IBM Tivoli Access Manager

IBM Tivoli Access Manager (TAM) is an authentication and authorization solution for corporate web services, operating systems, and existing applications.^[1]^[2]^[3] Tivoli Access Manager runs on various operating system platforms such as Unix (AIX, Solaris, HP-UX), Linux, and Windows. It has been renamed as IBM Security Access Manager (ISAM), in line with the renaming of other Tivoli products, such as TIM turned ISIM.

This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these messages)

This article may rely excessively on sources too closely associated with the subject, potentially preventing the article from being verifiable and neutral. (March 2024)

This article needs additional citations for verification. (February 2008)

In 2002, IBM acquired Access360 software, which it planned to integrate into Tivoli Access Manager.^[4] In 2009, IBM and Fujitsu announced a partnership to integrate Fujitsu's biometric authentication technology into TAM.^[5] Comparable products from other vendors include Oracle Access Manager, CA SiteMinder, NetIQ Access Manager and SAP NetWeaver Single Sign-On.^[6]

Core components

TAM has two core components, which are the foundation upon which its other features are implemented:

A user registry.^[7]
An authorization service consisting of an authorization database and an authorization engine that performs the decision-making action on the request.^[8]

Another related component is the resource manager, which is responsible for applying security policy to resources. The policy enforcer component directs the request to the authorization service for evaluation.^[9] Based on the authorization service result (approval or denial) the resource manager allows or denies access to the protected resources. Access Manager authorization decisions are based upon the Privilege Attribute Certificate (PAC), which is created for each user authenticated in an Access Manager environment, regardless of the authentication mechanism used.

Remove ads

Tivoli Access Manager Family

Tivoli Access Manager is not a single product but rather a family of products that use the same core authorization and authentication engine:

IBM Tivoli Access Manager for e-business (TAMeb)
IBM Tivoli Access Manager for Operating Systems (TAMOS) - controls access to operating system resources
IBM Tivoli Access Manager for Enterprise Single Sign-On (TAMESSO)

IBM Tivoli Access Manager

Core components

Tivoli Access Manager Family

References

See also

Wikiwand - on