Logout to login ratio 0.5

Some of my smarter coworkers added several interesting features in the SimpleSAMLphp statistics module.  And the numbers show that if the users are presented with a log out option, half of the users prefer to use this option to closing their browsers.  This trend has stayed stable during summer, when the number of logins have fluctuated wildly.

The graph shows an initial fluttering as the functionality was tested, then support was gradually added in more services.  The large jump from .2 to .5 and above comes as several large scale services migrated to the new interface.

Logout to login ratio

In my earlier posting Single Logout grows I pointed to this trend and wrote about the implementation.  A good user interface has proven to be alpha and omega, as shown in Andreas Solberg’s implementation.

I wish Shibboleth would add support for logging out, as the feature is wanted by half the users.  Not to mention all the vendors and software houses that have told us that logout is neither requested nor possible to do in a useful way.  Our users are voting with their clicks on this issue!

Single Log Out grows

In an earlier post on SLO I promised to get back with more information about the usage of single logout, as Feide adds more and more services to the SLO service.  The graph below shows the ratio of Single Log Out (SLO) to Single Sign On (SSO) for the Feide production Moria4 site.  It is interesting to note that the SLO to SSO ratio is increasing (the initial fluttering is due to pre-production testing), and there is a marked jump at the same time as several reliable service providers were added.  A peak at the underlying data indicates that several services have logout ratios above 50%, among these are library databases and exam registration. 

Even if all services implement SLO, not all services have a good location for the SLO button.  In practice this leads to not all users having access to logout.  Most users still close the browser to log out from a service, or does not log out.  For those who do not log out, the session timeout functions as their logout.  Session timeout in Feide takes several hours, which is a long time compared to BankID where the session lifetime is minutes.

The Moria4 site above went into production April 29, and several major service providers were added in late May.  The overall SSO traffic is shown below.

More information about the technical implementation is available in Andreas’ presentation on SLO from TNC2009

Log out from federated login (SLO)

Logging in is simple.  Getting out is simple, you just close your browser.  Unless you wanted to explicitly log out, or you needed to log out from just one application and keep the other applications working. Another issues is related to closing all browser windows, this sounds easy to do, but can be too difficult for some users.

Andreas implemented a nice user interface for single log out in SimpleSAMLphp, as shown on the right.

A surprising high number of users (8-10%) started using the SLO functionality when this was enabled in March 2009. If this number continues to stay high as we move from pilot in a selected user group to the broader audience in education remains to be seen.

Our main motivation behind the SLO interface was to offer a way to log out from one specific application where the licensing scheme was based on payment per  user logged in at the same time.  This motivated us to find a way to log out from that system, while keeping the other sessions with service providers alive.  If we demanded a global log-out, the end users would loose their work flows in all applications within the single sign on domain.  Not using federated log-out would simply give the user a SSO session in to the application for example at a browser refresh, and this without the user knowing and being able to control the situation.

User testing provided useful feedback, and we ended up with a page as displayed above.  If log-out fails from any application (as it sometimes does with HTTP redirect when a server goes down), this is indicated with a warning sign next to the service.  All successful log-outs are marked with green.  The user is advised to explicitly close all browser windows if log-out fails.

Making the end user aware of what applications he is logged in to, is part of the awareness raising for greater security. On the other hand, we do not want to drown the user in information, because than we end up in the Click-OK-to-continue syndrome.  The minimum information required is the names of the services and some graphic indicators of login/log-out situation.

More information about the technical implementation is available in My thoughts about SLO by Andreas Åkre Solberg, and in the SimpelSAMLphp documentation.

EuroCAMP: How to build single sign on systems

Next EuroCAMP in Cork, Ireland, May 18-19 2009 is focused on How to build single sign on systems – practical experiences.

EuroCAMP (European Campus Architecture Middleware Planning) workshops are gatherings for European universities, research and research networks. TERENA organizes the EuroCAMPs:

The TERENA EuroCAMP workshops aim to develop the knowledge and skills that are needed by staff who are involved in the set-up of identity management systems (IdMS) for authentication and authorisation. The events provide an opportunity to learn about identity management, authentication, authorisation, directories and other middleware standard technologies.