sso project presentation
TRANSCRIPT
-
7/28/2019 SSO Project Presentation
1/19
Centralizing the DecentralThe Value Implications O
Single Sign-on ServicesKartik Rishi Teresa Lam Augustus Yuan Scott Kuehnert
-
7/28/2019 SSO Project Presentation
2/19
Agenda
SSO ProvidersWe provide an analysis of three large SSO services on how they treat users and
SSO Users
An in-depth look on the prevalence of SSO as a service through an empirical in
SSO IntegratorsA quick look at the utilization of SSO systems by existing services
Introduction & Stakeholders
Understand the premise behind why we conducted our study and a glimpse in the direct/indirect stakeholders interact with Single Sign-On services.
Best Practices & ConclusionBy synthesizing the work that weve done, we have some methods that users castay safe and secure online.
-
7/28/2019 SSO Project Presentation
3/19
intro
Internet is Growing
Everyone knows this, its huge.
Self-IdentityOur constant interactions online establish our personal identity onli
Growing ServicesThe amount of businesses/services online for users is growing expone
Points of AuthorityA growing trend where services act to authenticate you as a unique ind
-
7/28/2019 SSO Project Presentation
4/19
Stakeholders
Direct Stakeholders Indirect Stakeholde
SSO Users
SSO IntegratorsEx. Groupon, LivingSocial
SSO ProvidersEx. Facebook, Google, OpenID
Government
Data Aggregation Ser
Marketing Agencie
-
7/28/2019 SSO Project Presentation
5/19
SSO Integrators
Stack Exchange A collection of sites focusing on Questions & Answers service
Focuses on convenience of the userAllows access to 90+ sites with one accountManage accounts easier and provide profiles for career employe
Social Deals A type of service that uses social media to target niche markets w
Focuses on the personalization of the userSpecifically target ads/deals based on user interests
Wolfram-Alpha Computational engine used to understand Big Data through
Focuses on making data accessible to the userDevelops algorithms to improve site services based on user entri
-
7/28/2019 SSO Project Presentation
6/19
SS
Methods & DemographicsWe utilized Amazon Mturk to reach a far and greater audience in a short period
Age n %18-21 17 12%22-25 43 30.3%26-30 41 28.9%31-40 28 19.7%41-50 9 6.3%51-60 3 2.1%61-70 1 0.7%
Gender n %
Male 94 66.2%
Female 48 33.8%
Country n
India 116
USA 17
Pakistan 2
Other 7
-
7/28/2019 SSO Project Presentation
7/19
SS
Why do you use Single Sign-On services?
Its easy and convenient
Much easier and fast to sign up to website with this service
It provides security as one time login and logout. Also no need to remempasswords every time
SSO services are quite easy to use and fast as well. It reduces the threat ofand many other online privacy issues. Hence using SSO services is safe an
-
7/28/2019 SSO Project Presentation
8/19
SS
Why do you use Single Sign-On services?
-
7/28/2019 SSO Project Presentation
9/19
SS
Usage of SSOs vs Privacy violation in the future?Do you ever worry that your privacy might be violated in the future? Please mark the sca
1. Not Worried At All: 47/142 and 32/47 = 68.1% use SSOs
2. Somewhat Worried: 17/142 and 9/17 = 52.9% use SSOs
3. Neutral: 26/142 and 13/26 = 50% use SSOs
4. Worried: 33/142 and 19/33 = 57.6% use SSOs
5. Extremely Worried: 19/142 and 10/19 = 52.6% use SSOs
-
7/28/2019 SSO Project Presentation
10/19
SS
Privacy Violated in Past vs Privacy Violated in Future
Only 11 out of the 142 participants actually had their privacy violatepast.
72.7% of the 11 participants answered either a 5 Extremely Worried or a
for their privacy being violated in the future.
This shows that people who had their privacy violated in the past are moreabout their future privacy.
-
7/28/2019 SSO Project Presentation
11/19
SSO Providers
Motivation
Develop a better understanding of SSO systems &provide useful research
Prior ResearchUtilized research done by privacychoice.org &knowprivacy.org
MethodsRead through privacy- and data use- policies atleast twice:
Once to get an overview of the text and locationsof certain types of clauses
Again to mark specific locations of text
-
7/28/2019 SSO Project Presentation
12/19
SSO Providers
Methods Draft a list of specific allowances Create a table to track occurrences of each
allowance Each value in brackets refers to a specific
policy
Findings More focus on data collection in Google More focus on data sharing from Facebook More focus on the rights of companies vs.
rights of users
-
7/28/2019 SSO Project Presentation
13/19
SSO Providers
-
7/28/2019 SSO Project Presentation
14/19
SSO Providers
-
7/28/2019 SSO Project Presentation
15/19
SSO Providers
-
7/28/2019 SSO Project Presentation
16/19
SSO Providers
-
7/28/2019 SSO Project Presentation
17/19
SSO Providers
FindingsNo companies had explicit policieto government access attempts
No companies explicitly share infoget about you from third parties
ConclusionsPros: Quantitative Allows for direct comparison oCons: Not comprehensive Can be misleading
-
7/28/2019 SSO Project Presentation
18/19
Best Pr
Be Mindful On The Value of YOUUnderstand the value of your identity online and your stake in web security
Stay Up-To-DatePolicies change and being knowledgable about updates can keep you better info
Manage Access To Your InformationDetermine if you no longer use services and shut them down to control data acc
Evaluate The Value Of Services UsedTake a chance to think about whether you really should use some services online
Manage Different Kinds of DataConduct an audit of what kinds of information you have online, and control it
-
7/28/2019 SSO Project Presentation
19/19
Questions?We Have Answers.