The adoption of single sign-on and multifactor authentication in organisations: a critical evaluation using TOE framework

D'Costa-Alphonso, Marise-Marie and Lane, Michael (2010) The adoption of single sign-on and multifactor authentication in organisations: a critical evaluation using TOE framework. Issues in Informing Science and Information Technology, 7. pp. 161-190. ISSN 1547-5840

Abstract

The proliferation of user credentials for system access coupled with the resulting security threats posed have led to the development of single sign-on (SSO) access control and multi-factor authentication (MFA) technologies. This paper provides an overview of these authentication mechanisms, highlighting the current state in the marketplace and describing the key enabling technologies. We conducted a qualitative analysis to identify the key factors facilitating and inhibiting of adoption of SSO and MFA by organisations using the TOE framework. The resulting analysis indicates a myriad of technologies, protocols and configurations that can be employed depending on the type of authentication implementation required. The findings suggest that a number of factors within the categories of the TOE framework affect organisational adoption both positively and negatively. Furthermore, there are key benefits to be gained from adopting SSO and MFA such as increased corporate security and reduced organisational costs of managing access control. There are also a number of key challenges to be overcome by organisations adopting SSO and MFA. These include ability to accommodate the complexity of multiple heterogeneous systems and to be resilient to new hacker tactics for a SSO and MFA solution to successfully fulfill its organisational purpose.


Statistics for USQ ePrint 6863
Statistics for this ePrint Item
Item Type: Article (Commonwealth Reporting Category C)
Refereed: Yes
Item Status: Live Archive
Additional Information: First author's locality is wrongly assigned on paper - should be Toowoomba, Queensland, Australia. Published version deposited in accordance with the copyright policy of the publisher - free access publication.
Depositing User: Dr Michael Lane
Faculty / Department / School: Historic - Faculty of Business - School of Information Systems
Date Deposited: 20 Aug 2010 02:55
Last Modified: 02 Jul 2013 23:39
Uncontrolled Keywords: single sign-on; SSO; multifactor authentication; MFA; technology-organisation-environment framework; authentication technologies; organisational adoption of SSO and MFA
Fields of Research (FOR2008): 08 Information and Computing Sciences > 0806 Information Systems > 080699 Information Systems not elsewhere classified
08 Information and Computing Sciences > 0803 Computer Software > 080303 Computer System Security
08 Information and Computing Sciences > 0806 Information Systems > 080609 Information Systems Management
Socio-Economic Objective (SEO2008): E Expanding Knowledge > 97 Expanding Knowledge > 970108 Expanding Knowledge in the Information and Computing Sciences
URI: http://eprints.usq.edu.au/id/eprint/6863

Actions (login required)

View Item Archive Repository Staff Only