An Assessment on Integration of Single-Sign-On Technologies for Military Environment: A Fit- Viability Model
View/ Open
Date
2014Author
Alahendra, LK
Wasalage, WMIL
Pakshaweera, SPP
Pathirage, Nandana
Metadata
Show full item recordAbstract
With the creation of web-based technologies, single sign-on has emerged as an important and central architecture solution for enterprise applications. As security breaches become increasingly more frequent, Minimizing user access to back-end systems and web applications without impacting legitimate usage is more important than ever before. As more web-based applications are deployed, Single Sign-On (SSO) solutions that have the capabilities to provide authentication, management, access control, and logging across the complete front- and backend e-business chain will become increasingly more important to Information Technology (IT) professionals. Furthermore, arrival of networking and internet has necessitated the use of numerous authentication techniques as password inflation has severely undermined the protection offered by a single password. Writing down and sharing passwords, use of regular passwords and similar practices greatly undermines the security of a network. Password issues also hinder productivity of the workplace and create redundant costs to the organization. Even though, SSO is a two-edged sword. SSO will degrade the security if it has not being deployed properly and SSO isn't a security panacea in and of itself, it can make positive contributions to an enterprise information security program. Since SSO can have positive impact on the secure systems, establishment of SSO for military environment based organizations can be taken into consideration with the aim of enhancing the productivity and secureness by eliminating the issues in using several usernames and passwords for separate systems. In this research, the feasibility of using SSO technology for military environment was investigated and potential risks were identified in the prevailing system authentication. The research was conducted using a mixture of quantitative and qualitative methodologies within an overall inductive framework. To elicit quantitative values necessary for the research, questionnaires, and document reviews were used. To elicit qualitative values, interviews, observations and case studies were used. Then, inductive and deductive reasoning were used to theorize the findings appropriately and to generate outcomes. The feasibility of such integration was analyzed from technical, financial, operational and organizational perspectives and based on the findings; a model has being developed for the integration of SSO technologies for military environment with appropriate security measures using a mix of available SSO technologies, would be productive and successful in military environment.