Increasingly enterprises and users are conducting their business transactions and their affairs over the Internet. Any given transaction may require multiple parties to successfully complete and may also entail accessing or creating confidential or private data for one or more of the parties involved in the transaction. For example, a user (first party) may purchase a good or service from an enterprise (second party) over the Internet using a World-Wide Web (WWW) browser by supplying the user's credit card number (confidential information acquired from a third party namely the bank of the credit card) to consummate the transaction.
So, when a user is interacting with one secure party, such as a vendor, the same user may desire or need access to another secure party, such as a bank, because the bank can assist the user in completing a pending transaction with the vendor. Often, unless the bank is preconfigured to interact and available to the vendor before the transaction is commenced with the user, the transaction will fail or the attempt to enlist the services of the bank will fail. This is so, because the user may maintain separate accounts with the vendor and with the bank and neither the vendor or the bank are designed to interact with one another, even if each are designed to securely and independently interact with the user. Consequently, the user may be forced to abort the transaction with the vendor in question or the user may be forced to attempt to sign up for another service, which is compatible with the vendor for purposes of completing the pending transaction.
Moreover, even assuming, in the present example, that the bank and vendor are able to interact with one another for purposes of completing the transaction of the user, the user will still likely be forced to separately authenticate to both the bank and also the vendor before the transaction can complete, even though the user may already be authenticated to the vendor for purposes of completing any pending transaction with the vendor.
To compound the incompatibility and inconvenience issues, a user may have to maintain, manage, and recall a variety of identifiers and passwords associated with a variety of Internet services for any given transaction even when each of the services involved in any given transaction may actually securely communicate with one another independent of the user and may actually also securely interact with the user.
Therefore, there is a need for techniques that permit a user to achieve single sign on for any given network transaction, where that transaction includes the proxing of services.