Abstract
With the prosperity of cloud computing, many mobile nodes choose to deliver their certificate by service AP nodes, where each service AP node as a broker is responsible for authenticating virtual resource access with mobile users who are likely to be malicious in the underlying service requests. However, this access control system requires mobile users’ certificate information and may fail due to their privacy. In light of the growing privacy concerns, this paper proposes a certificate-aware framework for online access control system in mobile computing, where users are compensated for their privacy certificate and operation disclosure and are motivated to present more certificate information. In this framework, a broker pays a trust degree to users and virtual authentication coordinators for disclosing more certificate information. This paper models the interactions among virtual authentication coordinators, the authentication broker and mobile users as a three-stage game, where every player aims at maximizing its own utility, and the trust allocation is achieved by G value learning. Numerical results have shown that the proposed certificate-aware framework is effective, as it enables all players to maximize their utilities and improve the degree of the trust of mobile computing systems.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Alizadeh M, Abolfazli S, Zamani M et al (2016) Authentication in mobile cloud computing: a survey. J Netw Comput Appl 61:59–80
Blundo C, Cimato S, De Capitani di Vimercati S et al (2010) Managing key hierarchies for access control enforcement: Heuristic approaches. Comput Secur 29(5):533–547
Chen Z, Qui Y, Liu J et al (2011) Incentive mechanism for selfish nodes in wireless sensor networks based on evolutionary game. Comput Math 62(9):3378–3388
dos Santos DR, Marinho R, Schmitt GR et al (2016) A framework and risk assessment approaches for risk-based access control in the cloud. J Netw Comput Appl 74:86–97
Furuncu E, Sogukpinar I (2015) Scalable risk assessment method for cloud computing using game theory. Comp Stand Inter 38:44–50
Hu L, Ku W, Bakiras S et al (2013) Spatial query integrity with voronoi neighbors. IEEE Trans Knowl Data Eng 25(4):863–876
Khalila I, Khreishahb A, Azeemc M (2014) Consolidated identity management system for secure mobile cloud computing. Comput Net 65(2):99–110
Khider H, Osman T, Sherkat N (2010) Attribute-based authorization for grid computing. International conference on intelligent systems, modelling and simulation (ISMS), pp 71–74
Li X, Jia Z, Zhang P et al (2010) Trust-based on-demand multi-path routing in mobile ad hoc networks. IET Inf Secur 4(4):212–223
Li Q, Ma J, Li R, Liu X et al (2016) Secure, efficient and revocable multi-authority access control system in cloud storage. Comput Secur 59:45–59
Lia X, Xiong Y, Ma J et al (2012) An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards. J Netw Comput Appl 35(2):763–769
Lin H, Xu L, Huang X et al (2015) A trustworthy access control model for mobile cloud computing based on reputation and mechanism design. Ad Hoc Netw 35:51–64
Liu C (2014) Cloud service access control system based on ontologies. Adv Eng Softw 69(3):26–36
Liu Z, Joy AW, Thompson RA (2004) A dynamic trust model for mobile ad hoc networks. In: Proceedings of 10th IEEE international workshop on future trends of distributed computing systems, pp 80–85
Li M, Yu S, Ren K et al.(2010) Securing personal health records in cloud computing: patient-centric and fine-grained data access control in multi-owner settings. In: Proceeding on 6th international ICST conference on security privacy Common Network, pp. 89–106
Luo J, Liu X, Fan M (2009) A trust model based on fuzzy recommendation for mobile ad hoc networks. Comput Netw 53(14):2396–2407
Ma CYT, Rao NSV, Yau DKY (2011) A game theoretic study of attack and defense in cyber-physical systems. IEEE conference on computer communications workshops, pp 10–15
Ma X, Zhang J, Tao J et al (2014) DNSRadar: outsourcing malicious domain detection based on distributed Cache–Footprints. IEEE Trans Inf Forensic Secur 9(11):1906–1921
Pirzada AA, McDonald C (2006) Trust establishment in pure ad hoc Networks. Wirel Pers Commun 37(1):39–168
Qin ZG, Xiong H, Zhu GB et al (2014) Certificate-free ad hoc anonymous authentication. Inform Sci 268:447–457
Rong C, Nguyen ST, Jaatun MG (2013) Beyond lightning: a survey on security challenges in cloud computing. Comput Elect Eng 39(1):47–54
Ruj S, Stojmenovic M, Nayak A (2014) Decentralized access control with anonymous authentication of data stored in clouds. IEEE Trans Parall Distr 25(2):384–394
Shi RH, Zhong H, Huang LS (2014) A novel anonymous authentication scheme without cryptography. Trans Emerg Telecomun Technol 25(9):875–880
Van den Berg E, Zhang T, Pietrowicz S (2009) Blend-In: a privacy enhancing certificate selection method for vehicular communication. IEEE Trans Veh Technol 58(9):5190–5199
Wang Q, Wang C, Ren K et al (2011) Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans Parall Distrib Syst 22(5):847–859
Wang H, Wu S, Chen M et al (2014) Security protection between users and the mobile media cloud. IEEE Comm Mag 52(3):73–79
Wang W, Chen L, Zhang Q (2015) Outsourcing high-dimensional healthcare data to cloud with personalized privacy preservation. Comput Commun 88(9):136–148
Wang D, Wang N, Wang P et al (2015) Preserving privacy for free: efficient and provably secure two-factor authentication scheme with user anonymity. Inform Sci 321:162–178
Wang W, Li Z, Owens R et al (2009) Secure and efficient access to outsourced data. In: Proceedings of the 2009 ACM workshop on cloud computing security, pp 55–66
Wang C, Wang Q, Ren K et al. (2010) Privacy-preserving public auditing for data storage security in cloud computing. In: Proceeding on international conference on computer communications, pp 1–9
Wasef A, Jiang Y, Shen X (2010) An efficient distributed certificate service scheme for vehicular networks. IEEE Trans Veh Technol 59(2):533–549
Yang X, Huang X, Liu JK (2016) Efficient handover authentication with user anonymity and untraceability for mobile cloud computing. Future Gener Comp Syst 62:190–195
Yang L, Wang W, Chen Y et al. (2013) A privacy-aware framework for online advertisement targeting. In Proceedings on IEEE global communications conference, pp 3145–3150
Yeh LY, Huang JL (2014) PBS: a portable billing scheme with fine-grained access control for service-oriented vehicular networks. IEEE Trans Mob Comput 13(11):2606–2619
Younis YA, Kifayat K, Merabti M (2014) An access control model for cloud computing. J Inf Secur Appl 19(1):45–60
Zhang ZH, Li JJ, Jiang W et al. (2012) A new anonymous authentication scheme for cloud computing. In: Proceedings of 7th international conference on computer science and education, pp 896–898
Zhang B, Huang A, Xiang Y (2014) A novel multiple-level trust management framework for wireless sensor networks. Comput Netw 72(29):45–61
Zhao R, Yue C (2014) Toward a secure and usable cloud-based password manager for web browsers. Comput Secur 46(3):32–47
Zhou J, Lin X, Dong X et al (2015) PSMPA: patient self-controllable and multi-level privacy-preserving cooperative authentication in distributed m-healthcare cloud computing system. IEEE Trans Parall Distr 26(6):1693–1703
Zhu J, Ma J (2004) A new authentication scheme with anonymity for wireless environments. IEEE Trans Consum Electron 50(1):230–234
Zissis D, Lekkas D (2012) Addressing cloud computing security issues. Future Gener Comp Syst 28(3):583–592
Acknowledgements
This article does not contain any studies with human participants or animals performed by any of the authors. Informed consent was obtained from all individual participants included in the study. This work was partly supported by the National Natural Science Foundation of China under Grant No. 61572014, Zhejiang Provincial Natural Science Foundation of China under Grants No. LY16F020028 and Scientific Research Foundation of Zhejiang Provincial Education Department of China under Grant No. Y201431192.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interests
The authors declare that they have no conflict of interest.
Additional information
Communicated by V. Loia.
Rights and permissions
About this article
Cite this article
Li, D., Li, M. & Liu, J. Evolutionary trust scheme of certificate game in mobile cloud computing. Soft Comput 22, 2245–2255 (2018). https://doi.org/10.1007/s00500-017-2486-x
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00500-017-2486-x