A system, method, service method, and program product for defining and/or managing entitlements and/or authentication entitlements to resources in a computer networking environment is disclosed. Upon receiving one or more dynamic events, the invention verifies one or more users (a selected user) has (entitlement) attributes that satisfy one or more access criteria to access one or more resources. The invention then permits and/or provides access to one or more resources for the selected user over one or more networks without revealing the identity of the selected user to the resource provider.