Efficient two-stage cryptography scheme for secure distributed data storage in cloud computing

Cloud computing environment requires secure access for data from the cloud server, small execution time, and low time complexity. Existing traditional cryptography algorithms are not suitable for cloud storage. In this paper, an efficient two-stage cryptography scheme is proposed to access and store data into cloud safely. It comprises both user authentication and encryption processes. First, a two-factor authentication scheme one-time password is proposed. It overcomes the weaknesses in the existing authentication schemes. The proposed authentication method does not require specific extra hardware or additional processing time to identity the user. Second, the plaintext is divided into two parts which are encrypted separately using a unique key for each. This division increases the security of the proposed scheme and in addition decreases the encryption time. The keys are generated using logistic chaos model theory. Chaos equation generates different values of keys which are very sensitive to initial condition and control parameter values entered by the user. This scheme achieves high-security level by introducing different security processes with different stages. The simulation results demonstrate that the proposed scheme reduces the size of the ciphertext and both encryption and decryption times than competing schemes without adding any complexity

Authentication in mobile cloud computing by combining the tow factor Authentication and one time password token

The Cloud has become a popular business transaction platform nowadays. Unfortunately, this powerful and pervasive network somehow is overshadowed by the growing security threat emerging from the various attacks Authentication is One of the major security issues in mobile cloud computing. Combinig the Two-factor Authentication (2FA) technology with One-time Password (OTP), has emerged as a popular protection system. The 2FA system employs two user specific factors for authentication. It can significantly enhance the network security. We used a dynamic one time password as a second factor. These otp codes provide strong security and resist MITM-seed tracing and shoulder surfing attacks

تحسين الأمنية بتطوير نموذج للتوثيق وفحص سلامة ملفات المستخدم لتطبيقات الويب السحابية العامة

Cloud computing is being adopted generally and it has shown a high impact on the development of businesses, it enables on-demand access to a shared pool of configurable computing resources. Cloud computing faces many security problems like any other electronic system, and among these problems is the attacks on user authentication and thus on the integrity and confidentiality of data especially in the public cloud computing environment. Authentication plays a major role in keeping information secure in the cloud environment. Cloud users must ensure the integrity of their files stored in the cloud. In this study, the main objective is to develop a model for user authentication and checking the integrity of files stored in the public cloud, by studying the state of art of security models in public cloud computing and analyzing them, in particular the models for integrity of data or files and user authentication. This study uses the descriptive, deductive, applied and prototype methodology. We developed a model for the user authentication and file integrity checking for files in the cloud, in the user authentication system, we used two-factor authentication that involves password and digital signature which uses the certificate-based authentication. For the file integrity checking system, the model used a secure hashing algorithm whereby the file hash value is calculated and encrypted before sending to the cloud. All file and data transfers between the cloud provider and the user are encrypted using the symmetric and asymmetric encryption system. We used several tools and programming languages to implement the model and experiments. Our experiments proved that the model is effective and acceptable. Among the most important results is that the model provides strong user authentication and integrity checking system for cloud users and files. The model also provides confidentiality and non-repudiation. It also increases user confidence in cloud applications as we ensured secure connection between cloud users and cloud service providers, the model also uses less computation power on user devices. Future studies should be conducted to solve the problem of phishing attacks for web pages, and the model can be improved to verify the integrity of files shared by multiple users and adapt the model to new security algorithms

An Hybrid Text-Image Based Authentication for Cloud Services

The problem of securing access to the online information is acute today when access to bank accounts, health records, intellectual property and business or politically sensitive information are made by only a few clicks, regardless of geographic location. At the same time, more and more of these accesses are made from handsets. Cloud Computing is eminently suitable for addressing problems related to limited client resources, as it offloads computation from clients and offers dynamic provisioning of compute resources. Authentication of the companys users to the cloud service is mandatory because in this way it is eliminated the attacks risks to enter into the Cloud services. A suitable authentication is required for organizations that want to access the Cloud services. Our solution regards increasing security at the Security Access Point level of Cloud Computing and it is in fact a strong hybrid user authentication solution based on using image combined with text in order to avoid the weakness of simple user and password solution for authentication. A two factor password image based authentication method is proposed in this paper for cloud services. This authentication approach is used without additional hardware involved and presents the advantages of utilization in terms of security and usability. Every time when the user will be asked to provide his/her identity, a form for each image included in the photo will be listed. The user will have to remember the secret code for each image and to carefully introduce them in the forms. The global cloud access solution will be based on our hybrid proposed text-image based solution, and will be completed by the X.509 certificates

Secure Cloud Communication for Effective Cost Management System through MSBE

In Cloud Computing Architecture, Brokers are responsible to provide services to the end users. An Effective Cost Management System (ECMS) which works over Secure Cloud Communication Paradigm (SCCP) helps in finding a communication link with overall minimum cost of links. We propose an improved Broker Cloud Communication Paradigm (BCCP) with integration of security issues. Two algorithms are included, first is Secure Optimized Route Cost Finder (S-ORCF) to find optimum route between broker and cloud on the behalf of cost factor and second is Secure Optimized Route Management (S-ORM) to maintain optimum route. These algorithms proposed with cryptographic integrity of the secure route discovery process in efficient routing approaches between broker and cloud. There is lack in Dynamic Source Routing Approach to verify whether any intermediate node has been deleted, inserted or modified with no valid authentication. We use symmetric cryptographic primitives, which is made possible due to multisource broadcast encryption scheme. This paper outlines the use of secure route discovery protocol (SRDP)that employs such a security paradigm in cloud computing.Comment: 12 pages, 3 figures, International Journal on Cloud Computing: Services and Architecture(IJCCSA),Vol.2, No.3, June 201

SUPA: Strewn user-preserved authentication**

Objective – This paper presents the high level conceptual architecture of SUPA, an authentication system that would allow a system to authenticate users without having its own repository of users’ secret identification related data. Methodology/Technique – Central storage and management of user credentials or passwords leave a single tempting repository for the attackers. If the credentials are not stored by a system at all, there will be no stored ‘vault’ to allure the attackers. At the same time, there will be no single resource that holds the credentials of all users of a system. SUPA enables a system to authenticate itself users without having their secret credentials stored in it. Findings – The proposed authentication system uses the features of asymmetric encryption as part of its authentication process. Novelty – SUPA eliminates the requirement of secret user credentials at the system end, the user credentials are retained within the end-user’s devices

A comprehensive meta-analysis of cryptographic security mechanisms for cloud computing

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.The concept of cloud computing offers measurable computational or information resources as a service over the Internet. The major motivation behind the cloud setup is economic benefits, because it assures the reduction in expenditure for operational and infrastructural purposes. To transform it into a reality there are some impediments and hurdles which are required to be tackled, most profound of which are security, privacy and reliability issues. As the user data is revealed to the cloud, it departs the protection-sphere of the data owner. However, this brings partly new security and privacy concerns. This work focuses on these issues related to various cloud services and deployment models by spotlighting their major challenges. While the classical cryptography is an ancient discipline, modern cryptography, which has been mostly developed in the last few decades, is the subject of study which needs to be implemented so as to ensure strong security and privacy mechanisms in today’s real-world scenarios. The technological solutions, short and long term research goals of the cloud security will be described and addressed using various classical cryptographic mechanisms as well as modern ones. This work explores the new directions in cloud computing security, while highlighting the correct selection of these fundamental technologies from cryptographic point of view