management system, so the end-user does not have to...
content management systems (CMS) to make content changes easier and available with basic technical skills. For larger organizations and businesses, Web development...
can access websites on a range of devices, including desktops, laptops, tablets, and smartphones. The app used on these devices is called a web browser...
and response objects, and performs other servlet-management tasks. A web container implements the web component contract of the Jakarta EE architecture...
A web browser is an application for accessing websites. When a user requests a web page from a particular website, the browser retrieves its files from...
information security, access control (AC) is the selective restriction of access to a place or other resource, while accessmanagement describes the process...
wiki engines. A wiki engine, being a form of a content management system, differs from other web-based systems such as blog software or static site generators...
controlling access, nurturing the subscriber community, collecting and analyzing usage statistics, and reporting on performance. API Management components...