A 3-LEVEL MULTIFACTOR AUTHENTICATION SCHEME FOR CLOUD COMPUTING

Abstract

The objective of this paper is to propose a secure, user friendly and economical multi-level authentication scheme that uses multiple factors for gaining access to resource on insecure platforms and for financial transactions. The proposed study is based on a premise that when multiple levels and multiple factors are incorporated in an authentication scheme it not only becomes difficult to break but also resistant to different forms of attacks. This work purposes a scheme where authentication process is carried out in three levels using multiple factors and is called 3L-MFA. The scheme also uses Out of Band (OOB) authentication as one of the factors that offers credible security against man-in-the-middle (MIM) attack. The first level uses username password based on double encryption. Second level uses OTP verification based on Out of Band (OOB) authentication using email id and mobile number. Third level involves user’s interaction on graphical screen in terms of predetermined number of clicks on images, buttons and selection of predetermined number of menu items. The security of proposed system depends upon double encryption using SHA-1 and AES128-CBC, out of band authentication using OTP and user interaction on a graphical screen that uses probability combination of various numbers.