Multidimensional: User with File Content and Server’s Status Based Authentication for Secure File Operations in Cloud

Jims Marchang¹*, Jing Wang¹, Abayomi Otebolaku¹, Timi Enamamu¹, Daniel Porter² and Benjamin Sanders³

Received: November 13, 2019;   Published: November 22, 2019

DOI: 10.32474/CTCSA.2019.01.000121

Full Text PDF

To view the Full Article   Peer-reviewed Article PDF

Abstract

The popularity of data storage in cloud servers is getting more and more favored in recent times. Its ease of storage, availability and synchronization of personalized cloud file storage using client applications made cloud storage more popular than ever. In cloud storage system, using a basic authentication method like username and password are still one of the most popular forms of authentication. However, the security ensure by such traditional authentication method is weak and vulnerable because the username and password can be compromised by intruders or the user account can be left open by forgetting to logoff in public computers, leading to exposure of information to unauthorized users and hackers. In recent years, using a two-factor authentication has become a trend throughout network-based cloud services, online banking system and any form of services that requires user authentication. Here, in this paper a second layer authentication in the form of session key is used to ensure the authenticity of the activities of the user after user’s web-based account is logged-in successfully. The interesting and the critical contribution in this paper is the way the session key is generated and delivers to the authentic user. The key is generated by using the hash value of the file content, file size, file last modified, pseudo-random generated by the server using CPU temperature, clock speed, system time, and network packet timings, and user based 8 digit random position selection from a 32 digit Hex to mitigate against the attacker while performing vital file activities which may lead to data lost or data destruction or when user’s credentials are compromised.

Keywords: Cloud file server; session key; un-authorized users; intruders, second factor authentication

Abstract| Introduction| Analysis and Discussion| Usability and Trust Analysis of the System| Conclusion and Future Direction| Compliance with Ethical Standards| References|