An Empirical Study on the Usability of Logout in a Single Sign-on System
Single sign-on (SSO) has shown to be a successful paradigm in a network environment where a large number of passwords would otherwise be required. However, the SSO paradigm leaves the practices of logging out of services undetermined. In this study, the users’ subjective satisfaction in the current implementation of login and logout was examined with both quantitative and qualitative methods. The study was carried out in a university using SSO in its intranet. The main result of this study is that when a multiservice environment uses SSO for user authentication, a single logout should also be used instead of expecting users to separately log out from each service.
KeywordsFocus Group Focus Group Session Role Base Access Control Visual Display Terminal Federate Identity
Unable to display preview. Download preview PDF.
- 1.Sasse, M.A., Brostoff, S., Weirich, D.: Transforming the ‘weakest link’ – a human/computer interaction approach to usable and effective security. BT Technol. J. 19(3) (2001)Google Scholar
- 3.ISO/IEC (1998b) 9241-11 Ergonomic requirements for office work with visual display terminals (VDT)s - Part 11 Guidance on usability, ISO/IEC 9241-11 (1998)Google Scholar
- 5.Volchkov, A.: Revisiting Single Sign-on. A Pragmatic Approach in a New Context. IEEE IT Professional 3(1), 39–45 (2001)Google Scholar
- 7.Taylor, K., Murty, M.: Implementing Role Based Access Control for Federated Information Systems on the Web. In: Johnson, C., Montague, P., Steketee, C. (eds.) Australasian Information Security Workshop 2003. Australian Computer Society Inc., Sydney, pp. 87–95 (2003)Google Scholar
- 8.The InCommon Federation. The InCommon Glossary. Available in, http://www.incommonfederation.org/glossary.cfm, (visited 1/2005)
- 9.Liberty Alliance Project. Liberty ID-FF Protocols and Schema Specification version 1.2. Piscataway, New Jersey (2003)Google Scholar
- 10.Internet2/MACE. The Shibboleth project, http://shibboleth.internet2.edu/, (visited 1/2005)
- 11.Web Services Federation Language. IBM, Microsoft, VeriSign (2003)Google Scholar
- 12.Microsoft.NET passport review guide. Microsoft corporation (2004)Google Scholar
- 15.Nielsen, J.: Ten Usability Heuristics. Available in, http://www.useit.com/papers/heuristic/heuristic_list.html, (visited 1/2005)
- 17.University of Washington. Pubcookie: open-source software for intra-institutional web authentication, http://www.pubcookie.org/, (visited 1/2005)