Visible to the public Two-factor authentication framework for private cloud

Submitted by aekwall on Mon, 03/02/2020 - 12:25pm
TitleTwo-factor authentication framework for private cloud
Publication TypeConference Paper
Year of Publication2019
AuthorsGordin, Ionel, Graur, Adrian, Potorac, Alin
Conference Name2019 23rd International Conference on System Theory, Control and Computing (ICSTCC)
Keywordsadditional field, authentication, authentication module, authorisation, banking Websites, cloud computing, cloud providers, frequently used solution, Google, human factors, message authentication, Mobile handsets, OpenStack cloud, password, Password authentication, private cloud, private cloud solutions, pubcrawl, public cloud, security, simple user authentication, social networking (online), Software, TFA, TOTP, TOTP authentication forms, TOTP user, Two factor Authentication, two-factor authentication, two-factor authentication framework, unique code, Web authentication form
AbstractAuthorizing access to the public cloud has evolved over the last few years, from simple user authentication and password authentication to two-factor authentication (TOTP), with the addition of an additional field for entering a unique code. Today it is used by almost all major websites such as Facebook, Microsoft, Apple and is a frequently used solution for banking websites. On the other side, the private cloud solutions like OpenStack, CloudStack or Eucalyptus doesn't offer this security improvement. This article is presenting the advantages of this new type of authentication and synthetizes the TOTP authentication forms used by major cloud providers. Furthermore, the article is proposing to solve this challenge by presenting a practical solution for adding two-factor authentication for OpenStack cloud. For this purpose, the web authentication form has been modified and a new authentication module has been developed. The present document covers as well the entire process of adding a TOTP user, generating and sending the secret code in QR form to the user. The study concludes with OpenStack tools used for simplifying the entire process presented above.
DOI10.1109/ICSTCC.2019.8885460
Citation Keygordin_two-factor_2019
Groups: