IMPLEMENTATION OF TWO-FACTOR AUTHENTICATION ACCESS CONTROL IN WEB-BASED SERVICES WITH CLOUD COMPUTING USING C#.NET
In this project, our propose preventing private information leakage at the phase of access authentication. I introduces two access control mechanism here: (1) user secret key and (2) security device. Our proposed mainly consists of two entities; they are attribute-issuing authority and trustee. Attribute-issuing authority is responsible to generate user secret key for each user. Trustee is responsible for initializing the security device. Secret key cannot use by user in another device. Security device content store inside the security device is not accessible nor modifiable once it is initialize. User can access the system means and both mechanisms are need. Detailed security analysis shows that the proposed two-factor authentication access control system achieves the desired security requirements.
2. Mary AL, Gokila R, Maheswari KU. Integration of cloud computing with internet of things with security. Int J Pure Appl Math 2018;18:313 7.
3. Au MH, Kapadia A. PERM: Practical reputation-based blacklisting without TTPS. In: Raleigh, NC, USA: Proc. ACM Conf. Comput. Commun. Secur. (CCS); 2012. p. 929-40.
4. Au MH, Kapadia A, Susilo W. BLACR: TTP-Free Black Listable Anonymous Credentials with Reputation. In Proc. 19th NDSS; 2012. p. 1-17.
5. Au MH, Susilo W, Mu Y. Constant-Size Dynamic k-TAA. In Proc. 5th Int. Conf. SCN; 2006. p. 111-25.
6. Baek J, Vu QH, Liu JK, Huang X, Xiang Y. A secure cloud computing based framework for big data information management of smart grid. IEEE Trans Cloud Comput 2015;3:233-44.
7. Bellare M, Goldreich O. On Defining Proofs of Knowledge. In Proc. 12th Annu Int CRYPTO; 1992. p. 390-420.
8. Bethencourt J, Sahai A, Waters B. Ciphertext-Policy Attribute- Based Encryption. In: Proc. IEEE Symp. Secur. Privacy; 2007. p. 321-34.
9. Boneh D, Boyen X, Shacham H. Short Group Signatures. In Advances in Cryptology. Berlin, Germany: Springer-Verlag; 2004. p. 41-55.
10. Boneh D, Ding X, Tsudik G. Fine-grained control of security capabilities. ACM Trans Internet Technol 2004;4:60-82.