Abstract
Cloud computing represents the latest technology that has revolutionized the world of business. It is a promising solution giving companies the possibility of remotely storing their data and accessing services whenever they are needed and at a lower cost. However, outsourcing IT resources also brings risks, especially for sensitive information in terms of security and privacy, since all data and resources stored in the cloud are managed and controlled by cloud service providers. On the other hand, cloud users would like cloud service providers not to know what services being accessed and how often they are using them. Therefore, designing mechanisms to protect privacy is a major challenge. One promising research area is via authentication mechanisms, which has attracted many researchers in this delicate subject. For this, several solutions have been devised and published recently to tackle this problem. Nevertheless, these solutions often suffer from different types of attacks, high computing and communication costs, and the use of complex key management schemes. To address these shortcomings, we propose an approach that ensures the optimal preservation of the privacy of cloud users to protect their personal data including identities. The suggested approach gives the cloud user the ability to access and use the services provided by cloud service providers anonymously without the providers of those services knowing their identity. We demonstrate the superiority of our proposed approach over several anonymous authentication solutions in terms of computation and communication costs.
Similar content being viewed by others
References
Mansouri Y, Toosi AN, Buyya R (2019) Cost optimization for dynamic replication and migration of data in cloud data centers. IEEE Trans Cloud Comput 7(3):705–718
Djellalbia A, Boukerram A (2016) Authentification Anonyme dans un environnement Cloud (Doctoral dissertation, Université Abderrahmane Mira-Bejaia)
Probst T (2015) Évaluation et analyse des mécanismes de sécurité des réseaux dans les infrastructures virtuelles de cloud computing (Doctoral dissertation)
Karajeh H, Maqableh M, Masa’deh R (2020) Privacy and security issues of cloud computing environment. In: Proceedings of the 23rd IBIMA Conference Vision, pp 1–15
Sehgal N K, Bhatt P C P, Acken J M (2020) Cloud computing and information security. In: Cloud computing with security, Springer, Cham, pp 111–141
Raj A, Kumar R (2020) An exploration on cloud computing security strategies and issues. In: Inventive communication and computational technologies, Springer, Singapore, pp 549–562
Singh V, Pandey S K (2020) Cloud computing: vulnerability and threat indications. In: Performance management of integrated systems and its applications in software engineering, Springer, Singapore, pp 11–20
Fujitsu, (2010) Personal data in the cloud: A global survey of consumer attitudes. Available at:http://www.fujitsu.com/downloads/SOL/fai/reports/fujitsu_personal-data-in-the-cloud.pdf. Accessed 01 Nov 2019
Chia WY (2009) The classification of e-authentication protocols for targeted applicability (Doctoral dissertation, Monterey. California, Naval Postgraduate School)
Qu J, Tan XL (2014) Two-factor user authentication with key agreement scheme based on elliptic curve cryptosystem. J Electr Comput Eng 2014:16
Chaudhry SA, Naqvi H, Mahmood K, Ahmad HF, Khan MK (2017) An improved remote user authentication scheme using elliptic curve cryptography. Wireless Pers Commun 96(4):5355–5373
Chang CC, Wu HL, Sun CY (2017) Notes on “secure authentication scheme for IoT and cloud servers”. Pervasive Mob Comput 38:275–278
Farash MS, Attari MA (2014) A secure and efficient identity-based authenticated key exchange protocol for mobile client-server networks. J Supercomput 69(1):395–411
Chaudhry SA, Naqvi H, Shon T, Sher M, Farash MS (2015) Cryptanalysis and improvement of an improved two factor authentication protocol for telecare medical information systems. J Med Syst 39(6):1–11
Xie Q, Wong DS, Wang G, Tan X, Chen K, Fang L (2017) Provably secure dynamic ID-based anonymous two-factor authenticated key exchange protocol with extended security model. IEEE Trans Inf Forensics Secur 12(6):1382–1392
Lu Y, Li L, Peng H, Yang Y (2017) An anonymous two-factor authenticated key agreement scheme for session initiation protocol using elliptic curve cryptography. Multimedia Tools and Applications 76(2):1801–1815
Kumari S, Karuppiah M, Das AK, Li X, Wu F, Kumar N (2018) A secure authentication scheme based on elliptic curve cryptography for IoT and cloud servers. J Supercomput 74(12):6428–6453
Li X, Qiu W, Zheng D, Chen K, Li J (2009) Anonymity enhancement on robust and efficient password-authenticated key agreement using smart cards. IEEE Trans Industr Electron 57(2):793–800
Mo J, Hu Z, Chen H, Shen W (2019) An efficient and provably secure anonymous user authentication and key agreement for mobile cloud computing. Wireless Commun Mob Comput. https://doi.org/10.1155/2019/4520685
Jiang L, Li X, Cheng L L, Guo D (2013, October). Identity authentication scheme of cloud storage for user anonymity via USB token. In: Anti-Counterfeiting, Security and Identification (ASID), 2013 IEEE International Conference on. IEEE, pp 1–6
Yang Y, Golshan A (2017) U.S. Patent No. 9,584,318. Washington, DC: U.S. Patent and Trademark Office
Krutz RL, Vines RD (2010) Cloud security: a comprehensive guide to secure cloud computing. Wiley Publishing, New Jersey
Subashini S, Kavitha V (2011) A survey on security issues in service delivery models of cloud computing. J Netw Comput Appl 34(1):1–11
Obaidat MS, Traore I, Woungang I (2019) Biometric-based physical and cybersecurity systems. Springer, Berlin, pp 165–187
Obaidat M, Boudriga N (2007) Security of E-systems and computer networks. Cambridge University Press, Cambridge
Hammami H, Brahmi H, Brahmi I, Yahia S B (2016) Security issues in cloud computing and associated alleviation approaches. In 2016 12th International Conference on Signal-Image Technology & Internet-Based Systems (SITIS). IEEE, pp 758–765
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Hammami, H., Yahia, S.B. & Obaidat, M.S. A lightweight anonymous authentication scheme for secure cloud computing services. J Supercomput 77, 1693–1713 (2021). https://doi.org/10.1007/s11227-020-03313-y
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-020-03313-y