Reputation: 755
What are the differences between Web Access Management (WAM) and Identity Management(IdM)?
I'm researching about CA Single Sign-On software (formerly CA SiteMinder®) and came across with two new definitions to me:
- Web Access Management (WAM)
- Identity Management (IdM)
On Wikipedia state these definitions:
IdM: "In computing, identity management (IdM) describes the management of individual principals, their authentication, authorization, and privileges within or across system and enterprise boundaries with the goal of increasing security and productivity while decreasing cost, downtime and repetitive tasks."
WAM: "Web access management is a form of identity management that controls access to web resources, providing authentication management, policy-based authorizations, audit and reporting services (optional) and single sign-on convenience".
Despite of these two definitions seem to be clear, the more I read about them the more confused I am because I don't catch what tasks are exclusively of WAM and what of IdM. Where are boundaries? In what moment do they interact? Who is on charge of SSO? Both definitions talk about authorization and authentication and that confuses me.
I'm asking this because according to Liferay Wiki "Computer Associate’s (CA) SiteMinder is a centralized web access management system that enables user authentication and single sign-on, policy-based authorization, identity federation, and auditing of access to Web applications and portals."
If you reach "Architectural Use Cases: Simple Deployment" section (Implementation Guide -> Architectural Considerations) you'll see a diagram. If CA SiteMinder is a WAM: why does it do Authorization and Authentication? Do not are those tasks belong to an IdM? Is CA SSO also an Identity Access Manager? Then why does exist a product called CA Identity Manager?
Thanks.
PS: Feel free to correct any grammar or semantic mistake, I'm not English-Speaking ;-)
Upvotes: 0
Views: 2053
Answers (1)
Reputation: 48
Identity Management (IDM) is concerned with the identity. Think of it as your digital wallet, as it contains all the information about you. This information can be used by other applications and is used by the Access Manager to control security. IDM does not manage security directly.
Access Manager (AM) can be some type of proxy system. For example, I currently use Novell, which leverages a reverse-proxy configuration. Access Manager is responsible for security and controls access to one or more resources for that authenticated user. In addition, it can provide SSL, Secure VPN, single sign-on services, SAML, and Federated support.
You normally need both component to build a complete Access Management System for an organization.
Upvotes: 2
Related Questions
- What is the difference between IAM and Azure AD on the azure cloud?
- What's the difference between the Microsoft identity platform and ASP.NET Core Identity?
- What is the difference between ASP.NET Identity and IdentityServer?
- What does IdentityServer4 provide that I cannot get with Azure Active Directory alone?
- Difference between ISAM Federation and TFIM
- What is the difference between microsoft.identityModel and system.identityModel in .NET 4.5
- Identity management
- What's the difference between cimi and cim
- What is the difference between System.IdentityModel & Microsoft.IdentityModel which one should I use?
- Difference Between ApplicationPool Identity, Anonymious Identity, ProcessModel Identity, Impersonation Identity and Thread Identity