A Security Protocol for Access to Sensitive Data in Trusted Cloud Server

For the purpose of enabling terminal users to access to sensitive data in cloud server, a security protocol TTAP (Trusted Terminal Access Protocol) is proposed for users, terminal, cloud server and attestation server based on TPM (Trusted Network Connect) and TNC (Trusted Network Connect). TTAP establishes a secure tunnel between cloud server and attestation server, which successfully proves the credibility of trusted terminal and the legitimacy of users. Moreover, strand space model is extended and new authentication tests theorem, namely signature test theorem and HMac (Hash Message Authentication Code) test theorem are proposed in this paper. The new theorems could be used to analysis complicated protocols with signature and HMac of algorithm complexity. TTPA proved by formal analysis method based on authentication tests is safe, so terminal users access to the cloud environment by TTPA are credible.

[1]  Joshua D. Guttman,et al.  Authentication tests , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[2]  Shahabuddin Muhammad,et al.  Applying authentication tests to discover Man-In-The-Middle attack in security protocols , 2013, Eighth International Conference on Digital Information Management (ICDIM 2013).

[3]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[4]  Zhen Yang,et al.  Design and analysis on trusted network equipment access authentication protocol , 2015, Simul. Model. Pract. Theory.

[5]  David Lai,et al.  Preventing man-in-the-middle attack in Diffie-Hellman key exchange protocol , 2015, 2015 22nd International Conference on Telecommunications (ICT).

[6]  Yan Ma,et al.  Cryptanalysis and Improvement of a Dynamic ID Based Remote User Authentication Scheme Using Smart Cards , 2013 .

[7]  Yanan Chang,et al.  A Security Protocol for Trusted Access to Cloud Environment , 2015 .

[8]  Joshua D. Guttman State and Progress in Strand Spaces: Proving Fair Exchange , 2010, Journal of Automated Reasoning.

[9]  Jeong-Nyeo Kim,et al.  Secure user authentication based on the trusted platform for mobile devices , 2016, EURASIP J. Wirel. Commun. Netw..

[10]  Daniel J. Dougherty,et al.  A Hybrid Analysis for Security Protocols with State , 2014, IFM.

[11]  Joshua D. Guttman,et al.  Authentication tests and the structure of bundles , 2002, Theor. Comput. Sci..

[12]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[13]  Xiaoyun Wu,et al.  OOAP: A Novel Authorization Protocol for Access to Sensitive Data in Trusted Cloud Computing Platforms , 2014 .