Most current enterprise security infrastructure is designed to discriminate users accessing resources in the same security domain (e.g. Active Directory Trust Domains). In this environment, symmetric key protocols, such as Kerberos, are used to communicate with a Key Distribution Center (KDC) to establish and verify credentials that are exchanged between clients and servers hosting protected information within the domain. Servers evaluate these credentials relative to access control lists associated with each protected resource to determine access. When the client and servers are located in distinct security domains, this model cannot function as a single KDC does not exist. Instead, a federated model must be used where points of trust are established in each domain to generate (and potentially verify) authoritative statements of identity for applications and users requesting access to resources in foreign security domains. This federated model, as described in more detail herein is supported and embraced by many public specifications including WS-Trust, WS-Federation, and Security Assertion Markup Language (SAML).
In view of the foregoing, there is a need for a system and method that overcomes the drawbacks of the prior art and enables systems to affect access control across security domains.