The explosive growth of the Internet is changing the ways in which we communicate, conduct business, and pursue entertainment. A few years ago, electronic commerce (E-commerce) was just an interesting concept. By 1999, however, it had become the hottest thing around. Today, not only are consumers buying an enormous volume of goods or services over the Internet, but the business-to-business E-commerce has taken off as well.
The basic cell of E-commerce is an electronic transaction, which requires a buyer or user fills out one or more electronic forms on screen and click a button named “send”, “buy” or “submit”, etc. To complete such an electronic transaction, a user has to go through an authentication process. In other words, the user must provide the seller or service provider with some information such as his or her personal identification, contact information, or even financial information. The authentication process may take from several minutes to hours. Since each seller or service provider maintains its own authentication server and database, millions of seller and service providers might share thousands of millions of consumers or users. Some of the consumers or users might be required to go through the same or similar authentication process again and again if they have transactions with many sellers or service providers. This repetitive authentication not only wastes consumers' precious time, but also burdens the sellers or service providers because they have to expand their databases to keep detailed authentication information for a growling number of users. This situation brings forth a technical need to create a universal, unified single-login infrastructure wherein a specific user may be authenticated once for all and the authentication result is widely recognized by a large number of sellers or service providers.
In responding to that need, several approaches have been developed. For example, Microsoft Corporation has introduced a “.NET Passport” single sign-in system. With “.NET Passport”, a user doesn't need to register a member name and password at each new site he or she visits. The user may simply use his or her e-mail address and password that registered as his or her “.NET Passport” to sign in to any participating site or service. The information the user registers with “.NET Passport” is stored online, securely, in the “.NET Passport” database as the user's “.NET Passport profile.” When the user sign in to a “.NET Passport” participating site by typing his or her e-mail address and password in the “.NET Passport” sign-in box, “.NET Passport” confirms that (1) the e-mail address he or she typed is registered with “.NET Passport”, and (2) the password he or she typed is correct. “.NET Passport” then notifies the site that the user has provided valid “sign-in credentials”, and he or she is given access to the participating site. Once the user signs in to one “.NET Passport” participating site during an Internet session, he or she can sign in to others simply by clicking the “.NET Passport” sign-in button on each site.
Another example is America Online Inc.'s “Screen Name Service” system, which provides free service allowing anyone with a “Screen Name” to easily and securely register at a variety of Web sites. Similar to Microsoft's “.NET Passport” system, the “Screen Name Service” eliminates a user's need to remember multiple names and passwords for all the places he or she visits on the Web. With the “Screen Name Service” system, each user has a “My Profile”, which stores the user's personal information used to make registering at sites across the Web simple and secure. When the user registers at a participating Web site using the service, he or she has the opportunity to choose which fields of information stored by AOL, if any, he or she would like to share with that site. No information will be shared with any Web site without the user's explicit permission. When the user agrees to share certain information with a participating site, that information is conveyed to the Web site at which he or she is registering. Another feature is that the user is provided with a “My Site List”, which is an effective way to manage personal information because it shows the user with which sites he or she has registered with using the service. The user can view the privacy policy of a site to see how it uses information it knows about the user. The user can also decide if he or she would like to be signed into the site without being prompted and if the site should be updated with information if “My Profile” changes.
The common characteristic of these approaches is that they implement a centralized solution for authentication and authentication information management. Undoubtedly, the centralized solution may overcome the repetitive authentication and repetitive storage problems that exist in the scattered, disorganized situation.
However, the centralized solution has three major disadvantages. First, in a centralized authentication system, because all the login requests go to a central authentication server, the traffic to the server could be very heavy, the requirements for the process capability and database size could be predictably high, and the authentication process would be very slow when the number of requests is overwhelmed for the server. Second, in case that the central authentication system fails, all the authentication requests would be suspended. Third, the central authentication service provider could monitor the participating sites' login rates and a site which hosts a user's login page could monitor the user's login information. This situation is surely disliked by most of the participants.
Our invention disclosed in the application Ser. No. 10/086,104 filed Feb. 26, 2002 provides a solution to have each authentication carried out at one of participating servers and have the authentication result distributed and cached all over the network of the participating servers so that the authentication results cannot be centrally monitored and even a site which hosts a user's login page cannot monitor a user's login information.
The invention provides a solution to guarantee the security of the distributed single-login authentication systems. In a “global single-login user name/password” situation, the user could mistakenly send his password to an unintended recipient that might abuse the information. For example, if the user attempted to type joe@aol.com but mistakenly typed joe@alo.com instead, and when he correctly entered his password and clicked login, the “alo.com” server would receive the user's password. In a “user name/password” situation, the authentication system does not know which authentication server is the correct one. It has to test a number of servers by forwarding each of the tested servers the user name and the password. Therefore, the more servers tested during the process, the more servers know the user's password. If any of the recipients abuses the information, it may cause irreparable harm to the user. This “leaking” of login information is generally unacceptable from a security perspective.