Increasing the affairs of individuals and enterprises are being conducted in an automated manner over the Internet. Enterprises now engage in selling their products and services over the Internet; individuals also engage in communicating with one another over the Internet; employees may also engage in accessing secure resources of their employers over the Internet, etc.
One ever present and daunting issue with this activity is Internet security. Some transactions may be innocuous and may not require any substantial security. However, a growing number of transactions do involve sensitive material associated with enterprises and individuals, such as corporate secrets, personal data, etc. A variety of security mechanisms exist to address this issue.
For example, some enterprises may install dedicated connections for secure communications between parties. Yet, this approach is less pervasive with the advent of Virtual Private Network (VPN) techniques. A VPN permits an insecure connection to be used to achieve secure communications between parties engaged in a transaction.
VPN transactions use authentication and encryption techniques to ensure communications are secure. Yet, in some situations the authenticating mechanism may not reside within the environment of the parties actually engaged in the VPN transactions. In fact, this is increasingly becoming the case as more and more security services are provided by third-party vendors. In such a situation, it becomes difficult to identify the proper VPN sessions between the parties. Thus, to address this issue a party's credentials may have to be regularly acquired from that party to keep a VPN session properly alive. This is not user friendly, is annoying to the user, and is inefficient. However, the perceived alternative is a breach in security or a loss of VPN connectivity; therefore, this remains the typical situation.
Consequently, there is a need for improved single sign-on capabilities with secure communications, such as VPN communications.