期刊名称:International Journal of Advanced Computer Science and Applications(IJACSA)
印刷版ISSN:2158-107X
电子版ISSN:2156-5570
出版年度:2015
卷号:6
期号:9
DOI:10.14569/IJACSA.2015.060934
出版社:Science and Information Society (SAI)
摘要:In Cloud computing, anonymous authentication is an important service that must be available to users in the Cloud. Users have the right to remain anonymous as long as they behave honestly. However, in case a malicious behavior is detected, the system – under court order – must be able to trace the user to his clear identity. Most of the proposed authentication schemes for the Cloud are either password-based authentication schemes that are vulnerable to offline dictionary attacks, or biometric-based authentication schemes that take a long time of execution specially in case of high security requirements. In this paper, we propose an efficient and secure scheme to non-interactively authenticate the users on the Cloud to the remote servers while preserving their anonymity. In case of accusations, the registration authority is able to trace any user to his clear identity. We avoid using low entropy passwords or biometric mechanisms, instead, we employ pseudonym systems in our design. The computation complexity and storage requirements are efficient and suitable to be implemented on smart cards/devices. Our proposed scheme withstands challenging adversarial attacks such as, stolen databases attacks, databases insertion attacks, impersonation attacks, replay attacks and malicious users/servers collaboration attacks.
关键词:thesai; IJACSA; thesai.org; journal; IJACSA papers; Cloud computing; anonymous transmission; pseudonym systems; smart cards; mobile devices; authentication; IT security