Raising security level in Cloud by using 2FA TOTP (Time-based One-time Password) and SSO (Single Sign On)

Abstract

In recent times, there are rising concerns over cloud security principles. Applications upload massive data on the cloud through provided service sets, platforms, and infrastructures. Private and sensitive data needs to be protected. Recent studies have suggested multi-factor authentication techniques to secure against possible security attacks on cloud systems. Most techniques involve single-factor authentication, but recent attack perimeters have intensified. Thus, two-factor authentication (2TP) becomes important in cloud security. In this paper, we propose a 2TP-based time-based one-time password (TOTP), that provides a high degree of secrecy. A single sign-on (SSO) scheme is integrated with 2TP TOTP as a dual layer of security and provides users with the flexibility to authenticate multiple websites and credentials with a single sign. This improves the overall scalability of end-user applications, which mitigates the overhead of 2TP TOTP. Overall, the scheme provides strong security, while maintaining the flexibility of user authentication over heterogeneous cloud applications.