Skip to main content

Advertisement

SpringerLink
Log in

Enhanced dynamic credential generation scheme for protection of user identity in mobile-cloud computing

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

To improve the resource limitation of mobile devices, mobile users may utilize cloud-computational and storage services. Although the utilization of the cloud services improves the processing and storage capacity of mobile devices, the migration of confidential information on untrusted cloud raises security and privacy issues. Considering the security of mobile-cloud-computing subscribers’ information, a mechanism to authenticate legitimate mobile users in the cloud environment is sought. Usually, the mobile users are authenticated in the cloud environment through digital credential methods, such as password. Once the users’ credential information theft occurs, the adversary can use the hacked information for impersonating the mobile user later on. The alarming situation is that the mobile user is unaware about adversary’s malicious activities. In this paper, a light-weight security scheme is proposed for mobile user in cloud environment to protect the mobile user’s identity with dynamic credentials. The proposed scheme offloads the frequently occurring dynamic credential generation operations on a trusted entity to keep minimum processing burden on the mobile device. To enhance the security and reliability of the scheme, the credential information is updated frequently on the basis of mobile-cloud packets exchange. Furthermore, the proposed scheme is compared with the existing scheme on the basis of performance metrics i.e. turnaround time and energy consumption. The experimental results for the proposed scheme showed significant improvement in turnaround time and energy consumption as compared to the existing scheme.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

References

  1. Khan AN, Kiah MLM, Khan SU, Madani SA (2013) Towards secure mobile cloud computing: a survey. Future Gener Comput Syst 29(5):1278–1299

    Article  Google Scholar 

  2. Nathani A, Chaudhary S, Somani G (2012) Policy based resource allocation in IaaS cloud. Future Gener Comput Syst 26(1):94–103

    Article  Google Scholar 

  3. Murty J (2008) Programing Amazon Web services: S3, EC2, SQS, FPS, and SimpleDB, 1st edn. O’Reilly Media, Sebastopol

    Google Scholar 

  4. Google App Engine (2011) https://developers.google.com/appengine/. 02 September 2011

  5. Force.com Apex Code Developer’s Guide (2011) http://www.salesforce.com/us/developer/docs/apexcode/index.htm. 06 September 2011

  6. Shiraz M, Abolfazli S, Sanaei Z, Gani A, Gani A (2013) A study on virtual machine deployment for application outsourcing in mobile cloud computing. J Supercomput 63(3):946–964

    Article  Google Scholar 

  7. Kumar K, Lu YH (2010) Cloud computing for mobile users: can offloading computation save energy? IEEE Trans Comput 43(4):51–56

    Google Scholar 

  8. Mobile Cloud Computing Subscribers to Total Nearly One Billion by 2014 (2012) http://www.directionsmag.com/pressreleases/mobile-cloud-computing-subscribers-to-total-nearly-one-billion-by-2014/119248. 23 August 2012

  9. Zhang X, Schiffman J, Gibbs S, Kunjithapatham A, Jeong S (2009) Securing elastic applications on mobile devices for cloud computing. In: Proc ACM workshop on cloud computing security (CCSW ’09), Chicago, IL, USA, Nov 2009

    Google Scholar 

  10. Xiao S, Gong W (2010) Mobility can help: protect user identity with dynamic credential. In: Proc 11th int conference on mobile data management (MDM ’10), Missouri, USA, May 2010

    Google Scholar 

  11. Wang S, Wang XS (2010) In-device spatial cloaking for mobile user privacy assisted by the cloud. In: Proc 11th int conference on mobile data management (MDM ’10), Missouri, USA, May 2010

    Google Scholar 

  12. Chow R, Jakobsson M, Masuoka R, Molina J, Niu Y, Shi E, Song Z (2010) Authentication in the clouds: a framework and its application to mobile users. In: Proc ACM cloud computing security workshop (CCSW ’10), Chicago, USA, Oct 2010

    Google Scholar 

  13. Huan D, Zhang X, Kang M, Luo J (2010) MobiCloud: building secure cloud framework for mobile computing and communication. In: Proc 5th IEEE int symposium on service oriented system engineering (SOSE ’10), Nanjing, China, June 2010

    Google Scholar 

  14. Huang D, Zhou Z, Xu L, Xing T, Zhong Y (2011) Secure data processing framework for MobileCloud computing. In: Proc IEEE INFOCOM workshop on cloud computing (INFOCOM ’11), Shanghai, China, June 2011

    Google Scholar 

  15. Chen YJ, Wang LC (2011) A security framework of group location-based mobile applications in cloud computing. In: Proc int conference on parallel processing workshops (ICPPW ’11), Taipei, Taiwan, Sep 2011

    Google Scholar 

  16. Bilogrevic I, Jadliwalaa M, Kumarb P, Waliab SS, Hubauxa JP, Aadc I, Niemic V (2011) Meetings through the cloud: privacy-preserving scheduling on mobile devices. J Syst Softw 84(11):1910–1927. Special Issue on Mobile Applications: Status and Trends

    Article  Google Scholar 

  17. Jia W, Zhu H, Cao Z, Wei L, Lin X (2011) SDSM: a secure data service mechanism in mobile cloud computing. In: Proc IEEE conference on computer communications workshops (INFOCOM WKSHPS), Shanghai, China, Apr 2011

    Google Scholar 

  18. Ren W, Yu L, Gao R, Xiong F (2011) Lightweight and compromise resilient storage outsourcing with distributed secure accessibility in mobile cloud computing. J Tsinghua Univ (Sci Technol) 16(5):520–528

    Article  Google Scholar 

  19. Itani W, Kayssi A, Chehab A (2010) Energy-efficient incremental integrity for securing storage in mobile cloud computing. In: Proc int conference on energy aware computing (ICEAC ’10), Cairo, Egypt, Dec 2010

    Google Scholar 

  20. Hsueh SC, Lin JY, Lin MY (2011) Secure cloud storage for conventional data archive of smart phones. In: Proc 15th IEEE int symposium on consumer electronics (ISCE ’11), Singapore, June 2011

  21. Yang J, Wang H, Wang J, Tan C, Yu D (2011) Provable data possession of resource constrained mobile devices in cloud computing. J Netw 6(7):1033–1040

    Google Scholar 

  22. Zhou Z, Huang D (2011) Efficient and secure data storage operations for mobile cloud computing. In: IACR cryptology eprint archive, p 185

    Google Scholar 

  23. Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: Proc 28th IEEE symposium on security and privacy (SP ’07), California, USA, May 2007

    Google Scholar 

  24. Ateniese G, Fu K, Green M, Hohenberger S (2005) Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans Inf Syst Secur 9(1):1–30

    Article  Google Scholar 

  25. Tysowski PK, Hasan MA (2011) Re-encryption-based key management towards secure and scalable mobile applications in clouds. In: IACR cryptology eprint archive, p 668

    Google Scholar 

  26. ElGamal T (1985) A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans Inf Theory 31(4):469–472

    Article  MathSciNet  MATH  Google Scholar 

  27. Paillier P (1999) Public-key cryptosystems based on composite degree residuosity classes. In: Proc 7th int conference on theory and application of cryptographic techniques (EUROCRYPT ’99), Prague, Czech Republic, May 1999

    Google Scholar 

  28. Goldwasser S, Micali S (1984) Probabilistic encryption. J Comput Syst Sci 28(2):270–299

    Article  MathSciNet  MATH  Google Scholar 

  29. Shao J, Cao Z (2009) CCA-secure proxy re-encryption without pairings in public key cryptography. In: Proc 12th int conference on practice and theory in public key cryptography (PKC ’09), Irvine, CA, USA, Mar 2009

    Google Scholar 

  30. Yu S, Wang C, Ren K, Lou W (2010) Achieving secure scalable and fine-grained data access control in cloud computing. In: Proc IEEE INFOCOM (INFOCOM ’10), San Diego, CA, USA, Mar 2010

    Google Scholar 

  31. Adjusting Application Performance (2012) https://developers.google.com/appengine/docs/adminconsole/performancesettings. 10 July 2012

  32. Code Coverage (2012) https://developers.google.com/web-toolkit/doc/latest/DevGuideTestingCoverage. 19 June 2012

  33. DeviceInfo API (2012) http://www.blackberry.com/developers/docs/4.3.0api/net/rim/device/api/system/DeviceInfo.html. July 2012

  34. System.currentTimeMillis() vs. new Date() vs. Calendar.getInstance().getTime() (2012) http://stackoverflow.com/questions/368094/system-currenttimemillis-vs-new-date-vs-calendar-getinstance-gettime. April 12 2013

  35. Android: do something when battery is at a defined level (2013) http://stackoverflow.com/questions/10306790/android-do-something-when-battery-is-at-a-defined-level. 13 April 2013

Download references

Acknowledgements

We would like to acknowledge the financial support of the BrightSparks Program at University of Malaya, Malaysia for carrying out this research experiments.

Author information

Authors and Affiliations

  1. Faculty of Computer Science & Information Technology, University of Malaya, Kuala Lumpur, Malaysia

    Abdul Nasir Khan, M. L. Mat Kiah & Atta ur Rehman Khan

  2. Department of Computer Science, COMSATS Institute of Information Technology, Abbottabad, Pakistan

    Sajjad A. Madani

  3. Department of Electrical and Computer Engineering, North Dakota State University, Fargo, USA

    Mazhar Ali

Authors
  1. Abdul Nasir Khan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. M. L. Mat Kiah
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sajjad A. Madani
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Atta ur Rehman Khan
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Mazhar Ali
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Abdul Nasir Khan.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Khan, A.N., Mat Kiah, M.L., Madani, S.A. et al. Enhanced dynamic credential generation scheme for protection of user identity in mobile-cloud computing. J Supercomput 66, 1687–1706 (2013). https://doi.org/10.1007/s11227-013-0967-y

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-013-0967-y

Keywords

Search

Navigation