Abstract
The popularity of data storage in cloud servers is getting more and more favoured in recent times. Its ease of storage, availability and synchronization of personalized cloud file storage using client applications made cloud storage more popular than ever. In cloud storage system, using a basic authentication method like username and password are still one of the most popular forms of authentication. However, the security ensure by such traditional authentication method is weak and vulnerable because the user name and password can be compromised by intruders or the user account can be left open by forgetting to logoff in public computers, leading to exposure of information to unauthorised users and hackers. In recent years, using a two-factor authentication has become a trend throughout network-based cloud services, online banking system and any form of services that requires user authentication. Here, in this paper a second layer authentication in the form of session key is used to ensure the authenticity of the activities of the user after user’s web-based account is logged-in successfully. The interesting and the critical contribution in this paper is the way the session key is generated and delivers to the authentic user. The key is generated by using the hash value of the file content, file size, file last modified, pseudo-random generated by the server using CPU temperature, clock speed, system time, and network packet timings, and user based 8 digit random position selection from a 32 digit Hex to mitigate against the attacker while performing vital file activities which may lead to data lost or data destruction or when user’s credentials are compromised.
Highlights
To use any form of network services from a cloud server or a standalone system, authentication of the user is mandatory to validate the authenticity of the user and in-order to protect the information from unauthorized users
This paper proposes a multidimensional authentication for a cloud-based file server when performing important file activities like downloading or saving or opening or deleting files from a remote cloud server to protect user’s information from intruders
Files stored over a cloud server when an unauthorized user and intruders tries to damage or access or steal the unauthorized files when user’s credentials are compromised or when user forgot to logoff from the system or when user saved the credentials on a system
Summary
To use any form of network services (storing, sharing, viewing, downloading, editing, creating, deleting) from a cloud server or a standalone system, authentication of the user is mandatory to validate the authenticity of the user and in-order to protect the information from unauthorized users. Some of the most common second factor authentication methods adopted by financial institutions like banks are use of PIN sentry, memorable word, and OTP (One Time Password) [2,3,4,5]. To safeguard intrusion or prevent unauthorized access to user account, multi-factor authentication technique is adopted through different means including use of One Time Password (OTP) as session key or memorable word or use security questions technique which are expected to be known only by the authorize user. Much like other previous solutions, the session key is randomly generated using the encrypted value of the user ID This approach is potentially unsafe, because if an attacker figures out the seed, which is where the value is being generated from, the intruder can generate their own two-factor session keys and access the user’s files. Majority of the cloud users don’t change their password for a very long time and people tend to use easier password because it’s hard to remember complex ones, which makes such approach vulnerable
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
