Call for Papers : Volume 11, Issue 03, March 2024, Open Access; Impact Factor; Peer Reviewed Journal; Fast Publication

Ssqs And Otp Based User Authentication Mechanism In Cloud Computing

Dietary Cloud computing provides a plethora of services and applications and platforms to users and organizations to carry out their tasks without having to worry about the scarcity of computing resources. With the advantages such as cost efficiency, unlimited storage, backup and recovery, automatic software integration, easy access to information etc, also come the concerns or disadvantages like security and privacy issues, data access or authorization, data residency, industry and regulation compliances. Out of the above mentioned security areas, authenticating users and data privacy/confidentiality are the major concerning issue that is making users and organizations to think twice before going to the cloud platform because they have a genuine concern: the protection and privacy of their most important data. The task of establishing the user identity is of the utmost importance and is the most vulnerable point of attack as the intruders know this fact that if they are able to gain access to a particular user account, then they can access and do any sort of harm to that user account. The most common authentication methods are based on a combination of usernames and passwords for different services offered by Cloud Service Providers (CSP’s). However the brute force attacks makes this username-password scheme weak. Multi-factor mechanisms like use of Biometrics like fingerprinting, iris scanning, face recognition methods, hardware based approaches like One-time-passwords (OTP), hardware tokens and bypass methods are being proposed and are under continuous developments and improvements. This paper proposes a secure two-fold user authentication mechanism which includes a normal username-password combination as the initial stage to login and a strong security question series (SSQS) method to generate a secret code using an encryption algorithm that the user is supposed to provide on the Cloud Service Provider’s website to access their account.

Author: 
Ankit Dhamija and Deepika Dhamija
Download PDF: