An out-of-band mobile authenticating mechanism for controlling access to data outsourced in the mobile cloud environment

被引：0

作者：

Yadav S.K. ^{[1
]}

Saroha N. ^{[2
]}

Sharma K. ^{[3
]}

机构：

[1] Computer Science and Engineering Department, Indira Gandhi Delhi Technical University for Women, Kashmere Gate, Delhi

[2] School of Electrical and Data Engineering, University of Technology Sydney, Sydney

[3] Department of Computer Engineering, National Institute of Technology, Kurukshetra

来源：

International Journal of Innovative Computing and Applications | 2019年 / 10卷 / 3-4期

关键词：

Access control; Confidentiality; Data sharing; Integrity; MCC; Mobile authentication; Mobile cloud computing; OOB; Out-of-band; Security;

D O I：

10.1504/IJICA.2019.103368

中图分类号：

学科分类号：

摘要：

'Mobile Cloud Computing' (MCC), a cloud environment, formed by mobile users at the client-side and cloud servers at the back-end enables users to store and pervasively access a huge amount of data via different mobile devices in a distributive manner. This increases the risk of data abuse, since data is outsourced on the distrusted cloud servers. The drawbacks of the current frameworks, such as overloaded computations in key distribution, reduced flexibility, and scalability, are unable to achieve fine-graininess and confidentiality. Thus, we propose an 'access control mechanism' which is lightweight with minimal computational overhead and provides fine-grained access control for sharing data using out-of-band (OOB) mobile authentication. Here we perform client-side encryption and decryption using simple hash functions and concatenation operator and achieve dynamic scalability. The encryption algorithms, sharing mechanism, and the use of OOB mobile authentication are extensively analysed to prove its efficiency and applicability. © 2019 Inderscience Enterprises Ltd.

引用

页码：127 / 137

页数：10

共 37 条

[1] Al-Anzi F.S., Yadav S.K., Soni J., Cloud computing: Security model comprising governance, risk management, and compliance, International Conference on Data Mining and Intelligent Computing (ICDMIC), pp. 1-6, (2014)
[2] Aneja M.J.S., Bhatia T., Sharma G., Shrivastava G., Artificial intelligence based intrusion detection system to detect flooding attack in VANETs, Handbook of Research on Network Forensics and Analysis Techniques, pp. 87-100, (2018)
[3] Arora A., Yadav S.K., Sharma K., Denial-of-service (DoS) attack and botnet: Network analysis, research tactics, and mitigation, Handbook of Research on Network Forensics and Analysis Techniques, pp. 117-141, (2018)
[4] Bellare M., Goldreich O., Goldwasser S., Crypto '94, 839, pp. 216-233, (1994)
[5] Bellare M., Goldreich O., Goldwasser S., Proc. 27th Symposium on the Theory of Computing, pp. 45-56, (1995)
[6] Bethencourt J., Sahai A., Waters B., Ciphertext-policy attribute-based encryption, IEEE Symposium on Security and Privacy (SP'07), pp. 321-334, (2007)
[7] Blaze M., Bleumer G., Strauss M., Divertible protocols and atomic proxy cryptography, International Conference on the Theory and Applications of Cryptographic Techniques, pp. 127-144, (1998)
[8] Boneh D., Franklin M., Identity-based encryption from the Weil pairing, Annual International Cryptology Conference, pp. 213-229, (2001)
[9] Boneh D., Waters B., Conjunctive, subset, and range queries on encrypted data, Theory of Cryptography Conference, pp. 535-554, (2007)
[10] Bowers K.D., Juels A., Oprea A., HAIL: A high-availability and integrity layer for cloud storage, Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 187-198, (2009)

← 1 2 3 4 →