The convenience of performing many daily functions online has boosted the number of people using Internet. Today, Internet communication enables E-commerce, social networking, entertainment, etc. The self service functionality provided by Internet has not only benefited customers but also enterprises in cutting down expenses required for running operations requiring employment of various customer service personnel. The growth of enterprises into e-business networks is perhaps the most significant trend in the evolution of Internet commerce.
Some of large scale enterprises have achieved a very high level of coordination between their own information technology systems and those of their customers, suppliers and partners. In business-to-consumer environments, where end users communicate with a single enterprise that simultaneously presents products or services from multiple divisions and/or partners, access to shared resources should be secure and structured to meet the requirements of each entity in the relationship, while meeting end-users' needs at no additional end-user effort.
To enable a secure access, in most of architectures currently used in the industry, a customer has to identify and authenticate himself or herself independently by supplying a set of user credentials (e.g., a user identification and a password) applicable to each of the domains comprising a single enterprise. For example, the user may have a first set of credentials for accessing ABXZ.com; a second set of credentials for accessing ABXZ.net; and a third set of credentials for accessing ABXZWireless.com. These domains may belong to a single enterprise (multiple lines of business) or to multiple enterprises that have merged or signed up to trust and share their user credentials. For the sake of simplicity, in the rest of this document we assume the former case—a single enterprise with multiple lines of business.
With the increase in the number of Internet users and websites over the last two decades, online profile management has become a challenge for both the users and the businesses serving them. While the users are expected to remember distinct logins across distinct websites, the practical reality is that they often do not. In keeping with the previous example, the user may remember a set of credentials but may not know to which domains they belong. Therefore, the user may have to try the credential against an authentication server of each of the domains, until the user finds the domain corresponding to the credentials. This naturally creates a challenge for an enterprise in supporting their customers base. This structure can also make it difficult for an enterprise supporting multiple different domains each providing a different service to project themselves as a single entity.
There is need to address the foregoing challenges. In particular, there is a need to enable a customer to transition from one domain to another domain of an enterprise seamlessly with a user identification which the customer has registered with any of the domains of the enterprise and which does not include a character directly identifying a domain name. This approach give the customers freedom of choice—where all IDs are supported across all domains of the enterprise and the customer does not have to remember the matching domain for a particular set of credentials. This approach also enables the affiliated companies working separately under the same brand (e.g., ABXZ) to project themselves as a single entity. To illustrate, with this approach, a user who enters wireless log-in credentials in a ABXZ.com domain, will not be refused access and instead will be directed to the ABXZ Wireless.com domain.