PPMUAS: A privacy preserving mobile user authentication system for cloud environment utilizing big data features

Abstract

The rapid progression of mobile and communication technology resulted in smart hand-held devices, with superior processing and storage capacities, which can be used in conjunction with cloud environment. Insecure internet as an underlying communication medium results in unlock of cryptographic attacks both from outsider (via Internet) and insider (via cloud system) on user and enterprise specific data. To combat these issues, we present a privacy preserving, hybrid profile authentication scheme exploiting Big Data features for a ubiquitous user connecting to cloud server through a smart device. Our system adopts the strengths of fuzzy hashing and fully homomorphic encryption (FHE) to authenticate and secure the critical user data stored in cloud servers from insiders and third party. We use user specific information like user password and behavioral features like key stroke dynamics to generate a user profile. Based on authors knowledge, our system i.e. PPMUAS is the first of its kind of system which considers multi factors and hybrid profile for privacy preserving and remote user authentication. We evaluate the performance of our proposed approach through public data sets. Our result shows that our proposed scheme can successfully validate legitimate users while detecting imposters.