Empowering Cloud Security: Pioneering an Interactive Multi-Factor Authentication Framework for Cloud User Verification

  IJCTT-book-cover
 
         
 
© 2024 by IJCTT Journal
Volume-72 Issue-6
Year of Publication : 2024
Authors : Rajender Reddy Pell Reddy
DOI :  10.14445/22312803/IJCTT-V72I6P122

How to Cite?

Rajender Reddy Pell Reddy, "Empowering Cloud Security: Pioneering an Interactive Multi-Factor Authentication Framework for Cloud User Verification," International Journal of Computer Trends and Technology, vol. 72, no. 6, pp. 168-178, 2024. Crossref, https://doi.org/10.14445/22312803/IJCTT-V72I6P122

Abstract
Multiple-factor authentication in the cloud is an essential security feature that fortifies cloud security against illegal breaches in data and access. Multi-factor authentication enables cloud computing to be more secure for enterprises and less unpleasant for customers by confirming that individual authorized users can access apps, data, services, and resources. A security structure’s architecture and the necessary level of protection determine exactly how many authentication factors are essential. Thus, the process of integrating a safe MFA system into a cloud platform is difficult. The adaptive MFA multi-layer interaction-based authentication system discussed in this paper incorporates intrusion detection and access control features together with an automated authentication method selection process. The main objective is to improve a secure cloud platform that hinders hackers’ access to the cloud system by having fewer false positive alerts. Multiple authentication factors are integrated with a user’s geofence location and IP address confirmation technique to strengthen the individuality verification of cloud users, improve the authentication mechanism, and decrease false alarms. These elements include the duration, legitimacy, and importance of the user aspect. The data are safeguarded against disclosure by an additional CP-ABHE technique. The CP-ABHE encryption method is employed to hide the login credentials on the cloud directory provider. The suggested system performed an excellent occupation of spotting potentially dangerous users and trespassers, thereby stopping any deliberate attacks on the data and cloud services.

Keywords
Ciphertext Policy-Attribute-based Homomorphic encryption, Cloud authentication, False positive alarm, Multi-factor authentication (MFA).

Reference

[1] Dharmesh Dhabliya, “Cloud Computing Security Optimization via Algorithm Implementation,” International Journal of New Practices in Management and Engineering, vol. 10, no. 1, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[2] Satwinder Singh Rupra, and Amos Omamo, “A Cloud Computing Security Assessment Framework for Small and Medium Enterprises,” Journal of Information Security, vol. 11, no. 4, pp. 201-224, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[3] Zhiying Wang et al., “An Empirical Study on Business Analytics Affordances Enhancing the Management of Cloud Computing Data Security,” International Journal of Information Management, vol. 50, pp. 387-394, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[4] A. Shaji George, and S. Sagayarajan, “Securing Cloud Application Infrastructure: Understanding the Penetration Testing Challenges of IaaS, PaaS, and SaaS Environments,” Partners Universal International Research Journal, vol. 2, no. 1, pp. 24-34, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[5] Praveen Kumar et al., “An Analytical Evaluation of Cloud Computing Service Model IaaS&PaaS using Market Prospective,” 2021 International Conference on Technological Advancements and Innovations (ICTAI), 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[6] Sandeep Kaur, Gaganpreet Kaur, and Mohammad Shabaz, “A Secure Two-factor Authentication Framework in Cloud Computing,” Security and Communication Networks, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[7] Naveed Khan, Jianbiao Zhang, and Saeed Ullah Jan, “A Robust and Privacy-preserving Anonymous user Authentication Scheme for Public Cloud Server,” Security and Communication Networks, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[8] J. Stanly Jayaprakash et al., “Cloud Data Encryption and Authentication based on Enhanced Merkle Hash Tree Method,” Computers, Materials & Continua, vol. 72, no. 1, pp. 519-534, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[9] Ghulam Mustafa Khaskheli, Marina Sherbaz, and Umair Ramzan Shaikh, “A Comparative Usability Study of Single-factor and Two-factor Authentication,” Tropical Scientific Journal, vol. 1, no. 1, pp. 17-27, 2022.
[Google Scholar] [Publisher Link]
[10] Qingxuan Wang et al., “Quantum2FA: Efficient Quantum-resistant Two-factor Authentication Scheme for Mobile Devices,” IEEE Transactions on Dependable and Secure Computing, vol. 20, no. 1, pp. 193-208, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[11] Abdelouahid Derhab et al., “Two-factor Mutual Authentication Offloading for Mobile Cloud Computing,” IEEE Access, vol. 8, pp. 28956-28969, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[12] Shivangi Shukla, and Sankita J. Patel, “A Design of Provably Secure Multi-factor ECC-based Authentication Protocol in Multi-server Cloud Architecture,” Cluster Computing, vol. 27, pp. 1559-1580, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[13] Geeta Sharma, and Sheetal Kalra, “Advanced Lightweight Multi-factor Remote user Authentication Scheme for Cloud-IoT Applications,” Journal of Ambient Intelligence and Humanized Computing, vol. 11, pp. 1771-1794, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[14] K. Devi Priya, and L. Sumalatha, “Trusted Hybrid Multifactor Authentication for Cloud Users,” I-Manager’s Journal on Cloud Computing, vol. 7, no. 1, p. 12, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[15] Sara Ahmed AlAnsary, Rabia Latif, and Tanzila Saba, “Multi Factor Authentication as a Service (MFAaaS) for Federated Cloud Environments,” Proceedings of the Second International Conference on Innovations in Computing Research (ICR’23), pp. 225-236, 2023. Cham: Springer Nature Switzerland.
[CrossRef] [Google Scholar] [Publisher Link]
[16] Wael Said et al., “A Multi-Factor Authentication-based Framework for Identity Management in Cloud Applications,” Computers, Materials & Continua, vol. 71, no. 2, pp. 3193-3209, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[17] Marius Lulian Mihailescu, and Stefania Loredana Nita, “A Searchable Encryption Scheme with Biometric Authentication and Authorization for Cloud Environments,” Cryptography, vol. 6, no. 1, p. 8, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[18] Yulei Chen, and Jianhua Chen, “A Secure Three-factor-based Authentication with Key Agreement Protocol for e-Health Clouds,” The Journal of Supercomputing, vol. 77, pp. 3359-3380, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[19] K. Mohana Prabha, and P. Vidhya Saraswathi, “Suppressed K-anonymity Multi-factor Authentication based Schmidt-samoa Cryptography for Privacy Preserved Data Access in Cloud Computing,” Computer Communications, vol. 158, pp. 85-94, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[20] Alamgir Hossain, and Abdullah Al Hasan, “Improving Cloud Data Security through Hybrid Verification Technique Based on Biometrics and Encryption System,” International Journal of Computers and Applications, vol. 44, no. 5, pp. 455-464, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[21] Ahmed Yaser Fahad Alsahlani, and Alexandru Popa, “LMAAS-IoT: Lightweight Multi-factor Authentication and Authorization Scheme for Real-time Data Access in IoT Cloud-based Environment,” Journal of Network and Computer Applications, vol. 192, p. 103177, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[22] Victor R. Kebande et al., “A Blockchain-based Multi-factor Authentication Model for a Cloud-enabled Internet of Vehicles,” Sensors, vol. 21, no. 18, p. 6018, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[23] Sugandhi Midha et al., “A Secure Multi-factor Authentication Protocol for Healthcare Services Using Cloud-based SDN,” Computers, Materials & Continua, vol. 74, no. 2, pp. 3711-3726, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[24] K. DeviPriya, and Sumalatha Lingamgunta, “Multi Factor Two-way Hash-based Authentication in Cloud Computing,” International Journal of Cloud Applications and Computing (IJCAC), vol. 10, no. 2, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[25] Mariem Bouchaala, Cherif Ghazel, and Leila Azouz Saidane, “Enhancing Security and Efficiency in Cloud Computing Authentication and Key Agreement Scheme based on Smart Card,” The Journal of Supercomputing, vol. 78, pp. 497-522, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[26] Zengpeng Li et al., “Ciphertext-policy Attribute-based Proxy Re-Encryption Via Constrained PRFs,” Science China, Information Sciences, vol. 64, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[27] Hang Li et al., “An Efficient Ciphertext-policy Weighted Attribute-based Encryption for the Internet of Health Things,” IEEE Journal of Biomedical and Health Informatics, vol. 26, no. 5, pp. 1949-1960, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[28] Yong Wang et al., “Efficient and Secure Ciphertext-policy Attribute-based Encryption without Pairing for Cloud-assisted Smart Grid,” IEEE Access, vol. 8, pp. 40704-40713, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[29] Leandro Loffi et al., “Mutual Authentication with Multi-factor in IoT-Fog-Cloud Environment,” Journal of Network and Computer Applications, vol. 176, p. 102932, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[30] Ayman Mohamed Mostafa et al., “Strengthening Cloud Security: An Innovative Multi-Factor Multi-Layer Authentication Framework for Cloud User Authentication,” Applied Sciences, vol. 13, no. 19, p. 10871, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[31] Marco Pernpruner et al., “An Automated Multi-Layered Methodology to Assist the Secure and Risk-Aware Design of Multi-Factor Authentication Protocols,” IEEE Transactions on Dependable and Secure Computing, pp. 1-16, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[32] Noor Afiza Mohd Ariffin et al., “Vulnerabilities Detection using Attack Recognition Technique in Multi-factor Authentication,” TELKOMNIKA (Telecommunication Computing Electronics and Control), vol. 18, no. 4, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[33] Emanuela Marasco et al., “Biometric Multi‐factor Authentication: On the Usability of the FingerPIN Scheme,” Security and Privacy, vol. 6, no. 1, p. e261, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[34] Sandeep Kaur, Gaganpreet Kaur, and Mohammad Shabaz, “A Secure Two-factor Authentication Framework in Cloud Computing,” Security and Communication Networks, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[35] Soumya Otta et al., “A Systematic Survey of Multi-factor Authentication for Cloud Infrastructure,” Future Internet, vol. 15, no. 4, p. 146, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[36] Joon Young Lee et al., “A Secure Multi-factor Remote user Authentication Scheme for Cloud-IOT Applications,” Proceedings of the International Conference on Computer Communication and Networks (ICCCN), 2019.
[CrossRef] [Google Scholar] [Publisher Link]
[37] Rajeshwari Gadathas Krishna Babu et al., “Authentication and Access Control in Cloud-based Systems,” Proceedings of the Fourteenth International Conference on Ubiquitous and Future Networks (ICUFN), 2023.
[CrossRef] [Google Scholar] [Publisher Link]