Abstract:
As the cloud computing trend becomes increasingly popular, modern web applications are increasingly likely to be based on cloud computing services rely on distributed systems which are scalable and flexible. Rapid evolution of technology has also influenced the development of the industry. All Something immediate Almost overnight Inevitable But with this speed, security threats with the objective of authentication and session management have been on the increase. Threats such as even now the session hijacking, cookie stealing, token forgery, and replay attacks remain critical problems “threats to the security and integrity of cloud services. Traditional methods—such “as passwords, cookies, JWTs, and browser fingerprinting—are inadequate to provide” strong security within a multi-tenant, device-diverse environment, token replay vulnerabilities leak of sensitive data leak of sensitive data leak of sensitive data techniques. These challenges can be overcome by presenting a secure cloud authentication model in this paper. Based on hash-based verification for the access and refresh tokens, by combining with client-specific attributes, including IP address, browser meta data, and device IDs. The system ensures that every authentication session is bound to the place it originated from. It dodges the typical JWTs with sensitive information of user, protecting Data from stolen token In the core of our system, there is a two-level verification process involving the client-side hashing and server-side querying. It gives superior protection against the following: cookie theft threats, replay attacks, and cross-site request forgeries. If a token becomes compromised, it cannot be connected with any other device or network, hence by greatly reducing abuse. It also offers secure and transparent continuity for sessions using the secured renewal of tokens. It has some cost associated with computations and does not perform well with extensively fluctuating conditions for IPs. It achieves a good tradeoff between security and usability. In this paper, a new system that ensures increased privacy, integrity, and trustworthiness within clouds has been presented through a viable authenticating system that lessens dependence on token approaches, thus opening new avenues in the future, such as cache optimization, cryptography, and anomaly detectors using AI.
