Infrastructure architecture for secure network management with peer to peer functionality

1. A secure virtual network wherein a service is provided to a given requestor through a virtual service connection created between the service and the given requestor upon successful mutual authentication and authorization of the given requestor for the service, comprising:

• a pre-existing network comprising multiple participants, each connected to the pre-existing network by an appliance, the participants including uniquely identifiable service providers and uniquely identifiable requestors, each service provider offering at least one service through an openable and closeable gateway behind a firewall connected to the pre-existing network, the service listed in a service definition in a repository and specific to a given requestor;
  
  an infrastructure architecture implemented via a distributed governance model wherein each provider is responsible for authenticating and authorizing each requestor,wherein successful mutual authentication comprises;
  
  a) the given requestor providing the service definition to a gateway connecting the given requestor to the pre-existing network, the given requestor gateway comparing the service definition to a record for that service, the record comprising a response code, a response reason, a request size, a response size, an identity of the given requestor and the service provider, a service URL, a unique origination identifier, a unique given requestor identifier, a unique correlation identifier, a local infrastructure identifier, a remote infrastructure identifier, an originator host, a destination host, a destination port, and instructions for fulfilling the request, and, upon a match of the service definition to the record, the given requestor gateway opens and allows the given requestor to request the service; and
  
  b) the exchange of digital certificates between the service gateway and the given requestor gateway, the certificates each comprising a serial number, a host name, an organization ID, and a status, and, upon mutual validation, opening a secure socket layer encrypted tunnel between the service gateway and the given requestor gateway, the tunnel specific to the service and the request;
  
  wherein successful authorization comprises, upon opening of the tunnel, confirmation that the given requestor is listed on an access control list (ACL), the ACL listing certain services accessible by the given requestor, the ACL maintained by the service provider andwherein the provisioning of the service is mapped end to end for reporting, administration, and security tracking, and wherein the virtual service connection is created independent of, and unknown to any other providers and requestors on the network and disposed of when the service has been provided to the given requestor; and
  
  a data base to provide audit and report management of each provisioning of service activity on the network, the data comprising records identified by a unique request identifier for each request.