%0 Conference Paper %A Manan, J.-L.A. %A Khattak, Z.A. %A Sulaiman, S. %D 2012 %F scholars:2690 %K Access management; Integrity measurement; mutual attestation; security; Trusted computing; Trusted platform module, Architecture; Authentication; Internet protocols; Ubiquitous computing, Computer privacy %P 1411-1416 %R 10.1109/TrustCom.2012.222 %T Practicable unified Security, Trust and Privacy (STP) framework for Federated Access Management (FAM) %U https://khub.utp.edu.my/scholars/2690/ %X In open environment there are always challenges in bridging the gap between Security, Trust and Privacy (STP) in Federated Access Management (FAM) systems. This challenge is mainly due to difficulties in providing a practical and efficient framework to handle the often conflicting requirements and expectations of STP in a unified manner. Many of the existing researches address the gap between mainly two areas i.e. security and privacy or security and trust. In this paper, we describe our efforts to narrow the STP gap in FAM and present some implementation experiences in crafting two distinct Unified STP Frameworks (UnifiedSTPFs), namely emergent and practicable, for federated access. We propose the use of the combined strengths of user authentication (AuthN), Trustworthy Mutual Attestation (TMutualA) protocol, and privacy enhancement via Shibboleth. We also presented some lessons learnt during implementation of the practicable UnifiedSTPF for FAM systems in Web Single Sign-On (WSSO) environment and possible future works. © 2012 IEEE. %Z cited By 1; Conference of 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom-2012 ; Conference Date: 25 June 2012 Through 27 June 2012; Conference Code:93340