Abstract:A combination of mobile and cloud computing delivers many advantages such as mobility, resources, and accessibility through seamless data transmission via the Internet anywhere at any time. However, data transmission through vulnerable channels poses security threats such as man-in-themiddle, playback, impersonation, and asynchronization attacks. To address these threats, we define an explicit security model that can precisely measure the practical capabilities of an adversary. A systematic methodology consist… Show more
“…In 2021, ref. [ 36 ] presented an efficient dynamic reciprocal authentication scheme using a one-time password to achieve multi-factor authentication, which is good at preventing the social engineering attack and replay attack. Ref.…”
Authentication and authorization constitute the essential security component, access control, for preventing unauthorized access to cloud services in mobile cloud computing (MCC) environments. Traditional centralized access control models relying on third party trust face a critical challenge due to a high trust cost and single point of failure. Blockchain can achieve the distributed trust for access control designs in a mutual untrustworthy scenario, but it also leads to expensive storage overhead. Considering the above issues, this work constructed an authentication and authorization scheme based on blockchain that can provide a dynamic update of access permissions by utilizing the smart contract. Compared with the conventional authentication scheme, the proposed scheme integrates an extra authorization function without additional computation and communication costs in the authentication phase. To improve the storage efficiency and system scalability, only one transaction is required to be stored in blockchain to record a user’s access privileges on different service providers (SPs). In addition, mobile users in the proposed scheme are able to register with an arbitrary SP once and then utilize the same credential to access different SPs with different access levels. The security analysis indicates that the proposed scheme is secure under the random oracle model. The performance analysis clearly shows that the proposed scheme possesses superior computation and communication efficiencies and requires a low blockchain storage capacity for accomplishing user registration and updates.
“…In 2021, ref. [ 36 ] presented an efficient dynamic reciprocal authentication scheme using a one-time password to achieve multi-factor authentication, which is good at preventing the social engineering attack and replay attack. Ref.…”
Authentication and authorization constitute the essential security component, access control, for preventing unauthorized access to cloud services in mobile cloud computing (MCC) environments. Traditional centralized access control models relying on third party trust face a critical challenge due to a high trust cost and single point of failure. Blockchain can achieve the distributed trust for access control designs in a mutual untrustworthy scenario, but it also leads to expensive storage overhead. Considering the above issues, this work constructed an authentication and authorization scheme based on blockchain that can provide a dynamic update of access permissions by utilizing the smart contract. Compared with the conventional authentication scheme, the proposed scheme integrates an extra authorization function without additional computation and communication costs in the authentication phase. To improve the storage efficiency and system scalability, only one transaction is required to be stored in blockchain to record a user’s access privileges on different service providers (SPs). In addition, mobile users in the proposed scheme are able to register with an arbitrary SP once and then utilize the same credential to access different SPs with different access levels. The security analysis indicates that the proposed scheme is secure under the random oracle model. The performance analysis clearly shows that the proposed scheme possesses superior computation and communication efficiencies and requires a low blockchain storage capacity for accomplishing user registration and updates.
“…In 2020, Ahmed A. A, et al [19] proposed the DRmcc protocol. Multifactor authentication, Diffie-Hellman key exchange, and One-Time Password (OTP) are used in the protocol to achieve mutual validation and authentication.…”
Because of the rapid growth of cloud computing and the expansion of mobile phone users in recent years, mobile cloud computing has attracted wide attention. In the mobile cloud, wireless computing networks are the basics of sharing data between mobile devices and cloud services. Since air is the communication medium, it must be properly protected; otherwise, it will be subject to a variety of security threats, for example, attacks from middle-man, identity tracking, etc... Furthermore, mobile devices are limited in storage, resources, and computing powers. Hence, designing an efficient and secure balance of authentication schemes is extremely important. First of all, a multi-factor authentication scheme based on biometric (fingerprint information), hash function, and fuzzy vault algorithm is presented in that paper. Secondly, the Validation and Analysis tool of AVISPA Security was approved. Thirdly, the security of the scheme proposed is compared to other related schemes.
“…To address the threats to cloud computing, a security model that accurately calculates the empirical capacity of a contender authentication framework for securing the transmission of data in cloud computing architecture was proposed in [14]. The results from the experiment carried out show that the suggested framework was more efficient than the existing ones.…”
The recent developments in fog computing architecture and cloud of things (CoT) technology includes data mining management and artificial intelligence operations. However, one of the major challenges of this model is vulnerability to security threats and cyber-attacks against the fog computing layers. In such a scenario, each of the layers are susceptible to different intimidations, including the sensed data (edge layer), computing and processing of data (fog (layer), and storage and management for public users (cloud). The conventional data storage and security mechanisms that are currently in use appear to not be suitable for such a huge amount of generated data in the fog computing architecture. Thus, the major focus of this research is to provide security countermeasures against medical data mining threats, which are generated from the sensing layer (a human wearable device) and storage of data in the cloud database of internet of things (IoT). Therefore, we propose a public-permissioned blockchain security mechanism using elliptic curve crypto (ECC) digital signature that that supports a distributed ledger database (server) to provide an immutable security solution, transaction transparency and prevent the patient records tampering at the IoTs fog layer. The blockchain technology approach also helps to mitigate these issues of latency, centralization, and scalability in the fog model.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.