%C Kuala Lumpur %V 2 %A Z.A. Khattak %A S. Sulaiman %A J.-L.A. Manan %T A study on threat model for federated identities in federated identity management system %P 618-623 %K Federated identity; Identity information; Identity theft; Trust relationship; Trusted computing, Authentication; Crime; Data privacy; Information technology; Network security, Management %X Federated Identity Management (FIM) based on standards allows and facilitates participating federated organizations to share users identity attributes, facilitate authentication and grant or deny service access requests. Using single sign-on facility users authenticates only once to home identity provider and logged into access successive service providing service providers within federation. User's identity theft, misused of user identity information via single sign-on facility in identity providers and service providers, and trustworthiness of subject, identity providers and service providers are active concerns in federated identity management systems. In addition, we had explored trusted computing technology, which covers Trusted Platform Module security features such as Trusted Platform Module Identity, Integrity Measurement and Key certification as well as Trusted Network Connect. In this paper, we presented conceptual threat model for inter-domain web single sign-on in federate identity management system. For this, we set identity theft, misused of identity information, and trust relationship scenarios and in the end, we discussed how trusted computing technology use can effectively resolve identity theft, misused of identity information, and trust relationship concerns in federated identity management system. © 2010 IEEE. %R 10.1109/ITSIM.2010.5561611 %D 2010 %J Proceedings 2010 International Symposium on Information Technology - Engineering Technology, ITSim'10 %L scholars1092 %O cited By 30; Conference of 2010 International Symposium on Information Technology, ITSim'10 ; Conference Date: 15 June 2010 Through 17 June 2010; Conference Code:81915