Our solution provides value to you from three points of view:

• Administrator who manages security, ideally according to a well-defined policy
• End users who are the customers, employees, partners, or others, participating in a secure e-business transaction tailored to them
• Web application developers who are under pressure to deliver more useful function to address users' needs, while ensuring that their applications address security

Administrators

Using a centralized unified web-based administrative tool means administrators no longer need to manage accounts on the hundreds of Web servers and applications used in a large, modern Web-driven enterprise. IBM Tivoli Access Manager (TAM) for e-Business provides:

• A web-based interface to manage security policy
• Management and administration of users, groups, permissions, and policies
• A rich set of delegated management services that enables you to delegate user administration, group and role administration, security administration, and application access provisioning to the appropriate business unit personnel
• Centralized view of user privileges making it easier to examine and modify a user's total privileges in the web space

TAM for e-Business is a complete web authorization solution and includes registry technology in the form of the IBM Tivoli Directory Server. DB2 backs the directory, making scalability and performance available without administrators learning DB2 in depth. Because it is backed by DB2, the IBM Tivoli Directory Server is scalable to tens of millions of entries. If you prefer to use directory technology you already have implemented, Tivoli Access Manager also supports third party directories as its user registry.

End Users

TAM for e-Business includes support to help large numbers of users participate in convenient, available, and personalized transactions. With authentication and access-control services for e-business and enterprise applications and resources, you can help secure customer, supplier, employee, and partner connectivity across:

• Web servers
• J2EE-based application servers
• Industry-leading Web applications

TAM for e-Business accommodates a broad range of possible user-authentication mechanisms, including user IDs and passwords, client-side certificates RSA SecurID tokens, and mobile and wireless identities.

It supports:

• E-business configurations common to many of today's enterprises, involving subsets of users requiring their transactions to be conducted in different languages
• Supports the Wireless Application Protocol and i-mode protocol

If you have unique authentication requirements, you can use C shared libraries or the external authentication interface provided with TAM for e-Business to address your needs.

TAM for e-Business helps you deliver a consistent and more secure user experience by having end users employ a single identity to log in once for access to resources according to authorization rules, regardless of the server on which the resources rest. With support for web single sign-on (SSO) and secure session management across e-communities, Tivoli Access Manager helps securely extend your business processes to partners and business affiliates.

Web Application Developers

The modular architecture of TAM for e-Business allows the separation of security code from application code. This can translate to an improved time-to-market for your e-business initiatives, because:

• Typically, you can change the security code without affecting application code and vice versa. 
• This separation also accommodates “defense in depth” designs that involve enforcing security in a subnetwork, such as a demilitarized zone.
  

TAM for e-Business can help lower your cost of building security into new applications by reducing the need to write complex security code. It integrates with web application servers that support Java 2 or JAAS, without requiring non-standard tasks, such as extra precompiles. Your Java developers simply use familiar Java constructs and calls; there’s no need to learn anything new to take advantage of Tivoli Access Manager’s security services.

IBM Tivoli Access Manager also has focused J2EE-based support for securing WebSphere® Application Server and BEA WebLogic Server. To keep the programming model simple, the centralized authentication and authorization services of TAM for e-Business can be provided to:

• servlets
• JSPs
• Enterprise JavaBeans

Tivoli Access Manager support for Java programmatic security (with security calls right in the application) and Java declarative security (with security handled by containers) can enhance portability and help reduce time-to-market.