Abstract
Emerging Mobile Cloud Computing (MCC) technologies offer a new world of promise by leveraging the quality of mobile services. With MCC, resource-constrained mobile devices could capitalize on the computation/storage resources of cloud servers via communication networks. While MCC adoption is growing significantly, several challenges need to be addressed to make MCC-based solutions scale and meet the ever-growing demand for more resource intensive applications. Security is a critical problem hindering the adoption of MCC. One of the most important aspects of MCC security is to establish authenticated communication sessions between mobile devices and cloud servers. The huge amount of data stored on mobile devices poses information security risks and privacy concerns for individuals, enterprises, and governments. The ability to establish authenticated communication sessions between mobile devices and cloud servers can resolve many security concerns. Limited computing and energy resources on mobile devices makes authentication and encryption a challenging task. In this paper, an overview of MCC authentication protocols is presented. Then, a Dual-Factor Authentication Protocol for MCC devices (D-FAP) is proposed. D-FAP aims at increasing authentication security by using multi-factors while offloading computation to the cloud to reduce battery consumption. The security of the protocol is formally verified and informal analysis is performed for various attacks. The results prove that the D-FAP is successful in mitigating various outsider and insider attacks.
Highlights
With the large-scale proliferation of smart mobile devices, an enormous amount of applications have been developed
It used the mobile device for authentication alongside a 4-digit PIN, through a Java application installed on the mobile device, and this in turn generated an One Time Password (OTP), a secret random number which was stored on the mobile device, and a time stamp
The authors of ref. [45] show that the most important aim of the smart card based password authentication protocols was to achieve ‘true’ two-factor security. This meant that the only user who could access the authentication server was the one with full knowledge of the password and who was in possession of the smart card
Summary
With the large-scale proliferation of smart mobile devices, an enormous amount of applications have been developed. The device is communicating via the wireless network more often than usual, leading to increased levels of power consumption on the mobile device [2,4] Another significant challenge for MCC is ensuring security, privacy, and trust [5,6]. The inspiration for D-FAP came from a need to address the energy consumption problem, at the same time as finding a secure and efficient method to carry out the authentication process without exerting too much pressure on the limited resources of the mobile device. [19] which introduces the blueprints of a new authentication protocol that would address the mobile devices resource limitations to conserve their energy and address the security issues of the MCC.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
