Security Issues and Future Challenges of Cloud Service Authentication

doi:10.12700/aph.14.2.2017.2.4

Cited by 8 publications

(4 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The amount of math utilized in the suggested protocols was cut down with the use of hashing, geo-location services, and random number generators. Table 1defines the notation used for the proposed protocols to measure the computational expense [27][28][29][30][31][32][33][34][35][36].…”

Section: Fig3 Proposed Firebase Database 5experimental Results and Di...mentioning

confidence: 99%

See 1 more Smart Citation

Improvised Multi-Factor Authentication for End-User Security in Cyber Physical System

Maranco,

Manikandan,

et al. 2023

Preprint

View full text Add to dashboard Cite

End-user security is the most important thing in day-to-day life. We use a security system for household appliances, vehicles, smartphones, etc., to protect and safeguard our things and the environment. The Cyber Physical System (CPS) contains an internet-enabled digital component. CPS security is applied in many areas, such as transport, healthcare, and all industry 4.0 applications. Multi-Factor Authentication (MFA) is one of the traditional authentications that helps enhance the security level in CPS. The typical authentication method contains a strong password, biometrics, etc. Even though the current end-user security system has implemented a legacy digital control mechanism, the system has a higher chance of getting compromised through malicious activities. The major point of the MFA approach is that intruders can be blocked at any level of the authentication scheme. This study aims at developing a secure and efficient authentication gateway. The proposed system presents enhancements to end-user security using MFA techniques. Three distinct works in this study use MFA technique. The MFA technique consists of three distinct layers. The end-user's geo-location is considered the first security gateway by the user distance within the range of CPS and validates the user's current position with predefined geo-location logic. One Time Password (OTP) send through e-mail is used for the second layer. Hash algorithms such as SHA256 or SALTING use the third layer implementation. The typical CPS needs to authorize and authenticate the user's identity to ensure end-users identification in the modern security system. Efficient and secure multi-factor authentication techniques designed and evaluated on end-user digital health applications and obtained the results with the accuracy of 95.50%, 97.50% and 96.40% respect to three distinct layer authentications. The developed system also analyzed the formal and informal verifications against to the various attacks.

show abstract

Section: Fig3 Proposed Firebase Database 5experimental Results and Di...mentioning

confidence: 99%

“…Depending on the developer's point of view, which has been produced using the tool developed with Firebase by many elements. The client and developer can retain their harmonious relationship by delaying work as little as possible [29,30].…”

Section: Related Workmentioning

confidence: 99%

Improvised Multi-Factor Authentication for End-User Security in Cyber Physical System

Maranco,

Manikandan,

et al. 2023

Preprint

View full text Add to dashboard Cite

show abstract

“…Identity verification in the Cloud-based Metaverse involves establishing the authenticity of users and ensuring their claimed identities (Lim et al, 2017). This process safeguards against unauthorized access, impersonation, and fraudulent activities within virtual environments.…”

Section: Identification and Authentication Methodsmentioning

confidence: 99%

Mitigating Risks in the Cloud-Based Metaverse Access Control Strategies and Techniques

Upadhyay,

Kumar,

Sharma

et al. 2023

International Journal of Cloud Applications and Computing

View full text Add to dashboard Cite

The advent of the metaverse has revolutionized virtual interactions and navigation, introducing intricate access control challenges. This paper addresses the need for effective access control models in the cloud-based metaverse. It explores its distinct characteristics, including its dynamic nature, diverse user base, and shared spaces, highlighting privacy concerns and legal implications. The paper analyzes access control principles specific to the cloud-based metaverse, emphasizing least privilege, separation of duties, RBAC, defense-in-depth, and auditability/accountability. It delves into identity verification and authorization methods, such as biometrics, multi-factor authentication, and role-based/attribute-based authorization. Advanced access control technologies for the cloud-based metaverse are examined, including SSO solutions, blockchain-based access control, ABAC, adaptive access control, and VMI for isolation. Risk mitigation strategies encompass IDS/IPS, SIEM, and user education programs.

show abstract

“…Waleed et al proposed a DDoS detection scheme based on RNN for SIP-based networks with satisfactory results [ 54 ]. Typical SIP authentication is weak due to reliance on basic methods like digest access authentication, lack of multi-factor authentication, and vulnerability to attacks like brute force and spoofing [ 55 , 56 ]. These shortcomings blur the lines between attackers and legitimate users, increasing DDoS threats.…”

Section: Related Workmentioning

confidence: 99%

Performance analysis: Securing SIP on multi-threaded/multi-core proxy server using public keys on Diffie–Hellman (DH) in single and multi-server queuing scenarios

Bhatti,

Sidrat,

Saleem

et al. 2024

PLoS ONE

View full text Add to dashboard Cite

The rapid replacement of PSTN with VOIP networks indicates the definitive phase-out of the PBX/PABX with smartphone-based VOIP technology that uses WLAN connectivity for local communication; however, security remains a key issue, regardless of the communication coverage area. Session initiation protocol (SIP) is one of the most widely adopted VOIP connection establishment protocols but requires added security. On the Internet, different security protocols, such as HTTPS (SSL/TLS), IPSec, and S/MIME, are used to protect SIP communication. These protocols require sophisticated infrastructure and some pose a significant overhead that may deteriorate SIP performance. In this article, we propose the following: i) avoid using Internet bandwidth and complex Internet protocols for local communication within an organization, but harness WLAN connectivity, ii) use multi-threaded or multicore computer systems to handle concurrent calls instead of installing hardware-based SIP servers, and iii) run each thread in a separate core. Cryptography is a key tool for securely transmitting confidential data for long- and short-range communication, and the Diffie-Hellman (DH) protocol has consistently been a popular choice for secret key exchanges. Primarily, used for symmetric key sharing, it has been proven effective in generating public/private key pairs, sharing public keys securely over public channels, and subsequently deriving shared secret keys from private/public keys. This key exchange scheme was proposed to safeguard VOIP communication within WLANs, which rely on the SIP for messaging and multimedia communication. For ensuring an efficient implementation of SIP, the system was rigorously analyzed using the M/M/1 and M/M/c queuing models. We analyze the behavior of SIP servers with queuing models with and without end-to-end security and increase users’ trust in SIP security by providing a transparent sense of end-to-end security as they create and manage their private and public keys instead of relying on the underlying SIP technology. This research implements instant messaging, voice conversation, and secret key generation over DH while implementing and observing the role of multi-threading in multiqueue systems that serve incoming calls. By increasing the number of threads from one to two, the SIP response time improved from 20.23809 to 0.08070 min at an arrival rate of 4250 calls/day and a service rate of three calls/min. Similarly, by adding one to seven threads, the queue length was reduced by four calls/min. Implementing secure media streaming and reliable AES-based signaling for session confidentiality and integrity introduces a minor 8-ms tradeoff in SIP service performance. However, the advantages of implementing added security outweigh this limitation.

show abstract

Security Issues and Future Challenges of Cloud Service Authentication

Cited by 8 publications

References 20 publications

Improvised Multi-Factor Authentication for End-User Security in Cyber Physical System

Improvised Multi-Factor Authentication for End-User Security in Cyber Physical System

Mitigating Risks in the Cloud-Based Metaverse Access Control Strategies and Techniques

Performance analysis: Securing SIP on multi-threaded/multi-core proxy server using public keys on Diffie–Hellman (DH) in single and multi-server queuing scenarios

Contact Info

Product

Resources

About