C-MAS: The Cloud Mutual Authentication Scheme

2013 ◽  
Vol 756-759 ◽  
pp. 3209-3214
Author(s):  
Zhen Peng Liu ◽  
Feng Long Wu ◽  
Kai Yu Shang ◽  
Wen Lei Chai
Keyword(s):  
Cloud Computing ◽  
Trusted Computing ◽  
Mutual Authentication ◽  
Computing Time ◽  
Cloud Service ◽  
Authentication Scheme ◽  
Session Key ◽  
Service Platform ◽  
Cloud Computing Environment ◽  
Cloud Computing Service

A cloud mutual authentication scheme (C-MAS) is proposed to solve the problem of authentication between user and cloud computing server. Trusted computing technology and traditional smart card methods are used in cloud computing service platform. The scheme completes the authentication of both sides in cloud computing, generates the session key according consulting, at the same time, verifies the credibility of cloud service platform. Analysis shows that our scheme can resist various kinds of possible attacks, so it is therefore more secure than other schemes. And the computing time meet the requirements of cloud computing environment.

scholarly journals A Secure Lightweight Three-Factor Authentication Scheme for IoT in Cloud Computing Environment

Sensors ◽  
2019 ◽  
Vol 19 (16) ◽  
pp. 3598 ◽  
Author(s):  
SungJin Yu ◽  
KiSung Park ◽  
YoungHo Park
Keyword(s):  
Cloud Computing ◽  
Mutual Authentication ◽  
Internet Security ◽  
Authentication Scheme ◽  
Sensitive Information ◽  
Computing Environment ◽  
Session Key ◽  
Cloud Computing Environment ◽  
Smart Healthcare ◽  
Three Factor

With the development of cloud computing and communication technology, users can access the internet of things (IoT) services provided in various environments, including smart home, smart factory, and smart healthcare. However, a user is insecure various types of attacks, because sensitive information is often transmitted via an open channel. Therefore, secure authentication schemes are essential to provide IoT services for legal users. In 2019, Pelaez et al. presented a lightweight IoT-based authentication scheme in cloud computing environment. However, we prove that Pelaez et al.’s scheme cannot prevent various types of attacks such as impersonation, session key disclosure, and replay attacks and cannot provide mutual authentication and anonymity. In this paper, we present a secure and lightweight three-factor authentication scheme for IoT in cloud computing environment to resolve these security problems. The proposed scheme can withstand various attacks and provide secure mutual authentication and anonymity by utilizing secret parameters and biometric. We also show that our scheme achieves secure mutual authentication using Burrows–Abadi–Needham logic analysis. Furthermore, we demonstrate that our scheme resists replay and man-in-the-middle attacks usingthe automated validation of internet security protocols and applications (AVISPA) simulation tool. Finally, we compare the performance and the security features of the proposed scheme with some existing schemes. Consequently, we provide better safety and efficiency than related schemes and the proposed scheme is suitable for practical IoT-based cloud computing environment.

scholarly journals A Robust IoT-Based Three-Factor Authentication Scheme for Cloud Computing Resistant to Session Key Exposure

2020 ◽  
Vol 2020 ◽  
pp. 1-15 ◽  
Author(s):  
Feifei Wang ◽  
Guosheng Xu ◽  
Guoai Xu ◽  
Yuejie Wang ◽  
Junhao Peng
Keyword(s):  
Cloud Computing ◽  
Resource Sharing ◽  
Secure Communication ◽  
Formal Analysis ◽  
Mutual Authentication ◽  
Authentication Scheme ◽  
User Privacy ◽  
Session Key ◽  
Three Factor ◽  
Key Exposure

With the development of Internet of Things (IoT) technologies, Internet-enabled devices have been widely used in our daily lives. As a new service paradigm, cloud computing aims at solving the resource-constrained problem of Internet-enabled devices. It is playing an increasingly important role in resource sharing. Due to the complexity and openness of wireless networks, the authentication protocol is crucial for secure communication and user privacy protection. In this paper, we discuss the limitations of a recently introduced IoT-based authentication scheme for cloud computing. Furthermore, we present an enhanced three-factor authentication scheme using chaotic maps. The session key is established based on Chebyshev chaotic-based Diffie–Hellman key exchange. In addition, the session key involves a long-term secret. It ensures that our scheme is secure against all the possible session key exposure attacks. Besides, our scheme can effectively update user password locally. Burrows–Abadi–Needham logic proof confirms that our scheme provides mutual authentication and session key agreement. The formal analysis under random oracle model proves the semantic security of our scheme. The informal analysis shows that our scheme is immune to diverse attacks and has desired features such as three-factor secrecy. Finally, the performance comparisons demonstrate that our scheme provides optimal security features with an acceptable computation and communication overheads.

scholarly journals A Secure IoT-Based Authentication System in Cloud Computing Environment

Sensors ◽  
2020 ◽  
Vol 20 (19) ◽  
pp. 5604
Author(s):  
Hsiao-Ling Wu ◽  
Chin-Chen Chang ◽  
Yao-Zhu Zheng ◽  
Long-Sheng Chen ◽  
Chih-Cheng Chen
Keyword(s):  
Cloud Computing ◽  
Mutual Authentication ◽  
Authentication Scheme ◽  
Security Requirements ◽  
The Internet ◽  
Computing Environment ◽  
Cloud Computing Environment ◽  
Authentication System ◽  
Lightweight Authentication ◽  
The Internet Of Things

The Internet of Things (IoT) is currently the most popular field in communication and information techniques. However, designing a secure and reliable authentication scheme for IoT-based architectures is still a challenge. In 2019, Zhou et al. showed that schemes pro-posed by Amin et al. and Maitra et al. are vulnerable to off-line guessing attacks, user tracking attacks, etc. On this basis, a lightweight authentication scheme based on IoT is proposed, and an authentication scheme based on IoT is proposed, which can resist various types of attacks and realize key security features such as user audit, mutual authentication, and session security. However, we found weaknesses in the scheme upon evaluation. Hence, we proposed an enhanced scheme based on their mechanism, thus achieving the security requirements and resisting well-known attacks.

Migration Issues in Cloud Computing due to Security Flaws

2015 ◽  
Vol 8 (2) ◽  
Author(s):  
Hitesh Marwaha ◽  
Dr. Rajeshwar Singh
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Trusted Computing ◽  
Cloud Service ◽  
Cloud Services ◽  
The Internet ◽  
Security Issues ◽  
Cloud Computing Service ◽  
Cloud Service Providers ◽  
Almost All

Cloud computing is becoming an adoptable technology for many of the organizations with its dynamic scalability and usage of virtualized resources as a service through the Internet. Cloud computing is the delivery of computing services over the Internet. Cloud services allow individuals and businesses to use software and hardware that are managed by third parties at remote locations. Cloud Computing is a computing model, in which customer plug into the “cloud” to access IT resources which are priced and provided “on-demand”. The major challenges that prevent Cloud Computing from being adopted are recognized by organizations are security issues. Many techniques for securing the data in cloud are proposed by researcher but almost all methods have some drawbacks and till date no appropriate method has not been proposed that Cloud service providers can win the trust of customer. In this research paper the various security issues are reviewed along with cloud computing service providers which will give a deep insight for cloud service providers as well as researchers to work on the areas and make cloud computing a“trusted computing “and hardening the confidence of organizations towards cloud computing migration.

scholarly journals A Study on Strategic Provisioning of Cloud Computing Services

2014 ◽  
Vol 2014 ◽  
pp. 1-16 ◽  
Author(s):  
Md Whaiduzzaman ◽  
Mohammad Nazmul Haque ◽  
Md Rejaul Karim Chowdhury ◽  
Abdullah Gani
Keyword(s):  
Cloud Computing ◽  
Cloud Service ◽  
Future Research ◽  
User Requirements ◽  
Service Provisioning ◽  
Research Issues ◽  
Computing Services ◽  
Cloud Computing Service ◽  
Essential Services ◽  
Cloud Providers

Cloud computing is currently emerging as an ever-changing, growing paradigm that models “everything-as-a-service.” Virtualised physical resources, infrastructure, and applications are supplied by service provisioning in the cloud. The evolution in the adoption of cloud computing is driven by clear and distinct promising features for both cloud users and cloud providers. However, the increasing number of cloud providers and the variety of service offerings have made it difficult for the customers to choose the best services. By employing successful service provisioning, the essential services required by customers, such as agility and availability, pricing, security and trust, and user metrics can be guaranteed by service provisioning. Hence, continuous service provisioning that satisfies the user requirements is a mandatory feature for the cloud user and vitally important in cloud computing service offerings. Therefore, we aim to review the state-of-the-art service provisioning objectives, essential services, topologies, user requirements, necessary metrics, and pricing mechanisms. We synthesize and summarize different provision techniques, approaches, and models through a comprehensive literature review. A thematic taxonomy of cloud service provisioning is presented after the systematic review. Finally, future research directions and open research issues are identified.

Load Balancing pada Cloud Computing dengan Sumber Daya Terbatas Menggunakan Penggabungan Algoritma ESCE dan Throttled

2015 ◽  
Vol 7 (1) ◽  
Author(s):  
Endang Wahyu Pamungkas ◽  
Divi Galih Prasetyo Putri
Keyword(s):  
Resource Allocation ◽  
Cloud Computing ◽  
Load Balancing ◽  
High Reliability ◽  
Cloud Service ◽  
The Other ◽  
Limited Resources ◽  
Resource Quality ◽  
Cloud Computing Environment ◽  
Load Balancing Algorithm

Recently cloud computing technology has been implemented by many companies. This technology requires a really high reliability that closely related to hardware specification and management resource quality used. Adequate hardware would make resource allocation easier. On the other hand, resource allocation will be harder if the resources are limited. This is a common condition in a developing cloud service provider. In this paper, a load balancing algorithm to allocate resources in cloud computing environment that has limited resources has been proposed. This algorithm is developed by taking the advantages of the existing algorithms, Equally Spread Current Execution and Throttled. We merge those algorithm without losing the advantages and we try to eliminate the shortcoming of each algorithm. The result shows that this algorithm is able to give a significant improvement in the limited resources environment. In addition, the algorithm also able to compete with the other algorithm in the more adequate resource environment. Based on the consistent results, this algorithm is expected to be more adaptive in different resources environment.

Two Factor Authentication Using M-Pin Server for Secure Cloud Computing Environment

2016 ◽  
pp. 1053-1066 ◽  
Author(s):  
Nitin Nagar ◽  
Ugrasen Suman
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Cloud Service ◽  
Computing Environment ◽  
Cloud Computing Environment ◽  
Cloud Computing Security ◽  
Network Application ◽  
Multiple Challenges ◽  
Secure Cloud Computing ◽  
Malicious Insiders

Cloud computing is comprised of major demand from the every group of organization because of easy availability and cost effectiveness. The responsibilities of cloud service providers will become increasing more due to the great progression in every cloud computing deployment model (public, private and hybrid) and service models (SaaS, PaaS and IaaS). In this perspective, cloud computing faces multiple challenges, especially in cloud computing security at all levels (e.g., host, network, application and data levels). Authentication is the constantly the biggest concerned for IT industries to adopt cloud computing environment. The availability, performance, key logger attack, malicious insiders, outsider attacks and service disruptions explore (service hijacking) issues are the key research challenges in the cloud computing authentication level. In this aspect, traditional user name and password is not enough as a single factor (first factor). This paper has proposed a secure cloud computing framework which uses first factor as a crypt user name and password with the ATM pin as a second factor called M-pin. The proposed work focuses on a solution to the threats that are the major issues in the cloud adoption.

Sign in / Sign up

Export Citation Format

Share Document