Security, Trust and Privacy (STP) in Federated Identity and Access Management Mode and Trusted Computing (TC) Attestation

The federated identity and access management facilitate the home domain users to
access multiple resources (services) at the foreign domain using single sign-on
facility. They make use of the secure socket layer, firewalls and multi-factor
authentication to diminish the security threats. However, first of all such traditional
security gauges do not provide bidirectional protection for the communicating
machine's platform integrity in the home domain organization against malevolent
programs such as Trojans, worms and viruses. The automated installation of these
programs may lead to risks such as the user's login credential theft and the capturing
of the user's keyboard inputs remotely. Therefore, the absence of the mutual trust in
the communicating machines platform may possibly lead to the security threats in the
home and foreign domains. The Trusted Computing solutions such as the trusted
platform module and the mutual attestation technique may utilize the integrity
measurement architecture to establish the mutual trust and security in the machines
platform. However, mutual attestation may lead to the machine's platform security
credential privacy concern. Therefore, such concerns demand unified security, trust
and privacy solutions in the imminent federated identity and access management
mode to collaborate in a secured, trustworthy and privacy-enhanced fashion.