FINE-GRAINED TWO-FACTOR ACCESS CONTROL FOR WEB-BASED CLOUD COMPUTING SERVICES

Abstract

– For web-based cloud computing services, we provide a novel, finely grained approach of
two-factor authentication (2FA). Specifically, in our proposed 2FA access control system, a user secret
key and a lightweight security device are required to create an attribute-based access control
mechanism. It is possible that the technique, which prevents users from accessing the system unless
they have both, might increase the system's security, particularly when several users share a computer
for web-based cloud services. It is also possible to limit access to just those users who share a set of
qualities, while ensuring user privacy, since the cloud server only knows that the user meets the
requisite predicate, but it does not know their actual identity. Finally, we run a simulation to show that
our suggested 2FA system is feasible.