TY - JOUR
T1 - D-FAP
T2 - Dual-factor authentication protocol for mobile cloud connected devices
AU - Abuarqoub, Abdelrahman
N1 - Publisher Copyright:
© 2019 by the authors.
PY - 2019/12/20
Y1 - 2019/12/20
N2 - Emerging Mobile Cloud Computing (MCC) technologies offer a new world of promise by leveraging the quality of mobile services. With MCC, resource-constrained mobile devices could capitalize on the computation/storage resources of cloud servers via communication networks. While MCC adoption is growing significantly, several challenges need to be addressed to make MCC-based solutions scale and meet the ever-growing demand for more resource intensive applications. Security is a critical problem hindering the adoption of MCC. One of the most important aspects of MCC security is to establish authenticated communication sessions between mobile devices and cloud servers. The huge amount of data stored on mobile devices poses information security risks and privacy concerns for individuals, enterprises, and governments. The ability to establish authenticated communication sessions between mobile devices and cloud servers can resolve many security concerns. Limited computing and energy resources on mobile devices makes authentication and encryption a challenging task. In this paper, an overview of MCC authentication protocols is presented. Then, a Dual-Factor Authentication Protocol for MCC devices (D-FAP) is proposed. D-FAP aims at increasing authentication security by using multi-factors while offloading computation to the cloud to reduce battery consumption. The security of the protocol is formally verified and informal analysis is performed for various attacks. The results prove that the D-FAP is successful in mitigating various outsider and insider attacks.
AB - Emerging Mobile Cloud Computing (MCC) technologies offer a new world of promise by leveraging the quality of mobile services. With MCC, resource-constrained mobile devices could capitalize on the computation/storage resources of cloud servers via communication networks. While MCC adoption is growing significantly, several challenges need to be addressed to make MCC-based solutions scale and meet the ever-growing demand for more resource intensive applications. Security is a critical problem hindering the adoption of MCC. One of the most important aspects of MCC security is to establish authenticated communication sessions between mobile devices and cloud servers. The huge amount of data stored on mobile devices poses information security risks and privacy concerns for individuals, enterprises, and governments. The ability to establish authenticated communication sessions between mobile devices and cloud servers can resolve many security concerns. Limited computing and energy resources on mobile devices makes authentication and encryption a challenging task. In this paper, an overview of MCC authentication protocols is presented. Then, a Dual-Factor Authentication Protocol for MCC devices (D-FAP) is proposed. D-FAP aims at increasing authentication security by using multi-factors while offloading computation to the cloud to reduce battery consumption. The security of the protocol is formally verified and informal analysis is performed for various attacks. The results prove that the D-FAP is successful in mitigating various outsider and insider attacks.
KW - Dual-factor authentication
KW - MCC security
KW - Mobile cloud computing
KW - Password
KW - Smart card
UR - http://www.scopus.com/inward/record.url?scp=85080080979&partnerID=8YFLogxK
U2 - 10.3390/jsan9010001
DO - 10.3390/jsan9010001
M3 - Article
AN - SCOPUS:85080080979
SN - 2224-2708
VL - 9
JO - Journal of Sensor and Actuator Networks
JF - Journal of Sensor and Actuator Networks
IS - 1
M1 - 1
ER -