Two-factor authentication for trusted third party free dispersed storage

• Published in: Future generation computer systems Vol. 90; pp. 291 - 306
• Main Authors: Esiner, Ertem, Datta, Anwitaman
• Format: Journal Article
• Language: English
• Published: Elsevier B.V 01.01.2019
• Subjects: Data out-sourcing; Edge computing; Erasure codes; Layered security; Two-factor access control; User controlled encryption; 99-00; Data out-sourcing; User controlled encryption; 00-01; Erasure codes; Layered security; Two-factor access control; Edge computing
• ISSN: 0167-739X; 1872-7115
• DOI: 10.1016/j.future.2018.08.001

We propose a trusted third party free protocol for secure (in terms of content access, manipulation, and confidentiality) data storage and multi-user collaboration over an infrastructure of untrusted storage servers. It is achieved by the application of data dispersal, encryption as well as two-factor (knowledge and possession) based authentication and access control techniques so that unauthorized parties (attackers) or a small set of colluding servers cannot gain access to the stored data. The protocol design takes into account usability issues as opposed to the closest prior work Esiner and Datta (2016). We explore the security implications of the proposed model with event tree analysis and report on experiment results to demonstrate the practicality of the approach concerning computational overheads. Given that the protocol does not rely on any trusted third party, and most operations including actual collaboration do not require users to be online simultaneously, it is suitable not only for traditional multi-cloud setups but also for edge/fog computing environments. •A two-factor authentication protocol is proposed.•The protocol does not require any trusted third party.•It is easily portable and can work alongside any client device.•It features a certain degree of fault-tolerance, thus enhancing availability.