DESIGN AND IMPLEMENTATION OF MOBILE ONE-TIME PASSWORD AND RIVEST CIPHER FOUR ENCRYPTION FOR CLOUD COMPUTING SECURITY

ABSTRACT

The use of cloud computing in recent times has recorded remarkable growth while security

and privacy issues have remained a critical challenge and a thing of concern for

researchers. The reason partly is associated to the fact that most users do not have baseline

knowledge of how to securely use cloud services and as such they end up becoming victims,

because hackers take advantage of their inadequate knowledge. This thesis is on the

Design and Implementation of Mobile One-Time Password and Rivest Cipher Four

Encryption for Cloud Computing Security, presents a security based on two-factor

authentication which provides users with mOTP protection against cybercrimes. The

mOTP and RC4 security development was carried out by generating PHP codes that were

processed using a Localhost server that served them as web page GUIs which were

designed with Netbeans, data transmission encryption was carried out by generating

certificate through OpenSSL that is embedded in the XAMPP Server. The developed mOTP

and RC4 system was tested and the result showed that it functions appropriately and

provides a better security than the static password, and does not require additional

technical knowledge. The findings revealed that static passwords are easier to hack, and

inadequate knowledge, expertise, security and privacy are some of the major challenges of

cloud security. Therefore, two-factor or multi-factor authentication and more

enlightenment and training about cloud computing security and privacy are recommended

for the users. 

TABLE OF CONTENTS

Page

TITLE PAGE

DECLARATION i

CERTIFICATION ii

DEDICATION iii

ACKNOWLEDGEMENT iv

TABLE OF CONTENTS v

LIST OF FIGURES vi

LIST OF TABLES xi

ABSTRACT xi

CHAPTER ONE: INTRODUCTION

 Page

1.1 Background to the Study 1

1.2 Statement of the Problem 4

1.3 Aim and Objectives of the Study 4

1.4 Scope of the Study 5

1.5 Significance of the Study 6

1.6 Operational Definition of Terms 6

1.7 Chapters Preview 9

CHAPTER TWO: LITERATURE REVIEW

Page

2.1 Evolution of Cloud Computing 10

2.2 Cloud Computing Characteristics 13

2.3 Cloud Computing Service Models 15

2.4 Cloud Computing Deployment Models 18

2.5 Challenges in Cloud Computing 22

2.6 Cloud Computing Security 25

2.7 Authentication 26

2.7.2 One Time Password Authentication 27

2.7.2 Encryption/Cipher Algorithms 29

2.7.3 Advanced Encryption Standard (AES) 29

2.7.4 Message Digest Five (MD5) 31

2.7.5 Rivest Cipher Four (RC4) 31

2.7.6 Rivest, Shamir and Adleman (RSA) 34

2.8 Secure Socket Layer/ Transport Layer Security (SSL/TLS) Certificate 34

2.9 Threats That Compromise Cloud Computing 36 

vi

2.10 Authentications used by Cloud Computing Service Providers 39

2.11 Benefits of Cloud Computing 45

2.12 Advances in Cloud Computing 46

CHAPTER THREE: DESIGN, DEVELOPMENT, IMPLEMENTATION AND

TESTING

 Page

3.1 Software and Hardware Requirements 49

3.2 Cloud Computing Development Tools 50

3.3 mOTP and RC4 Solution Design Analysis 51

3.4 mOTP and RC4 Login Procedure Steps 53

3.5 mOTP and RC4 Solution Development 53

3.6 Implementation of mOTP and RC4 Cipher Security 58

3.7 The Two-Factor Authentication Using mOTP and RC4 58

3.8 Testing of mOTP and Rivest Cipher Four Security 59

3.9 Flow Chart of the Propose MOTP and RC4 Security 60

CHAPTER FOUR: RESULTS AND DISCUSSIONS

Page

4.1 Results of Testing of mOTP and RC4 Security 62

4.1.1 The Registration Page 63

4.1.2 The Login Page 63

4.1.3 The Captcha-Re-Captcha Authentication Page 64

4.1.4 The User Account Page 65

4.1.5 The Database View 65

4.1.6 The OTP Database View 66

4.1.7 The RC4-SHA Encryption Certificate 67

CHAPTER FIVE: DISCUSSION OF FINDINGS, CONCLUSION AND

RECOMMENDATIONS

 Page

5.1 Discussion of Findings 68

5.2 Limitations 69

5.3 Conclusion 69

5.4 Suggestions for Future Works 70

5.5 Recommendations 71

REFERENCES 72

APPENDIX A: Code Listing 75