DPCA: Dual Phase Cloud Infrastructure Authentication

Every user appreciates the security of their data irrespective of its sensitivity. At the same time, user does not want to be held up with the legacy systems, which may be strongly secured but not with fantasy. Network travelled many phases of its own such as internet, intranet, wireless network, sensor network, Ad-hoc network, Mobile network, Blue-tooth, Cloud and IoT, the most popular technique now. Hence, whatever the type of network hitting the end user with improvised quality, get compromised in security. People feel pleasure upon sharing their moments with their connections. Huge amount of data are in transit either by means of storing them in cloud or retrieving. Users lose control over their data, they are unaware about the people accessing and modifying. Hence DataCentres have to be protected from unauthorized illegal access. Illegal data access may be initiated by a boot or a bot. Man or a Machine discrimination has been resolved with CAPTCHA. This paper, DPCA, proposes an authentication at two different phases. In the first phase, the user is authenticated with the new type of CAPTCHA. With this methodology, user is segregated as man or machine. Thereby bot-nets are filtered out and the flooding messages from bots are mitigated. In the second phase, where only man is allowed to access the cloud resources, he is authenticated with Dempster Shafter hypothetical approach combined with the user intent and not the content. DPCA has been tested in the infrastructure and the experimental results proved the strength of the algorithm.