Work place: Department of Computer & Information Technology, Africa Nazarene University, Nairobi, Kenya
E-mail: eroche@anu.ac.ke
Website:
Research Interests: Online learning, E-learning, Assessment of digital learning, Mathematics of Computing
Biography
Dr. Emily Roche holds a PhD in Biostatistics from Moi University, an MSc in Statistics and a Bed in Double Mathematics from Kenyatta University. She currently facilitates the learning of mathematics at Africa Nazarene University doubling up as a mentor and advisor to the learners. Her greatest research interest is in statistical modelling and in the facilitation of learning is to demystify mathematics. Professionally she is a member of International Biometric Society and Kenya National Statistical Society. Dr. Roche was the second masters research supervisor to Carolyne Wanjiru Kimani.
By Carolyne Kimani James I. Obuhuma Emily Roche
DOI: https://doi.org/10.5815/ijitcs.2023.03.04, Pub. Date: 8 Jun. 2023
Universities across the globe have increasingly adopted Enterprise Resource Planning (ERP) systems, a software that provides integrated management of processes and transactions in real-time. These systems contain lots of information hence require secure authentication. Authentication in this case refers to the process of verifying an entity’s or device’s identity, to allow them access to specific resources upon request. However, there have been security and privacy concerns around ERP systems, where only the traditional authentication method of a username and password is commonly used. A password-based authentication approach has weaknesses that can be easily compromised. Cyber-attacks to access these ERP systems have become common to institutions of higher learning and cannot be underestimated as they evolve with emerging technologies. Some universities worldwide have been victims of cyber-attacks which targeted authentication vulnerabilities resulting in damages to the institutions reputations and credibilities. Thus, this research aimed at establishing authentication methods used for ERPs in Kenyan universities, their vulnerabilities, and proposing a solution to improve on ERP system authentication. The study aimed at developing and validating a multi-factor authentication prototype to improve ERP systems security. Multi-factor authentication which combines several authentication factors such as: something the user has, knows, or is, is a new state-of-the-art technology that is being adopted to strengthen systems’ authentication security. This research used an exploratory sequential design that involved a survey of chartered Kenyan Universities, where questionnaires were used to collect data that was later analyzed using descriptive and inferential statistics. Stratified, random and purposive sampling techniques were used to establish the sample size and the target group. The dependent variable for the study was limited to security rating with respect to realization of confidentiality, integrity, availability, and usability while the independent variables were limited to adequacy of security, authentication mechanisms, infrastructure, information security policies, vulnerabilities, and user training. Correlation and regression analysis established vulnerabilities, information security policies, and user training to be having a higher impact on system security. The three variables hence acted as the basis for the proposed multi-factor authentication framework for improve ERP systems security.
[...] Read more.Subscribe to receive issue release notifications and newsletters from MECS Press journals