Cloud computing is a means by which highly scalable services can be consumed over Internet and network on rental basis. Various cloud service providers are offering different services over cloud environment. Many big investors like Amazon S3, EC2, Microsoft Azure, IBM Blue, are providing cloud environments. When data is stored over cloud, vendors hold a limitless possibility to access this data. Social engineering done by cloud vendors or their employees would lead to information leak or even substantial loss of data. Commonly used authentication mechanism guarantee that authenticated users can access their data, but they do not guarantee security of data from the cloud vendor. This paper emphasizes on improving existing authentication mechanism & implementing data security schemes to secure data from the cloud vendor and other users of cloud.

1. Dai Yuefa, Wu Bo, Gu Yaqiang, Zhang Quan, Tang Chaojing, “Data Security Model for Cloud Computing”, ISBN 978-952-5726-06-0, Proceedings of the 2009 International Workshop on Information Security and Application (IWISA 2009), Qingdao, China, November 21-22, 2009.
2. Cong Wang, Qian Wang, and Kui Ren, “Ensuring Data Storage Security in Cloud Computing”.
3. Richard Chow, Philippe Golle, Markus Jakobsson, Ryusuke Masuoka, Jesus Molina Elaine Shi, Jessica Staddon “Controlling Data in the Cloud: Outsourcing Computation without Outsourcing Control” PARC Fujitsu Laboratories of America.
4. Rongxing Lu, Xiaodong Lin, Xiaohui Liang, and Xuemin (Sherman) Shen, “Secure Provenance: The Essential of Bread and Butter of Data Forensics in Cloud Computing”, ACM digital library.
5. SIMENCE, time.lex “Multilevel authentication policy mapping”.
6. ScottYilekUC, SanDiego Rescorla, Hovav Shacham Brandon Enright, UC San Diego “When Private Keys are Public: Results from the 2008 Debian OpenSSL Vulnerability”, ACM digital library.
7. Benjamin Aziz, Alvaro Arenas, “A Secure and Scalable Grid-based Content Management System”, 2010 International Conference on Availability, Reliability and Security.
8. Asoke K Talukder “Security & Scalability Architecture for Next Generation Internet Services” Geschickten Solutions Bangalore, India.
9. Wassim Itani Ayman Kayssi Ali Chehab, “Privacy as a Service: Privacy-Aware Data Storage and Processing in Cloud Computing Architectures”, 2009 Eighth IEEE International Conference on Dependable.
10. Junaid Arshad, Paul Townend, Jie Xu, “Quantification of Security for Compute Intensive Workloads in Clouds”, 2009 15th International Conference on Parallel and Distributed Systems.

Authentication by Characteristics (AC) Authentication by Knowledge (AK) Authentication by Ownership ( AO) Cloud Service Provider (CSP) Public Key Infrastructure (PKI) One Time Password (OTP)