Security Access Manager overview

Security Access Manager is an authentication and authorization solution for corporate web, client/server, and existing applications. Use Security Access Manager to control user access to protected information and resources. By providing a centralized, flexible, and scalable access control solution, Security Access Manager builds secure and easy-to-manage network-based applications and infrastructure.

Security Access Manager supports authentication, authorization, data security, and resource management capabilities. You use Security Access Manager in conjunction with standard Internet-based applications to build highly secure and well-managed intranets.

Security Access Manager provides the following frameworks:

Authentication framework: The Security Access Manager authentication service uses a wide range of built-in authenticators and supports external authenticators.
Authorization framework: The authorization service, accessed through a standard authorization application programming interface (API), provides permit and deny decisions on access requests for native Security Access Manager servers and other applications.
The authorization service, together with resource managers, provides a standard authorization mechanism for business network systems.

Security Access Manager can be integrated into existing and emerging infrastructures to provide secure, centralized policy management capability.

The following resource managers are some of the existing resource managers:

IBM Security Access Manager for Web WebSEAL: Manages and protects web-based information and resources. WebSEAL is included with Security Access Manager.
IBM Security Access Manager for Web for Operating Systems: Provides a layer of authorization policy enforcement on Linux and UNIX operating systems in addition to that provided by the native operating system.

Existing applications can take advantage of the Security Access Manager authorization service and provide a common security policy for the entire enterprise.