Relevance of Multifactor Authentication for Secure Cloud Access

Abstract

Authentication is one of the key aspects that establish information security. When a user is to be authenticated in a cloud environment, the deployment of a strong, effective and robust authentication system becomes a crucial requirement, especially when access is to be granted for financial and critical data access applications. The usage of a single-factor knowledge-based scheme solely does not meet the security requirements. Even the usage of a possession-based or a biometric-based scheme alone does not prove to be a user-friendly and cost-effective solution. Such schemes incur huge setup and maintenance expenditures and interfere with the privacy of users by invading their biological factors. The only robust solution for verifying the users’ identity in an insecure cloud environment is the usage of an authentication scheme based on multiple factors. Although multifactor authentication techniques elevate security levels, they may suffer from poor usability issues. Thus, it is imperative that a multifactor authentication scheme should achieve higher security and the effective usability at the same time. Depending upon the expenditure and the level of security required, organisations have a large number of choices for implementing multifactor authentication techniques. Such models may incorporate knowledge-, possession- or biometric-based scheme. This chapter focuses on the importance, need and implementation options of various multifactor authentication models for insecure cloud environment that proves to be cost-effective, secure and user-friendly, thereby striking an adequate balance between enhanced security and effective usability. It further discusses the application areas, challenges and future of multifactor authentication.