An Anonymous Authentication System for Pay-As-You-Go Cloud Computing

Abstract

Cloud computing offers on-demand availability of computing resources over the Internet. To attract users, cloud providers offer their resources as services at reasonable prices and provide various price models to reflect higher level of quality of service (QoS), which are referred as pricing schemes. <inline-formula><tex-math notation="LaTeX">$k$</tex-math></inline-formula> -times anonymous authentication ( <inline-formula><tex-math notation="LaTeX">$k$</tex-math></inline-formula> -TAA) is an attractive approach to construct pricing schemes, providing access controllability, user anonymity and public traceability. In <inline-formula><tex-math notation="LaTeX">$k$</tex-math></inline-formula> -TAA schemes, authenticated users are permitted to anonymously access services from a provider at most <inline-formula><tex-math notation="LaTeX">$k$</tex-math></inline-formula> times, while the ones whose the number of access times exceeds <inline-formula><tex-math notation="LaTeX">$k$</tex-math></inline-formula> can be publicly traced. That is, <inline-formula><tex-math notation="LaTeX">$k$</tex-math></inline-formula> -TAA schemes offer a prepaid plan that charges users based on the amount of access times. Alternatively, pay-as-you-go (PAYG) is a pricing strategy that allows users to be charged based on the amount of usage, reducing the costs on unnecessary resources. Adopting <inline-formula><tex-math notation="LaTeX">$k$</tex-math></inline-formula> -TAA schemes to PAYG model, the access bound <inline-formula><tex-math notation="LaTeX">$k$</tex-math></inline-formula> is decided by the prepayment amount and the service usage is tracked by the number of access times. However, this approach is impractical, since existing <inline-formula><tex-math notation="LaTeX">$k$</tex-math></inline-formula> -TAA schemes only allow an one-time access in an authentication. This article aims to bridge this gap in the literature by designing an efficient and secure authentication system for PAYG cloud computing, supporting flexible access controllability, user anonymity and public traceability. To achieve this, we propose a new <inline-formula><tex-math notation="LaTeX">$k$</tex-math></inline-formula> -TAA primitive, called <inline-formula><tex-math notation="LaTeX">$k$</tex-math></inline-formula> -times anonymous pay-as-you-go authentication ( <inline-formula><tex-math notation="LaTeX">$k$</tex-math></inline-formula> -TAA-PAYG), that allows users to access services for multiple times in an authentication as long as the number of their access times does not exceed <inline-formula><tex-math notation="LaTeX">$k$</tex-math></inline-formula> . We first formalize the definition and security model for <inline-formula><tex-math notation="LaTeX">$k$</tex-math></inline-formula> -TAA-PAYG scheme. Subsequently, we present a concrete construction of <inline-formula><tex-math notation="LaTeX">$k$</tex-math></inline-formula> -TAA-PAYG scheme, with the computational complexity as <inline-formula><tex-math notation="LaTeX">$O(1)$</tex-math></inline-formula> and the constant communicational cost. Finally, comparing with the most efficient <inline-formula><tex-math notation="LaTeX">$k$</tex-math></inline-formula> -TAA scheme proposed by Emura <i>et al.</i> , the experimental results show that our <inline-formula><tex-math notation="LaTeX">$k$</tex-math></inline-formula> -TAA-PAYG scheme is 2.5 to 3 times faster and saves up to 66 percent storage in grant processes. The time cost of an authentication of our <inline-formula><tex-math notation="LaTeX">$k$</tex-math></inline-formula> -TAA-PAYG scheme is constant (1.4-2.4 ms), while Emura <i>et al.</i> ’s scheme needs more than one second when the number of access time is greater than 1, 000.