Friday, 20 June 2014

Basics of Access Management for IT Web Infrastructure

Basics of Access Management for IT Web Infrastructure

Access management, or web access management, is a part of identity management that defines access to resources on the web, using techniques like authentication and authorization to determine a user's identity. It makes access to resources and information easier by providing a one-time sign in, and defining different roles to different users depending upon the extent of access they have been provided. In larger websites, a single sign-in after proper authentication and authorization allows users to access other parts and resources of the website as well. Usually, the SAML protocol is used to interchange secure information between the servers.                

In most cases, like in emails or social networking websites, it is done by asking for a username and password but in more secure environments, like internet banking, access tokens are provided to generate a one-time password. In a networking environment access management becomes imperative, given the security and privacy concerns. Social media websites make heavy use of access management, by determining what part of a user's profile has to be displayed to which section of the user's network.

How Is It Implemented?
Access management is a type of identity management, which in turn falls under the umbrella of IT security, and therefore it uses the fundamentals and concept of identity management. The sign-in is a two-step process, which includes:
  • Authentication: This proves the genuineness of the user's identity, and
  • Authorization: This determines the extent of access to be given to the user.
After this process is complete, further services may be implemented and provided by the IT staff, like:
  • Auditing: This enables a log creation that records the log in details and history of a user, the attempts of a user to gain access to the resources, and any successful/unsuccessful attempts to perform administrative functions.
  • Reporting: This gives a report of all the access-related activities to the IT staff and the user (optional).

How Does It Work?
Access management works in two ways, depending upon its architecture. The two types of architecture are:
  • Plug-in (also known as web agent)
  • Proxy
Plugins are different programs installed on a particular server and are implemented each time a request is made for a particular webpage. This type of architecture is customizable according to the exact needs of a web server. The major drawback of this type of architecture is that a different plugin is required for each type and version of a server for different platforms. Proxy servers, on the other hand, route all the requests to the back-end application server through a proxy server.

How Does It Help?
Many a time, it could be hassle for users to provide their login details and extensively authenticate their credentials on multiple websites during the course of a day. Access management software helps them store their credentials securely, thereby providing them with a cookie, which is a temporary token, for authorization to all the protected resources with a single sign-in. This not only saves a lot of time and effort for the users but also streamlines the entire process for the IT staff.

Is It Costly?
The purchase price may be significant, but after that the maintenance price is negligible as compared to the purchasing price. Many a time, high-end hardware is needed to effectively execute access management software, because the response time needs to be quick or else the website risks losing visitors the next time. Hidden costs include centralized administration and regulatory compliance. It needs to comply with major audit requirements in order to provide firewall-like security.

Author: Arun Mehta
Source: Link


  1. Very informative. I already recommend this Facebook group to gain future knowledge on ITIL:

  2. For ITIL latest and updated certification dumps contact us at Refer our blog for more details