1. Technical Field
The present invention relates generally to managing user personal information across a set of service provider sites.
2. Background of the Related Art
As more and more service transactions occur over the Internet, a large amount of end user personal identity information is exposed. Indeed, for each online service, an end user often has to fill out the same personal data, such as address, phone number, social security number and the like, to obtain access. As a result, this information is duplicated in multiple domains and presents increased security risks for the end-user's privacy. Moreover, account information often becomes outdated over time, e.g., if the end user moves, obtains a new credit card number, or only visits a service provider site infrequently. When account information is stale or incorrect, the end-user cannot manage that data effectively, and service providers often end up paying the cost of poor data integrity.
Identity management schemes and technologies are well-known in the prior art. One set of technologies called federated identity managements has a goal of alleviating digital identity management by enabling secured sharing of identity information across Internet domains. For example, IBM Tivoli Federated Identity Manager (TFIM) provides a cross-domain single sign-on (SSO) functionality that allows a user to log-in once at an identity provider; the identity provider then vouches for the user's identity with a set of trusted service providers, thereby allowing the user to access resources at partner web sites. These solutions, while quite effective for their intended purpose, are designed as middleware solutions that rely on and require business-to-business trust relationships.