Multidimensional: User with File Content and Server’s status based Authentication for Secure File Operations in Cloud

The popularity of data storage in cloud servers is getting more and more favoured in recent times. Its ease of storage, availability and synchronization of personalized cloud file storage using client applications made cloud storage more popular than ever. In cloud storage system, using a basic authentication method like username and password are still one of the most popular forms of authentication. However, the security ensure by such traditional authentication method is weak and vulnerable because the user name and password can be compromised by intruders or the user account can be left open by forgetting to logoff in public computers, leading to exposure of information to unauthorised users and hackers. In recent years, using a two-factor authentication has become a trend throughout network-based cloud services, online banking system and any form of services that requires user authentication. Here, in this paper a second layer authentication in the form of session key is used to ensure the authenticity of the activities of the user after user’s web-based account is logged-in successfully. The interesting and the critical contribution in this paper is the way the session key is generated and delivers to the authentic user. The key is generated by using the hash value of the file content, file size, file last modified, pseudo-random generated by the server using CPU temperature, clock speed, system time, and network packet timings, and user based 8 digit random position selection from a 32 digit Hex to mitigate against the attacker while performing vital file activities which may lead to data lost or data destruction or when user’s credentials are compromised.