Enhanced dynamic credential generation scheme for protection of user identity in mobile-cloud computing

To improve the resource limitation of mobile devices, mobile users may utilize cloud-computational and storage services. Although the utilization of the cloud services improves the processing and storage capacity of mobile devices, the migration of confidential information on untrusted cloud raises security and privacy issues. Considering the security of mobile-cloud-computing subscribers’ information, a mechanism to authenticate legitimate mobile users in the cloud environment is sought. Usually, the mobile users are authenticated in the cloud environment through digital credential methods, such as password. Once the users’ credential information theft occurs, the adversary can use the hacked information for impersonating the mobile user later on. The alarming situation is that the mobile user is unaware about adversary’s malicious activities. In this paper, a light-weight security scheme is proposed for mobile user in cloud environment to protect the mobile user’s identity with dynamic credentials. The proposed scheme offloads the frequently occurring dynamic credential generation operations on a trusted entity to keep minimum processing burden on the mobile device. To enhance the security and reliability of the scheme, the credential information is updated frequently on the basis of mobile-cloud packets exchange. Furthermore, the proposed scheme is compared with the existing scheme on the basis of performance metrics i.e. turnaround time and energy consumption. The experimental results for the proposed scheme showed significant improvement in turnaround time and energy consumption as compared to the existing scheme.

[1]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[2]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[3]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[4]  Samee Ullah Khan,et al.  Future Generation Computer Systems ( ) – Future Generation Computer Systems towards Secure Mobile Cloud Computing: a Survey , 2022 .

[5]  이현주,et al.  Design of Integrated Urban Management System and its Applications Based on RoF and PON Technologies , 2006 .

[6]  Ming-Yen Lin,et al.  Secure cloud storage for convenient data archive of smart phones , 2011, 2011 IEEE 15th International Symposium on Consumer Electronics (ISCE).

[7]  Dijiang Huang,et al.  MobiCloud: Building Secure Cloud Framework for Mobile Computing and Communication , 2010, 2010 Fifth IEEE International Symposium on Service Oriented System Engineering.

[8]  Markus Jakobsson,et al.  Authentication in the clouds: a framework and its application to mobile users , 2010, CCSW '10.

[9]  Zhibin Zhou,et al.  Efficient and secure data storage operations for mobile cloud computing , 2012, 2012 8th international conference on network and service management (cnsm) and 2012 workshop on systems virtualiztion management (svm).

[10]  Matthew Green,et al.  Improved proxy re-encryption schemes with applications to secure distributed storage , 2006, TSEC.

[11]  James Murty,et al.  Programming Amazon web services - S3, EC2, SQS, FPS, and SimpleDB: outsource your infrastructure , 2008 .

[12]  Weibo Gong,et al.  Mobility Can Help: Protect User Identity with Dynamic Credential , 2010, 2010 Eleventh International Conference on Mobile Data Management.

[13]  J. Hubaux,et al.  Meetings through the cloud: Privacy-preserving scheduling on mobile devices , 2011, J. Syst. Softw..

[14]  Zhenfu Cao,et al.  CCA-Secure Proxy Re-Encryption without Pairings , 2009, IACR Cryptol. ePrint Arch..

[15]  James Murty,et al.  Programming amazon web services , 2008 .

[16]  Eugene Ciurana,et al.  Google App Engine , 2009 .

[17]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[18]  Yung-Hsiang Lu,et al.  Cloud Computing for Mobile Users: Can Offloading Computation Save Energy? , 2010, Computer.

[19]  Xiaodong Lin,et al.  SDSM: A secure data service mechanism in mobile cloud computing , 2011, 2011 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[20]  Piotr K. Tysowski,et al.  Re-Encryption-Based Key Management Towards Secure and Scalable Mobile Applications in Clouds , 2011, IACR Cryptol. ePrint Arch..

[21]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[22]  Jian Yang,et al.  Provable Data Possession of Resource-constrained Mobile Devices in Cloud Computing , 2011, J. Networks.

[23]  Wei Ren,et al.  Lightweight and compromise resilient storage outsourcing with distributed secure accessibility in mobile cloud computing , 2011 .

[24]  Ali Chehab,et al.  Energy-efficient incremental integrity for securing storage in mobile cloud computing , 2010, 2010 International Conference on Energy Aware Computing.

[25]  Xinwen Zhang,et al.  Securing elastic applications on mobile devices for cloud computing , 2009, CCSW '09.

[26]  Song Wang,et al.  In-Device Spatial Cloaking for Mobile User Privacy Assisted by the Cloud , 2010, 2010 Eleventh International Conference on Mobile Data Management.

[27]  Zhibin Zhou,et al.  Secure data processing framework for mobile cloud computing , 2011, 2011 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[28]  Li-Chun Wang,et al.  A Security Framework of Group Location-Based Mobile Applications in Cloud Computing , 2011, 2011 40th International Conference on Parallel Processing Workshops.

[29]  Sanjay Chaudhary,et al.  Policy based resource allocation in IaaS cloud , 2012, Future Gener. Comput. Syst..

[30]  Muhammad Shiraz,et al.  A study on virtual machine deployment for application outsourcing in mobile cloud computing , 2012, The Journal of Supercomputing.