In the service-oriented network computing environment, a user running a client application such a browser on a host computer is typically authenticated by a web server prior to being allowed access to resources on the web server. Traditionally, the web server presents a web page on the browser of the host computer into which the user enters a user name and an associated password. Upon receiving the user name and associated password, the web server authenticates the user and returns a security context to the client application on the host computer. A security context is a data structure that contains information about authentication acts that are performed by subjects, attributes of subjects, and authorization decisions about whether subjects are allowed to access certain resources. A single security context might contain several different internal statements about authentication, authorization, and attributes. The client application on the host computer uses the security context to further access the resources on the web server.
Communication between the client application on the host computer and the web server is generally protected by network resources such as a proxy server. The proxy server ensures the integrity of the data transmitted over a secure channel in an encrypted form between the client application on the host computer and the web server. The security context sent to the client application by the web server maintains trust between the client application and the web server.
Thus, user authentication is an extremely important issue. There are several different types of techniques to acquire user authentication. One example of such a technique is username and password based authentication where a web server presents a web page on the client application of a host computer to obtain user login information such as a username and a password. The user login information is stored in the database of the web server upon successful authentication of the user. Another example of such a technique is Microsoft Passport which provides a user a mechanism to create a sign-in credential (such as an e-mail address of the user and a password) once, and then use the sign-in credential everywhere on the Microsoft Passport network. Further, the authentication context stored in the database of the above-mentioned techniques provide weak authentication as databases in general are vulnerable to attacks by malicious software.
One method of authenticating a user on a host computer is to use a network security device. One example of such a network security device is the use of a smart card. In this use of smart cards, a smart card connected to a host computer via a smart card reader, performs user authentication against credentials that are stored on the smart card, for example, during the personalization phase. Smart cards provide strong authentication such as mutual authentication based on shared secret key or Public Key Infrastructure (PKI) with cryptographic capabilities, as well as secure hardware and software. However, traditional smart cards have inefficient communications protocols and, to communicate with other network nodes, require special drivers installed on the host computers to which they are connected. Recent advances in smart card research have made it possible to treat the smart card as a network peer. As a network peer, the smart card (a network smart card) can communicate securely with other computers on the network using standard mainstream network communication protocols like TCP/IP and SSL/TLS. Network smart cards and their use are described in greater detail in complimentary art, co-pending and co-assigned U.S. patent application Ser. No. 10/848,738, entitled, “SECURE NETWORKING USING A RESOURCE-CONSTRAINED DEVICE” of HongQian Karen Lu, Michael Andrew Montgomery, and Asad Mahboob Ali, the entire disclosure of which is incorporated herein by reference. Network smart cards may communicate securely end-to-end with remote web servers. While this improves the security of the communication between a smart card and a remote web server, the security context is established between the smart card and the remote web server. This presents a challenge in the use of network enabled smart cards in that if a user wishes to use the smart card to present the user's login credentials to a remote web server the security context is not with the application (for example, a web browser) that the user is using but rather with the smart card. Even in the use of conventional or classic smart cards, wherein the card communicates to other network nodes via a host computer to which it is attached, the problem of having to delegate trust to a host can arise, for example, where a secure channel is established between the smart card and a web server and wherein the user authentication is performed by the card. The complimentary art does not address how to use the smart card to provide a user with to authentication services to be allowed access to the services provided by a web server.
From the foregoing it will be apparent to those skilled in the art that there is a need for an improved method using a security device, such as a network smart card, using network communication protocols like TCP/IP and connected to a remote web server over the Internet, or a classic smart card connected via a secure channel to a remote web server, to allow a user to login to the remote web server by using login credentials stored on the network security device thereby taking advantage of the strong authentication available on network security devices, such as network smart cards.