The Journal of Supercomputing

, Volume 66, Issue 3, pp 1687–1706

Enhanced dynamic credential generation scheme for protection of user identity in mobile-cloud computing

  • Abdul Nasir Khan
  • M. L. Mat Kiah
  • Sajjad A. Madani
  • Atta ur Rehman Khan
  • Mazhar Ali
Article

Abstract

To improve the resource limitation of mobile devices, mobile users may utilize cloud-computational and storage services. Although the utilization of the cloud services improves the processing and storage capacity of mobile devices, the migration of confidential information on untrusted cloud raises security and privacy issues. Considering the security of mobile-cloud-computing subscribers’ information, a mechanism to authenticate legitimate mobile users in the cloud environment is sought. Usually, the mobile users are authenticated in the cloud environment through digital credential methods, such as password. Once the users’ credential information theft occurs, the adversary can use the hacked information for impersonating the mobile user later on. The alarming situation is that the mobile user is unaware about adversary’s malicious activities. In this paper, a light-weight security scheme is proposed for mobile user in cloud environment to protect the mobile user’s identity with dynamic credentials. The proposed scheme offloads the frequently occurring dynamic credential generation operations on a trusted entity to keep minimum processing burden on the mobile device. To enhance the security and reliability of the scheme, the credential information is updated frequently on the basis of mobile-cloud packets exchange. Furthermore, the proposed scheme is compared with the existing scheme on the basis of performance metrics i.e. turnaround time and energy consumption. The experimental results for the proposed scheme showed significant improvement in turnaround time and energy consumption as compared to the existing scheme.

Keywords

Cloud computing Mobile-cloud computing Security Privacy 

References

  1. 1.
    Khan AN, Kiah MLM, Khan SU, Madani SA (2013) Towards secure mobile cloud computing: a survey. Future Gener Comput Syst 29(5):1278–1299 CrossRefGoogle Scholar
  2. 2.
    Nathani A, Chaudhary S, Somani G (2012) Policy based resource allocation in IaaS cloud. Future Gener Comput Syst 26(1):94–103 CrossRefGoogle Scholar
  3. 3.
    Murty J (2008) Programing Amazon Web services: S3, EC2, SQS, FPS, and SimpleDB, 1st edn. O’Reilly Media, Sebastopol Google Scholar
  4. 4.
    Google App Engine (2011) https://developers.google.com/appengine/. 02 September 2011
  5. 5.
    Force.com Apex Code Developer’s Guide (2011) http://www.salesforce.com/us/developer/docs/apexcode/index.htm. 06 September 2011
  6. 6.
    Shiraz M, Abolfazli S, Sanaei Z, Gani A, Gani A (2013) A study on virtual machine deployment for application outsourcing in mobile cloud computing. J Supercomput 63(3):946–964 CrossRefGoogle Scholar
  7. 7.
    Kumar K, Lu YH (2010) Cloud computing for mobile users: can offloading computation save energy? IEEE Trans Comput 43(4):51–56 Google Scholar
  8. 8.
    Mobile Cloud Computing Subscribers to Total Nearly One Billion by 2014 (2012) http://www.directionsmag.com/pressreleases/mobile-cloud-computing-subscribers-to-total-nearly-one-billion-by-2014/119248. 23 August 2012
  9. 9.
    Zhang X, Schiffman J, Gibbs S, Kunjithapatham A, Jeong S (2009) Securing elastic applications on mobile devices for cloud computing. In: Proc ACM workshop on cloud computing security (CCSW ’09), Chicago, IL, USA, Nov 2009 Google Scholar
  10. 10.
    Xiao S, Gong W (2010) Mobility can help: protect user identity with dynamic credential. In: Proc 11th int conference on mobile data management (MDM ’10), Missouri, USA, May 2010 Google Scholar
  11. 11.
    Wang S, Wang XS (2010) In-device spatial cloaking for mobile user privacy assisted by the cloud. In: Proc 11th int conference on mobile data management (MDM ’10), Missouri, USA, May 2010 Google Scholar
  12. 12.
    Chow R, Jakobsson M, Masuoka R, Molina J, Niu Y, Shi E, Song Z (2010) Authentication in the clouds: a framework and its application to mobile users. In: Proc ACM cloud computing security workshop (CCSW ’10), Chicago, USA, Oct 2010 Google Scholar
  13. 13.
    Huan D, Zhang X, Kang M, Luo J (2010) MobiCloud: building secure cloud framework for mobile computing and communication. In: Proc 5th IEEE int symposium on service oriented system engineering (SOSE ’10), Nanjing, China, June 2010 Google Scholar
  14. 14.
    Huang D, Zhou Z, Xu L, Xing T, Zhong Y (2011) Secure data processing framework for MobileCloud computing. In: Proc IEEE INFOCOM workshop on cloud computing (INFOCOM ’11), Shanghai, China, June 2011 Google Scholar
  15. 15.
    Chen YJ, Wang LC (2011) A security framework of group location-based mobile applications in cloud computing. In: Proc int conference on parallel processing workshops (ICPPW ’11), Taipei, Taiwan, Sep 2011 Google Scholar
  16. 16.
    Bilogrevic I, Jadliwalaa M, Kumarb P, Waliab SS, Hubauxa JP, Aadc I, Niemic V (2011) Meetings through the cloud: privacy-preserving scheduling on mobile devices. J Syst Softw 84(11):1910–1927. Special Issue on Mobile Applications: Status and Trends CrossRefGoogle Scholar
  17. 17.
    Jia W, Zhu H, Cao Z, Wei L, Lin X (2011) SDSM: a secure data service mechanism in mobile cloud computing. In: Proc IEEE conference on computer communications workshops (INFOCOM WKSHPS), Shanghai, China, Apr 2011 Google Scholar
  18. 18.
    Ren W, Yu L, Gao R, Xiong F (2011) Lightweight and compromise resilient storage outsourcing with distributed secure accessibility in mobile cloud computing. J Tsinghua Univ (Sci Technol) 16(5):520–528 CrossRefGoogle Scholar
  19. 19.
    Itani W, Kayssi A, Chehab A (2010) Energy-efficient incremental integrity for securing storage in mobile cloud computing. In: Proc int conference on energy aware computing (ICEAC ’10), Cairo, Egypt, Dec 2010 Google Scholar
  20. 20.
    Hsueh SC, Lin JY, Lin MY (2011) Secure cloud storage for conventional data archive of smart phones. In: Proc 15th IEEE int symposium on consumer electronics (ISCE ’11), Singapore, June 2011 Google Scholar
  21. 21.
    Yang J, Wang H, Wang J, Tan C, Yu D (2011) Provable data possession of resource constrained mobile devices in cloud computing. J Netw 6(7):1033–1040 Google Scholar
  22. 22.
    Zhou Z, Huang D (2011) Efficient and secure data storage operations for mobile cloud computing. In: IACR cryptology eprint archive, p 185 Google Scholar
  23. 23.
    Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: Proc 28th IEEE symposium on security and privacy (SP ’07), California, USA, May 2007 Google Scholar
  24. 24.
    Ateniese G, Fu K, Green M, Hohenberger S (2005) Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans Inf Syst Secur 9(1):1–30 CrossRefGoogle Scholar
  25. 25.
    Tysowski PK, Hasan MA (2011) Re-encryption-based key management towards secure and scalable mobile applications in clouds. In: IACR cryptology eprint archive, p 668 Google Scholar
  26. 26.
    ElGamal T (1985) A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans Inf Theory 31(4):469–472 MathSciNetCrossRefMATHGoogle Scholar
  27. 27.
    Paillier P (1999) Public-key cryptosystems based on composite degree residuosity classes. In: Proc 7th int conference on theory and application of cryptographic techniques (EUROCRYPT ’99), Prague, Czech Republic, May 1999 Google Scholar
  28. 28.
    Goldwasser S, Micali S (1984) Probabilistic encryption. J Comput Syst Sci 28(2):270–299 MathSciNetCrossRefMATHGoogle Scholar
  29. 29.
    Shao J, Cao Z (2009) CCA-secure proxy re-encryption without pairings in public key cryptography. In: Proc 12th int conference on practice and theory in public key cryptography (PKC ’09), Irvine, CA, USA, Mar 2009 Google Scholar
  30. 30.
    Yu S, Wang C, Ren K, Lou W (2010) Achieving secure scalable and fine-grained data access control in cloud computing. In: Proc IEEE INFOCOM (INFOCOM ’10), San Diego, CA, USA, Mar 2010 Google Scholar
  31. 31.
    Adjusting Application Performance (2012) https://developers.google.com/appengine/docs/adminconsole/performancesettings. 10 July 2012
  32. 32.
  33. 33.
  34. 34.
    System.currentTimeMillis() vs. new Date() vs. Calendar.getInstance().getTime() (2012) http://stackoverflow.com/questions/368094/system-currenttimemillis-vs-new-date-vs-calendar-getinstance-gettime. April 12 2013
  35. 35.
    Android: do something when battery is at a defined level (2013) http://stackoverflow.com/questions/10306790/android-do-something-when-battery-is-at-a-defined-level. 13 April 2013

Copyright information

© Springer Science+Business Media New York 2013

Authors and Affiliations

  • Abdul Nasir Khan
    • 1
  • M. L. Mat Kiah
    • 1
  • Sajjad A. Madani
    • 2
  • Atta ur Rehman Khan
    • 1
  • Mazhar Ali
    • 3
  1. 1.Faculty of Computer Science & Information TechnologyUniversity of MalayaKuala LumpurMalaysia
  2. 2.Department of Computer ScienceCOMSATS Institute of Information TechnologyAbbottabadPakistan
  3. 3.Department of Electrical and Computer EngineeringNorth Dakota State UniversityFargoUSA

Personalised recommendations