1. Field of the Invention
The invention relates generally to data processing systems. Specifically, the invention provides a method, system and computer program product for a secure middleware sign-on.
2. Description of the Related Art
The Internet, also referred to as an “internetwork,” is a set of computer networks, possibly dissimilar, joined together by means of gateways that handle data transfer and the conversion of messages from the sending network to the protocols used by the receiving network (with packets if necessary). When capitalized, the term “Internet” refers to the collection of networks and gateways that use the TCP/IP suite of protocols.
The Internet has become a cultural fixture as a source of both information and entertainment. Many businesses are creating Internet sites as an integral part of their marketing efforts, informing consumers of the products or services offered by the business or providing other information seeking to engender brand loyalty. Many federal, state, and local government agencies are also employing Internet sites for informational purposes, particularly agencies that must interact with virtually all segments of society, such as the Internal Revenue Service and secretaries of state. Providing informational guides and/or searchable databases of online public records may reduce operating costs. Further, the Internet is becoming increasingly popular as a medium for commercial transactions.
Currently, the most commonly employed method of transferring data over the Internet is to employ the World Wide Web environment, also called simply “the Web.” Other Internet resources exist for transferring information, such as File Transfer Protocol (FTP) and Gopher, but have not achieved the popularity of the Web. In the Web environment, servers and clients effect data transactions using the Hypertext Transfer Protocol (HTTP), a known protocol for handling the transfer of various data files. Examples of data files include text, still graphic images, audio, and motion video. The information in various data files is formatted for presentation to a user by a standard page description language, the Hypertext Markup Language (HTML).
In addition to basic presentation formatting, HTML allows developers to specify “links” to other Web resources identified by a Uniform Resource Locator (URL). A URL is a special syntax identifier defining a communications path to specific information. Each logical block of information accessible to a client, called a “page” or a “Web page,” is identified by a URL. The URL provides a universal, consistent method for finding and accessing this information, not necessarily for the user, but mostly for the user's Web “browser.” A browser is a program capable of submitting a request for information identified by an identifier, such as, for example, a URL. A user may enter a domain name through a graphical user interface (GUI) for the browser to access a source of content. The domain name is automatically converted to the Internet Protocol (IP) address by a domain name system (DNS), which is a service that translates the symbolic name entered by the user into an IP address by looking up the domain name in a database.
The Internet has revolutionized communications and commerce, as well as being a source of both information and entertainment. For many users, email is a widely used format to communicate over the Internet. Additionally, the Internet is also used for real-time voice conversations.
The Internet also is widely used to transfer applications to users of Web browsers. With respect to commerce on the Web, individual consumers and businesses use the Web to purchase various goods and services. In offering goods and services, some companies offer goods and services solely on the Web, while others use the Web to extend their reach.
Many Internet users are becoming disenchanted with the Internet because of security issues involving viruses and spyware. Some spyware programs can capture keystrokes and then send the captured data to the virus creator. This captured information serves as an aid in stealing the identity of the innocent Internet user, who uses the Internet for electronic commerce. Identity theft is a major problem. Computer hacking for the purpose of identity theft is considered an honorable profession in certain parts of the world where industry and scruples are scarce but intellect and the will to survive are abundant.
Providing security for Web access and Web transactions is a big industry. Some examples of current methods of providing security are using certificates of authenticity, the Common Criteria Certification (CCC) standard, Secure Sockets Layer (SSL) encryption, other types of encryption, and other forms of identity checking and protection, such as biometric sign-on. However, none of these security means provides a complete protection against viruses and spyware.