Web access management definition
Web access management (WAM) refers to a form of user identification and access management system that specifically deals with authenticating users and controlling their access to web resources. For example, in addition to a simple username and password combination, it can support multi-factor authentication, biometric scans, and single sign-on (SSO) as well as tracking the user’s session for auditing and compliance.
See also: access management, access control entry, identity and access management
How does web access management work
- User authentication. It first needs to verify the identity of users trying to access a web resource. The goal is to ensure that the user is who they say they are.
- Access control. Once a user is authenticated, it determines what they are allowed to do. For example, the system can check the user's access rights, which are typically defined in terms of roles or profiles.
- Single Sign-On. Often, it provides a single sign-on capability. So the user only needs to authenticate once, and they can then access multiple different web resources without having to log in to each one separately.
- Audit and compliance. It can often keep logs of user activities, such as their actions and access to resources. Companies can use this information for auditing purposes, investigating security incidents, or demonstrating its compliance with regulations.