A Review Article on Authentication Protocols in Cloud Computing

Creative


I. INTRODUCTION
Cloud computing is providing on-demand services such as data storage , computing power , databases, software and servers over the internet.Cloud computing uses pay-per-use model.It allows to lower operational cost and scale business easily in times of need and lowers operational cost.
Cloud computing provides various advantages .It is being used in modern world in banking [1] and various other sectors [2][3] [4] .It allows to easily scale resources and storage without investing in physical infrastructure .The user has to pay only for the resources that he actually use.Cloud computing allows to access data from anywhere anytime over the internet .Despite offering number of benefits, cloud computing suffers security challenges that must be addressed and taken care of .

A. Security Challenges of Cloud Computing
There are a lot of security challenges in cloud computing [5][6] [7] [8] .Researchers all over the world have analysed security issues and provided measure to improve it [9] [10].Cloud services faces various security issues [11].Cloud service are vulnerable to denial of service attack that may result in downtime of entire system and halt the ongoing operation [12].There are several insider threats in cloud computing such as Any malicious user gets into system access private and sensitive data.Many other attacks are also there in Cloud computing like Man-in-the-middle attack [13] ,SQL injection attack [14] and various other attacks .There may be data breaching issue too if a cloud service provider does not provide adequate security measures which in turn may result in unauthorized access to data.Cloud services are exposed to various user interfaces and application programming interfaces (APIs).If security measures are not adequately enabled in APIs then a user who is not authorized user may access data and may re-use the APIs or passwords.

B. Types of Cloud 1. Public Cloud:
Public clouds are the cloud computing services available publicly over the internet that can be accessed by any authorize user in pay-per use-model.They are highly elastic and scalable.Public clouds are mostly managed and provided by some third party service providers.Public clouds provide a range of services such as computing power, storage, networking, and applications that are accessible over the internet, and can be quickly provisioned, scaled up or down, and accessed remotely from anywhere with an internet connection.Public clouds are known for their scalability, flexibility, and costeffectiveness.

Private Cloud:
The private clouds are dedicated for use of a particular organization.In private cloud organisations have complete control over resources, security and data.Private clouds are used by organisations that have more control over data and have specific security requirements or they have some sensitive data or work .Here computing resources and services are delivered via secure private network.It has less security issues as compared to public cloud

C. Cloud Computing Services
Various types of services are provided by cloud computing [18] , some of them are as follows 1. IaaS: Infrastructure as a service in this cloud service model resources and infrastructures are distributed as a service It is highly scalable and flexible.Here highly scalable and automated [19].Its infrastructure are rented to compensate the need of physical resources and workstations .Here large amount of sensitive data is being hosted so it is essential to ensure security.In [20]a framework is proposed that ensures security in IaaS 2. PaaS: platform as a service [21] .It provides both hardware and software tools which are used by developers to build application and services.PaaS is very scalable cloud computing service .It suits different type of businesses according to resources.It provides the business organisations and individuals a complete development and deployment environment.The users purchase these resources as they need and access them over a secure internet connection.3. SaaS: software as a service it allows software and its functions available in pay-per-use model .It is a service that hosts software to be available for users.SaaS is highly scalable cloud computing service.It suits small and medium level and enterprise level business.SaaS allows applications to run on SaaS providers' server without installing them on local machine [22] .

II. COMPARATIVE STUDY
Due to security risks and issue in cloud computing, there is a strong need of authentication and authorization in cloud computing.Various authentication techniques and protocols exists provided by researchers all over the world.This paper provides literature survey of Various existing authentication protocols.A biometric based authentication scheme was given [23] to provide authentication of users based on elliptical key cryptography.In [24] a model was proposed that used the mathematical method to provide single server and two server Password based Authentication Systems, further multi-level authentication was proposed in [25].A three step security system was given in [26] that used steganography and cryptography techniques .In [27] an ECC based authentication technique was proposed that used digital signature based identification.A light-weight authentication method was proposed in [28] as most of the existing one had higher computation cost.A lightweight authentication system was also proposed in [29] based on message digest and location .
A multimodal based biometric authentication method was developed in [30] ,using finger print and iris.

III. RESULTS AND DISCUSSION
There are several research gaps in above authentication algorithms.Standardization: Any standardize protocol does not exist for authentication in cloud computing environment that leads to interoperability between different cloud providers and users face difficulty to switch between providers.Usability: Most of authentication and authorization protocols are complex and difficult to use, which leads users to error which in turn results in security issues.Threat Model: Most of authentication protocols focus on a specific threat model ignoring other existing threat models, however all existing threat models should be given equal consideration.Ease of use: the authentication protocols should be easy to understand with user friendly interface and complex one may irritate users.Limited research on multi cloud environment: Most authentication protocol focus on a single cloud environment, however with the increase of multi-cloud environment there is a strong need to manage keys across multiple clouds.Lack of focus on scalability: Many protocols are designed by keeping focus on small cloud environment, as the cloud environment scales up it is required for authentication protocols to meet demands.So there is need of research in above discussed fields.

III. CONCLUSION
Authentication and key management protocols are essential for providing security in cloud computing environment.This paper provides a survey of various authentication protocols provided by various researchers present in this world.This paper also demonstrate various cloud computing models and types of services provided by them .This paper also points out various research gaps in the exhisting systems that needs to be focused in further research.

3 .
Hybrid Cloud: Hybrid cloud services combines both public and private cloud solution .Here applications and data shares resources between public and private cloud service based on requirement.Hybrid cloud allows flexibility and helps to meet demands in times of changing requirements of an organization or individuals in modern world [15][16][17].4. Community Cloud: Community cloud service is a cloud service managed and used by a group of members or community for a special purpose.Community cloud is designed to serve the need of specific community with similar interests and requirements.It provides a way between public and private cloud offering a level of customization, security and privacy that may be required by organizations with shared interests.Community clouds are commonly used by organizations such as healthcare, government, finance, and education, where there are shared interests and requirements, or collaborative initiatives.

Table 1 :
Literature survey of various Authentication protocols in cloud computingThe above table shows Literature survey of various Authentication protocols in cloud computing.