Secured Authentication With One Time Password on the Cloud

Abstract

There are different types of conventional authentication types that include challenge/response mechanisms, passwords or even physical smart cards, the most popular of which are passwords. Most people use the same passwords with different accounts, which can also recover other passwords if compromised. Several recent studies have also proposed authentication based on a one-time password. That attempted to solve the shortcomings of all previous methods but also bring new limitations. The OTPs are sent to the user's telephone or email address, but when the contact is intercepted, the OTP is vulnerable to theft. After referring to a lot of research work in this field, we are trying to solve the above-mentioned problem by implementing another layer of security that contains a user-specialized information factor along with the given OTP. This system consists of four protection levels — traditional, secure, responsive and highly sensitive security deployed on the cloud. These four security levels are designed for different cases of use. In most situations, this method overcomes the problem of OTP theft, as the knowledge factor other than the OTP is limited to the user. In this method, we propose a security layer(s) that can be combined with the existing authentication or can even act as an authentication framework on its own.