The Role of Blockchain in Enhancing Cloud Security against Phishing Attacks

By: Soo Nee Kee1,2

1Universiti Malaya, Kuala Lumpur, Malaysia.

2International Center for AI and Cyber Security Research and Innovations, Asia University, Taiwan Email: nee.kee2001.nks@gmail.com

Abstract

Cloud computing is the delivery of the cloud resources over Internet, including storage, databases, servers, and software. It is widely used in recent year due to its pay-as-you-go payment method, which helps organizations save significant costs and time to build own IT infrastructure. Nonetheless, cloud computing still faces several security challenges, in which phishing attacks being a main concern. As more and more people rely on the cloud-based services, attackers target the cloud environment in order to gain unauthorized access to the data, which leads to sensitive data leakage and financial losses. Traditional security mechanisms such as firewalls and antivirus software are insufficient to prevent phishing attacks nowadays as the attackers are creative in planning and executing phishing attacks. Therefore, a new phishing approach, blockchain is brought to the table in order to address the issue.

Keywords: Cloud, Blockchain, Multi-Factor Authentication, Phishing, AES-256

Introduction

Blockchain is a decentralized database that stores records securely in distributed manner. It stores records of transaction into blocks which linked together by cryptographic chain, promoting immutability, transparency and traceability. [1] Once data is added, it cannot be altered, modified or deleted, which fosters users trust. Each block contains previous block’s cryptographic hash, creating a secure link between blocks, making it temper-proof and enhancing the security of the overall system. The decentralized nature of blockchain eliminates the need of a central server and the control of any entity, improving security while avoiding single point of failure. In addition, its transparency allows every participant in the network to view the entire transaction history, any changes can be triggered and traced, making it become traceability.

Techniques

The use of blockchain helps enhance authentication mechanism of cloud computing as the existing methods rely on a central server or a third party to manage user authentication, leading to various security vulnerabilities. Moreover, the traditional password-based authentication method is vulnerable to phishing attacks. Thus, blockchain-based multi-factor authentication (BBMFA) is proposed to address the issue mentioned. BBMFA eliminates the reliance on centralized authorities, giving full control to the users over their identities. [2] User identities are encrypted by using AES-256 and stored on blockchain. By using private keys and digital signatures, users can perform identity verification. During the authentication process, system will retrieve the records from blockchain and decrypt them. By comparing user private keys and hashed identities with the retrieved data from blockchain, the system can verify users’ identities without exploring the sensitive data. Only matched hash is considered successful authentication and the records stored in blockchain are immutable. Thus, data tempering, credentials theft and any phishing attacks are impossible. This technique ensures that user privacy data cannot be modified even though attacks gain access to their credentials.

A diagram of a cloud computing process

Description automatically generated
Figure 1: Overview of Blockchain-Based Multi-Factor Authentication

Conclusion

In conclusion, Blockchain-Based Multi-Factor Authentication (BBMFA) provides a robust solution to mitigate phishing attacks on the authentication mechanism of cloud computing. Utilising decentralized identity management method via blockchain can help in eliminating the need of third parties. [2] The immutable and transparent nature of blockchain enhances the security of the system by preventing unauthorized access and tempering of data. The use of AES-256 encryption method further strengthen the security of cloud computing. Therefore, implementing BBMFA can effectively prevent any vulnerabilities, including phishing attacks, ensuring the accountability, reliability and traceability of cloud computing certification methods.

Reference

  1. “Exploring the integration of edge computing and blockchain IoT: Principles, architectures, security, and applications – ScienceDirect.” Accessed: Oct. 04, 2024. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S1084804524000614
  2. M. S. Almadani, S. Alotaibi, H. Alsobhi, O. K. Hussain, and F. K. Hussain, “Blockchain-based multi-factor authentication: A systematic literature review,” Internet Things, vol. 23, p. 100844, Oct. 2023, doi: 10.1016/j.iot.2023.100844.
  3. Gupta, B. B., & Panigrahi, P. K. (2022). Analysis of the Role of Global Information Management in Advanced Decision Support Systems (DSS) for Sustainable Development. Journal of Global Information Management (JGIM), 31(2), 1-13.
  4. Gupta, B. B., & Narayan, S. (2021). A key-based mutual authentication framework for mobile contactless payment system using authentication server. Journal of Organizational and End User Computing (JOEUC), 33(2), 1-16.
  5. Gupta, B. B., & Narayan, S. (2021). A key-based mutual authentication framework for mobile contactless payment system using authentication server. Journal of Organizational and End User Computing (JOEUC), 33(2), 1-16.

Cite As

Kee S.N. (2024) The Role of Blockchain in Enhancing Cloud Security against Phishing Attacks, Insights2Techinfo, pp.1

79400cookie-checkThe Role of Blockchain in Enhancing Cloud Security against Phishing Attacks
Share this:

Leave a Reply

Your email address will not be published.