A study on threat model for federated identities in federated identity management system

Federated Identity Management (FIM) based on standards allows and facilitates participating federated organizations to share users identity attributes, facilitate authentication and grant or deny service access requests. Using single sign-on facility users authenticates only once to home identity provider and logged into access successive service providing service providers within federation. User´s identity theft, misused of user identity information via single sign-on facility in identity providers and service providers, and trustworthiness of subject, identity providers and service providers are active concerns in federated identity management systems. In addition, we had explored trusted computing technology, which covers Trusted Platform Module security features such as Trusted Platform Module Identity, Integrity Measurement and Key certification as well as Trusted Network Connect. In this paper, we presented conceptual threat model for inter-domain web single sign-on in federate identity management system. For this, we set identity theft, misused of identity information, and trust relationship scenarios and in the end, we discussed how trusted computing technology use can effectively resolve identity theft, misused of identity information, and trust relationship concerns in federated identity management system.