scholarly journals Password authentication scheme based on smart card and QR code

2021 ◽  
Vol 23 (1) ◽  
pp. 140
Author(s):  
Mushtaq Hasson ◽  
Ali A. Yassin ◽  
Abdulla J. Yassin ◽  
Abdullah Mohammed Rashid ◽  
Aqeel A. Yaseen ◽  
...  
Keyword(s):  
Smart Card ◽  
Key Management ◽  
Service Providers ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Cloud Service ◽  
Cloud Services ◽  
Authentication Scheme ◽  
Qr Code ◽  
Practical Applications

As a hopeful computing paradigm, cloud services are obtainable to end users based on pay-as-you-go service. Security is represented one of the vital issues for the extended adoption of cloud computing, with the object of accessing several cloud service providers, applications, and services by using anonymity features to authenticate the user. We present a good authentication scheme based on quick response (QR) code and smart card. Furthermore, our proposed scheme has several crucial merits such as key management, mutual authentication, one-time password, user anonymity, freely chosen password, secure password changes, and revocation by using QR code. The security of proposed scheme depends on crypto-hash function, QR-code validation, and smart card. Moreover, we view that our proposed scheme can resist numerous malicious attacks and are more appropriate for practical applications than other previous works. The proposed scheme has proved as a strong mutual authentication based on burrows-abadi-needham (BAN) logic and security analysis. Furthermore, our proposed scheme has good results compared with related work.

scholarly journals An Efficient Chaotic Map-Based Authentication Scheme with Mutual Anonymity

2016 ◽  
Vol 2016 ◽  
pp. 1-10
Author(s):  
Yousheng Zhou ◽  
Junfeng Zhou ◽  
Feng Wang ◽  
Feng Guo
Keyword(s):  
Key Management ◽  
Chaotic Map ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Authentication Scheme ◽  
Session Key ◽  
The Real ◽  
Shared Key

A chaotic map-based mutual authentication scheme with strong anonymity is proposed in this paper, in which the real identity of the user is encrypted with a shared key between the user and the trusted server. Only the trusted server can determine the real identity of a user during the authentication, and any other entities including other users of the system get nothing about the user’s real identity. In addition, the shared key of encryption can be easily computed by the user and trusted server using the Chebyshev map without additional burdensome key management. Once the partnered two users are authenticated by the trusted server, they can easily proceed with the agreement of the session key. Formal security analysis demonstrates that the proposed scheme is secure under the random oracle model.

scholarly journals A Robust and Effective Smart-Card-Based Remote User Authentication Mechanism Using Hash Function

2014 ◽  
Vol 2014 ◽  
pp. 1-16 ◽  
Author(s):  
Ashok Kumar Das ◽  
Vanga Odelu ◽  
Adrijit Goswami
Keyword(s):  
Smart Card ◽  
Hash Function ◽  
User Authentication ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Authentication Scheme ◽  
Remote Server ◽  
Remote User Authentication ◽  
User Authentication Scheme ◽  
Remote User

In a remote user authentication scheme, a remote server verifies whether a login user is genuine and trustworthy, and also for mutual authentication purpose a login user validates whether the remote server is genuine and trustworthy. Several remote user authentication schemes using the password, the biometrics, and the smart card have been proposed in the literature. However, most schemes proposed in the literature are either computationally expensive or insecure against several known attacks. In this paper, we aim to propose a new robust and effective password-based remote user authentication scheme using smart card. Our scheme is efficient, because our scheme uses only efficient one-way hash function and bitwise XOR operations. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. We perform the simulation for the formal security analysis using the widely accepted AVISPA (Automated Validation Internet Security Protocols and Applications) tool to ensure that our scheme is secure against passive and active attacks. Furthermore, our scheme supports efficiently the password change phase always locally without contacting the remote server and correctly. In addition, our scheme performs significantly better than other existing schemes in terms of communication, computational overheads, security, and features provided by our scheme.

scholarly journals A Generic Model for Identifying QoS Parameters Interrelations in Cloud Services Selection Ontology during Runtime

Symmetry ◽  
2021 ◽  
Vol 13 (4) ◽  
pp. 563
Author(s):  
Babu Rajendiran ◽  
Jayashree Kanniappan
Keyword(s):  
Service Providers ◽  
Cloud Service ◽  
Cloud Services ◽  
Operating Costs ◽  
Generic Model ◽  
Business Organizations ◽  
Cloud Environment ◽  
Cloud Service Provider ◽  
Qos Parameters ◽  
Computer Based

Nowadays, many business organizations are operating on the cloud environment in order to diminish their operating costs and to select the best service from many cloud providers. The increasing number of Cloud Services available on the market encourages the cloud consumer to be conscious in selecting the most apt Cloud Service Provider that satisfies functionality, as well as QoS parameters. Many disciplines of computer-based applications use standardized ontology to represent information in their fields that indicate the necessity of an ontology-based representation. The proposed generic model can help service consumers to identify QoS parameters interrelations in the cloud services selection ontology during run-time, and for service providers to enhance their business by interpreting the various relations. The ontology has been developed using the intended attributes of QoS from various service providers. A generic model has been developed and it is tested with the developed ontology.

scholarly journals Addressing Semantics Standards for Cloud Portability and Interoperability in Multi Cloud Environment

Symmetry ◽  
2021 ◽  
Vol 13 (2) ◽  
pp. 317
Author(s):  
Chithambaramani Ramalingam ◽  
Prakash Mohan
Keyword(s):  
Service Providers ◽  
Research Work ◽  
Cloud Service ◽  
Cloud Services ◽  
Cloud Environment ◽  
Cloud Service Providers ◽  
Application Programming ◽  
Increasing Demand ◽  
Programming Interfaces ◽  
Multi Cloud

The increasing demand for cloud computing has shifted business toward a huge demand for cloud services, which offer platform, software, and infrastructure for the day-to-day use of cloud consumers. Numerous new cloud service providers have been introduced to the market with unique features that assist service developers collaborate and migrate services among multiple cloud service providers to address the varying requirements of cloud consumers. Many interfaces and proprietary application programming interfaces (API) are available for migration and collaboration services among cloud providers, but lack standardization efforts. The target of the research work was to summarize the issues involved in semantic cloud portability and interoperability in the multi-cloud environment and define the standardization effort imminently needed for migrating and collaborating services in the multi-cloud environment.

GOVERNMENT REGULATIONS OF THE USING CLOUD SERVICES

2022 ◽  
Author(s):  
Olexander Melnikov ◽  
◽  
Konstantin Petrov ◽  
Igor Kobzev ◽  
Viktor Kosenko ◽  
...  
Keyword(s):  
Cloud Computing ◽  
Large Scale ◽  
Service Providers ◽  
Cloud Service ◽  
Cloud Services ◽  
Government Agencies ◽  
Remote Work ◽  
Cloud Infrastructure ◽  
Wide Range ◽  
Technological Base

The article considers the development and implementation of cloud services in the work of government agencies. The classification of the choice of cloud service providers is offered, which can serve as a basis for decision making. The basics of cloud computing technology are analyzed. The COVID-19 pandemic has identified the benefits of cloud services in remote work Government agencies at all levels need to move to cloud infrastructure. Analyze the prospects of cloud computing in Ukraine as the basis of e-governance in development. This is necessary for the rapid provision of quality services, flexible, large-scale and economical technological base. The transfer of electronic information interaction in the cloud makes it possible to attract a wide range of users with relatively low material costs. Automation of processes and their transfer to the cloud environment make it possible to speed up the process of providing services, as well as provide citizens with minimal time to obtain certain information. The article also lists the risks that exist in the transition to cloud services and the shortcomings that may arise in the process of using them.

scholarly journals АНАЛИЗ ПОДХОДОВ К ОБЕСПЕЧЕНИЮ БЕЗОПАСНОСТИ ОБЛАЧНЫХ СЕРВИСОВ

2020 ◽  
pp. 70-82
Author(s):  
Вячеслав Вікторович Фролов
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Geographical Location ◽  
Cloud Service ◽  
Cloud Services ◽  
Cloud Infrastructure ◽  
Critical System ◽  
Cloud Service Providers ◽  
Safety And Reliability ◽  
Cloud Resources

The article is devoted to the analysis of modern approaches that ensure the security of cloud services. Since cloud computing is one of the fastest growing areas among information technology, it is extremely important to ensure the safety and reliability of processes occurring in the clouds and to secure the interaction between the client and the provider of cloud services. Given that fears about data loss and their compromise are one of the main reasons that some companies do not transfer their calculations to the clouds. The object of research and analysis of this work are cloud services, which are provided by various cloud service providers. The aim of the study of this work is to compare existing approaches that provide information security for cloud services, as well as offer a new approach based on the principle of diversity. There are many approaches that ensure their safety, using both traditional and cloud-specific. The multi-cloud approach is one of the most promising strategies for improving reliability by reserving cloud resources on the servers of various cloud service providers. It is shown that it is necessary to use diversity to ensure the reliability and safety of critical system components. The principle of diversity is to use a unique version of each resource thanks to a special combination of a cloud computing provider, the geographical location of data centers, cloud service presentation models, and cloud infrastructure deployment models. The differences between cloud providers and which combination of services are preferable to others in terms of productivity are discussed in detail. In addition, best practices for securing cloud resources are reviewed. As a result, this paper concludes that there is a problem of insufficient security and reliability of cloud computing and how to reduce threats in order to avoid a common cause failure and, as a result, loss of confidential data or system downtime using diversity of cloud services.

scholarly journals Selection of optimal data placement using cloud infrastructure

2021 ◽  
pp. 34-42
Author(s):  
Vladimir Meikshan ◽  
◽  
Natalia Teslya ◽  
Keyword(s):  
Mathematical Model ◽  
Data Storage ◽  
Service Providers ◽  
Cloud Service ◽  
Cloud Services ◽  
Information Storage ◽  
Cloud Infrastructure ◽  
Digital Ecosystem ◽  
Cloud Service Providers ◽  
The Cost

Benefits of using cloud technology are obvious, their application is expanding, as a result, it determines the steady growth of demand. Cloud computing has acquired particular relevance for large companies connected with Internet services, retailing, logistics that generate large volume of business and other information. The use of cloud technologies allows organizing the joint consumption of resources, solving the problems of storing and transferring significant amounts of data. Russian consumer cooperation refers to large territory distributed organizations actively forming their own digital ecosystem. The issue of data storing and processing for consumer coo-peration organizations is very relevant. At the same time, the prices of cloud service providers are significantly different and require solving the problem of minimizing the cost of storing and transferring significant amounts of data. The application of the linear programming method is considered to select the optimal data storage scheme for several cloud service providers having different technical and economic parameters of the package (maximum amount of storage, cost of allocated resources). Mathematical model includes the equation of costs for data storing and transferring and restrictions on the amount of storage, the amount of data and its safety. Software tool that allows to perform numerical calculations is selected Microsoft Excel in combination with the "search for solutions" add-on. In accordance with the mathematical model, the conditions for minimizing the amount of cloud storage costs and the necessary restrictions are established. Initial data are set for three data forming centers, storages of certain size for five cloud service providers and nominal price for information storage and transmission. Calculations of expenses are performed in several variants: without optimization, with the solution of the optimization problem, with price increase by cloud service providers. Results of the calculations confirm the necessity to solve the problem of minimizing the cost of cloud services for corporate clients. The presented model can be expanded for any cost conditions as well as for different areas of cloud applications.

scholarly journals CLOUD TECHNOLOGIES IN BUSINESS MANAGEMENT

2021 ◽  
Vol 4 (39) ◽  
pp. 294-301
Author(s):  
V. Gevko ◽  
O. Vivchar ◽  
V. Sharko ◽  
О. Radchenko ◽  
M. Budiaiev ◽  
...  
Keyword(s):  
Business Processes ◽  
Service Providers ◽  
De Novo ◽  
Cloud Service ◽  
Jel Classification ◽  
Digital Transformation ◽  
Cloud Services ◽  
Modern World ◽  
High Tech ◽  
Cloud Technologies

Abstract. The modern world is in the phase of active implementation of digitalization of most processes, including cloud technologies, which is also associated with the introduction of quarantine measures in most countries. Over the past decade, the average annual growth of the cloud services market has expanded by about 50% to more than $ 220 billion. This figure is projected to exceed $ 500 billion in the near future. Currently, a large number of cloud service companies are concentrated in the market. All companies can be classified into national, operating within one country, and international, operating in many countries simultaneously. In Ukraine, the leader is the high-tech company De Novo, which provides services in the segment of corporate clients based on VMware, EMC, Microsoft Azure solutions. Competitors are well-known foreign IT giants, namely: Oracle, IBM, Google, Microsoft, Amazon, HP and others. The Ministry of Digital Transformation of Ukraine plays an important role in this area. The latter signed an agreement with Microsoft to implement the Azure Expansion Program and accelerate Ukraine's digital transformation, including the development of Azure cloud services for the sum of more than $ 500 million. The transition from physical, outdated IT technologies to new cloud services will allow companies to significantly reduce the cost of maintaining their own staff of IT professionals and engineers, reduce dependence on IT equipment suppliers and increase productivity and efficiency of the decisions made. The management of the enterprise can choose one of the offered models from the companies-providers: IaaS, PaaS, SaaS. The choice will depend on the immediate management needs and financial capabilities of the enterprise. In Ukraine, the biggest share of users of cloud services belongs to large utility companies and state enterprises, namely: Dija, Ministry of Internal Affairs, Kyiv Municipal Enterprise "Informatics", Prozorro, Ukrposhta, E-Health (National Health Center of Ukraine), Naftogaz and several other organizations. Thus, the introduction of cloud services involves digital business transformations, namely: optimization of business processes, acceleration of innovation, cost reduction and so on. Key words: IT technologies, cloud technologies, cloud service providers, management, business. JEL Classification L86, M15 Formulas: 0; fig.: 1; tabl.: 2; bibl.: 21.

scholarly journals Privacy-Protection Scheme of a Credit-Investigation System Based on Blockchain

Entropy ◽  
2021 ◽  
Vol 23 (12) ◽  
pp. 1657
Author(s):  
Ke Yuan ◽  
Yingjie Yan ◽  
Tong Xiao ◽  
Wenchao Zhang ◽  
Sufang Zhou ◽  
...  
Keyword(s):  
Privacy Protection ◽  
Service Providers ◽  
Security Analysis ◽  
Cloud Service ◽  
Identity Authentication ◽  
Protection Scheme ◽  
Blockchain Technology ◽  
Searchable Symmetric Encryption ◽  
Verification Time ◽  
Identity Privacy

In response to the rapid growth of credit-investigation data, data redundancy among credit-investigation agencies, privacy leakages of credit-investigation data subjects, and data security risks have been reported. This study proposes a privacy-protection scheme for a credit-investigation system based on blockchain technology, which realizes the secure sharing of credit-investigation data among multiple entities such as credit-investigation users, credit-investigation agencies, and cloud service providers. This scheme is based on blockchain technology to solve the problem of islanding of credit-investigation data and is based on zero-knowledge-proof technology, which works by submitting a proof to the smart contract to achieve anonymous identity authentication, ensuring that the identity privacy of credit-investigation users is not disclosed; this scheme is also based on searchable-symmetric-encryption technology to realize the retrieval of the ciphertext of the credit-investigation data. A security analysis showed that this scheme guarantees the confidentiality, the availability, the tamper-proofability, and the ciphertext searchability of credit-investigation data, as well as the fairness and anonymity of identity authentication in the credit-investigation data query. An efficiency analysis showed that, compared with similar identity-authentication schemes, the proof key of this scheme is smaller, and the verification time is shorter. Compared with similar ciphertext-retrieval schemes, the time for this scheme to generate indexes and trapdoors and return search results is significantly shorter.

Sign in / Sign up

Export Citation Format

Share Document