Preserving identity information in today's highly-connected computing environments is a challenging task. As electronic commerce becomes more and more pervasive, individuals are transmitting confidential information over the Internet with ever increasing frequency. As a result, identity theft has become commonplace, and organizations are continuously attempting to fill security holes as security lapses become apparent to them.
Most techniques for preserving identity focus on preserving a sender's identity over an insecure network, such as the Internet. With these techniques, secure communications are often used with protocols such as Secure Sockets Layer (SSL). The primary concern of the industry has been to ensure that identity information is securely transmitted from a sender to a secure server. The assumption is that once identity information is safely and securely transmitted from a sender to a secure server, then confidentiality and security can be safely preserved. However, this assumes that the secure server is operating behind a firewall and that individuals with access behind that firewall are acting ethically and not attempting to comprise a sender's identity information. Unfortunately, organizations are learning that often security breaches are occurring within their own secure environments because not all employees of the organizations are trustworthy.
The assumption is that security can be relaxed behind a secure firewall because outside intruders cannot comprise a sender's identity information within the firewall. As a result, behind the firewall a sender's security information is frequently transmitted and placed on transmission lines with little or no security. Thus, the security information can be acquired with relative ease by malicious internal users working behind the firewall.
For example, consider an organization offering several services over the Internet, where access to those services is externally controlled by a proxy server acting as a filtering proxy or as a secure authentication mechanism. These services may also include additional external subscription services which manage and provide access to the native service via the subscription services. A sender may use a World-Wide Web (WWW) browser to request access to a particular service behind the firewall. The request is transmitted with sender identity information over the Internet using a Hyper Text Mark-up Language having a Secure Sockets Layer protocol (HTTPS). The identity information permits the proxy server and the desired service to authenticate the sender for access to the service. The proxy server has access to the service via a secure network, such as an Intranet. Once the proxy server authenticates the sender, the sender's identity information and request are forwarded within the secure network to the desired service for servicing.
During this forward process, the sender's identity information is vulnerable within the secure network and can be intercepted by individuals having access to the secure network. This means that the organization maintaining the services must rely on the integrity of its employees to prevent identity theft. In many situations this may be sufficient, but it only takes one misread or disgruntled employee to comprise a sender's integrity. Moreover, once identity theft has occurred, the damage to an organization's customer which results can cause irreparably injury to the organization's reputation and resources.
Therefore, there exists a need for improved techniques that more securely distribute and manage electronic identities within a network.