It is increasingly common for transactions and services to be provided by electronic means. The conduct of such business to business and business to consumer transactions and the delivery of services is often facilitated by a user connecting to a host or server on the World Wide Web. In providing transactions and services to the user or client, the host may need to marshal resources, including applications and data, hosted at related servers or on third party servers. For example, an on-line store may offer a user the opportunity to browse and purchase products offered by multiple vendors. The store may need to display products and prices derived from such vendors' servers, process a purchase or sale transaction, and provide for payment and shipping. In accessing such resources, a connection is typically established with, or request made to, the server hosting the requested resource. Where the resource is partially or fully secure, it may be available only following log-on by the user and the establishment of a secure session with the server where the secure application or data resides. The log-on may provide authentication of the user and verification of the authorization of the user to access the requested resource. Log-on may be effected by supplying a user name and password which matches a user name and password previously established with the server hosting the resource, and sometimes additionally by the successful completion of a challenge query and a proper response sequence.
The requirement of sign-in, authentication, and authorization in order to obtain secure content may interrupt the perceived continuity of the session established between the user and the host. The user may be requested to engage in the authentication and authorization process multiple times, such as by logging-on, with the host and third party servers, in order to access applications and data. Each log-on may include a different user name or identification and password. The interruption of the session with the host, and the possible need to retain multiple user names and passwords, detracts from the user experience. Moreover, the session with one server may expire or time-out, thereby requiring the user to log-on again.
Methods exist to avoid multiple authentication and authorization steps by the user, while merging the functionality and resources of more than one site. Some such methods are referred to as “single sign-on” or SSO. Such methods generally include the use of a central authentication service which stores user identities and authorizations for various servers. The user typically logs-on once with the service, and may then access the applications and data for which authorization has been supplied by the service. The service may host the user session by providing a single log-on and negotiating for access to secure data with other web servers participating in the service. This solution to multiple user log-on is often complicated and expensive to deploy and maintain.
An example of single-sign-in methodology is Microsoft Corporation's Passport® single sign-in protocol, which provides users a means to sign-in to participating merchant web sites by signing-in and being authenticated only once to a common server. The Passport® protocol relies upon encrypted cookies set by the Passport® server. When a user begins a session with a merchant web site, the merchant web site re-directs the user to a Passport® server. The user logs-on with the Passport® server, and the Passport® server returns encrypted authentication information which is set as a cookie with the user system. Such authentication information can only be decrypted by the merchant web site. When the user returns to the merchant web site, the encrypted cookie is also returned to the merchant web site. The cookie is decrypted at the merchant web site and the user is verified as authenticated. The Passport® server also sets a cookie by which it can recognize the user as logged-in. Thus, if the user visits a second merchant web site, on re-direct to the Passport® server the Passport® server recognizes the user as already logged-in, and does not require another log-on, but returns authentication information that can only be decrypted by the second merchant web site, and redirects the user to that web site.
Current approaches to multiple authentication and authorization may include the sharing of confidential information about the user with the third party authentication service, and the necessity of updating such information on both the server owning the information and the third party server providing the authentication service. The placement of proprietary databases containing user information with a third party server also increases security risks.
Accordingly, a need exists for a less complicated and more cost effective way to address the requirement of sign-in, authentication, and authorization for multiple servers.