1. Field of the Invention
Embodiments of the present invention relate to the field of network communications. More particularly, embodiments of the present invention relate generally to the transferring of information through the use of artifacts.
2. Related Art
As enterprises begin deploying electronic business (e-business) applications and services, costs for managing existing information technology systems are escalating. This is primarily due to an environment where identity information and security policies are distributed across many applications and repositories under the control of a variety of internal and external groups.
For example, an enterprise with affiliate business and customer relationships could potentially have user populations that reach into the tens or hundreds of millions. Management of access to information controlled by a single enterprise by its users and affiliated business users is typically deployed without a common identity management infrastructure. As such security and access decisions are often made in an ad hoc manner by developers and system administrators. As a result, unsecured access to tightly controlled information may occur, as it is uncertain that the right people see the right content at the right time.
In particular, controlled authorization for viewing certain web sites containing enterprise information can be restricted to different sets of users based on the role of the user. When roles change, changes to privileges should be propagated across all systems both internal and external to the enterprise. For example, when an employee changes departments or quits, information about that user should be modified or deleted across all accounts immediately. However, the lack of a consistent process for modifying privileges in a timely manner can result in a failure to modify the employee's access privileges and can create major security risks.
Moreover, access to the various affiliated businesses of an enterprise or branches within an enterprise without implementing a common identity infrastructure can be at the very least time consuming. A user wishing to conduct transactions with two or more affiliated businesses or branches within the enterprise must identify and authenticate itself with each of the affiliated businesses or branches. Time spent in repeatedly authenticating to various affiliated businesses can be better spent more productively. In addition, users tend to choose simple or easy to guess passwords and apply the same to different accounts rather than remember several passwords for the different accounts. This also leads to a breach in security.
As a result, scattered identity data, duplication of identity infrastructure functions across multiple applications, and ad hoc security all contribute to operational insecurities and inefficiencies across an enterprise and its affiliated business partners. As an enterprise and its affiliated business partners bring new applications and services online, each entity often creates a separate identity infrastructure for its applications and services. This duplication of effort increases costs, delays time to market, and reduces revenue.