Understanding security failures of anonymous authentication schemes for cloud environments

Xu, Meijia; Wang, Ding; Wang, Qingxuan; Jia, Qiaowen

doi:10.1016/j.sysarc.2021.102206

Cited by 10 publications

(1 citation statement)

References 53 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…According to the previous multi-server authentication schemes [ 3 , 8 , 38 ], our authentication component should satisfy the following security requirements, including mutual authentication, user anonymity and un-traceability, user-friendly password local updates, multi-factor security, resistance to a wrong password login/update attack, and resistance to a reply attack. Furthermore, according to the latest centralized authentication and authorization scheme [ 15 ], we believe that a blockchain-based authentication and authorization scheme for the MCC hierarchical service scenario may consider the following security properties.…”

Section: Preliminariesmentioning

confidence: 99%

A Blockchain-Based Authentication and Authorization Scheme for Distributed Mobile Cloud Computing Services

Liang

et al. 2023

Sensors

View full text Add to dashboard Cite

Authentication and authorization constitute the essential security component, access control, for preventing unauthorized access to cloud services in mobile cloud computing (MCC) environments. Traditional centralized access control models relying on third party trust face a critical challenge due to a high trust cost and single point of failure. Blockchain can achieve the distributed trust for access control designs in a mutual untrustworthy scenario, but it also leads to expensive storage overhead. Considering the above issues, this work constructed an authentication and authorization scheme based on blockchain that can provide a dynamic update of access permissions by utilizing the smart contract. Compared with the conventional authentication scheme, the proposed scheme integrates an extra authorization function without additional computation and communication costs in the authentication phase. To improve the storage efficiency and system scalability, only one transaction is required to be stored in blockchain to record a user’s access privileges on different service providers (SPs). In addition, mobile users in the proposed scheme are able to register with an arbitrary SP once and then utilize the same credential to access different SPs with different access levels. The security analysis indicates that the proposed scheme is secure under the random oracle model. The performance analysis clearly shows that the proposed scheme possesses superior computation and communication efficiencies and requires a low blockchain storage capacity for accomplishing user registration and updates.

show abstract