Trusted Hybrid Multifactor Authentication for Cloud Users

K. Devi Priya*, L. Sumalatha **
*,** Department of Computer Science and Engineering, JNTUK University, Kakinada, Andhra Pradesh, India.
Periodicity:January - June'2020
DOI : https://doi.org/10.26634/jcc.7.1.16670

Abstract

Cloud Computing is an advance technology that provides different services to the users on the rental basis. The main issue associated with the cloud is cyber attacks that are performed on the cloud services due to the improper security mechanisms especially authentication. In this paper, a multi level security using hybrid multifactor authentication methodologies based on the security questions, mobile OTP, and biometric authentication in addition to password based authentication to protect the data/services from the cyber attackers is proposed. The hybrid methodologies provides strong and secure authentication due to the two layer security. The biometric authentication includes face image as an authentication factor and the extraction of the face features are performed using VGG face model with the concept of transfer learning. The proposed work is implemented in the Google Colab cloud with python API and evaluated results show the proposed scheme providing privacy, confidentiality, integrity, and resistivity against the collision resistance attack, replay attack, tampering of the data, etc.

Keywords

Hybrid Multifactor Authentication, Cyber Security, Security Questions, OTP, Biometric Authentication, VGG Model.

How to Cite this Article?

Priya, K. D., and Sumalatha, L. (2020). Trusted Hybrid Multifactor Authentication for Cloud Users. i-manager's Journal on Cloud Computing, 7(1), 12-20. https://doi.org/10.26634/jcc.7.1.16670

References

[1]. Abu-Libdeh, H., Princehouse, L., & Weatherspoon, H. (2010, June). RACS: A case for cloud storage diversity. In Proceedings of the 1st ACM symposium on Cloud computing (pp. 229-240). https://doi.org/10.1145/1807 128.1807165
[2]. Appel, A. W. (2015). Verification of a cryptographic primitive: SHA-256. ACM Transactions on Programming Languages and Systems (TOPLAS), 37(2), 1-31.
[3]. ARN. (2020). Top 10 Most Notorious Cyber Attacks in History. https://www.arnnet.com.au/ slideshow/341113/top- 10-most-notorious-cyber-attacks-history/
[4]. Banyal, R. K., Jain, P., & Jain, V. K. (2013, September). Multi-factor authentication framework for cloud computing. In 2013, Fifth International Conference on Computational Intelligence, Modelling and Simulation (pp. 105-110). IEEE. https://doi.org/10.1109/CIMSim.2013.25
[5]. Bisong, E. (2019). Building Machine Learning and Deep Learning Models on Google Cloud Platform (pp. 59-64). Berkeley, CA: Apress
[6]. Bowers, K. D., Juels, A., & Oprea, A. (2009, November). HAIL: A high-availability and integrity layer for cloud storage. In Proceedings of the 16th ACM Conference on Computer and Communications Security (pp. 187-198). ACM.
[7]. Brownlee, J. (2019). How to Perform Face Recognition With VGGFace2 in Keras. Machine Learning Mastery. https://machinelearningmastery.com/how-to-performface- recognition-with-vggface2-convolutional-neuralnetwork- in-keras/
[8]. Devkota, D., Ghimire, P., Burris, J., & Alkadi, I. (2015, March). Comparison of security algorithms in cloud computing. In 2015, IEEE Aerospace Conference (pp. 1-7). IEEE.
[9]. Dooley, R., Edmonds, A., Hancock, D. Y., Lowe, J. M., Skidmore, E., Adams, ... Knepper, R. (2018). Security Best Practices for Academic Cloud Service Providers. Bloomington, Indiana: Indiana University Scholar Works.
[10]. Feng, J., Chen, Y., Summerville, D., Ku, W. S., & Su, Z. (2011, January). Enhancing cloud storage security against roll-back attacks with a new fair multi-party non-repudiation protocol. In 2011, IEEE Consumer Communications and Networking Conference (CCNC) (pp. 521-522). IEEE.
[11]. Kim, Y., Kim, I., & Park, N. (2014). Analysis of cyber attacks and security intelligence. In Mobile, Ubiquitous, and Intelligent Computing (pp. 489-494). Heidelberg, Berlin: Springer. https://doi.org/10.1007/978-3-642-40675- 1_73
[12]. Lee, S., Ong, I., Lim, H. T., & Lee, H. J. (2010). Two factor authentication for cloud computing. Journal of Information and Communication Convergence Engineering, 8(4), 427- 432.
[13]. Mashhadi, N. (2015). Authentication in mobile cloud computing by combining the tow factor authentication and one time password token. Ciência e Natura, 37, 220-229.
[14]. Padma, P., & Srinivasan, S. (2016, August). A survey on biometric based authentication in cloud computing. In 2016, International Conference on Inventive Computation Technologies (ICICT) (Vol. 1, pp. 1-5). IEEE. https://doi.org /10.1109/INVENTIVE.2016.7823273
[15]. Pawle, A. A., & Pawar, V. P. (2013). Face recognition system (FRS) on cloud computing for user authentication. International Journal of Soft Computing and Engineering (IJSCE), 3(4), 189-192.
[16]. Pawle, A. A., & Pawar, V. P. (2017). A Study of Different Biometric Authentication Techniques in Cloud Computing. International Journal of Engineering Research & Technology (IJERT), 6(05), 612-619.
[17]. Rimal, B. P., Choi, E., & Lumb, I. (2009, August). A taxonomy and survey of cloud computing systems. In 2009, Fifth International Joint Conference on INC, IMS and IDC (pp. 44-51). IEEE.
[18]. Serengil, S. I. (2018). Deep Face Recognition with Keras. https://sefiks.com/2018/08/06/deep-face-recognition-withkeras/
[19]. Singh, A., & Malhotra, M. (2015). Security concerns at various levels of cloud computing paradigm: A review. International Journal of Computer Networks and Applications, 2(2), 41-45.
[20]. Soni, S. K., Likhare, D., & Choudhary, A. (2016). Review of authentication mechanisms in cloud computing. International Journal of Modern Engineering & Management Research, 4(2), 38-46.
[21]. Zeng, W., Zhao, Y., Ou, K., & Song, W. (2009, November). Research on cloud storage architecture and nd key technologies. In Proceedings of the 2 International Conference on Interaction Sciences: Information Technology, Culture and Human (pp. 1044-1048). ACM.
[22]. Zhang, K., Zhang, Z., Li, Z., & Qiao, Y. (2016). Joint face detection and alignment using multitask cascaded convolutional networks. IEEE Signal Processing Letters, 23(10), 1499-1503.
[23]. Zhou, X., & Tang, X. (2011, August). Research and implementation of RSA algorithm for encryption and decryption. In Proceedings of 2011 6th International Forum on Strategic Technology (Vol. 2, pp. 1118-1121). IEEE.
If you have access to this article please login to view the article or kindly login to purchase the article

Purchase Instant Access

Single Article

North Americas,UK,
Middle East,Europe
India Rest of world
USD EUR INR USD-ROW
Online 15 15

Options for accessing this content:
  • If you would like institutional access to this content, please recommend the title to your librarian.
    Library Recommendation Form
  • If you already have i-manager's user account: Login above and proceed to purchase the article.
  • New Users: Please register, then proceed to purchase the article.