Secure user authentication in cloud computing management interfaces

The degradation of the security of password-based mechanisms, combined with the increasing number of perils on the Internet, is rendering one-factor authentication outdated. This threatens the security of online operations for enterprises and end users, and consequently affects cloud computing solutions. Although cloud computing provides appealing benefits in terms of costs reduction, while increasing productivity, it introduces uncharted security issues (e.g., see [1]) beyond the ones inherited from the Internet. The emergence of mobile computing also makes authentication a priority, and has been reinforcing the need to build stronger and more resilient mechanisms; and simultaneously providing the means to develop new authentication mechanisms, namely Multi-Factor Authentication (MFA) schemes. The convergence to Single Sign-On (SSO) models is being used to eliminate or decrease password management complexity. MFA mostly appears in the form of Two-Factor Authentication (2FA) mechanisms based on One-Time Passwords (OTPs) for the second factor after standard password authentication. Such mechanisms can be based on public-key cryptography and may resort to several technologies to improve user experience, namely Quick Response (QR) codes, Short Message Service (SMSes), Trusted Platform Modules (TPMs), or even contactless Near Field Communication (NFC). Another trend leans to the adoption of risk-based authentication. Efforts for securing authentication are mainly being undertaken by the Initiative for Open AuTHentication (OATH) and the Fast IDentity Online (FIDO) alliance.