Access Control Framework Using Multi-Factor Authentication in Cloud Computing

Access Control Framework Using Multi-Factor Authentication in Cloud Computing

Subhash Chandra Patel (IIT(BHU), Varanasi, India), Sumit Jaiswal (IIT(BHU), Varanasi, India), Ravi Shankar Singh (IIT(BHU), Varanasi, India) and Jyoti Chauhan (SRM University NCR Haryana, India)
Copyright: © 2018 |Pages: 15
DOI: 10.4018/IJGC.2018070101

Abstract

The most challenging issues in cloud computing are access control and data security because users of the cloud outsource sensitive data and information to cloud provider servers, which are not within the same trusted domain as the data owner. Within cloud computing, various services and resources need protection from unauthorized use as a part of the security. Authentication is a key technology for information security. In recent years, a lot of research has been carried out throughout the world and several schemes have been proposed to improve authentication in the cloud. Remote authentication is the commonly used method to determine the identity of the remote client. In this article, the authors have proposed a systematic method for authenticating clients, namely by using a password, biometrics, and out-of-band-based access control mechanisms that are suitable for access control. The proposed system involves user ID/password, biometrics characteristics, and a mobile phone as a software token for one-time password generation.
Article Preview

3. Risks Associated To Cloud Computing

The hazard is the opportunity of an occasion and a negative impact on the success of attempts. Cloud technologies and solutions for non-cloud technologies agonize from the same type of risk, that is, security, integrity, availability and performance, Horwath et al. (2012). The level of organizational risk depends solutions are used in which way in the cloud. It is because of up and down in the probability and influence on events of the threat (inside and outside) linked through CSP which were contracted for services Babu et al. (2013). Few specific risks related with cloud computing are the following.

3.1. Lack of Transparency

The cloud does not contain statistics about its procedures, processes, controls and events for users. For example, cloud clients have little knowledge of data storage locations, procedures used by CSP to provide or assign computing possessions, precise panels used to guard mechanisms of the cloud design, or how the client data is parted by a cloud, M.S Babu et al. (2013).

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 10: 2 Issues (2019): Forthcoming, Available for Pre-Order
Volume 9: 2 Issues (2018)
Volume 8: 2 Issues (2017)
Volume 7: 1 Issue (2016)
Volume 6: 2 Issues (2015)
Volume 5: 2 Issues (2014)
Volume 4: 2 Issues (2013)
Volume 3: 2 Issues (2012)
Volume 2: 2 Issues (2011)
Volume 1: 2 Issues (2010)
View Complete Journal Contents Listing