eprintid: 1026 rev_number: 2 eprint_status: archive userid: 1 dir: disk0/00/00/10/26 datestamp: 2023-11-09 15:49:11 lastmod: 2023-11-09 15:49:11 status_changed: 2023-11-09 15:38:53 type: conference_item metadata_visibility: show creators_name: Ahmad, Z. creators_name: Ab Manan, J.-L. creators_name: Sulaiman, S. title: User requirement model for federated identities threats ispublished: pub note: cited By 5; Conference of 2010 3rd International Conference on Advanced Computer Theory and Engineering, ICACTE 2010 ; Conference Date: 20 August 2010 Through 22 August 2010; Conference Code:82180 abstract: Federated identity management system interconnects distributed island of identity management systems with federated identity standards with single sign-on facility. In an open environment, such as those of a federated identity management system a user single sign-on credentials, can easily fall prey to identity theft, or unlawful information gathering. It may use either existing account or new account fraud. In this paper, we present scenarios related to identity theft, unlawful information gathering and tracking. We show the main issue of lack of platform trust in platforms involve in federated systems and discussed the consequences of respective threats on them. In an effort to present a holistic approach to handle security, trust and privacy, we propose a user requirement model involving these core issues for federated identities. These requirements include system trustworthiness, hardware protected key generations, usability, efficiency, identity information validity, privacy, accountability and system robustness. In our proposed model, Trusted Platform Module (TPM), is the fundamental component which ties and binds all communicating platforms together in authentication, verification and trustworthiness of the platform. © 2010 IEEE. date: 2010 official_url: https://www.scopus.com/inward/record.uri?eid=2-s2.0-78149350185&doi=10.1109%2fICACTE.2010.5579819&partnerID=40&md5=b785212051629a96fb7641453536d83d id_number: 10.1109/ICACTE.2010.5579819 full_text_status: none publication: ICACTE 2010 - 2010 3rd International Conference on Advanced Computer Theory and Engineering, Proceedings volume: 6 place_of_pub: Chengdu pagerange: V6317-V6321 refereed: TRUE isbn: 9781424465408 citation: Ahmad, Z. and Ab Manan, J.-L. and Sulaiman, S. (2010) User requirement model for federated identities threats. In: UNSPECIFIED.