{"title":"一种用于云计算的三级多因素身份验证方案","authors":"Charanjeet Singh, T. Singh","doi":"10.34218/ijcet.10.1.2019.020","DOIUrl":null,"url":null,"abstract":"The objective of this paper is to propose a secure, user friendly and economical multi-level authentication scheme that uses multiple factors for gaining access to resource on insecure platforms and for financial transactions. The proposed study is based on a premise that when multiple levels and multiple factors are incorporated in an authentication scheme it not only becomes difficult to break but also resistant to different forms of attacks. This work purposes a scheme where authentication process is carried out in three levels using multiple factors and is called 3L-MFA. The scheme also uses Out of Band (OOB) authentication as one of the factors that offers credible security against man-in-the-middle (MIM) attack. The first level uses username password based on double encryption. Second level uses OTP verification based on Out of Band (OOB) authentication using email id and mobile number. Third level involves user’s interaction on graphical screen in terms of predetermined number of clicks on images, buttons and selection of predetermined number of menu items. The security of proposed system depends upon double encryption using SHA-1 and AES128-CBC, out of band authentication using OTP and user interaction on a graphical screen that uses probability combination of various numbers.","PeriodicalId":38492,"journal":{"name":"International Journal of Computer Aided Engineering and Technology","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2019-02-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"A 3-LEVEL MULTIFACTOR AUTHENTICATION SCHEME FOR CLOUD COMPUTING\",\"authors\":\"Charanjeet Singh, T. Singh\",\"doi\":\"10.34218/ijcet.10.1.2019.020\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The objective of this paper is to propose a secure, user friendly and economical multi-level authentication scheme that uses multiple factors for gaining access to resource on insecure platforms and for financial transactions. The proposed study is based on a premise that when multiple levels and multiple factors are incorporated in an authentication scheme it not only becomes difficult to break but also resistant to different forms of attacks. This work purposes a scheme where authentication process is carried out in three levels using multiple factors and is called 3L-MFA. The scheme also uses Out of Band (OOB) authentication as one of the factors that offers credible security against man-in-the-middle (MIM) attack. The first level uses username password based on double encryption. Second level uses OTP verification based on Out of Band (OOB) authentication using email id and mobile number. Third level involves user’s interaction on graphical screen in terms of predetermined number of clicks on images, buttons and selection of predetermined number of menu items. The security of proposed system depends upon double encryption using SHA-1 and AES128-CBC, out of band authentication using OTP and user interaction on a graphical screen that uses probability combination of various numbers.\",\"PeriodicalId\":38492,\"journal\":{\"name\":\"International Journal of Computer Aided Engineering and Technology\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-02-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Computer Aided Engineering and Technology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.34218/ijcet.10.1.2019.020\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"Engineering\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Computer Aided Engineering and Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.34218/ijcet.10.1.2019.020","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"Engineering","Score":null,"Total":0}
A 3-LEVEL MULTIFACTOR AUTHENTICATION SCHEME FOR CLOUD COMPUTING
The objective of this paper is to propose a secure, user friendly and economical multi-level authentication scheme that uses multiple factors for gaining access to resource on insecure platforms and for financial transactions. The proposed study is based on a premise that when multiple levels and multiple factors are incorporated in an authentication scheme it not only becomes difficult to break but also resistant to different forms of attacks. This work purposes a scheme where authentication process is carried out in three levels using multiple factors and is called 3L-MFA. The scheme also uses Out of Band (OOB) authentication as one of the factors that offers credible security against man-in-the-middle (MIM) attack. The first level uses username password based on double encryption. Second level uses OTP verification based on Out of Band (OOB) authentication using email id and mobile number. Third level involves user’s interaction on graphical screen in terms of predetermined number of clicks on images, buttons and selection of predetermined number of menu items. The security of proposed system depends upon double encryption using SHA-1 and AES128-CBC, out of band authentication using OTP and user interaction on a graphical screen that uses probability combination of various numbers.
期刊介绍:
IJCAET is a journal of new knowledge, reporting research and applications which highlight the opportunities and limitations of computer aided engineering and technology in today''s lifecycle-oriented, knowledge-based era of production. Contributions that deal with both academic research and industrial practices are included. IJCAET is designed to be a multi-disciplinary, fully refereed and international journal.