An Efficient Privacy-Aware Authentication Scheme With Hierarchical Access Control for Mobile Cloud Computing Services

Abstract

In the last few years, mobile cloud computing (MCC) gains a huge development because of the popularity of mobile applications and cloud computing. User authentication and access control are two indispensable security components in the MCC environment. To the best of our knowledge, they are generally designed in different procedures. Access control can be executed after the authentication completes successfully. In order to improve efficiency, this article constructs an integrated scheme of authentication and hierarchical access control using self-certified public key cryptography (SCPKC) and the Chinese remainder theorem (CRT) for MCC environment. The proposed scheme can achieve mutual authentication while determining the access rights of mobile users without storing any access control list in the MCC service provider side. Besides, we also give a dynamic adding or deletion of MCC service provider to efficiently address potential changes in the hierarchy. The security of our proposed scheme is proved by the random oracle model. Compared with recently related multi-server authentication schemes for the MCC environment, the proposed scheme not only adds a new function of hierarchical access control but also has better computation and communication efficiencies. Therefore, the proposed scheme is more suitable for real-life MCC applications.