Abstract
With the popularity of cloud computing, information security issues in the cloud environment are becoming more and more prominent. As the first line of defense to ensure cloud computing security, user authentication has attracted extensive attention. Though considerable efforts have been paid for a secure and practical authentication scheme in cloud computing environment, most attempts ended in failure. The design of a secure and efficient user authentication scheme for cloud computing remains a challenge on the one hand and user’s smart card or mobile devices are of limited resource; on the other hand, with the combination of cloud computing and the Internet of Things, applications in cloud environments often need to meet various security requirements and are vulnerable to more attacks. In 2018, Amin et al. proposed an enhanced user authentication scheme in cloud computing, hoping to overcome the identified security flaws of two previous schemes. However, after a scrutinization of their scheme, we revealed that it still suffers from the same attacks (such as no user anonymity, no forward secrecy, and being vulnerable to offline dictionary attack) as the two schemes they compromised. Consequently, we take the scheme of Amin et al. (2018) as a study case, we discussed the inherent reason and the corresponding solutions to authentication schemes for cloud computing environment in detail. Next, we not only proposed an enhanced secure and efficient scheme, but also explained the design rationales for a secure cloud environment protocol. Finally, we applied BAN logic and heuristic analysis to show the security of the protocol and compared our scheme with related schemes. The results manifest the superiority of our scheme.
Highlights
With the development of IT technology, cloud computing has become one of the hottest research directions in recent years
It fundamentally changed the traditional model of service providers providing services and consumers’ access to resources: as a service provider of cloud computing, it effectively improves the utilization of resources by centralizing the demands; consumers gain the convenience of using resources, and reduce the using cost through paying on demand
This unsatisfactory situation motivates us to explore the inherent reasons of the failure in those schemes, find the basic method to fix the security flaws, and design a robust and efficient user authentication protocol for cloud computing environment
Summary
With the development of IT technology, cloud computing has become one of the hottest research directions in recent years. Amin et al [3] identified the security weaknesses in the schemes of Xue et al [14] and Chuang et al [15] by revealing the two schemes fail to provide user anonymity and forward secrecy while being not able to resist against offline password guessing attack and so on They designed a new scheme that claims to overcome the security flaws of the two schemes and be secure to various attacks. With the widespread use of cloud computing, the potential security threats will lead to greater harm This unsatisfactory situation motivates us to explore the inherent reasons of the failure in those schemes, find the basic method to fix the security flaws, and design a robust and efficient user authentication protocol for cloud computing environment.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
