In today's increasingly security conscious world, data is generally encoded using a variety of techniques to prevent unauthorized access to the underlying information. While encoding of data does improve security, the ability to securely share the information with another entity becomes more difficult as both the mechanism and encoding secret(s) must also be shared with each entity requiring access to the encoded data.
One approach is provided by Microsoft® Inc., in Windows® XP which allows an entity to specify at the file level, which registered entities may access the encoded information as part of operating system's encrypting file system. While effective for sharing large amounts of data with one or more entities in a one-to-many relationship, the mechanism does not support multiple entities sharing a common workspace who wish to selectively encode discrete files in a many-to-many relationship. That is, to allow multiple levels of encryption within the common workspace.
In addition, the Microsoft solution is limited to file sharing alone and does not address other circumstances which may require sharing of digital credentials. For example, network administrators frequently need to assist users or other entities in accessing selected services or networks where multiple credentials associated with the user or entity are implemented to access the various services or networks. In many cases, full disclosure of a user's credentials is unnecessary as only the problematic credentials need be made available to the network administrator.
Furthermore, the disclosure of even a partial portion of a user or entity's credentials is undesirable from a security perspective. As such, there is a need for a secure and selective credential sharing arrangement which is transparent and revocable by the sharing entity or user.