Journal of information and communication convergence engineering

The Korea Institute of Information and Commucation Engineering (한국정보통신학회)
권호 표지
DOI QR코드

DOI QR Code

Two Factor Authentication for Cloud Computing

  • Lee, Shirly (Department of General, Dongseo University) ;
  • Ong, Ivy (Department of General, Dongseo University) ;
  • Lim, Hyo-Taek (Department of Computer & Information Engineering, Dongseo University) ;
  • Lee, Hoon-Jae (Department of Computer & Information Engineering, Dongseo University)
  • Received : 2010.07.07
  • Accepted : 2010.07.21
  • Published : 2010.08.31
Download PDF
⟨ Previous Next ⟩

Abstract

The fast-emerging of cloud computing technology today has sufficiently benefited its wide range of users from individuals to large organizations. It carries an attractive characteristic by renting myriad virtual storages, computing resources and platform for users to manipulate their data or utilize the processing resources conveniently over Internet without the need to know the exact underlying infrastructure which is resided remotely at cloud servers. However due to the loss of direct control over the systems/applications, users are concerned about the risks of cloud services if it is truly secured. In the literature, there are cases where attackers masquerade as cloud users, illegally access to their accounts, by stealing the static login password or breaking the poor authentication gate. In this paper, we propose a two-factor authentication framework to enforce cloud services' authentication process, which are Public Key Infrastructure (PKI) authentication and mobile out-of-band (OOB) authentication. We discuss the framework's security analysis in later session and conclude that it is robust to phishing and replay attacks, prohibiting fraud users from accessing to the cloud services.

Keywords

References

  1. Seny Kamara and Kristin Lauter, "Cryptographic cloud storage," in Proceedings of Financial Cryptography Workshop on Real-Life Cryptographic Protocols and Standardization, [Online] Jan 2010, [2010 May 29] Available: http://research.microsoft.com/pubs/112576/crypto-cloud.pdf
  2. John W.Rittinghouse and James F.Randsome, "Cloud Computing Implementation,Management and Security " in CRC Press, pp. 153-154, [Online] 2010, [2010 May 29].
  3. Frank Gens, "New IDC IT Cloud Services Survey: Top Benefits and Challenges in cloud computing," [Online] Dec 2009, [2010 May 29] Available: http://blogs.idc.com/ie/?p=730
  4. David Chou,"Strong User Authentication on Web," in Microsoft: The Architecture Journal, [Online] August 2008, [2010 May 29] Available: http://msdn.microsoft.com/en-us/library/cc838351.aspx
  5. Barney Beal, "Salesforce.com, customers hit with phishing attack," in SearchCRM.com, [Online] Nov 2007, [2010 May 29] Available: http://searchcrm.techtarget.com/news/1281107/Salesforce-com-customers-hit-with-phishing-attack
  6. Kaufman, L.M., "Data Security in the World of Cloud Computing," in Magazines of IEEE Security & Privacy, vol. 7, pp. 61-64, Jul 2009.
  7. Felician Alecu, "Security Benefits of Cloud Computing," in International Conference on Security for Information Technoloy and Communication, ISBN 978-606-505-137-9, pp. 71-76, Nov 2008.
  8. Cloud Security Alliance, "Top Threats to Cloud Computing V1.0," in Cloud Security Alliance Report, [Online] Mar 2010, [2010 May 27] Available: http://www.cloudsecurityalliance.org/topthreats.html
  9. Fujisawa, S., Otani, M., and Watanabe, K., "Implementation of PKI Authentication Functions for Network User Authentication System "Opengate"," in International Symposium on Applications and the Internet (SAINT), pp. 297-300, Jul 2008.
  10. Toorani, M. and Shirazi, A.A.B., "LPKI - a Lightweight Public Key Infrastructure for the mobile environments," in 11th IEEE Singapore International Conference on Communication Systems (ICCS), pp. 162-166, Nov 2008.
  11. W. Stallings, Cryptography and Network Security, 4th ed., Pearson Education, 2005.
  12. Hoon Jae Lee and Sang Jae Moon, "On an improved summation generator with 2-bit memory," in ACM of Signal Processing, vol. 80, pp.211-217, Jan 2000. https://doi.org/10.1016/S0165-1684(99)00123-1
  13. T. Chang, B. Park, and Y. H. Kim, "An Efficient Inplementation of the D-Homomorphism for Generation of de Bruijn Sequences," in IEEE Transactions on Information Theory, vol. 45, pp. 1280-1283, May 1999. https://doi.org/10.1109/18.761285
  14. T. Chang and I. Song, "Cross-Joins in de Bruijn Sequences and Maximum Length Linear Sequences", in IEICE Transactions Fundamentals, vol. E76-A, pp.1494-1501, September 1993.
  15. HoonJae Lee, SangMin Sung, and HyeongRag Kim, "NLM-128, An Improved LM-type Summation Generator with 2-bit memories," in Proceedings of 4th International Conference on Computer Sciences and Convergence Information Technology (ICCIT), pp. 577-582, Nov 2009.
  16. Min Wu,Simson Garfinked, and Rob Mille, "Secure Web Authentication with Mobile Phones," in DIMACS Workshop on Usable Privacy and Security Software, 2004, [2010 May 29] Available: http://dimacs.rutgers.edu/Workshops/Tools/abstract-wu-garfinkel-miller.pdf
  17. Kandukuri, B.R., Paturi, V.R., and Rakshit, A, "Cloud Security Issues", in Preceedings of International Conference on Services Computing (SCC), pp. 517-520, Sept 2009.
  18. Daniele Catteddu and Giles Hogben, "Cloud computing: benefits, risks and recommendations for information security," in European Network and Information Security Agency (ENISA) 2009 Report, [Online] Nov 2009, [2010 May 27] Available: http://www.enisa.europa.eu/
  19. M. R. Pamidi, "Cloud Computing: A Status Report," in IT Newsletter of IT Newswire, [Online] Dec 2009, [2010 May 27] Available: http://www.itnewswire.us/Newsletter_December-28-2009.pdf
  20. Dai Yuefa, Wu Bo, Gu Yaqiang, Zhang Quan, and Tang Chaojing, "Data Security Model for Cloud Computing," in Proceedings of International Workshop on Information Security and Application (IWISA), pp. 141-144, Nov 2009.
  21. Ali Al-Qayedi, Wael Adi, Ahmed Zahro, and Ali Mabrouk "Combined Web/Mobile Authentication for Secure Web Access Control" in Proceedings of Wireless Communications and Networking Conference, 2004 [2010 May 29] Available: http://ieeexplore.ieee.org/stampPDF/getPDF.jsp?tp=&arnumber=1311267

Cited by

  1. An identity authentication scheme based on cloud computing environment pp.1573-7721, 2017, https://doi.org/10.1007/s11042-017-4552-x
  2. 멀티클라우드 환경에서 사용자에게 서비스의 투명성을 제공하는 인증 기법 vol.23, pp.6, 2010, https://doi.org/10.13089/jkiisc.2013.23.6.1131