SECURING CLOUD COMPUTING SERVICES USING STRONG USER AUTHENTICATION WITH LOCAL CERTIFICATION AUTHORITY

My Abdelkader Youssefi

Abstract


Cloud computing technology provides services, computing, and storage for users over internet. This new technology allows companies to reduce hardware and software investments, users can collaborate easily with others everywhere in the world. However, security is a serious concern for cloud users. Strong user authentication is required for cloud computing in order to restrict illegal access to cloud services. In this regard, this paper proposes a strong user authentication based on digital certificates for cloud computing, users are authenticated using private public key infrastructure (PKI). The proposed method provides identity control, mutual authentication, session key establishment between the users and the cloud server. Moreover, our approach doesn’t require any investment in subscription or purchasing commercial certificates for an enterprise with worldwide branches.


Keywords


Cloud Computing; Security; Authentication; Digital Signature; Public Key Infrastructure; Certification Authority;

References


Hand, Eric, “Head in the Clouds”, Nature, Volume 449, Issue 7165, pp. 963, 2007.

Weiss, Aaron. “Computing in the clouds”, Magazine netWorker Volume11, issue 4, 16-25, 2007.

Y. Yang, H. Lu, and J. Weng, “Multi-User Private Keyword Search for Cloud Computing”, In the Third International Conference on Cloud Computing Technology and Science, pp.264-271, 2011.

Juha Risikko, Nordea. “Strong End-user Authentication for Online Banking with NFC Handsets”, IBM, 2009.

Rui Jiang, “Advanced secure user authentication framework for cloud computing”, the international journal of smart sensing and intelligent system, volume 6, issue 4, 2013.

R. Rivest, A. Shamir, L. Adleman. A Method for Obtaining Digital Signatures and Public-Key. Communications of the ACM, Vol. 21 (2), pp.120–126. 1978.

Wojciech Kinastowski, “Digital Signature as a Cloud-based Service”, cloud computing 2013 : The Fourth International Conference on Cloud Computing, grids, and Virtualization, 2013.

Cisco Systems et al. Internet working Technologies Handbook, Third Edition. Cisco Press, p. 232, 2000.

Diffie, Hellman "Exhaustive Cryptanalysis of the NBS Data Encryption Standard", Computer 10, p74–84, 1977.

Robert Reynard, “Secret Code Breaker II: A Cryptanalyst's Handbook”, Smith & Daniel Marketing Jacksonville, , 2008.

Tanmay Patange, "How to defend yourself against MITM or Man-in-the-middle attack", 2013.

Jonathan Katz, “Efficient Cryptographic Protocols Preventing Man-in-the-Middle” Attacks”, thesis School of Arts and Sciences, Columbia university, 2002.

M. Viju Prakash, P. Alwin Infant and S. Jeya Shobana, “Eliminating vulnerable attacks using one time password and passtext analytical study of blended schema”, Universal Journal of Computer Science and Engineering Technology, 1 (2), 133-140, Nov. 2010.

Smart Card Alliance, “Strong Authentication Using Smart Card Technology for Logical Access”,A Smart Card Alliance Access Control Council White Paper, 2012.

Bo Yang, “Efficient Certificateless Strong Designated Verifier Signature Scheme”, IEEE conference on computational Intelligence and Security,p 432-436, 2009.

Chen Tianhuang,“Digital signature in the application of e-commerce security” IEEE conference on E-Health Networking, Digital Ecosystems and Technologies (EDT), p366-369, 2010.


Full Text: PDF

Refbacks

  • There are currently no refbacks.




Copyright © 2012 - 2021, All rights reserved.| ijitr.com

Creative Commons License
International Journal of Innovative Technology and Research is licensed under a Creative Commons Attribution 3.0 Unported License.Based on a work at IJITR , Permissions beyond the scope of this license may be available at http://creativecommons.org/licenses/by/3.0/deed.en_GB.