Security is provided in a network system. A message is received from a user, which message requires authentication of the user. An authentication message is sent indicating the identity of the user to an initial software security agent. The software security agent, on receipt of the authentication message, determines whether information relating to the user is stored on a security database associated with the software security agent, and, if so, the software security agent adds an authentication key to the authentication message. The authentication message is sent on to one or more further software security agents. The prior noted steps are repeated with the further software security agent(s) and, if user-related stored security information is found, adding an authentication key to the authentication message and sending the authentication message on to one or more further software security agents until the number of keys associated with the authentication message equals a predetermined number N. When the number of associated keys equals N, the authentication message is sent to the initial software security agent which then grants the required permission to the user.