Show simple item record

dc.contributor.authorCusack, Ben_NZ
dc.contributor.authorZadeh, Een_NZ
dc.date.accessioned2018-10-07T23:52:54Z
dc.date.available2018-10-07T23:52:54Z
dc.date.copyright2015-12-14en_NZ
dc.identifier.citationIn the Proceedings of [the] 13th Australian Information Security Management Conference, held from the 30 November – 2 December, 2015 (pp. 94-100), Edith Cowan University Joondalup Campus, Perth, Western Australia, pp. 5-10.
dc.identifier.urihttp://hdl.handle.net/10292/11862
dc.description.abstractThe business use of cloud computing services is motivated by the ease of use and the potential financial cost reductions. Service failure may occur when the service provider does not protect information or when the use of the services becomes overly complex and difficult. The benefits also bring optimisation challenges for the information owners who must assess the service security risk and the degree to which new human behaviours are required. In this research we look at the risk of identity theft when ease of service access is provided through a Single Sign On (SSO) authorisation and ask: What are the optimal behavioural expectations for a Cloud service information owner? Federated identity management is a well-developed design literature for solutions to optimising human behaviours in relation to the new technologies. We briefly review the literature and then propose a working solution that optimises the trade-off between disclosure risk, human user risk and service security. Both breech and non-use of a system are failures.
dc.publisherSecurity Research Institute, Edith Cowan University
dc.relation.urihttps://ro.ecu.edu.au/ism/177/
dc.rightsNOTICE: this is the author’s version of a work that was accepted for publication. Changes resulting from the publishing process, such as peer review, editing, corrections, structural formatting, and other quality control mechanisms may not be reflected in this document. Changes may have been made to this work since it was submitted for publication. A definitive version was subsequently published in (see Citation). The original publication is available at (see Publisher's Version).
dc.titleEvaluating Single Sign on Security Failure in Cloud Servicesen_NZ
dc.typeConference Contribution
dc.rights.accessrightsOpenAccessen_NZ
dc.identifier.doi10.4225/75/57b693a2d9387
pubs.elements-id194031


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record