Effective Security Analysis for Combinations of MTD Techniques on Cloud Computing (Short Paper)

2017 ◽  
pp. 539-548 ◽  
Author(s):  
Hooman Alavizadeh ◽  
Dong Seong Kim ◽  
Jin B. Hong ◽  
Julian Jang-Jaccard
Keyword(s):  
Cloud Computing ◽  
Security Analysis ◽  
Short Paper

scholarly journals Adjacency-Hash-Table Based Public Auditing for Data Integrity in Mobile Cloud Computing

2018 ◽  
Vol 2018 ◽  
pp. 1-12
Author(s):  
Wenqi Chen ◽  
Hui Tian ◽  
Chin-Chen Chang ◽  
Fulin Nan ◽  
Jing Lu
Keyword(s):  
Cloud Computing ◽  
High Speed ◽  
Security Analysis ◽  
Hash Table ◽  
The State ◽  
Public Auditing ◽  
The Arts ◽  
High Speed Data ◽  
And Performance ◽  
Data Updating

Cloud storage, one of the core services of cloud computing, provides an effective way to solve the problems of storage and management caused by high-speed data growth. Thus, a growing number of organizations and individuals tend to store their data in the cloud. However, due to the separation of data ownership and management, it is difficult for users to check the integrity of data in the traditional way. Therefore, many researchers focus on developing several protocols, which can remotely check the integrity of data in the cloud. In this paper, we propose a novel public auditing protocol based on the adjacency-hash table, where dynamic auditing and data updating are more efficient than those of the state of the arts. Moreover, with such an authentication structure, computation and communication costs can be reduced effectively. The security analysis and performance evaluation based on comprehensive experiments demonstrate that our protocol can achieve all the desired properties and outperform the state-of-the-art ones in computing overheads for updating and verification.

scholarly journals A Secure Ciphertext Retrieval Scheme against Insider KGAs for Mobile Devices in Cloud Storage

2018 ◽  
Vol 2018 ◽  
pp. 1-7 ◽  
Author(s):  
Run Xie ◽  
Chanlian He ◽  
Dongqing Xie ◽  
Chongzhi Gao ◽  
Xiaojun Zhang
Keyword(s):  
Cloud Computing ◽  
Mobile Devices ◽  
Data Privacy ◽  
Security Analysis ◽  
Data Retrieval ◽  
Sensitive Data ◽  
Encrypted Data ◽  
Security Issues ◽  
Efficiency Comparison ◽  
Cloud Servers

With the advent of cloud computing, data privacy has become one of critical security issues and attracted much attention as more and more mobile devices are relying on the services in cloud. To protect data privacy, users usually encrypt their sensitive data before uploading to cloud servers, which renders the data utilization to be difficult. The ciphertext retrieval is able to realize utilization over encrypted data and searchable public key encryption is an effective way in the construction of encrypted data retrieval. However, the previous related works have not paid much attention to the design of ciphertext retrieval schemes that are secure against inside keyword-guessing attacks (KGAs). In this paper, we first construct a new architecture to resist inside KGAs. Moreover we present an efficient ciphertext retrieval instance with a designated tester (dCRKS) based on the architecture. This instance is secure under the inside KGAs. Finally, security analysis and efficiency comparison show that the proposal is effective for the retrieval of encrypted data in cloud computing.

scholarly journals Cloud Computing: Data Storage Security Analysis and its Challenges

2013 ◽  
Vol 70 (24) ◽  
pp. 33-37 ◽  
Author(s):  
Navdeep Aggarwal ◽  
Parshant Tyagi ◽  
Bhanu P. Dubey ◽  
Emmanuel S. Pilli
Keyword(s):  
Cloud Computing ◽  
Data Storage ◽  
Security Analysis ◽  
Storage Security

scholarly journals Efficient Multifactor Two-Server Authenticated Scheme under Mobile Cloud Computing

2018 ◽  
Vol 2018 ◽  
pp. 1-14 ◽  
Author(s):  
Ziyi Han ◽  
Li Yang ◽  
Shen Wang ◽  
Sen Mu ◽  
Qiang Liu
Keyword(s):  
Cloud Computing ◽  
Information Disclosure ◽  
Mobile Cloud Computing ◽  
User Authentication ◽  
High Reliability ◽  
Security Analysis ◽  
Security Requirements ◽  
Mobile Payment ◽  
Mobile Cloud ◽  
User Privacy

Because the authentication method based on username-password has the disadvantage of easy disclosure and low reliability and the excess password management degrades the user experience tremendously, the user is eager to get rid of the bond of the password in order to seek a new way of authentication. Therefore, the multifactor biometrics-based user authentication wins the favor of people with advantages of simplicity, convenience, and high reliability. Now the biometrics-based (especially the fingerprint information) authentication technology has been extremely mature, and it is universally applied in the scenario of the mobile payment. Unfortunately, in the existing scheme, biometric information is stored on the server side. As thus, once the server is hacked by attackers to cause the leakage of the fingerprint information, it will take a deadly threat to the user privacy. Aiming at the security problem due to the fingerprint information in the mobile payment environment, we propose a novel multifactor two-server authenticated scheme under mobile cloud computing (MTSAS). In the MTSAS, it divides the authentication method and authentication means; in the meanwhile, the user’s biometric characteristics cannot leave the user device. Thus, MTSAS avoids the fingerprint information disclosure, protects user privacy, and improves the security of the user data. In the same time, considering user actual requirements, different authentication factors depending on the privacy level of authentication are chosen. Security analysis proves that MTSAS has achieved the authentication purpose and met security requirements by the BAN logic. In comparison with other schemes, the result shows that MTSAS not only has the reasonable computational efficiency, but also keeps the superior communication cost.

scholarly journals A Secure Authentication and Key Agreement Scheme for IoT-Based Cloud Computing Environment

Symmetry ◽  
2020 ◽  
Vol 12 (1) ◽  
pp. 150 ◽  
Author(s):  
Yicheng Yu ◽  
Liang Hu ◽  
Jianfeng Chu
Keyword(s):  
Cloud Computing ◽  
Internet Of Things ◽  
Secure Communication ◽  
Key Agreement ◽  
Security Analysis ◽  
Computing Environment ◽  
Cloud Computing Environment ◽  
Authentication And Key Agreement ◽  
Insider Attack ◽  
Cloud Servers

The integration of Internet of things (IoT) and cloud computing technology has made our life more convenient in recent years. Cooperating with cloud computing, Internet of things can provide more efficient and practical services. People can accept IoT services via cloud servers anytime and anywhere in the IoT-based cloud computing environment. However, plenty of possible network attacks threaten the security of users and cloud servers. To implement effective access control and secure communication in the IoT-based cloud computing environment, identity authentication is essential. In 2016, He et al. put forward an anonymous authentication scheme, which is based on asymmetric cryptography. It is claimed that their scheme is capable of withstanding all kinds of known attacks and has good performance. However, their scheme has serious security weaknesses according to our cryptanalysis. The scheme is vulnerable to insider attack and DoS attack. For overcoming these weaknesses, we present an improved authentication and key agreement scheme for IoT-based cloud computing environment. The automated security verification (ProVerif), BAN-logic verification, and informal security analysis were performed. The results show that our proposed scheme is secure and can effectively resist all kinds of known attacks. Furthermore, compared with the original scheme in terms of security features and performance, our proposed scheme is feasible.

scholarly journals Security Analysis of Smartphone and Cloud Computing Authentication Frameworks and Protocols

IEEE Access ◽  
2018 ◽  
Vol 6 ◽  
pp. 34527-34542 ◽  
Author(s):  
Zeeshan Siddiqui ◽  
Omar Tayan ◽  
Muhammad Khurram Khan
Keyword(s):  
Cloud Computing ◽  
Security Analysis

scholarly journals Security and Cryptographic Challenges for Authentication Based on Biometrics Data

Cryptography ◽  
2018 ◽  
Vol 2 (4) ◽  
pp. 39 ◽  
Author(s):  
Stefania Nita ◽  
Marius Mihailescu ◽  
Valentin Pau
Keyword(s):  
Machine Learning ◽  
Cloud Computing ◽  
Smart Cities ◽  
Clustering Algorithms ◽  
Security Analysis ◽  
Real Life ◽  
Analysis Tool ◽  
Biometric Analysis ◽  
Wide Range ◽  
Government Education

Authentication systems based on biometrics characteristics and data represents one of the most important trend in the evolution of the society, e.g., Smart City, Internet-of-Things (IoT), Cloud Computing, Big Data. In the near future, biometrics systems will be everywhere in the society, such as government, education, smart cities, banks etc. Due to its uniqueness, characteristic, biometrics systems will become more and more vulnerable, privacy being one of the most important challenges. The classic cryptographic primitives are not sufficient to assure a strong level of secureness for privacy. The current paper has several objectives. The main objective consists in creating a framework based on cryptographic modules which can be applied in systems with biometric authentication methods. The technologies used in creating the framework are: C#, Java, C++, Python, and Haskell. The wide range of technologies for developing the algorithms give the readers the possibility and not only, to choose the proper modules for their own research or business direction. The cryptographic modules contain algorithms based on machine learning and modern cryptographic algorithms: AES (Advanced Encryption System), SHA-256, RC4, RC5, RC6, MARS, BLOWFISH, TWOFISH, THREEFISH, RSA (Rivest-Shamir-Adleman), Elliptic Curve, and Diffie Hellman. As methods for implementing with success the cryptographic modules, we will propose a methodology which can be used as a how-to guide. The article will focus only on the first category, machine learning, and data clustering, algorithms with applicability in the cloud computing environment. For tests we have used a virtual machine (Virtual Box) with Apache Hadoop and a Biometric Analysis Tool. The weakness of the algorithms and methods implemented within the framework will be evaluated and presented in order for the reader to acknowledge the latest status of the security analysis and the vulnerabilities founded in the mentioned algorithms. Another important result of the authors consists in creating a scheme for biometric enrollment (in Results). The purpose of the scheme is to give a big overview on how to use it, step by step, in real life, and how to use the algorithms. In the end, as a conclusion, the current work paper gives a comprehensive background on the most important and challenging aspects on how to design and implement an authentication system based on biometrics characteristics.

Remote Attestation on Trusted Cloud Computing

2014 ◽  
Vol 696 ◽  
pp. 161-166 ◽  
Author(s):  
Bo Long Yang ◽  
Hao Guo
Keyword(s):  
Cloud Computing ◽  
Simulation Experiment ◽  
Security Analysis ◽  
Remote Attestation ◽  
Ring Signature ◽  
Ring Signatures ◽  
Attribute Certificate ◽  
Configuration Information

In the cloud computing mode TCCP, there exist shortcomings of overburdened trusted TC, the anonymity of nodes and configuration information of platform can’t be guaranteed. In this paper, we propose an anonymous scheme based on attribute certificate. The scheme is achieved by the trusted ring signature based on attribute certificate. By the security analysis, the anonymity and platform configuration information of computing nodes is guaranteed. By simulation experiment, we obtain the efficiency of the scheme. Comparing with Boneh ring signature based on ECC algorithm, this scheme has a great superiority in terms of large amount of ring signatures.

Sign in / Sign up

Export Citation Format

Share Document