Organizations need proven and efficient ways to successfully implement secure, web-based access to data and systems. Web Access Management (WAM) is a software solution that integrates with your web servers to secure access to your custom and commercial web applications. Integrate common commercial web applications. WAM solutions provided enterprises much needed control to ensure that the appropriate users had access to the right web-based applications. However, with the rise of APIs, mobile and cloud-based applications, WAM solutions are becoming less able to handle modern enterprise business demands.
Basic Overview of Web Access Management
Web access management (WAM) offers integrated identity and access management for Web-based applications. Initial implementations focused on external user access. However, the growing use of portals for employee access is also driving demand for WAM solutions. Most products offer self-service password reset, delegated administration (including user self-service), a role-based access control model, workflow and automated fulfillment of the access request.
Web access management (WAM) is a form of access management that authorizes users for web applications. Web Access Management (WAM) systems are the key to enabling business over the Web while limiting security risks. A WAM system protects and controls access to web applications, records user and administrator activities, and is responsible for creating a seamless single sign-on experience for users.
Web access management normally determines a user’s identity by asking for a username and a password, a combination unique to each user. Other access methods may utilize access tokens as a one-time password generation facility or digital certificates.
A user or a process may request access to a Web resource, and once identity has been confirmed, policy-based authorization is applied to the identified user. The system looks up the user authorization level and compares it to the policy of the requested resource and then grants or denies access depending on the authorization of the user and the policy of the resource. Policies are simply rules on who is able to access a certain resource; for example, only administrators, certain users, or the general user base.
Identity and access management solutions seek to provide contextual access to the right users at the right time, but also to protect corporate resources. Given figure shows a typical architecture:
Figure: Typical Identity and Access Management Architecture
When a user initially attempts to access a web application, that request is intercepted by a software agent that is deployed on a proxy server. These agents serve as policy enforcement points (PEPs) to protect and enable access to applications. For high availability, each application requires pair of agents that are load-balanced. If web access management is required for hundreds or thousands of applications, it can be very costly to implement and maintain. This architecture does not scale easily.
Modern Access Management
The WAM approach encounters limitations when you don’t have the same control over remote cloud-based apps, mobile apps or APIs. Modern access management solutions control access to all these different apps and APIs by supporting agent-based and proxy-based deployment models. A proxy-based model alleviates the need for installing agents on each server, and instead routes all access requests through a centralized server that leverages standard communication protocols like HTTP or HTTPS. This option provides additional flexibility for situations specific to an enterprise’s current and future needs.
Modern access management also support and integrate with other complementary identity and access management (IAM) capabilities. As identity-driven security grows in importance, modern access management solutions integrate seamlessly with advanced multi-factor authentication (MFA) and single sign-on (SSO) solutions. Today’s modern access management solution provides authorization for a user to access a wide range of on-premises and cloud-based apps and services, while MFA and SSO provide secure authentication to ensure users are who they say they are. Modern solutions are also becoming increasingly intelligent and can use a variety of criteria to determine whether or not to grant access to a user.
Web access management enables organizations to carefully manage access rights to web-based resources on intranets, extranets, and portals and exchange infrastructures. With growing numbers of internal and external users, and more and more enterprise resources being made available online, it is critical to ensure that qualified users can access only those resources to which they are entitled. Web access management does just that: it offers business rule-based access management that is easy to deploy and monitor for compliance.
 “What Is Web Access Management (WAM)?” available online at: https://www.pingidentity.com/en/company/blog/2017/08/16/what_is_web_access_management_wam.html
 Ron Carovano, “Web Access Management, Application and Database Security for Today’s Enterprise”, available online at: http://www.dbta.com/Editorial/Trends-and-Applications/Web-Access-Management-Application-and-Database-Security-for-Todays-Enterprise-86894.aspx
 “Web Access Management (WAM)” available online at: https://www.techopedia.com/definition/23946/web-access-management-wam
 “Web Access Management”, available online at: http://www.provision.ro/access-management/web-access-management#pagei-1|pagep-1|
 “Web Access Management (WAM)”, available online at: https://www.gartner.com/it-glossary/wam-web-access-management