Managing identity is increasingly important in communication networks, including the Public Internet. As personalized content grows at a seemingly exponential rate, access to services and data are increasingly based on the identity of a user, rather than that of a machine. What is more, an ever increasing quantity of personal and sensitive data is stored and transmitted online. Securing this data and ensuring that only the right entities have access to the data is becoming ever more critical and the cost associated with this is rising at an extraordinary rate. What is more, the endless battle to stay one step ahead of those that would seek to abuse this system is not one that is being won.
Internet Protocol (IP), the basis for the modern Internet was not designed to facilitate the use of user identity for communications and this has led to a disjointed model developing over time that involves applying data security policies in two major ways. Either at the IP address level, using the source IP address of a given host, or based on a user identity that is application specific, identified in the application itself, and carried in the application layer of a network packet.
These two approaches often involve heavy compromise to the security model and this is most evident in the way that anonymous attackers can break into high profile internet services causing millions in damage with minimum risk of consequence. Users of these systems and applications, which now includes billions of users, are required to manage and remember any number of online account credentials in the form of usernames and passwords. To make matters worse, there are any number of ways that malicious individuals can, and do, steal this data so that they may impersonate a victim.
The subject matter claimed herein is not limited to embodiments that solve any disadvantages or that operate only in environments such as those described above. Rather, this background is only provided to illustrate one exemplary technology area where some embodiments described herein may be practiced.