Network users frequently have to submit multiple passwords for the various services they use, such as email, web browsing and intranets, and servers on the network. Maintaining multiple passwords, and constantly being prompted to enter these passwords, is a hassle for users and administrators. Single sign-on is a configuration which allows administrators to create a single password store so that users can log in once, using a single password, and be authenticated against all network resources. For example, a system supporting single sign-on may be used for several resources, including logging into workstations and unlocking screen savers, accessing encrypted web pages using Mozilla Firefox, and sending encrypted email using Mozilla Thunderbird. Single sign-on is both a convenience to users and another layer of security for the server and the network. Single sign-on hinges on secure and effective authentication. The authentication may be managed by a public key infrastructure (PKI), such as implemented by a certificate system.
One of the cornerstones of establishing a secure network environment is making sure that access is restricted to people who have the right to access the network. This access is allowed when the user can authenticate to the system, meaning the user can verify his identity. One method of verifying an identity is presenting a digital signature or a digital certificate. A digital signature is a mathematical representation of a message, using public key cryptography, which identifies the originator of the message, in a non-forgeable manner. Public key cryptography requires the use of two mathematically related keys—a public key and a private key (collectively referred to as a key pair). The private key is kept private by a single owner, and is not distributed to anyone else. The owner uses his or her private key, in conjunction with cryptographic algorithms, to digitally sign a message. The public key is made public, and can be used by anyone to verify the digital signature on a message. The fact that these two keys are mathematically related ensures that only a single private key can generate a digital signature that is verifiable by the corresponding public key, making the digital signature unforgeable. A digital certificate, commonly referred to as a certificate, is an electronic document used to identify an individual, a server, a company, or another type of entity and to associate that identity with a public key. The digital certificate binds a public/private key pair to an owner, in a reliable fashion. The digital certificate binds a person's identity to his or her public key, and consequently to his or her private key, and is used to verify digital signatures. Digital certificates and digital signatures then provide the foundation for secure transactions over a network, such as the Internet.
These certificates can be stored on tokens, also referred to as smart card tokens, smart cards, security tokens, hardware tokens, USB tokens, cryptographic tokens, key fobs, or the like The token may be a physical device that an authorized user of computer services is given to ease authentication. Tokens can store a certificate that is used for authenticating the identity of the owner. For example, when a user inserts a smart card into a system, the smart card presents the certificates to the system and identifies the user so the user can be authenticated over the network.
Typically, data associated with these tokens are managed in a database. There are circumstances where an organization may have multiple groups and desire to manage access to the token data for the respective groups. However, conventional systems that store all token data for the multiple groups within a single database fail to provide any mechanism to control access to the token data according to groups. For example, the organization may assign one user to be an administrator of the first token group and another user to be an administrator of the second token group, the first and second groups being stored in the same database. Since the token data associated with these tokens are stored in the same database, both administrators incidentally will be given access to view and modify token data corresponding to the other group, and there is no mechanism to prevent the administrator of one group from accessing the token data of the other group. Thus, existing certificate systems fail to provide an adequate mechanism to control access to the token data within the respective groups.