eprintid: 2690 rev_number: 2 eprint_status: archive userid: 1 dir: disk0/00/00/26/90 datestamp: 2023-11-09 15:50:55 lastmod: 2023-11-09 15:50:55 status_changed: 2023-11-09 15:44:04 type: conference_item metadata_visibility: show creators_name: Manan, J.-L.A. creators_name: Khattak, Z.A. creators_name: Sulaiman, S. title: Practicable unified Security, Trust and Privacy (STP) framework for Federated Access Management (FAM) ispublished: pub keywords: Access management; Integrity measurement; mutual attestation; security; Trusted computing; Trusted platform module, Architecture; Authentication; Internet protocols; Ubiquitous computing, Computer privacy note: cited By 1; Conference of 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom-2012 ; Conference Date: 25 June 2012 Through 27 June 2012; Conference Code:93340 abstract: In open environment there are always challenges in bridging the gap between Security, Trust and Privacy (STP) in Federated Access Management (FAM) systems. This challenge is mainly due to difficulties in providing a practical and efficient framework to handle the often conflicting requirements and expectations of STP in a unified manner. Many of the existing researches address the gap between mainly two areas i.e. security and privacy or security and trust. In this paper, we describe our efforts to narrow the STP gap in FAM and present some implementation experiences in crafting two distinct Unified STP Frameworks (UnifiedSTPFs), namely emergent and practicable, for federated access. We propose the use of the combined strengths of user authentication (AuthN), Trustworthy Mutual Attestation (TMutualA) protocol, and privacy enhancement via Shibboleth. We also presented some lessons learnt during implementation of the practicable UnifiedSTPF for FAM systems in Web Single Sign-On (WSSO) environment and possible future works. © 2012 IEEE. date: 2012 official_url: https://www.scopus.com/inward/record.uri?eid=2-s2.0-84868108560&doi=10.1109%2fTrustCom.2012.222&partnerID=40&md5=e52aae41c8a064caab885e14d248af37 id_number: 10.1109/TrustCom.2012.222 full_text_status: none publication: Proc. of the 11th IEEE Int. Conference on Trust, Security and Privacy in Computing and Communications, TrustCom-2012 - 11th IEEE Int. Conference on Ubiquitous Computing and Communications, IUCC-2012 place_of_pub: Liverpool pagerange: 1411-1416 refereed: TRUE isbn: 9780769547459 citation: Manan, J.-L.A. and Khattak, Z.A. and Sulaiman, S. (2012) Practicable unified Security, Trust and Privacy (STP) framework for Federated Access Management (FAM). In: UNSPECIFIED.