Cloud computing is a one of the emerging technology in IT industries nowadays. Cloud computing offers a wide range of services to its users. It delivers on demand services over internet with low cost investments. One of the service provided by cloud is data storage. But security and privacy of cloud data are main issues as cloud does not ensure the security aspects like confidentiality, integrity, identification etc. The cloud computing also enables users to access data from the cloud servers. To protect data access by unauthorized users, authentication plays an important role. Authentication is a first step for data security, through which user can establish proof of identities prior data access from system. In cloud computing environment, conventional authentication methods do not provide strong security against today’s most modern means of attacks. So cloud needs a dynamic approach for user authentication which should include more than one credentials for authentication. In this paper, we propose a data security architecture with a robust, dynamic and feasible Multi-Factor Authentication (MFA) scheme which integrates more than one factors like knowledge, possession, location and time, for cloud user authentication.

cloud computing; data security; multi-factor authentication; one time password

[1] Mell, P; Grance, T.,”The NIST Definition of cloud computing” ,Version 15, Technical Report , Computer and Information Sciences, Volume-53 No.-06, pp (1-10), 2009.
[2] Banayal R.; Jain P.; Jain V.,“Multi-factor Authentication Framework for Cloud Computing”, IEEE Computer Scociety, Fifth International Conference on Computational Intelligence, Modelling and Simulation, pp (105-110), 2013. DOI 10.1109/CIMSim.2013.25.
[3] Wenyi Liu; A. Selcuk Uluagac; Beyah R., “MACA: A Privacy-Preserving Multi-factor Cloud Authentication System Utilizing Big Data”, IEEE INFOCOM Workshop on Security and Privacy in Big Data- 2014.
[4] Behrouz A. Forouzan, Handbook on, “Cryptography and network security”, Special Indian Edition-2007, Tata McGraw-Hill Forozan Networking Series, ISBN-13: 978-0-07-066046-5.
[5] William Stalling, A Handbook on, “Cryptography and network security- Principles and practice”,Pearson Education, Fifth edition -2010, ISBN-13: 978-0-1360-9704-4.
[6] Luis M.Vaquero; Luis Rodero-Merino; Juan Caceres, Maik Lindner,” A break in the clouds: Toward a cloud definition.” ACM SIGCOMM Computer Communication Review, Volume-39, No.-01, pp.( 50-55), 2009.
[7] C. Lin; Hwang, T.,”A password authentication scheme with secure password updating,” Computers & Security , volume- 22, pp (68-72), 2003.
[8] Shivlal Mewada, Umesh Kumar Singh and Pradeep Sharma, "Security Enhancement in Cloud Computing (CC)", ISROSET-International Journal of Scientific Research in Computer Science and Engineering, Vol.-01, Issue-01, pp (31-37), Jan -Feb 2013
[9] S. Lee; I. Ong; H.T. Lim; H.J. Lee, “Two factor authentication for cloud computing”, International Journal of KIMICS, volume-08, pp ( 427-10), 2009.
[10] Daniel Mouly, “Strong User Authentication, Informa-tion Systems Security”, volume-11, issue-02, pp ( 47-53), 2002.
[11] M.S.Hwang; L.H. Li, ”A New Remote User Authen-tication Scheme using Smart Cards”, IEEE Transactions on Consumer Electronics. Volume- 46, No.-01, pp (28-30), 2000.
[12] H.Y.Chien; J.K. Jan; Y.M. Tseng,” An efficient and practical solution to remote authentication: Smart card”, Computer Security, Volume- 21, No.-04, pp ( 372-375), 2000.
[13] I-En Liao; Cheng-Chi Lee; Min-Shiang Hwang,”A password authentication scheme over insecure networks”, J. Computer System Science, Volume- 72, No.-04 pp ( 727-740), 2006.
[14] Multifactor Authentication, “http://searchcloudsecurity.techtarget.com/tip/Multifactor-authentication-in-the-cloud-Assessing-provider-services”, Nov. 05 2015.
[15] Chaurasia B; Shahi A.; Verma,“Authentication in Cloud Environrnent Using Two Factor Authentication”, Springer India, Third International Conference on Soft Computing for Problem Solving, Advances in Intelligent Systems and Computing 259, 2014