Abstract: Authentication schemes are frequently implemented in a “one size fits all” approach that do not acknowledge the range of user or location-specific authentication behaviors and threat models. We assess location and user-specific authentication behaviors after recently rolling out a Single Sign-On system in the University of Washington Health system to inform customized authentication protocols. In addition, we seek to implement best practices for methodical transparency and protection of users’ privacy when analyzing clinical log data.

Describe the new knowledge and additional skills the participant will gain after attending your presentation.: Our work provides attendees insight into an actual implementation of SSO within a health system and an understanding of how exploring how the tensions between usability and security is critical and may vary between subgroups.

Authors:

Jason Thomas (Presenter)
University of Washington

Andrew Teng, University of Washington
Franziska Roesner, University of Washington
Adam Wilcox, University of Washington
Cris Ewell, UW Medicine