Evaluation of Unified Security, Trust and Privacy Framework (UnifiedSTPF) for Federated Identity and Access Management (FIAM) Mode

Federated identity and access management systems such as Shibboleth may symbolize a boost: (i) to bring the efficiency and effectiveness in collaboration for governments, enterprises and academia, and (iii) conserve the home domain user's identity privacy in a privacy-enhanced fashion. However, the consternation is about the absence of a trusted computing based mutual trust and security establishment in the Shibboleth infrastructure. The Trusted Computing based mutual attestation notion may assist to add-on the mutual trust and security but raises bidirectional platform privacy concerns. Therefore, to enjoy effectively the federated identity and resource (service) access by the home and foreign domain organizations it is necessary to provide an access control that may coalesced at least some security, trust and privacy aspects in a cohesive fashion. The objective of the work appearing in this paper is to provide a viable and feasible unified security, trust and privacy framework access control solution for federated identity and access management systems by fusing the Shibboleth authentication and authorization access control with the trusted computing based trustworthy mutual attestation.