As a result of a shift in the world of technology, the combination of ubiquitous mobile networks and cloud computing produced the mobile cloud computing (MCC) domain. As a consequence of a major concern of cloud users, privacy and data protection are getting substantial attention in the field. Currently, a considerable number of papers have been published on MCC with a growing interest in privacy and data protection. Along with this advance in MCC, however, no specific investigation highlights the results of the existing studies in privacy and data protection. In addition, there are no particular exploration highlights trends and open issues in the domain. Accordingly, the objective of this paper is to highlight the results of existing primary studies published in privacy and data protection in MCC to identify current trends and open issues. In this investigation, a systematic mapping study was conducted with a set of six research questions. A total of 1711 studies published from 2009 to 2019 were obtained. Following a filtering process, a collection of 74 primary studies were selected. As a result, the present data privacy threats, attacks, and solutions were identified. Also, the ongoing trends of data privacy exercise were observed. Moreover, the most utilized measures, research type, and contribution type facets were emphasized. Additionally, the current open research issues in privacy and data protection in MCC were highlighted. Furthermore, the results demonstrate the current state-of-the-art of privacy and data protection in MCC, and the conclusion will help to identify research trends and open issues in MCC for researchers and offer useful information in MCC for practitioners.
As a result of a shift in the world of technology, the combination of ubiquitous mobile networks and cloud computing produced the mobile cloud computing (MCC) domain. As a consequence of a major concern of cloud users, privacy and data protection are getting substantial attention in the field. Currently, a considerable number of papers have been published on MCC with a growing interest in privacy and data protection. Along with this advance in MCC, however, no specific investigation highlights the results of the existing studies in privacy and data protection. In addition, there are no particular exploration highlights trends and open issues in the domain. Accordingly, the objective of this paper is to highlight the results of existing primary studies published in privacy and data protection in MCC to identify current trends and open issues. In this investigation, a systematic mapping study was conducted with a set of six research questions. A total of 1711 studies published from 2009 to 2019 were obtained. Following a filtering process, a collection of 74 primary studies were selected. As a result, the present data privacy threats, attacks, and solutions were identified. Also, the ongoing trends of data privacy exercise were observed. Moreover, the most utilized measures, research type, and contribution type facets were emphasized. Additionally, the current open research issues in privacy and data protection in MCC were highlighted. Furthermore, the results demonstrate the current state-of-the-art of privacy and data protection in MCC, and the conclusion will help to identify research trends and open issues in MCC for researchers and offer useful information in MCC for practitioners.
“…Although the cost and resource requirements of the proposed system are low and does not depend on user end platform, it has been tested for small group of people only. A novel multifactor two-server authentication scheme called MTSAS [23] uses fingerprint pattern. In this scheme, server does not store fingerprint information and the user's biometric characteristics cannot leave the user device.…”
Section: Multifactor Authentication Schemes Based On Biometricsmentioning
The objective of this paper is to propose a secure, user friendly and economical multi-level authentication scheme that uses multiple factors for gaining access to resource on insecure platforms and for financial transactions. The proposed study is based on a premise that when multiple levels and multiple factors are incorporated in an authentication scheme it not only becomes difficult to break but also resistant to different forms of attacks. This work purposes a scheme where authentication process is carried out in three levels using multiple factors and is called 3L-MFA. The scheme also uses Out of Band (OOB) authentication as one of the factors that offers credible security against man-in-the-middle (MIM) attack. The first level uses username password based on double encryption. Second level uses OTP verification based on Out of Band (OOB) authentication using email id and mobile number. Third level involves user's interaction on graphical screen in terms of predetermined number of clicks on images, buttons and selection of predetermined number of menu items. The security of proposed system depends upon double encryption using SHA-1 and AES-128-CBC, out of band authentication using OTP and user interaction on a graphical screen that uses probability combination of various numbers.
“…From belief (16), U believes that K uw is the session key between U and WS. From belief (17), U believes that n u is fresh. From belief (18), WS believes that n w is fresh.…”
Section: Modelingmentioning
confidence: 99%
“…In allusion to the serious security problem of the fingerprint leakage in the mobile payment environment, we propose a novel multifactor two-server authenticated scheme under mobile cloud computing, shorted as MTSAS [17]. In the MTSAS, the server authenticates the device, and the device verifies the user.…”
Because the authentication method based on username-password has the disadvantage of easy disclosure and low reliability and the excess password management degrades the user experience tremendously, the user is eager to get rid of the bond of the password in order to seek a new way of authentication. Therefore, the multifactor biometrics-based user authentication wins the favor of people with advantages of simplicity, convenience, and high reliability. Now the biometrics-based (especially the fingerprint information) authentication technology has been extremely mature, and it is universally applied in the scenario of the mobile payment. Unfortunately, in the existing scheme, biometric information is stored on the server side. As thus, once the server is hacked by attackers to cause the leakage of the fingerprint information, it will take a deadly threat to the user privacy. Aiming at the security problem due to the fingerprint information in the mobile payment environment, we propose a novel multifactor two-server authenticated scheme under mobile cloud computing (MTSAS). In the MTSAS, it divides the authentication method and authentication means; in the meanwhile, the user’s biometric characteristics cannot leave the user device. Thus, MTSAS avoids the fingerprint information disclosure, protects user privacy, and improves the security of the user data. In the same time, considering user actual requirements, different authentication factors depending on the privacy level of authentication are chosen. Security analysis proves that MTSAS has achieved the authentication purpose and met security requirements by the BAN logic. In comparison with other schemes, the result shows that MTSAS not only has the reasonable computational efficiency, but also keeps the superior communication cost.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.