Design and Implementation of Multi-tier Authentication Scheme in Cloud

The purpose of this paper is to present the design of a secure and more advanced authentication scheme for executing secure financial transactions over Internet. There has been continuous change in technology day by day, so security mechanisms like authentication schemes are also required to be updated. The security measures have very crucial role in banking and financial sector. For any internet application which deals with personal and private information exchange, single tier authentication is inadequate. Authentication schemes that imply more than one tier for authentication are comparatively safer than single tier authentication scheme. Properly designed secure authentication mechanisms are more fraud deterrent. Various multi-tier authentication schemes have been proposed and implemented in various computing domains. The main drawback of these schemes is that most of them do not provide security against insider attacks. In case of Cloud Computing, another drawback is that the whole authentication control lies toward the server side. It is very hard to trust the third party server in Cloud Computing. This work proposes a scheme in which authentication process is carried out in two levels or two tiers. First tier uses simple username and password. Second tier is pre-determined series of steps. The advantage of this scheme is that it does not require any additional hardware and software. So this can be used and accessed from anywhere across the globe.