针对移动云计算服务环境中终端设备资源有限的问题,在现有支持分级访问的认证协议基础上,基于签密技术和多服务器认证技术设计了一个高效的、具有分级访问控制和隐私保护的认证协议。新协议支持单点注册,认证过程无需与可信第三方通信,且移动终端未使用计算复杂度高的双线性对运算。性能分析结果显示,与现有的具有分级访问的认证协议相比,该改进协议在移动终端的计算效率提升约34%,提高了云服务的访问效率,具有一定的实用价值。
In order to resolve the problem of limited resources of mobile terminal devices in mobile computing services environment, an improved privacy-preserving authentication scheme with hierarchical access control is proposed based on signcryption technology and multi-server authentication technology. Users can access multiple mobile cloud service providers by only registering arbitrary one of them, and the authentication process does not require the participation of a trusted third party. Besides, mobile terminals do not use the bilinear pairing operation to avoid high computational complexity. Performance analysis results show that the computing efficiency of the proposed scheme in mobile terminals can be improved by about 34% compared with the existing related schemes, providing practical value in improving the access efficiency of cloud services.
[1] 李瑞轩, 董新华, 辜希武, 等. 移动云服务的数据安全与隐私保护综述[J]. 通信学报, 2013, 34(12):158-165. Li R X, Dong X H, Gu X W, et al. Overview of data security and privacy protection of mobile cloud services[J]. Journal on Communications, 2013, 34(12):158-165. (in Chinese)
[2] Dely P, Kassler A, Chow L, et al. A software-defined networking approach for handover management with real-time video in WLANs[J]. Journal of Modern Transportation, 2013, 21:58-65.
[3] Tsai J L, Lo N W. A privacy-aware authentication scheme for distributed mobile cloud computing services[J]. IEEE Systems Journal, 2015, 9(3):805-815.
[4] He D B, Kumar N, Khan M K, et al. Efficient privacy-aware authentication scheme for mobile cloud computing services[J]. IEEE Systems Journal, 2018, 12(2):1621-1631.
[5] Irshad A, Sher M, Ahmad H F, et al. An improved multi-server authentication scheme for distributed mobile cloud computing services[J]. KSII Transactions on Internet and Information Systems, 2016, 10(12):5529-5552.
[6] Odelu V, Das A K, Kumari S, et al. Provably secure authenticated key agreement scheme for distributed mobile cloud computing services[J]. Future Generation Computer Systems, 2017, 68:74-88.
[7] Li X, Li F G, He M X, et al. An efficient privacy-aware authentication scheme with hierarchical access control for mobile cloud computing services[J]. IEEE Transactions on Cloud Computing, 2020. 9. SCI IF 4.714.
[8] Li L H, Lin L C, Hwang M S. A remote password authentication scheme for multi-server architecture using neural networks[J]. IEEE Transactions on Neural Networks, 2001, 12(6):1498-1504.
[9] Odelu V, Das A K, Goswami A. A secure biometrics-based multi-server authentication protocol using smart cards[J]. IEEE Transactions on Information Forensics and Security, 2015, 10(9):1953-1966.
[10] He D B, Wang D. Robust biometrics-based authentication scheme for multi-server environment[J]. IEEE Systems Journal, 2015, 9(3):816-823.
[11] Li X, Xiong Y, Ma J, et al. An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards[J]. Journal of Network and Computer Applications, 2012, 35(2):763-769.
[12] Feng Q, He D B, Zeadally S, et al. Anonymous biometrics based authentication scheme with key distribution for mobile multi-server environment[J]. Future Generation Computer Systems, 2018, 84:239-251.
[13] He D B, Zeadally S, Kumar N, et al. Efficient and anonymous mobile user authentication protocol using self-certified public key cryptography for multi-server architectures[J]. IEEE Transactions on Information Forensics and Security, 2016, 11(9):2052-2064.
[14] Xiong L, Peng D Y, Peng T, et al. An enhanced privacy-aware authentication scheme for distributed mobile cloud computing services[J]. KSII Transactions on Internet and Information Systems, 2017, 11(12):6169-6187.
[15] Xiong L, Peng T, Liang H B, et al. An efficient privacy-aware authentication scheme for distributed mobile cloud computing services without bilinear pairings[J]. Journal of Information Science and Engineering, 2019, 35(2):341-360.
[16] Jiang Q, Ma J F, Wei F. On the security of a privacy-aware authentication scheme for distributed mobile cloud computing services[J]. IEEE Systems Journal, 2018, 12(2):2039-2042.
[17] 熊玲, 彭代渊, 彭图, 等. 一种高效的移动云服务环境下隐私保护认证协议[J]. 西南交通大学学报, 2019, 54(1):202-210. Xiong L, Peng D Y, Peng T, et al. An efficient privacy protection authentication protocol in mobile cloud service environment[J]. Journal of Southwest Jiaotong University, 2019, 54(1):202-210. (in Chinese)
[18] Li F G, Zhang H, Takagi T. Efficient signcryption for heterogeneous systems[J]. IEEE Systems Journal, 2013, 7(3):420-429.
[19] Pointcheval D, Stern J. Security arguments for digital signatures and blind signatures[J]. Journal of Cryptology, 2000, 13(3):361-396.
[20] 汪定, 李文婷, 王平. 对三个多服务器环境下匿名身份认证协议的安全性分析[J]. 软件学报, 2018, 29(7):1937-1952. Wang D, Li W T, Wang P. Security analysis of anonymous identity authentication protocols in three multi-server environments[J]. Journal of Software, 2018, 29(7):1937-1952. (in Chinese)
