Being able to verify the identity of an unregistered user and to determine the unregistered user's permissions to access restricted resources are technical problems that exist when providing restricted resource-access to the unregistered user (e.g., a non-subscriber) on a registered subscriber's network of which the unregistered user is affiliated. For example, a university or other enterprise may be both a subscriber of a particular resource provider that is a provider of restricted resources (e.g., media content) and a subscriber of a particular authorized resource distributor of the provider's restricted resources. Further, a plurality of users who are affiliated with the enterprise may be permitted to access the restricted resource content based on the users' affiliation with the enterprise; however, the affiliated users may not be established as registered users with the restricted resource provider.
The restricted resource provider, in its role as a content provider, controls access to its restricted resources and therefore, will want to authenticate the user and authorize the user's access; however, since the user is not a registered user or subscriber of the restricted resource provider nor of the distributor of the restricted resources (which can be a single entity), the restricted resource provider is not able to verify the user's identity nor enforce any access restrictions that the user's access may be contingent upon (e.g., access restrictions that the enterprise with which the user is affiliated may want to enforce based on various policies associated with providing or brokering the access to the restricted resources that the enterprise is permitted based on its subscription with the restricted resource provider and distributor).
While current authentication and authorization processes enable the restricted resource provider to verify identities of its registered users and to determine the registered users' permissions to access the restricted resources that it offers, current authentication and authorization processes do not provide for authenticating and authorizing a subscriber-affiliated user's access to restricted resources when the user is not a registered subscriber of the restricted resource provider. Current authentication and authorization processes may enable the restricted resource provider to verify the identity of the user with another entity (the enterprise) if the user shares his/her credentials with the restricted resource provider; however, sharing the credentials is a security threat that the user, the entity, nor the resource provider may be willing to risk.
With the continually emerging threat of unauthorized access, hacking, and/or other fraudulent use or access of provider services and resources, a technical solution is needed to enable authentication and authorization of an unregistered user based on the user's affiliation with a subscriber.