The use of computer systems and associated networks by which these systems are communicatively coupled to one another is ubiquitous. With the ever increasing use of such systems and networks, the need for security with respect to same has likewise increased. Thus, organizations that rely on complex computer systems and networks tend to employ sophisticated security systems to prevent unauthorized access to important data and processes stored on these systems.
While the use of such security measures can prevent the unauthorized disclosure of information, it can also complicate tasks associated with maintaining the networks and systems used by the organization. For example, when network administrators are required to reconfigure a network by adding one or more computer systems thereto, the task is complicated by the need to properly authenticate the new devices within the context of the other components of the network. Typically this requires the use of shared secrets (i.e., information elements known only to properly authenticated devices on a network) that must be securely communicated to each computer system, but such security instruments can be difficult to use properly and their compromise can lead to catastrophic security breaches. Moreover, the use of shared secrets can be burdensome inasmuch as every device on the network must be updated in the event of any compromise or simply periodically as part of a security audit or the like.
Thus there is a need for a system and method which allows for authentication and authorization of computer systems within a network but which is not based on the use of shared secrets.