期刊名称:International Journal of Security and Its Applications
印刷版ISSN:1738-9976
出版年度:2012
卷号:6
期号:2
出版社:SERSC
摘要:Security threats are considered the main barrier that precluded potential users from reaping the compelling benefits of the cloud computing model. Unfortunately, traditional password authentication jeopardizes user privacy. Anonymous password authentication (APA) represents a promising method to maintain users’ privacy. However, the major handicap that faces the deployment of APA is the high computation cost and inherent shortcomings of conventional password schemes. In our proposed scheme, we present a new setting where users do not need to register their passwords to service provider. They are supplied with the necessary credential information from the data owner. Furthermore, for enabling the service provider to know the authorized users, data owner provides the service provider with some secret identity information that is derived from the pair (username/password) of each user. Our approach shows good results in terms of high scalability which makes our scheme more suitable to the cloud environment, strong authentication that withstands different known attacks.
