User-Friendly and Secure Architecture (UFSA) for Authentication of Cloud Services

Abstract

Clouds are becoming prevalent service providers because of their low upfront costs, rapid application deployment, and high scalability. Many users outsource their sensitive data and services to cloud providers. Users frequently access these sensitive services through devices and connections that are vulnerable to thieving and eavesdropping. Therefore, users are desperate of robust security measures to protect their data and services privacy in clouds. In particular, robust authentication techniques are demanded by users for safe access to cloud services. One technique is to utilize multiple authentication factors (a.k. A multi-factor authentication) to access cloud services. However, the challenge is that the multi-factor authentication technique is not effective as it causes user frustration and fatigue. To address this challenge, in this study, we propose a multi-factor authentication architecture that aims at minimizing the perceived authentication hardship for cloud users while improving the security of the authentication. To achieve the goal, our authentication architecture suggests a progressive manner to leverage access to different levels of cloud services. At each level, the architecture asks for authentication factors by considering the perceived hardship for users. To increase the security and user convenience, the architecture also considers implicit authentication factors in addition to the explicit factors. Our evaluation results indicate that authentication using the proposed architecture decreases the users' perceived hardship up to 29% in compare with other methods. The results also reveal that our proposed architecture adapts the authentication difficulty based on the user condition.