MULTI-FACTOR AUTHENTICATION USING A NOVEL APPROACH IN THE CLOUD

: Cloud computing is a contemporary prototype to deliver services over the Internet. Cloud security is the most crucial issue in a cloud atmosphere either it is public cloud or community cloud. There is a vast scope to scrutinize data security enhancement in cloud storage. Authentication is an essential technology for information security, which is a mechanism to confirm proof of identities to obtain access of information in the system. Conventionally used authentication methods are rather securing data, but not smart enough and completely secured. In this paper, we have implemented a novel verification technique that associate with static username and password as a way in authentication followed by OTP based on the token generator method along with a digital signature and image captcha is an innovative factor to verify an each user. The solution aims at gaining confidentiality and integrity by making use of CP-ABHE (Ciphertext Policy-Attribute based Homomorphic Encryption algorithm) and user verification with Multi-Factor Authentication. Finally the efficiency of the system is examined with the help of the experimental results and discussions.


INTRODUCTION
In the developing technologies cloud computing placed a crucial role in various applications such as education, research, banking and other important sectors [1]. These applications requires lot of information for making effective process, for this purpose, cloud provides the enormous amount of on demand services such as monitoring services, finance applications, database with affordable cost [2]. During the service providing process, cloud computing technology consists of different characteristics namely on demand services, resource pooling, elasticity, Productivity, Reliability, Scalability, Security and Agility. By using the different characteristics cloud provides the services [3] in terms of platform as services (PaaS), infrastructure as services (IaaS) and software as a services (SaaS). Even though the cloud provides the effective services, security is one of the important challenges due to intermediate attacks and unauthorized access [4]. 70% of industries reported that the security is one of the main challenges while sharing and accessing the data in the cloud because it has followed particular set policies, controls, technologies [5]. These security mechanisms have been hacked by intermediate attacks that will lead to create the untrust between cloud service provider and cloud service requestor because the service requestor initially registered their personal details before accessing services [6]. The personal information may contains any sensitive information such user name, password, banking details, phone number etc. These sensitive information may be accessed and misused by third party which may create the untrust between both parties [7].This security issues is handled by applying the different cryptographic algorithms such as both symmetric and asymmetric techniques [8] such as Advance Encryption Standards (AES), data encryption standards (DES), blowfish, two fish, RSA, MD5, SHA, key policy based encryption methods, attribute based encryption, public key encryption methods and so on. These encryption algorithms manage the user registered information by performing the encryption and decryption process to avoiding the intermediated access [9].
Before performing the cryptographic process, user need to register their details by signup the particular cloud service page using user name, password and other personal details which is encrypted by cloud provider and that is stored in the cloud server. After that user need to sign in that page using user name and password then the cloud provider sent the one time password (OTP) [10] to the user mobile phone. Based on the received OTP, user again login to the particular page, the cloud provider compares the details with the encrypted cipher text for providing the cloud services to the user. Even though the traditional encryption methods successfully maintains the security between the service provider and requestor, the private key and user details are hacked by intermediate attacks which leads to create security problem again. So, in this paper introduces the Ciphertext policy attribute [11] based homomorphic encryption algorithm along with the digital signature process. The introduced method uses the static username and password for authentication purpose by using the OTP based token generator [12]. Along with the normal authentication process, the method utilizes the image captcha process for user verification process. Thus the introduced multi factor authentication process ensures the security and trust between the provider and requestor with effective manner. Then the efficiency of the system is evaluated with the help of the cloudsim tool based experimental analysis. Then the rest of the paper is organized as follows, section 2 analyze different researches works based on the security issues in cloud. Section 3 discusses the proposed cipher text policy attribute based homomorphic encryption algorithm along with the digital signature process. Section 4 examines the proposed systems experimental results and concludes in section 5.

RELATED WORKS
In this section analyze the various researches opinions about the cloud security issues. Shobha Rajak et al., [13] analyzing the protection issues present in the cloud environment because the cloud services are used in different purposes such as storage, auditing, requirement collection of different bench data. Among the different characteristics, author ensures the cloud security by using the digital signature process. Based on the digital signature process, service provider manages the data center, data privacy by encrypting the user signature with the help of the RSA encryption algorithm. Then the performance of the system is evaluated by utilizing cloudsim implementation tool. Thus the author developed system successfully provides the security to the user sensitive data.
Shivam Patole et al., [14] examining the data confidentiality and data privacy in the cloud using the key policy attribute based encryption method. This encryption process work according to the homomorphic encryption process that effectively manages the key while encrypting the user details with effective manner. Further the author implements the client based confidentiality tools for overcoming the security issues. The efficiency of the system is evaluated with the help of the experimental results, thus the system ensures the security with minimum encryption time and minimum cost.
Prachi Soni, et al., [15] proposing the multi factor authentication framework for implementing the data security in cloud environment. The developed multi factor system analyzes the different features such as confidentiality, integrity, privacy and authentication while providing the services to the user. The author establishes the security via the zero knowledge proof protocol which successfully encrypts the user information in the cloud service provider side. The efficiency of the system is evaluated using the experimental results. Based on the above discussions, the cloud security is established by using the multi factor authentication process. So, in this paper introduces the cipher text policy attribute based homomorphic encryption algorithm which ensures the security by using three different stages. During the encryption process the author uses the digital signature along with image captcha for establishing the efficient security in the cloud environment. The rest of the section discuss the proposed security establishment process.

Proposed cipher text policy attribute based homomorphic encryption algorithm along with the digital signature process
In this section discusses about the proposed cipher text policy attribute based homomorphic encryption algorithm along with the digital signature process for ensuring the security while accessing services in cloud. The detailed working structure of the proposed system is shown in the figure 1. The above figure 1 clearly depicted that the proposed cloud security architecture which consists of three stages of verification process namely normal user personal information encryption and decryption process, digital signature encryption process and finally image captcha verification. This three stage encryption process gives more security to user sensitive details also eliminates intermediate attack with efficient manner. The detailed explanation of the proposed CP-ABE homomorphic cloud security process is explained as follows.

Stage 1
Initially the cloud users request the cloud provider for accessing the particular cloud service by signup their personal information. During the registration process, the user enter their name, phone number, email id and so on, these details are need to maintain confidentially because the unauthorized user may be access those information which leads to create serious problem in future [16]. By entering the user details, the cloud service provider generates the one time password (OTP) and sends these message to user entered phone number. After that user need to enter the OTP number to respective column. Based on the initial verification process, the user entered personal information is saved confidentially by performing the encryption process which is done by applying the Cipher text Policy-Attribute based encryption method [17].This algorithm only encrypts the user sensitive data expect the digital signature by usingfour steps such as setup, encryption, key generation and decryption which is explained as follows, Setup (a, U) The first step input parameters setup, in which the security parameter and attribute universe parameter has been initialized as the input.
Also generates the public parameters pk and master key mk.

Key Generation (Mk, s)
The second step is key generation in which the set of attributes relative keys are need to be generated. Sk means decryption key which is used only for the decryption purposed at the time ser verification process. The decryption process is done by as follows, = _ ( , , , )

Encrypt (pk, m, A)
The encryption process encrypts the message m by using the structure attributes and public key and generates the cipher text C.
, } In this encryption process, the session key is the random value that is generated by the user whereas, it is the combination of the session key and access policy.

Decrypt (pk,ct,sk)
The last step is decryption which is done by using the cipher text (ct), private key and set of attributes which is defined as follows, = ( , , , ) = ( ℎ , , , ) These four steps are performed successfully while user requesting the services from the cloud service provider. After completing the first stage of the security establishment process. The digital signature has been encrypted by applying the homomorphic encryption process which is used to improve the further cloud security level.

Stage 2
The second level security is established by using the homomorphic based encryption level. At the time of encryption process, user entered digital signature need to be encrypted because the signature also accessed by intermediate attacks. Normally the encryption process is performed by utilizing the private key that has been securely managed by user which is sometimes difficult to manage. So, the second level encryption process does not require the private key but it efficiently managing the data confidentiality in cloud. The homomorphic algorithm manages the digital signature authentication by using the raw credential information. The Homomorphic encryption [18] method used to perform the encryption without knowing the private key because the client only holds the secret key. The encryption is send be Fully Homomorphic Encryption if it has satisfied the following condition, ( 1 ⊝ 2) ⇓ ( 1) ⊝ ( 2) Where M1 and M2 is the plain text which is related to the user provided digital signature information. Then the fully homomorphic encryption process is used to provide the security of the stored data in the cloud server. Then the encryption algorithm using the homomorphic encryption algorithm is defined as follows, Initially the encryption parameter has been decided and identified like r,p and q in which p is the prime number. P is the secret key. After initializing the parameters the cipher text has been computed for every plain text which is defined as follows, ℎ ( ) = + 2 + Then the decryption is done as follows, Decrypt m= (c mod p)mod2. Finally the homomorphic encrypted cipher text has been computed as follows, C1=q1p+2r1+m1 and C2=q2p+2r2+m2 According to the above process, the user generated digital signature has been encrypted and stored in the cloud server. During the service access process, user verify their digital signature using the digital signature related cipher text which is only known by user that is difficult to access by intermediate person in the cloud environment. This two stages provides the security, privacy, authentication and confidentiality to the user information with effective manner which is done by using the cipher text policy attribute based homomorphic encryption algorithm. Further the security is established with the help of the image captcha verification process which is explained in the stage 3 process.

Stage 3:
The last stage of verification process is done with the help of the image captcha process. After verifying the user information and digital signature [19], the system has been randomly generates the random alphanumeric code with size 8. This code has contains some noise background image, the user need to enter this code according to the random query which is relevant to the generated image captcha. After entering the relevant code, it has to be compared to the session code, if is matched with the stored session image captcha then the user ability to access the cloud service with effective manner. This introduced query based image captcha process reduces unauthorized access also robustness. The sample image captcha related query is shown in the following figure 2. Based on the above three stage encryption and decryption process, the user sensitive information's are encrypted and stored in the cloud provider database During the user request process, the verification is done with the relevant private key, digital signature and image captcha process. Thus the process successfully provides the security to the user sensitive information with effective manner. Then the efficiency of the system is evaluated with the help of the experimental results and discussion which is explained as follows.

Performance Analysis
The excellence of the proposed cipher text policy attribute based homomorphic encryption algorithm is evaluated in this section. The proposed method ensures the confidentiality, privacy, security; authorization and authentication to the user sensitive data [20] by using the three stages based authentication process. The method effectively utilizes the digital signature and image captcha which reduces the intermediate attack successfully. Then the digital signature based authentication efficiency is examined in terms of using the encryption time, execution time and cost. In this paper uses the digital signature as the important role because it does not requires the secret key during the encryption process, due to the homomorphic algorithm. This algorithm only encrypts the digital signature; the encrypted cipher text is used in the second stage of verification process. In addition, to this OTP and cipher text based encryption process ensures the additional security and privacy to the user sensitive information [21]. Further the security is evaluated in the cloud environment with the help of the security, data uploading and authentication metrics. Then the utilized efficient metrics are listed as follows.

Security
Security is important metric which is used to encrypt the user personal information with their digital signature and image captcha that helps to hide the sensitive information from the unauthorized user.

Data Sharing or Uploading
At the time of data sharing, person unique features are used to encrypt their details along with the encryption method which is difficult to hack by the third parties.

Authentication
Authentication and authorization is done with the help of the digital signature matching and image captcha entering process. In addition the method uses the secret key, access controls for maintaining the authentication with efficient manner. Then the proposed system achieves the security with minimum encryption time for user attributes which is shown in the figure 3.  figure 3, it clearly shows that the proposed system consumes minimum encryption time for both small file size and large file size while requesting to upload data in the cloud environment. Then the proposed system minimize the encryption time due to efficient key management process which leads to increase the security in the cloud efficient manner. The minimum encryption time improves the overall execution time for both data sharing and security process. Then the execution time of the proposed system is shown in the figure 4. The above figure 4 depicted that the proposed system consumes minimum execution time for overall encrypting and permission access process. The proposed system uses the digital signature and image captcha which improves the security with efficient manner when compared to the other methods. In addition the system consumes minimum cost while providing the security to the user information. The cost consumes for the system is shown in the figure 5. The figure 5 depicted that the proposed system consumes minimum cost for different file size when compared to the existing methods. Thus the proposed system ensures the security with minimum time in the cloud environment when compared to the existing methods. So, the user details are managed successfully in the third party server.

CONCLUSION
Thus the paper discusses the cloud security establishment process using the OTP along with the digital signature and image captcha based encryption process which is done by using the cipher text policy attribute based homomorphic encryption algorithm. This method, enhances the security in three stages, first user sensitive information's are encrypted with the help of the cipher text policy based private key and public key. Then the user entered digital signature is encrypted and stored in the server using the homomorphic encryption method. These two process successfully ensures the security to user information. In addition, to this image captcha is used to verify the user session because the captcha works according to the query related captcha entering process. Thus the three stage encryption process effectively increases the confidentiality, privacy and security to the user information. At last the efficiency of the system is evaluated with the help of the experimental results. Thus the proposed system establishes the security with minimum time and minimum cost in the cloud environment.