A Secure Two-Factor Authentication Framework in Cloud Computing

Abstract

Cloud computing technology has brought tremendous evaluation in the arena of IT (information technology). This technology paves the path of starting business with lowest investment by availing infrastructure as a service (IAAS), platform as a service (PAAS) and software as a service (SAAS) pay per uses model. Cloud computing services can be quickly and easily provisioned and discharged with minimum efforts and service provider (SP) relationship. Cloud computing characteristics such as on demand self-service, broad network access, resource pooling, and rapid elasticity lead the demand of computing. Despite these features, this platform is free to security issues and attacks specifically in terms of communication because of unsecure authentication and privacy. However, strong user authentication procedure impedes illegal access to the SP which is the principal requirement for securing cloud computing ecosystem. In this regard, we attempt to propose possible counter measures for the cloud ecosystem. Hence, this paper presented a novel one way hash and nonce-based two-factor secure authentication scheme with traditional user IDs, password, and OTP verification procedure that resist brute force attack, session and account hijacking attack, MITM attacks, and replay attacks.