A security and access management system provides unified access management to address the specific problems facing the deployment of security for the Web and non-Web environment. Unified access management consists of strategic approaches to unify all key aspects of Web and non-Web security policies, including access control, authorization, authentication, auditing, data privacy, administration, and business rules. Unified access management also addresses technical scalability requirements needed to successfully deploy a reliable unified Web and non-Web security system. The security and access management system provides the technology required to support these key factors as they relate to Web and non-Web security. The security and access management system operates in combination with network and system security tools such as firewalls, network intrusion detection tools, and systems management tools to provide comprehensive security for the Web-enabled enterprise.