University of Pitesti
Many federated identity management systems have been proposed to solve the problem of authorizing users across security domains. Although these solutions attempt to follow the user-centric design approach to empower users by letting them make important decisions on whether to release sensitive information, they do not provide much help to users in making good decisions. More importantly, privacy of user's identity related data is not very well protected in many of these systems. Some even fail to meet the security requirements of identity management system, and are susceptible to replay and man-in-the-middle attacks.