analysis is based on user preferences, productivity, efficiency, accessibility and some other key attributes related to our proposed framework as depicted in Figure 1.

Our proposed framework consists of three strategic dimensions summarized as follows.

3.1. IT Strategy—Data Protection

1) Security:

• Passive mode of authentication: It is difficult to impersonate the actual user credentials because the system is designed in such a way that accepts the response from the SSO assistant.

Figure 1. Proposed framework reflecting three different strategic dimensions.

• Dual factor authentication: Authentication through both the user and the SSO assistant where each session has a unique identity.

• Secure: Authenticated Single Sign-On access to the applications they need when they are outside the corporate firewall.

2) Privacy: To increase privacy control and access resources with privacy protection.

3) Reliability: Preferably zero down time including effective control of stolen Single Sign-On credentials.

3.2. Business Strategy—Critical Success Factor

1) Productivity: Continuous flow of tasks with increased number of assignments performed.

2) Efficiency: Time savings and more accurate results in a committed time frame.

3) Cost Effectiveness: Centralized authentication server for Single Sign-On has evident advantages over distributed authentication servers including user productivity enhancement resulting in higher revenues.

4) Usability: Back end plug-ins eases the access to web apps with greater user convenience.

3.3. Organizational Strategy—Effective Management

1) Manageability: Centralized management of user credentials with one time session identity utilized and two ways of credentials handling, one handled by the plug-in and the other by the user through the system.

2) Accessibility: Easily accessible from any web browser.

3) Availability: Unified authorization provides access to multiple web-apps with maintained service continuity in case of authentication server failure.

4. Data Collection and Analysis

In this section, we will introduce our descriptive and inferential analysis. Our sample included interviews of ten IT managers and a survey of 400 IT professionals utilizing SSO.

As summarized in Figure 2, the majority of our samples were extremely satisfied with the security of SSO. Also, it is evident that the majority witnessed no or rare effect on the interruption of the services through SSO whereas only about 10% believed in high frequency of failures. Also, about 70% of our sample believed in higher service availability after transitioning into SSO solution whereas the rest didn’t notice any or noticed minimal impact on service availability. We also investigated the following hypotheses and performed inferential hypothesis testing using SPSS:

H1: There is an association between SSO mechanism or traditional mode of authentication and service availability.

Figure 2. Results from the sample regarding security, interruption and service availability satisfaction levels of Single Sign-On solutions on cloud applications.

Result: Reject the null hypothesis and conclude that there is sufficient evidence to say that service availability is associated with SSO usage.

H2: Single Sign-On solution will be widely acceptable once all the cloud service providers come under the single federation of cloud computing.

Result: Reject the null hypothesis and conclude that there is sufficient evidence to say that the single federation of cloud computing will affect the acceptance of SSO solutions.

5. Conclusions and Recommendations

This study highlighted the effects and implications of Single Sign-On solutions in cloud applications using our proposed framework. More specifically, the following major points were concluded from the detailed interviews and surveys of our sample of 400+ IT professionals utilizing SSO authentication solutions.

5.1. Business Strategy—Critical Success Factors

The following major points were concluded regarding utilizing Single Sign-On solutions where the demand is high for productivity to speed up organizational processes.

• Reduced time to access and log on to IT systems.

• Reduced helpdesk contacts for password resets.

• Reduction in out of hours password “lock outs”.

• Reduced time to switch between applications affecting positively on productivity.

• Support “terms and conditions” for access to critical business systems.

More specifically employees having more interactions with customers gain more benefits from Single SignOn solutions to increase productivity. Moreover, Single Sign-On solutions reduce the pain for users to access their applications and data from different locations leading to higher performance and better usage. Also, the respondents agreed that SSO can lead to the following competitive advantages:

• Easing the process of job and duty transfer among the employees.

• Maintaining confidentiality of data on staff exit.

• Making the business environment more secure, manageable and credible.

• Leveraging the company productivity by minimizing the need of multiple accounts.

• Making new employee setup faster.

• Making remote assistance more effective and efficient.

5.2. IT Strategy—Data Protection

The below experiences were concluded from our selected sample in measuring the privacy control of the users when accessing cloud services through SSO:

• The common feedback that users are always concerned about is privacy.

• Credentials are stored and encrypted within the central authentication server with no data leakage.

• Unified access for all.

• User details are controlled in one location.

• SSO by itself cannot guarantee the integrity of the data.

• SSO can remove the need to re-authenticate, by logging in user tickets.

The following recommendations were essential to build strong control over privacy with the SSO mechanism:

• Eliminate password sharing for individual applications by using SSO.

• Develop a strong SSO usage policy and then stick to that policy.

• Each user must have their allocated storage with encryption.

• Cloud providers need to implement multiple factor authentications to use all services seamlessly.

5.3. Organizational Strategy—Effective Management

The implementation of SSO for cloud applications can make manageability of access control more effective as follows:

• Less administrative overhead and configurations.

• Easy deployment of applications through SSO.

• User login can be monitored in real time.

• Once SSO is in place, organizations will have the King Key access.

• Easy implementation of governance policies including centralized audit and reporting.

• Increased efficiency and reduced efforts with more discipline in the attitude of the IT staff.

• Less chances and burdens for users to forget their passwords.

To conclude, with the increasing number of cloud applications in the business environment, the need to have a Single Sign-On to access all of those applications at once in order to accomplish different tasks in a shorter period of time will be growing. To make SSO as a portable and widely applicable solution for most of the cloud applications, it is suggested to reduce compatibility issues between different cloud vendors in order to build a uniform structure which is feasible to the needs of the organizations. Through SSO, an organization can obtain improved access with less complexity and increased productivity with better safeguard against any malicious activity. As technological advancements in central hardware authentication systems continue to grow with the flow of approvals in the organizational hierarchy, SSO solutions will be an added value for a faster and safer access.

References

  1. OpenID. www.openid.net
  2. Anchan, D. and Pegah, M. (2003) Regaining Single Sign-On Taming the Beast. Proceedings of the 31st Annual ACM SIGUCCS Conference on User Services, 166-171.
    http://dx.doi.org/10.1145/947469.947514
  3. Kakizaki, Y., Maeda, K. and Iwamura, K. (2011) Identity Continuance in Single Sign-On with Authentication Server Failure. Proceedings of the 5th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS-2011), Seoul, 30 June-2 July 2011, 597-602.
  4. Kontaxis, G., Polychronakis, M. and Markatos, P. (2012) Minimizing Information Disclosure to Third Parties in Social Login Platforms. International Journal of Information Security, 11, 321-332. http://dx.doi.org/10.1007/s10207-012-0173-6
  5. Josang, A., Fabre, J., et al. (2005) Trust Requirements in Identity Management. Australasian Information Security Workshop, Newcastle, 99-108.
  6. Meniya, A. and Jethva, H. (2012) Single-Sign-On (SSO) across Open Cloud Computing Federation. International Journal of Engineering Research and Applications, 2, 891-895.
  7. Zhu, F. and Diao, H. (2010) Single Sign-On Assistant: An Authentication Broker for Web Applications. 3rd International Conference on Knowledge Discovery and Data Mining, 2010, 146-149.

NOTES

*Corresponding author.

Journal Menu >>