We stand today in front of the most important advances of Information Technology. Considering that nearly one billion computing systems in our planet are already connected through the Internet (Global Reach, 2005), as well as the convergence of mobile telephony services and e-commerce, huge amounts of information flow from one network to another with a single command, request or click. To this extent many technologies, platforms and infrastructures are thriving to provide services to the end user, who becomes the target point: it is the user who requests services; it is the user who accesses networks and resources; it is the who that requires security and privacy. Users are ‘carrying’ their digital identities (usernames, passwords or PINs, digital certificates or biometric features) over several different platforms and applications
to request access: on their corporate workstations, on their home computers, on their mobile phones or PDAs, leaving important traces of their selections, habits and personal data. In this context, there are many system vulnerabilities that, if not addressed properly, could potentially lead to a set of unauthorized actions varying from a denial-of-service attack to identity theft. Therefore it is of utmost importance to treat.