Two-Factor Mutual Authentication Offloading for Mobile Cloud Computing

Security analysts have shown that it is possible to compromise the mobile two-factor authentication applications that employ SMS-based authentication. In this paper, we consider that offloading mobile applications to the cloud, which is resource-rich and provides a more secure environment, represents a good solution when energy limitation and security constraints are raised. To this end, we propose an offloading architecture for the two-factor mutual authentication applications, and a novel two-factor mutual authentication scheme based on a novel mechanism, named virtual smart card. We also propose a decision-making process to offload the authentication application and its virtual smart card, based on three conditions: security, mobile device’s residual energy, and energy cost. We analytically derive the lower-bound on the mobile application running time from the energy cost formula to perform offloading. We analyze and verify the security properties of the proposed architecture, and provide evaluation results of the two-factor mutual authentication protocol and the offloading decision-making process.

[1]  Tian-Fu Lee,et al.  An Efficient Chaotic Maps-Based Authentication and Key Agreement Scheme Using Smartcards for Telecare Medicine Information Systems , 2013, Journal of Medical Systems.

[2]  Naveen K. Chilamkurti,et al.  An improved authentication protocol for session initiation protocol using smart card , 2015, Peer Peer Netw. Appl..

[3]  Hamid Harroud,et al.  Mobile cloud computing for computation offloading: Issues and challenges , 2018 .

[4]  Muhammad Khurram Khan,et al.  Cryptanalysis and Improvement of ‘A Privacy Enhanced Scheme for Telecare Medical Information Systems’ , 2012, Journal of Medical Systems.

[5]  Fulvio Risso,et al.  Offloading personal security applications to a secure and trusted network node , 2015, Proceedings of the 2015 1st IEEE Conference on Network Softwarization (NetSoft).

[6]  Ashutosh Saxena,et al.  A dynamic ID-based remote user authentication scheme , 2004, IEEE Transactions on Consumer Electronics.

[7]  Fengtong Wen A More Secure Anonymous User Authentication Scheme for the Integrated EPR Information System , 2014, Journal of Medical Systems.

[8]  Ashok Kumar Das,et al.  An Improved and Effective Secure Password-Based Authentication and Key Agreement Scheme Using Smart Cards for the Telecare Medicine Information System , 2013, Journal of Medical Systems.

[9]  Athanasios V. Vasilakos,et al.  Authentication schemes for smart mobile devices: threat models, countermeasures, and open research issues , 2018, Telecommun. Syst..

[10]  Bharat K. Bhargava,et al.  A Survey of Computation Offloading for Mobile Systems , 2012, Mobile Networks and Applications.

[11]  Muhammad Khurram Khan,et al.  An Improved and Secure Biometric Authentication Scheme for Telecare Medicine Information Systems Based on Elliptic Curve Cryptography , 2015, Journal of Medical Systems.

[12]  Bart De Decker,et al.  Secure Storage on Android with Context-Aware Access Control , 2014, Communications and Multimedia Security.

[13]  Mohammad Sabzinejad Farash Security analysis and enhancements of an improved authentication for session initiation protocol with provable security , 2016, Peer Peer Netw. Appl..

[14]  Yan-yan Wang,et al.  A more efficient and secure dynamic ID-based remote user authentication scheme , 2009, Comput. Commun..

[15]  Muhammad Khurram Khan,et al.  Cryptanalysis and Improvement of Authentication and Key Agreement Protocols for Telecare Medicine Information Systems , 2014, Journal of Medical Systems.

[16]  Shay Gueron,et al.  SHA-512/256 , 2011, 2011 Eighth International Conference on Information Technology: New Generations.

[17]  Imad H. Elhajj,et al.  Partial mobile application offloading to the cloud for energy-efficiency with security measures , 2015, Sustain. Comput. Informatics Syst..

[18]  Martín Abadi,et al.  A logic of authentication , 1989, Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences.

[19]  Sourav Mukhopadhyay,et al.  A Secure and Efficient Chaotic Map-Based Authenticated Key Agreement Scheme for Telecare Medicine Information Systems , 2014, Journal of Medical Systems.

[20]  Liang Xiao,et al.  Mobile cloud offloading for malware detections with learning , 2015, 2015 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[21]  Zhenkai Liang,et al.  DroidVault: A Trusted Data Vault for Android Devices , 2014, 2014 19th International Conference on Engineering of Complex Computer Systems.

[22]  Joeri de Ruiter,et al.  Analysis of Secure Key Storage Solutions on Android , 2014, SPSM@CCS.

[23]  Rui Zhang,et al.  A More Secure Authentication Scheme for Telecare Medicine Information Systems , 2012, Journal of Medical Systems.

[24]  Hung-Ming Chen,et al.  An Efficient and Secure Dynamic ID-based Authentication Scheme for Telecare Medical Information Systems , 2012, Journal of Medical Systems.

[25]  Mehmet A. Orgun,et al.  A Survey of Authentication Schemes in Telecare Medicine Information Systems , 2016, Journal of Medical Systems.

[26]  Jianfeng Ma,et al.  Robust Chaotic Map-based Authentication and Key Agreement Scheme with Strong Anonymity for Telecare Medicine Information Systems , 2014, Journal of Medical Systems.

[27]  Fengtong Wen,et al.  An Improved Anonymous Authentication Scheme for Telecare Medical Information Systems , 2014, Journal of Medical Systems.

[28]  Sebastian Mödersheim,et al.  The AVANTSSAR Platform for the Automated Validation of Trust and Security of Service-Oriented Architectures , 2012, TACAS.

[29]  Muhammad Khurram Khan,et al.  Cryptanalysis and security enhancement of a 'more efficient & secure dynamic ID-based remote user authentication scheme' , 2011, Comput. Commun..

[30]  Yu-Fang Chung,et al.  A Secure Authentication Scheme for Telecare Medicine Information Systems , 2012, Journal of Medical Systems.

[31]  Cas J. F. Cremers,et al.  The Scyther Tool: Verification, Falsification, and Analysis of Security Protocols , 2008, CAV.

[32]  Fan Wu,et al.  An improved and provable remote user authentication scheme based on elliptic curve cryptosystem with user anonymity , 2015, Secur. Commun. Networks.

[33]  Guoai Xu,et al.  A Robust Mutual Authentication Scheme Based on Elliptic Curve Cryptography for Telecare Medical Information Systems , 2018, IEEE Access.

[34]  Zhihua Cai,et al.  Efficient and flexible password authenticated key agreement for Voice over Internet Protocol Session Initiation Protocol using smart card , 2014, Int. J. Commun. Syst..

[35]  Mohammad Masdari,et al.  A survey and taxonomy of the authentication schemes in Telecare Medicine Information Systems , 2017, J. Netw. Comput. Appl..

[36]  Yutao Liu,et al.  TinMan: eliminating confidential mobile data exposure with security oriented offloading , 2015, EuroSys.

[37]  Zhian Zhu,et al.  An Efficient Authentication Scheme for Telecare Medicine Information Systems , 2012, Journal of Medical Systems.

[38]  Jean Schwoerer,et al.  Simple modeling of energy consumption for D2D relay mechanism , 2018, 2018 IEEE Wireless Communications and Networking Conference Workshops (WCNCW).

[39]  Athanasios V. Vasilakos,et al.  Security and privacy challenges in mobile cloud computing: Survey and way ahead , 2017, J. Netw. Comput. Appl..

[40]  Fulvio Risso,et al.  Offloading security applications into the network , 2014, eChallenges e-2014 Conference Proceedings.

[41]  Bruno Blanchet,et al.  Automatic verification of correspondences for security protocols , 2008, J. Comput. Secur..

[42]  Muhammad Khurram Khan,et al.  An Efficient and Practical Smart Card Based Anonymity Preserving User Authentication Scheme for TMIS using Elliptic Curve Cryptography , 2015, Journal of Medical Systems.

[43]  Wenzhong Li,et al.  Efficient Multi-User Computation Offloading for Mobile-Edge Cloud Computing , 2015, IEEE/ACM Transactions on Networking.

[44]  Wenfen Liu,et al.  An Improved Authentication Scheme for Telecare Medicine Information Systems , 2012, Journal of Medical Systems.

[45]  Miriam Allalouf,et al.  StoreDroid: Sensor-based data protection framework for Android , 2014, 2014 International Wireless Communications and Mobile Computing Conference (IWCMC).

[46]  권창영,et al.  검증 테이블이 없는 패스워드 인증 시스템 ( A Password Authentication System without verification tables ) , 2000 .

[47]  Chi-Sheng Shih,et al.  Executing mobile applications on the cloud: Framework and issues , 2012, Comput. Math. Appl..

[48]  Athanasios V. Vasilakos,et al.  On the Design of Provably Secure Lightweight Remote User Authentication Scheme for Mobile Cloud Computing Services , 2017, IEEE Access.

[49]  Jianfeng Ma,et al.  A Privacy Enhanced Authentication Scheme for Telecare Medical Information Systems , 2013, Journal of Medical Systems.

[50]  Seong-je Cho,et al.  Protecting data on android platform against privilege escalation attack , 2016, Int. J. Comput. Math..

[51]  John C. S. Lui,et al.  DroidEagle: seamless detection of visually similar Android apps , 2015, WISEC.