IBM Tivoli Access Manager
Encyclopedia
IBM Tivoli Access Manager (TAM) is an authentication
and authorization
solution for corporate web services, operating systems, and existing applications. Tivoli Access Manager runs on various operating system
platforms such as Unix
(AIX, Solaris
, HP-UX
), Linux
, and Microsoft Windows
.
A user registry and an authorization service are the fundamental building blocks upon which Access Manager provides its security service capabilities. All other Access Manager services and components are built upon this base foundation.
Another component that is very close to the base components is called a resource manager. It is responsible for applying security policy to resources. The policy enforcer component directs the request to the authorization service for evaluation. Based on the authorization service result (approval or denial) the resource manager allows or denies access to the protected resources. Access Manager authorization decisions are based upon the Privilege Attribute Certificate (PAC), which is created for each user authenticated in an Access Manager environment, regardless of the authentication mechanism used.
Authentication
Authentication is the act of confirming the truth of an attribute of a datum or entity...
and authorization
Authorization
Authorization is the function of specifying access rights to resources, which is related to information security and computer security in general and to access control in particular. More formally, "to authorize" is to define access policy...
solution for corporate web services, operating systems, and existing applications. Tivoli Access Manager runs on various operating system
Operating system
An operating system is a set of programs that manage computer hardware resources and provide common services for application software. The operating system is the most important type of system software in a computer system...
platforms such as Unix
Unix
Unix is a multitasking, multi-user computer operating system originally developed in 1969 by a group of AT&T employees at Bell Labs, including Ken Thompson, Dennis Ritchie, Brian Kernighan, Douglas McIlroy, and Joe Ossanna...
(AIX, Solaris
Solaris Operating System
Solaris is a Unix operating system originally developed by Sun Microsystems. It superseded their earlier SunOS in 1993. Oracle Solaris, as it is now known, has been owned by Oracle Corporation since Oracle's acquisition of Sun in January 2010....
, HP-UX
HP-UX
HP-UX is Hewlett-Packard's proprietary implementation of the Unix operating system, based on UNIX System V and first released in 1984...
), Linux
Linux
Linux is a Unix-like computer operating system assembled under the model of free and open source software development and distribution. The defining component of any Linux system is the Linux kernel, an operating system kernel first released October 5, 1991 by Linus Torvalds...
, and Microsoft Windows
Microsoft Windows
Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal...
.
Core Components
Tivoli Access Manager (TAM) has two core components:- A user registry.
- An authorization service consisting of an authorization database and an authorization engine that performs the decision-making action on the request.
A user registry and an authorization service are the fundamental building blocks upon which Access Manager provides its security service capabilities. All other Access Manager services and components are built upon this base foundation.
Another component that is very close to the base components is called a resource manager. It is responsible for applying security policy to resources. The policy enforcer component directs the request to the authorization service for evaluation. Based on the authorization service result (approval or denial) the resource manager allows or denies access to the protected resources. Access Manager authorization decisions are based upon the Privilege Attribute Certificate (PAC), which is created for each user authenticated in an Access Manager environment, regardless of the authentication mechanism used.
Tivoli Access Manager Family
Tivoli Access Manager is not a single product but rather a family of products that use the same core authorization and authentication engine:- IBM Tivoli Access Manager for e-business (TAMeb)
- IBM Tivoli Access Manager for Operating Systems (TAMOS) - controls access to operating system resources
- IBM Tivoli Access Manager for Enterprise Single Sign-On (TAMESSO)
Tivoli Access Manager for e-business
Tivoli Access Manager for e-business provides robust, policy-based security to a corporate Web environment. TAMeb provides authentication of users, control of access privileges, auditing, single sign-on, high availability, and logging.See also
- IBM Tivoli Access Manager for e-business product home
- IBM Tivoli Access Manager for Operating Systems product home
- IBM Tivoli Identity ManagerIBM Tivoli Identity ManagerIBM Tivoli Identity Manager, also known as TIM, is an identity lifecycle management product from IBM.TIM provides centralized identity lifecycle management...