The modern communications era has brought about a tremendous expansion of wireline and wireless networks. Computer networks, television networks, and telephony networks are experiencing an unprecedented technological expansion, fueled by consumer demand. Wireless and mobile networking technologies have addressed related consumer demands, while providing more flexibility and immediacy of information transfer.
Current and future networking technologies continue to facilitate ease of information transfer and convenience to users. One area in which there is a demand to further improve the convenience to users is the authentication of users accessing services over a network. Some of these services have been commonly available for users of personal computers and other computing devices for some time, but recently have become available to mobile terminal users due to the growth in wireless and mobile networking technologies as well as continued development of processing power and miniaturization of high-powered processors and components used in mobile computing devices. Examples of these services include e-mail, instant messaging, multi-player gaming, peer-to-peer file transfer, web browsing, social networking, and photograph hosting.
These services may require users of mobile terminals and other computing devices to establish a user account and to authenticate to each service using a unique sign-on upon each use of a service. The requirement to remember usernames and passwords and to sign-on to a service at each use may be frustrating to some users. Some systems, such as OpenID, have been developed which attempt to provide user authentication credentials and eliminate the need for multiple passwords and login information for services. However, such systems may provide for identifying the user but not secure keying for subsequent communication. Thus these systems may be vulnerable to phishing attacks. Furthermore, these existing systems may require interne connectivity in order for the user identification to be resolvable as the user authentication credentials may have to be resolved by an online credential resolution entity.
Many computing devices are currently built to include hardware-based secure environments. Some computing devices are even required to include such secure environments in order to comply with industry specification standards. For example, terminal devices configured to operate on GSM/3G networks may include such secure environments not only to satisfy regulatory requirements, but also to enable various phone services. These hardware-based secure environments may include authentication mechanisms, also referred to as “legacy authentication mechanisms,” which may enable a computing device manufacturer or other entity aware of a device's legacy authentication standards to securely authenticate and communicate with a computing device.
Further, computing devices are often used for personal use by a single user. Therefore, a single device may be correlated with a single user in many circumstances if legacy authentication mechanisms are known to and/or available for use by a service or credentialing provider. Further, providing user credentialing in such a way may allow for secure resolution of user credentials even in ad-hoc networks without an internet connection. Accordingly, it may be advantageous to provide computing device users with methods, apparatuses, and computer program products for bootstrapping device and user authentication so as to transparently and securely authenticate a user to a service based on the user's computing device.