面向移动云服务的分级访问控制的认证协议

doi:10.3969/j.issn.0255-8297.2022.06.011

应用科学学报 ›› 2022, Vol. 40 ›› Issue (6): 1006-1018.doi: 10.3969/j.issn.0255-8297.2022.06.011

• 计算机科学与应用 • 上一篇

面向移动云服务的分级访问控制的认证协议

王捷¹, 李晶², 罗影³

1. 国网湖北省电力有限公司能源互联网技术中心, 湖北武汉 430077;
2. 国网湖北省电力有限公司互联网部, 湖北武汉 430077;
3. 工业信息安全(四川)创新中心有限公司技术研究部, 成都四川 610059

收稿日期:2021-05-13 发布日期:2022-12-03
通信作者: 王捷，高工，研究方向为网络安全、人工智能等。E-mail:284649814@qq.com E-mail:284649814@qq.com
基金资助:
国家自然科学基金(No.61902085)资助

An Authentication Protocol with Hierarchical Access Control for Mobile Cloud Services

WANG Jie¹, LI Jing², LUO Ying³

1. Energy Internet Technology Center, State Grid Hubei Electric Power Co., Ltd., Wuhan 430077, Hubei, China;
2. Internet Department, State Grid Hubei Electric Power Co., Ltd., Wuhan 430077, Hubei, China;
3. Technical Research Department, Industrial Information Security(Sichuan) Innovation Center Co., Ltd., Chengdu 610059, Sichuan, China

Received:2021-05-13 Published:2022-12-03

摘要/Abstract

摘要： 针对移动云计算服务环境中终端设备资源有限的问题，在现有支持分级访问的认证协议基础上，基于签密技术和多服务器认证技术设计了一个高效的、具有分级访问控制和隐私保护的认证协议。新协议支持单点注册，认证过程无需与可信第三方通信，且移动终端未使用计算复杂度高的双线性对运算。性能分析结果显示，与现有的具有分级访问的认证协议相比，该改进协议在移动终端的计算效率提升约34%，提高了云服务的访问效率，具有一定的实用价值。

关键词: 移动云服务, 认证, 访问控制, 隐私

Abstract: In order to resolve the problem of limited resources of mobile terminal devices in mobile computing services environment, an improved privacy-preserving authentication scheme with hierarchical access control is proposed based on signcryption technology and multi-server authentication technology. Users can access multiple mobile cloud service providers by only registering arbitrary one of them, and the authentication process does not require the participation of a trusted third party. Besides, mobile terminals do not use the bilinear pairing operation to avoid high computational complexity. Performance analysis results show that the computing efficiency of the proposed scheme in mobile terminals can be improved by about 34% compared with the existing related schemes, providing practical value in improving the access efficiency of cloud services.

Key words: mobile cloud services, authentication, access control, privacy

中图分类号:

TP391

王捷, 李晶, 罗影. 面向移动云服务的分级访问控制的认证协议[J]. 应用科学学报, 2022, 40(6): 1006-1018.

WANG Jie, LI Jing, LUO Ying. An Authentication Protocol with Hierarchical Access Control for Mobile Cloud Services[J]. Journal of Applied Sciences, 2022, 40(6): 1006-1018.

参考文献

[1] 李瑞轩, 董新华, 辜希武, 等. 移动云服务的数据安全与隐私保护综述[J]. 通信学报, 2013, 34(12):158-165. Li R X, Dong X H, Gu X W, et al. Overview of data security and privacy protection of mobile cloud services[J]. Journal on Communications, 2013, 34(12):158-165. (in Chinese)
[2] Dely P, Kassler A, Chow L, et al. A software-defined networking approach for handover management with real-time video in WLANs[J]. Journal of Modern Transportation, 2013, 21:58-65.
[3] Tsai J L, Lo N W. A privacy-aware authentication scheme for distributed mobile cloud computing services[J]. IEEE Systems Journal, 2015, 9(3):805-815.
[4] He D B, Kumar N, Khan M K, et al. Efficient privacy-aware authentication scheme for mobile cloud computing services[J]. IEEE Systems Journal, 2018, 12(2):1621-1631.
[5] Irshad A, Sher M, Ahmad H F, et al. An improved multi-server authentication scheme for distributed mobile cloud computing services[J]. KSII Transactions on Internet and Information Systems, 2016, 10(12):5529-5552.
[6] Odelu V, Das A K, Kumari S, et al. Provably secure authenticated key agreement scheme for distributed mobile cloud computing services[J]. Future Generation Computer Systems, 2017, 68:74-88.
[7] Li X, Li F G, He M X, et al. An efficient privacy-aware authentication scheme with hierarchical access control for mobile cloud computing services[J]. IEEE Transactions on Cloud Computing, 2020. 9. SCI IF 4.714.
[8] Li L H, Lin L C, Hwang M S. A remote password authentication scheme for multi-server architecture using neural networks[J]. IEEE Transactions on Neural Networks, 2001, 12(6):1498-1504.
[9] Odelu V, Das A K, Goswami A. A secure biometrics-based multi-server authentication protocol using smart cards[J]. IEEE Transactions on Information Forensics and Security, 2015, 10(9):1953-1966.
[10] He D B, Wang D. Robust biometrics-based authentication scheme for multi-server environment[J]. IEEE Systems Journal, 2015, 9(3):816-823.
[11] Li X, Xiong Y, Ma J, et al. An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards[J]. Journal of Network and Computer Applications, 2012, 35(2):763-769.
[12] Feng Q, He D B, Zeadally S, et al. Anonymous biometrics based authentication scheme with key distribution for mobile multi-server environment[J]. Future Generation Computer Systems, 2018, 84:239-251.
[13] He D B, Zeadally S, Kumar N, et al. Efficient and anonymous mobile user authentication protocol using self-certified public key cryptography for multi-server architectures[J]. IEEE Transactions on Information Forensics and Security, 2016, 11(9):2052-2064.
[14] Xiong L, Peng D Y, Peng T, et al. An enhanced privacy-aware authentication scheme for distributed mobile cloud computing services[J]. KSII Transactions on Internet and Information Systems, 2017, 11(12):6169-6187.
[15] Xiong L, Peng T, Liang H B, et al. An efficient privacy-aware authentication scheme for distributed mobile cloud computing services without bilinear pairings[J]. Journal of Information Science and Engineering, 2019, 35(2):341-360.
[16] Jiang Q, Ma J F, Wei F. On the security of a privacy-aware authentication scheme for distributed mobile cloud computing services[J]. IEEE Systems Journal, 2018, 12(2):2039-2042.
[17] 熊玲, 彭代渊, 彭图, 等. 一种高效的移动云服务环境下隐私保护认证协议[J]. 西南交通大学学报, 2019, 54(1):202-210. Xiong L, Peng D Y, Peng T, et al. An efficient privacy protection authentication protocol in mobile cloud service environment[J]. Journal of Southwest Jiaotong University, 2019, 54(1):202-210. (in Chinese)
[18] Li F G, Zhang H, Takagi T. Efficient signcryption for heterogeneous systems[J]. IEEE Systems Journal, 2013, 7(3):420-429.
[19] Pointcheval D, Stern J. Security arguments for digital signatures and blind signatures[J]. Journal of Cryptology, 2000, 13(3):361-396.
[20] 汪定, 李文婷, 王平. 对三个多服务器环境下匿名身份认证协议的安全性分析[J]. 软件学报, 2018, 29(7):1937-1952. Wang D, Li W T, Wang P. Security analysis of anonymous identity authentication protocols in three multi-server environments[J]. Journal of Software, 2018, 29(7):1937-1952. (in Chinese)

面向移动云服务的分级访问控制的认证协议

An Authentication Protocol with Hierarchical Access Control for Mobile Cloud Services

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

本文评价

[1]	朱旭光, 邢春晓, 李雯晴, 郝潆婷. 交易数据全生命周期区块链隐私保护评估方法[J]. 应用科学学报, 2022, 40(4): 555-566.
[2]	张利华, 刘季, 曹宇, 陈世宏, 郑琛, 张赣哲. 双共识混合链跨异构域身份认证方案[J]. 应用科学学报, 2022, 40(4): 666-680.
[3]	刘乐钰, 汪祖民, 郑祖朋, 秦静, 季长清. 基于RF的无线传感器网络的MAC协议设计[J]. 应用科学学报, 2021, 39(4): 672-684.
[4]	范俊松, 陈建海, 沈睿, 刘振广, 何钦铭, 黄步添. 基于SGX的区块链交易隐私安全保护方法[J]. 应用科学学报, 2021, 39(1): 17-28.
[5]	赵晓琦, 李勇. 可审计且可追踪的区块链匿名交易方案[J]. 应用科学学报, 2021, 39(1): 29-41.
[6]	王思源, 邹仕洪. 多域物联网中基于区块链和权能的访问控制机制[J]. 应用科学学报, 2021, 39(1): 55-69.
[7]	周琦, 沈韬, 朱艳, 刘英莉. 基于区块链的综合能源管理系统身份验证方法[J]. 应用科学学报, 2021, 39(1): 70-78.
[8]	王秀丽, 曹苗, 王利娜. 利用强部分平衡t-设计构造分裂认证码[J]. 应用科学学报, 2020, 38(6): 1006-1016.
[9]	林文敏, 张松, 刘加邦. 边缘计算下面向位置隐私保护的中继分流模型[J]. 应用科学学报, 2020, 38(5): 724-741.
[10]	张利华, 胡方舟, 黄阳, 万源华, 李晶晶. 基于联盟链的微电网身份认证协议[J]. 应用科学学报, 2020, 38(1): 173-183.
[11]	严少均, 王子驰, 张新鹏. 长短期记忆网络的轨迹隐私保护[J]. 应用科学学报, 2019, 37(6): 835-843.
[12]	范贤丽, 范春晓, 吴岳辛. 基于区块链和IPFS技术实现粮食供应链隐私信息保护[J]. 应用科学学报, 2019, 37(2): 179-190.
[13]	吕婧淑, 操晓春, 杨培. 基于区块链和人脸识别的双因子身份认证模型[J]. 应用科学学报, 2019, 37(2): 164-178.
[14]	赵灵奇, 宋宇波, 张克落, 胡爱群, 罗坚. 基于区块链和分层加密的物流隐私保护机制[J]. 应用科学学报, 2019, 37(2): 224-234.
[15]	袁红林, 陆小丹, 徐晨. 基于B-Spline神经网络的宽带通信发射机指纹估计[J]. 应用科学学报, 2019, 37(1): 12-23.