A Two-Level Authentication Approach for Securing Data in Cloud
Abstract— Security in Cloud Application has become a key concern in recent years since all industries are marching towards cloud technology. There are several concerns in providing a secure environment to various sectors such as finance, healthcare using a cloud-computing environment. The primary concern is to provide secure access to cloud-based applications. There are many existing solutions in use such as One Time Password (OTP) for secure access. But, in the present scenario, the two important issues that have to be addressed are the One Time Password (OTP) has to be encrypted before sending to the end-users and the authentication time for login should be reduced to keep the authentication process secure. This paper proposes an OTP generation mechanism based on the user credential for a Cloud-based electronic healthcare system for securing healthcare data. Hence, the proposed system addresses how to provide a secure OTP using the proposed secure algorithm to the end-user based on Short Message Service (SMS). This proposed system also provides a secure data sharing scheme for the dynamic group in a cloud environment. Any user in the cloud can share the data with other users by the use of a group signature. The group signature is generated with the help of end-user credentials for secure data sharing. A group member will send their credential to the group manager. After verifying the user credential, the group manager will provide the group signature to the group member for accessing and sharing data in the cloud. In the proposed system, the cost of computation is not dependent on the number of the revoked user.
Keywords— Cloud computing security, Authentication, OTP, Dynamic Password, Time Synchronization, Information and communication security, Trust.
