As individuals continue using the Internet for connecting to a myriad of services and resources, a variety of confidential information and identity information about those individuals needs to be managed, synchronized, and securely distributed. In many instances, this information is concurrently and manually managed in environments local to the individuals, in local enterprise environments associated with the individuals, and in environments that are local to the services and resources.
Having the identity and confidential information housed and managed in a variety of environments presents a number of challenging problems. For example, individuals are not always properly authenticated into their enterprise environment, which means that access to some information may not be available to individuals who use different computing devices from time to time and who are not properly logged into their appropriate enterprise environments from time to time.
Additionally, management of the identity and confidential information usually occurs in multiple environments. That is, an individual maintains some information, the enterprise maintains other information, and the services or resources maintain still other information. In some cases, the same information is separately managed in duplicate. This creates synchronization problems for the individuals and for network administrators.
Furthermore, the information, as it is being managed and manually maintained or utilized, becomes unduly exposed during network transmissions. This means that each time portions of the information are transmitted for purposes of authentication or for purposes of synchronization it can become compromised and intercepted. This results in a variety of security issues which must be established for network interactions that involve the transfer of the information.
Typically, security measures will entail establishing trust relationships utilizing public-private key pairs with encryption and the like. The encryption is used in secure communications for minimizing exposure to confidential information and identity information. However, mobile individuals may not have static key pairs with services and may often use a laptop to connect from a variety of Internet Service Providers (ISPs), such that the individuals do not have static Internet Protocol (IP) addresses which can uniquely and securely establish the needed trusted relationships between the individuals and other services or resources. Consequently, individuals are often limited in their use of or prohibited in their use of certain confidential and identity information in many contexts when adequate security measures are enforced in conventional manners.
Thus, even the most elaborate conventional techniques that attempt to automate and synchronize an individual's confidential information and identity information still falls short of providing a consistent level of sustainable service, because in many cases the user is unable to effectively access some of his/her needed information.
Thus, there is a need for establishing and managing a distributed credential store, where that credential store can be securely accessed, better managed, and consumed in order to provide an improved level of consistent service.