In general, network security concerns private network perimeter protection. To such an end, firewalls and intrusion detection tools are often employed. Firewalls may be generally defined as exclusionary mechanisms, screening requests as they arrive and refusing access to users and protocols failing to establish access rights to trusted networks. In such environment, new users and applications often require new rules thereby increasing implementation complexity as network-enabled applications proliferate.
To limit or eliminate direct communications between trusted and untrusted networks, organizations may employ demilitarized zone (DMZ) networks. A DMZ network may be characterized as one or more intermediary areas where application or user access to trusted networks is screened or authorized. In complex applications, such as encryption and authentication/authorization mechanisms, processing perimeter requests typically creates complexity and bottlenecks. As a result, performance degradation, user inconvenience and administration overhead plague secure applications needing to cross the perimeter. These and other problems are often exacerbated when multiple participants seek to cross the perimeter, each with their own security guidelines and architecture.