Identity cannot be left out of many modern transactions. Whether someone wants to purchase items on the Internet, buy a house, or otherwise engage in commerce, providing identification is often part of the transaction. This may involve providing billing information, providing overall financial information, or simply proving eligibility to engage in a transaction.
On the Internet, identity is often held in silos. For example, a user may have identity information provided to a website such as eBay, and similar identity information provided to a website such as yahoo. However, exchanging identity information between yahoo and eBay may be impossible. For example, an eBay reputation rating may not be exportable for use in chat rooms available through yahoo, even though the user is the same. As a result, a user may be required to provide identifying information over and over again.
Some systems have attempted to avoid this problem. For example, digital wallets have been provided, which potentially could store passwords. Additionally, centralized systems have been implemented, in which a single administrative system provided access to a network of websites through a portal (and charged fees to do it). However, it may be useful to allow the user to log in somewhere, and then have the user's chosen site validate or authenticate the user's identity with other sites.
Identity Management systems are known to those skilled in the art, including those described in Canadian Patent 2,431,311, 2,468,351, 2,468,585, 2,493,897 and 2,494,225, and their corresponding U.S. and international counterparts, which are all incorporated herein in their entirety by reference.
It is, therefore, desirable to provide a framework for carrying out enhanced identity management functions in distributed and/or hierarchical identity management networks.