Towards an augmented authenticator in the Cloud

Many times in the past, critical infrastructures like e-health and e-government services have become a target of cyber-attacks resulting to manipulation of sensitive information. Meanwhile, there are several approaches applying security and privacy protection measures on cloud-based databases. Simultaneously, many steganographic algorithms have been proposed for achieving security on Cloud Infrastructures. This paper proposes a practical method for applying steganography in an one-time authenticator tool for Cloud-based databases in a healthcare scenario. The proposed method takes into account the architecture of the database server in the cloud and employs an authenticator tool that encrypts the database encryption key and embeds it into the stego-cover. We have tested our approach on a cloud-based database in order to evaluate the overhead introduced and facilitate a threat scenario for testing the security level. Results have revealed that the use of various text and WAV files did not introduce significant overhead. Depending on the file size the introduced delay was between 1 to 3 seconds.