A method and a system for delivery of protected software applications to remote systems from a central service facility wherein delivery is managed on the basis of the community membership of the remote system user. Business rules are utilized to determine whether a particular authenticated user seeking access to a protected software application from a particular remote site should be authorized. A multiplicity of web servers are programmed to allow selective access to one or more resident software applications by remote system users via a network. Access is managed by a central policy server based on user and system information and community definitions stored in a database. The policy server communicates with each web server via an agency module incorporated in the web server. The agency module intercepts requests for access from remote system users and then interfaces with the policy server. If the remote system user has input an authentic identification code, the policy server then applies the business rules to determine whether the requesting remote system user is authorized to access the protected software being requested.