Dynamic Reciprocal Authentication Protocol for Mobile Cloud Computing
Autor: | Muhammad Nomani Kabir, Abdulghani Ali Ahmed, Ali Safaa Sadiq, Kwan Wendy |
---|---|
Rok vydání: | 2021 |
Předmět: |
Computer Networks and Communications
Computer science 0211 other engineering and technologies Servers Cloud computing 02 engineering and technology Diffie–Hellman key exchange Electrical and Electronic Engineering Password Authentication 021103 operations research Diffie–Hellman business.industry mobile cloud computing (MCC) Multi-factor authentication Computer security model Computer Science Applications Mobile cloud computing Mobile handsets Control and Systems Engineering Authentication protocol business Protocols Information Systems Computer network |
Zdroj: | IEEE Systems Journal. 15:727-737 |
ISSN: | 2373-7816 1932-8184 |
DOI: | 10.1109/jsyst.2020.3012986 |
Popis: | The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link. A combination of mobile and cloud computing delivers many advantages such as mobility, resources, and accessibility through seamless data transmission via the Internet anywhere at any time. However, data transmission through vulnerable channels poses security threats such as man-in-the-middle, playback, impersonation, and asynchronization attacks. To address these threats, we define an explicit security model that can precisely measure the practical capabilities of an adversary. A systematic methodology consisting of 16 evaluation criteria is used for comparative evaluation, thereby leading other approaches to be evaluated through a common scale. Finally, we propose a dynamic reciprocal authentication protocol to secure data transmission in mobile cloud computing (MCC). In particular, our proposed protocol develops a secure reciprocal authentication method, which is free of Diffie–Hellman limitations, and has immunity against basic or sophisticated known attacks. The protocol utilizes multifactor authentication of usernames, passwords, and a one-time password (OTP). The OTP is automatically generated and regularly updated for every connection. The proposed protocol is implemented and tested using Java to demonstrate its efficiency in authenticating communications and securing data transmitted in the MCC environment. Results of the evaluation process indicate that compared with the existing works, the proposed protocol possesses obvious capabilities in security and in communication and computation costs. |
Databáze: | OpenAIRE |
Externí odkaz: |