A lightweight anonymous authentication scheme for secure cloud computing services

Cloud computing represents the latest technology that has revolutionized the world of business. It is a promising solution giving companies the possibility of remotely storing their data and accessing services whenever they are needed and at a lower cost. However, outsourcing IT resources also brings risks, especially for sensitive information in terms of security and privacy, since all data and resources stored in the cloud are managed and controlled by cloud service providers. On the other hand, cloud users would like cloud service providers not to know what services being accessed and how often they are using them. Therefore, designing mechanisms to protect privacy is a major challenge. One promising research area is via authentication mechanisms, which has attracted many researchers in this delicate subject. For this, several solutions have been devised and published recently to tackle this problem. Nevertheless, these solutions often suffer from different types of attacks, high computing and communication costs, and the use of complex key management schemes. To address these shortcomings, we propose an approach that ensures the optimal preservation of the privacy of cloud users to protect their personal data including identities. The suggested approach gives the cloud user the ability to access and use the services provided by cloud service providers anonymously without the providers of those services knowing their identity. We demonstrate the superiority of our proposed approach over several anonymous authentication solutions in terms of computation and communication costs.