Authentication in Cloud Computing Environment Using Two Factor Authentication

The security is one of the indispensable concerns in the cloud computing. Different authentication and access mechanisms are implemented for different services in the cloud. For uniform strong authentication and obviate the need for password registration, two factor authentication (T-FA) has been proposed. The data owner provides one of the credentials in this is a two tier mechanism. T-FA needs two identities based on what the user knows and what he possesses which is implemented through Software as a Service (SaaS) in the cloud computing environment. However, key-compromise impersonation makes the software only mechanism vulnerable if a server is compromised. This study examines this vulnerability and proposes an identity based signature technique to make T-FA resilient to impersonation attack. Analysis shows that the proposed technique is able to make T-FA mechanism robust to key-compromise impersonation attacks.

[1]  Robert L. Grossman,et al.  The Case for Cloud Computing , 2009, IT Professional.

[2]  Weidong Kou,et al.  Identity-Based Anonymous Remote Authentication for Value-Added Services in Mobile Networks , 2009, IEEE Transactions on Vehicular Technology.

[3]  S Ramgovind,et al.  The management of security in Cloud computing , 2010, 2010 Information Security for South Africa.

[4]  Dan Boneh,et al.  Digital Signature Standard , 2005, Encyclopedia of Cryptography and Security.

[5]  Hyotaek Lim,et al.  A Strong User Authentication Framework for Cloud Computing , 2011, 2011 IEEE Asia-Pacific Services Computing Conference.

[6]  Gail-Joon Ahn,et al.  Security and Privacy Challenges in Cloud Computing Environments , 2010, IEEE Security & Privacy.

[7]  Won Kim,et al.  Cloud Computing: Today and Tomorrow , 2009, J. Object Technol..

[8]  Taekyoung Kwon,et al.  Impersonation attacks on software-only two-factor authentication schemes , 2002, IEEE Commun. Lett..