Towards Efficient Authentication Scheme with Biometric Key Management in Cloud Environment

A chaotic map-based mutual authentication scheme with strong anonymity is proposed in this paper, in which the real identity of the user is encrypted with a shared key between the user and the trusted server. Only the trusted server can determine the real identity of a user during the authentication, and any other entities including other users of the system get nothing about the user’s real identity. In addition, the shared key of encryption can be easily computed by the user and trusted server using the Chebyshev map without additional burdensome key management. Once the partnered two users are authenticated by the trusted server, they can easily proceed with the agreement of the session key. Formal security analysis demonstrates that the proposed scheme is secure under the random oracle model.

Download Full-text

The Analysis of Database Security Requirements for Cryptographic Algorithm

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.646.235 ◽

2013 ◽

Vol 646 ◽

pp. 235-239

Author(s):

Hana Do ◽

Hoon Jeong ◽

Eui In Choi

Keyword(s):

Access Control ◽

Key Management ◽

Database Security ◽

Third Party ◽

Security Requirements ◽

Security Assessment ◽

Storage Space ◽

Cloud Environment ◽

Variable Environment ◽

Cryptographic Algorithm

The cloud environment is recently emphasized when we save a large amount of data with a minimum of maintenance. But the cloud is a variable environment that data is likely to be changed when which is transferred, and even doesn't permanently store. Besides it has the risk of phishing from a third party. A scalable storage space as one of the features of the cloud has to consist as more proactive access control, secure encryption, and key management in the aspect of the size of the database and the number of users. In this paper, we analyze about database security requirements of these environment and the provided encryption technologies of until now. And, even anyone who don't have the expertise for security assessment and management or CC could be easily accessible it.

Download Full-text

Smart PSK provisioning: a key-management and authentication scheme for wireless LANs

Proceedings. 14th International Conference on Computer Communications and Networks, 2005. ICCCN 2005. ◽

10.1109/icccn.2005.1523823 ◽

2006 ◽

Cited By ~ 1

Author(s):

D. Tonesi ◽

L. Salgarelli

Keyword(s):

Key Management ◽

Wireless Lans ◽

Authentication Scheme

Download Full-text

Password authentication scheme based on smart card and QR code

Indonesian Journal of Electrical Engineering and Computer Science ◽

10.11591/ijeecs.v23.i1.pp140-149 ◽

2021 ◽

Vol 23 (1) ◽

pp. 140

Author(s):

Mushtaq Hasson ◽

Ali A. Yassin ◽

Abdulla J. Yassin ◽

Abdullah Mohammed Rashid ◽

Aqeel A. Yaseen ◽

...

Keyword(s):

Smart Card ◽

Key Management ◽

Service Providers ◽

Mutual Authentication ◽

Security Analysis ◽

Cloud Service ◽

Cloud Services ◽

Authentication Scheme ◽

Qr Code ◽

Practical Applications

As a hopeful computing paradigm, cloud services are obtainable to end users based on pay-as-you-go service. Security is represented one of the vital issues for the extended adoption of cloud computing, with the object of accessing several cloud service providers, applications, and services by using anonymity features to authenticate the user. We present a good authentication scheme based on quick response (QR) code and smart card. Furthermore, our proposed scheme has several crucial merits such as key management, mutual authentication, one-time password, user anonymity, freely chosen password, secure password changes, and revocation by using QR code. The security of proposed scheme depends on crypto-hash function, QR-code validation, and smart card. Moreover, we view that our proposed scheme can resist numerous malicious attacks and are more appropriate for practical applications than other previous works. The proposed scheme has proved as a strong mutual authentication based on burrows-abadi-needham (BAN) logic and security analysis. Furthermore, our proposed scheme has good results compared with related work.

Download Full-text

A Genetic Algorithm based Key Management Approach for Enhancing Data Security in Cloud Environment

International Journal of Advanced Trends in Computer Science and Engineering ◽

10.30534/ijatcse/2020/294952020 ◽

2020 ◽

Vol 9 (5) ◽

pp. 8943-8951

Keyword(s):

Genetic Algorithm ◽

Data Security ◽

Key Management ◽

Management Approach ◽

Cloud Environment

Download Full-text

Secure Cloud Key Management based on Robust Secret Sharing

10.5121/csit.2021.110913 ◽

2021 ◽

Author(s):

Ahmed Bentajer ◽

Mustapha Hedabou ◽

Sara Ennaama ◽

Abderrahim Tahiri

Keyword(s):

Cloud Computing ◽

Secret Sharing ◽

Key Management ◽

Third Party ◽

Cloud Provider ◽

Cloud Environment ◽

Critical Issues ◽

Security Module ◽

Performance Results ◽

Multi Cloud

The aim of this paper is to propose a model to strengthen the security of key management in cloud computing, where the model is shared or entirely controlled by a non-trusted third party provider. Key management is not a straightforward matter for IT-teams, in addition to critical issues related to properly managing and securing the keys on providers’ infrastructures, they have to deal with concerns specific to multi-cloud key management. Hardware Security Module (HSM) solution that offers a secure on-premise encryption key management turned out be impracticable for widespread cloud deployment. HSM as a Service seems to be the best approach for key management in multi-cloud, but the service is wholly owned and managed by another cloud provider. In This paper, we present an efficient and secure cloud key management that fulfills the requirements of multi-cloud deployment. The proposed design splits the key into a blinded version of n shares that will be stored in encrypted format at the cloud provider side. To demonstrate the efficiency of the proposed design, we implement a fully featured prototype and evaluate its performance. Results analysis shows that the proposed design is highly efficient and can serve as a groundwork for using secret share as a way to protect keys in a multi-cloud environment.

Download Full-text