literature review about the samsung smartphone in the smartphone market
write a literature review on some part of the final project. Keep in mind the following:
1. Write the review for one reader, an expert who would understand the language and the technology.
2. Identify the reason, or purpose, for gathering this information for your target audience. Consider specific reader needs when selecting, organizing, and presenting the information.
3. Explain any advantages, benefits, features as they appear in the literature and as they are appropriate to your audience and your purpose.
4. Address any drawbacks or any cost information you uncover in your search.
5. Organize the material carefully into discrete sections with appropriate and accurate headings for each section.
Multiple Sign-On Problem
Employees in the Controller’s Office at K-State use several web-based applications to get their work done. This requires multiple logins which can be frustrating to users. It’s especially frustrating when a password gets keyed incorrectly. This problem is not unique to K-State and the solution is called Single Sign-on, called SSO. Single Sign-on is a name for a service that has the user log in just once to provide credentials to multiple domains (Introduction to Single Sign-On, 2005). Implementing an SSO solution would help improve operations in the Controller’s Office. There are potential benefits in security as well as cost.
How Secure Are Passwords?
A study of Department of Defense users in 1999 confirmed how indifferent users were to password security. Of the 997 users surveyed, six reported using passwords just one or two characters in length. Eighty percent used only alphabetic characters. Eighty percent never changed their password. Seventy-eight percent chose passwords based on a combination of meaningful details. An overwhelming majority of users are choosing short, alphanumeric passwords comprised of meaningful details (probably easily guessable) and are rarely, if ever, changing them (Zviram, 1999). Fortunately, password rules have changed since then, but it seems that user attitudes have not.
With the number of passwords users are required to know on the rise, many users keep lists of passwords in their desks (Roach, 2008). A recent survey showed that 30% of respondents in the UK write down passwords, as opposed to more than 50% in the US (Robertson, 2008). Having passwords written down nearly nullifies the purpose in using them. Of Roach’s three recommendations for improving electronic security, the first was to have users log in one time to gain access to everything they need.
On the other hand, new technology is being developed using “typeprints” analysis that may help make passwords even more secure without changing the rules to make them harder to remember. A typeprint is a user’s characteristic pattern to their keystrokes, and is analogous to a fingerprint. Researchers had seven trained typists type up a few passages, then a few more several months later. They were able to identify who typed the later passages based on the rhythm of the typists. Typeprint security software has the user enter their new password a few times for calibration, then after that it refuses access to anyone who does not type the correct password with the correct rhythm (Rehmeyer, 2007).
Cost Benefits of Single Sign-On
As Connolly (2000) points out, security expenses are often viewed by corporations as wasteful expenses, since they contribute nothing to productivity. In fact, many changes in security policies over the years have reduced productivity noticeably. In a 2002 study, Gartner Group found that 10% – 30% of help desk calls were for password resets and that the the labor costs of each reset ranged from $51 – $147 (Password Reset, 2006). By reducing the number of times people enter passwords, we can also reduce the number of times they get locked out of their account and have to call for support.
Security Benefits
Not only have attempts to improve security resulted in higher costs, in many cases it has actually introduced vulnerability. How many faculty and staff at K-State have their eID and password written down within 4 feet of their keyboard? The less passwords there are to remember, the less likely they are to have a handwritten list of them at their desk. Additionally, the less frequently users are authenticating, the less frequently their credentials are sent through the network, thus reducing risk of interception.
Possible Solutions
There are commercially available SSO products on the market, the most well-known of these is Novell Secure Login. A price quote can be requested from Novell. This would require an approved budget request, and would take time to install and configure. Since the applications in question are maintained by either the Controller’s Office or the Information Systems Office (ISO), there is another option. The applications that are maintained by the Controller’s Office can be modified to use a security certificate from ISO. Then all the applications could share a certificate, requiring the user to log in just once. This would require coordination with ISO, but would not require any purchases or budget requests. We would need a Central Authentication Service client to use Single Sign-On with ISO (Single Sign-On, 2009). The programming can likely be done by a student, reducing the labor cost of the modification.