Dual factor authentication to procure cloud services

摘要

Cloud is a forthcoming revolution in organizations because of maintaining different services like SaaS, PaaS, DaaS, laaS for public and private users of information technology. To avail these services in an effective and efficient way users have to legalize with cloud service providers (CSP). In this process CSP requires highly secure authentication scheme because attackers are becoming more cosmopolitan. This paper proposes a strong authentication scheme by using Dual Factor Authentication Protocol (DFAP) along with mobile token to disallow malware. The first password is used to verify the profile of a user and second is used to provide access to the services of cloud. Additionally, our proposed scheme can bolster up the Diffie-Hellman key exchange between user and cloud system to secure transfer of messages over insecure channels using agreed session key.