Organizations are frequently establishing short-term or long-term electronic relationships (collaborations) with one another over the Internet using the World-Wide Web (WWW). These electronic relationships often entail providing electronic access to services of the organizations. However access needs to be provided using secure and easily managed techniques.
Correspondingly, electronic identifications and passwords are created for providing credentialing information to collaborating services. These credentials are used to authenticate users and applications accessing the collaborating services. Credentials can include user or application identifiers, passwords, digital signatures, digital certificates, and the like.
Conventionally, one problem for an organization that desires to electronically collaborate with services of another organization is that the organization may unwittingly expose internal credentials to the collaborating service. This occurs because the credentials provided to the desired service may and in many cases will be the credentials associated with an organization's internal systems or services. Thus, by sending these credentials to the collaborating service, a malicious user could potentially gain access to vital systems or services of the organization.
Another problem with individually providing credentials to each desired service for which an organization is collaborating, is that if many users of the organization are provided access to the service, then management of all the different and disparate credentials becomes a maintenance nightmare. Moreover, this problem is exponentially compounded when an organization collaborates with many external services associated with a plurality of organizations.
Collaborating in a secure manner can also occur within departments of a single organization, where the departments are electronically collaborating with one another. Thus, the secure collaboration problems discussed herein occur not just between organizations but also between departments of the same organization.
Therefore, there exists a need for improved techniques that more securely provide and manage credentials.