论文信息 - Strong authentication for mobile cloud computing

Strong authentication for mobile cloud computing

Today authentication has become a major challenge in mobile cloud computing. Using a static password for authentication in cloud provider presents several security drawbacks: passwords can be forgotten, guessed, written down and stolen, eavesdropped or deliberately being told to other people. In this article, we propose a solution in order to improve authentication in mobile cloud computing and mainly resolves men in the middle attack. This solution is inspired by the authentication algorithms studied in 3G (the 3rd Generation) and TLS (Transport Layer Security) to secure the data exchanged in the network. These algorithms ensure a strong authentication before stating the communication. However, a sensitive data in the network can also be exchanged during the communication. To ensure a strong authentication during a communication, the multi-scale Situation Identification from Context (muSIC) system is used to detect the suspect behavior of the users.

Anis Ahmed-Nacer | Mehdi Ahmed-Nacer

[1] Indrajit Das. Mobile Security ( OTP ) by Cloud Computing , 2013 .

[2] Hanan AlShaher,et al. Securing Mobile Cloud Using Finger Print Authentication , 2013 .

[3] Jeffrey M. Stanton,et al. Analysis of end user security behaviors , 2005, Comput. Secur..

[4] Erich M. Nahum,et al. Cryptographic strength of ssl/tls servers: current and recent practices , 2007, IMC '07.

[5] J. Wenny Rahayu,et al. Mobile cloud computing: A survey , 2013, Future Gener. Comput. Syst..

[6] Markus Jakobsson,et al. Implicit Authentication through Learning User Behavior , 2010, ISC.

[7] IehabALRassan,et al. Securing Mobile Cloud Using Finger Print Authentication , 2013 .

[8] Amel Bouzeghoub,et al. INCOME - Multi-scale Context Management for the Internet of Things , 2012, AmI.

[9] Steven Furnell. Computer insecurity - risking the system , 2005 .

[10] Jari Arkko,et al. Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP-AKA) , 2006, RFC.