Computers and computer-based devices, e.g., PDAs (personal digital assistants), external drives, etc., collectively referred to herein as computing devices, are endpoint peers in communication sessions between one or more computing devices. For example, one computing device, e.g., a client, and a second computing device, e.g., a server, are endpoint peers in myriad communication sessions initiated by the computing devices or a user, or users, of one or both of the computing devices.
The paths that the data packets in a communication session between two endpoint peers traverse often include one or more intermediaries. An intermediary is hardware and/or software that dispatches and/or passes through communication between endpoint peers. Exemplary intermediaries include, but are not limited to, switches, routers, load balancers, gate keepers, etc.
It would be desirable for intermediaries in the communication paths between endpoint peers to be capable of identifying the endpoint users. It would further be desirable for intermediaries in communication paths between endpoint peers to be able to authenticate endpoint users that are employing authentication and, potentially, encryption protocols.
Thus, it would be advantageous to functionally enable a system and processes for intermediaries in a communication path between endpoint peers to identify one or both of the endpoint peers and to authenticate one or both of the endpoint peers and/or their users. It would further be advantageous and expedient if the system and processes for endpoint peer identification and authentication were included within existing systems and processes for endpoint peer communication, authentication and/or encryption protocols so entirely new protocols need not be designed and implemented.
Intermediary ability to authenticate endpoint peers can provide additional security protection for transmitted data traffic as the intermediaries in the communication path of a communication session will have confidence that the data traffic is from/to who it is expected/intended. Intermediary ability to identify endpoint peers can support enhanced granularity of network traffic processing as it will enable intermediaries to implement and enforce identity based rules on the data traffic transmitted through them.