Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science

- the Journal of Information, Knowledge and Research in

advertisement 
JOURNAL OF INFORMATION, KNOWLEDGE AND RESEARCH IN
INFORMATION TECHNOLOGY
MOBILE CLOUD COMPUTING SECURITY USING
TRANSIENT AUTHENTICATION SYSTEM
HARDAYAL SINGH SHEKHAWAT
Associate Professor, Department of Information Technology, Govt. Engineering
College Bikaner, Rajasthan.
shekhawat.hardayal@gmail.com
ABSTRACT: Mobile devices like smart phones, PDA, palmtops, tablets, with their advance features to access
internet are becoming very common in public around the world. These devices can be used to access cloud
computing resources using internet from any where wirelessly. Cloud computing is also becoming very popular
among the people and organizations due to its various advantages like low cost, pay per use, and elastic
scalability. Due to small size and simple usability of mobile devices they are vulnerable to theft and loss. Once
these devices are authenticated to access cloud services using simple authentication system and stolen, they can
be misused to access the critical data stored in the cloud. This paper developed a transient authentication
system to meet this challenge. In transient authentication system a wearable token is used which is constantly
attached to the mobile device using radio frequency and monitors the presence of the device (user). When user
is away from the mobile device the token and device will loose the contact and the device will not allow any one
to access the cloud services.
Keywords: - Cloud computing, Mobile Devices, Security, Transient Authentication, Wearable Token.
1. INTRODUCTION
Cloud computing system provides infrastructure,
software, platform, storage and processing power etc.
as a service on demand. The key characteristics of
cloud computing includes reduced cost, scalability,
security, elasticity, device independence, reduced
maintenance and reduced manpower. The services
provided by cloud computing becomes available to
organizations of all size, educational institutes,
governments and individuals which enables them to
provide more scalable, resilient services to employees,
partners and clients at lower cost and higher business
agility [1].
Mobile cloud computing is the availability of cloud
computing service in combination with mobile
devices. Mobile cloud computing provides optimal
cloud computing services for mobile users. In mobile
cloud computing environment, mobile device does
not need high configuration like CPU, memory,
computational speed because all computation is done
in the cloud [2].
2. CLOUD COMPUTING
Cloud computing environment offers IT functionality
as service in a multi-tenant manner.
Cloud services are provided by the cloud vendor and
that can be used by the cloud consumer on a pay per
use basis. The enabling technology includes
virtualization, SaaS (Software as a service) enabled
application platform (SEAP), Metering tools and
technologies etc. These service exposed as industry
standard interfaces like web services using Service
Oriented Architecture SOA [3] or REST [4] services
or any proprietary services.
Cloud Computing Service Models
The cloud computing services are basically classified
in to three delivery models: Software as a service
(SaaS), Platform as a service (PaaS) and
Infrastructure as a service (IaaS). SaaS offers
applications like customer relationship management
(CRM), e-mail, instant messaging, and office
productivity applications are offered as a service by
the cloud provider. For example salesforce.com
services or google office productivity application, or
Microsoft exchange online etc [5]. PaaS produces
platform by integrating OS, Middleware, application
software, and development environment that is then
delivered as a service by the cloud vendors. PaaS is
provided to the clients using APIs, which is used by
the user to interact with the platform [6]. IaaS made
Servers, storage systems, switches, routers, and other
systems are pooled and available to handle workloads
that range from application components to highperformance computing applications [6].
Cloud Computing Deployment Models
The cloud computing deployments are basically
classified into four deployment models: Public Cloud,
Private Cloud, Community Cloud and Hybrid Cloud.
Public cloud is a standard cloud computing model, in
ISSN: 0975 – 6698| NOV 11 TO OCT 12 | VOLUME – 02, ISSUE - 01
Page 126
JOURNAL OF INFORMATION, KNOWLEDGE AND RESEARCH IN
INFORMATION TECHNOLOGY
which a cloud service provider creates and offers the
resources. Public cloud computing services can be
free or offered on pay per use basis [7]. Private
clouds generally designed for an organization that
needs more control over the data and applications
stored in the cloud. Private cloud provides control to
the owner organization over services, security of the
data and applications [8]. Hybrid cloud is
combination of both public and a private (or
community) cloud which is best of both public and
private cloud, client get benefit of both hosted
delivery model and on premises highly secure model
[9]. A community cloud is managed and used by a
group of various organizations those have similar
interest and goals, and have similar privacy, security,
and regularity consideration. The sectors like public
sector, health care, energy and media industry can
use community cloud [10].
As mobile cloud computing involves cloud
computing system and mobile devices, so mobile
security can be divided in to tow categories mobile
device security and cloud computing security [12].
Mobile Device Security:
Mobile devices enable user to work when they are
away from their desk, they allow users to work when
they are travelling or in the public place.
Unfortunately with the mobile advantage of these
devices there is a threat of loss or stolen, due to their
small size. Once mobile device goes into the hands of
the hackers, they can be misused to access critical
user information stored in the cloud. Security of
user’s data stored in the cloud is the big issue in front
of the cloud providers and users. Solution to device
theft or lost problem includes configuration of mobile
device, use of Wi-Fi Network, encryption and
antivirus.
3. Mobile Cloud Computing
Access to cloud computing resources or service using
mobile devices is called as mobile cloud computing.
Open Gardens blog defines Mobile Cloud
Computing as "the availability of cloud computing
services in a mobile ecosystem. This incorporates
many elements, including consumer, enterprise, endto-end security, home gateways, and mobile
broadband-enabled services. [11]" The data and
application in cloud environment are stored in the
cloud server and can be accessed using internet and
mobile devices. Applications run on the remote cloud
servers and users can access these applications using
mobile devices. Figure 1 shows basic architecture of
the mobile cloud computing.
Configuration of Mobile Devices: The configuration
of mobile device means user must use strong
password authentication system or multi factor
authentication system. User must always keep
browser security system of their mobile device active
and properly configured.
Wi-Fi Networks: User must disable all Wi-Fi systems
of the device like Bluetooth, infrared, or Wi-Fi when
not in use. User should not connect to any unknown
Wi-Fi network [13]. In addition to that a Bluetooth
enabled device can be attached to the mobile device
for authentication purpose.
Encryption: The data travels between mobile device
and cloud computing should be in encrypted form
using some strong authentication. If intruder
managed to access the data in transient, he/she should
not be able to understand that data. Encryption plays
very important role in data security.
The Cloud
Antivirus: Virus is a big threat in front of mobile
device users. User must install a strong antivirus
system into their devices and they should also
regularly update the antivirus to protect the device
from newly developed viruses.
Internet
Mobile
Device
Mobile
Device
Figure 1. Mobile Cloud Computing
3.1 Mobile Cloud Security
Cloud Computing Security:
Organizations and individuals are taking advantages
of cloud computing by deploying their applications
and storing their data in the cloud environment. With
various advantages there are some security issues on
using cloud computing for data storage, these
challenges includes data security and, identity and
access management.
Data Security: Cloud computing service providers
uses various geographically distributed and
interconnected data enters to store customer’s data.
Customer does not know where in the word their data
ISSN: 0975 – 6698| NOV 11 TO OCT 12 | VOLUME – 02, ISSUE - 01
Page 127
JOURNAL OF INFORMATION, KNOWLEDGE AND RESEARCH IN
INFORMATION TECHNOLOGY
is stored, which is a serious issue for cloud customers
to adopt cloud computing system. The solution to this
problem is encryption of the data. The data should be
encrypted using some strong encryption method and
key before storing it in to the cloud storage system.
Similarly data in transit should also be in encrypted
form for securing it from the intruders.
Identity and Access Management: Secure user
identity management plays very important role in
access management system which is a complex
process in the cloud computing system. Cloud’s
identity management system must manage control
points, dynamic composite and decommissioned
machines, virtual device or service identities, and
user identity to provide high security against
unauthorized access to the user data [14].
4. Authentication System
Authentication is the process of verifying the identity
of a user, which is performed by a system that user
want to access. It is performed on the basis of
credentials supplied by the user; authentication
system compares these credentials with the
credentials stored in the authentication server for that
particular user. If mach in the credential found user is
considered as authenticated user. Authentication is
also performed by the cloud computing system when
usr want to access it.
which is valid for one attempt only. One time
passwords are secure to reply attacks. So if password
is stolen by intruder, it can not be reused. The
disadvantage of this method is it is difficult to
remember new password for each login attempt.
4.2. Transient Authentication System
User does not authenticate mobile device frequently,
device remains in authenticated mode until it is not
revoked. If the device is lost or stolen when it is in
authenticated mode it can be misused, which is a big
threat with the light wait mobile devices. The threat
of loss of device in authenticated mode and misused
is resolved with transient authentication system [17].
Transient authentication is the system where a
wearable token like IBM Linux wrist watch [18] is
used in addition to the mobile computing device for
authentication purpose. This token is connected with
the mobile device wirelessly, using a technology
which has a limited radio range like Bluetooth.
Transient authentication system can also be used in
cloud computing system for high security of the user
data and information stored in the cloud.
Mobile
Device
Token
4.1 Token Based Authentication Systems:
Swipe Card: It is a plastic card with a magnetic strip
containing encoded data that is read by passing the
card through a device. These cards are generally used
for electronic transections [15]. The main advantage
of swipe card based authentication system is user
does not need to remember user name, password and
other credentials. The disadvantage of this
authentication method is cards can be stolen and data
on the card can be duplicated using some equipment
[16].
USB Token: It is a small low cost device which
contains user credentials and can be sued to for user
identification and authentication purpose. It use USB
port of the computer for read and write purpose so no
addition reader device is needed. The disadvantage of
USB token is it can be lost stolen or broken.
Smart Card: It is a portable device which contains a
CPU, I/O devices and memory that is accessed by the
CPU of the card. It can process, store and control the
data stored in the card. It can provide high level of
security when used for authentication purpose. The
disadvantage of smart card is it requires smart card
reader which makes authentication system costly.
One Time Password (OTP) Generators: These are
the hardware devices used to generate password
Figure 2. Device present in the range
of token
Token
?
Figure 3. Device not present in the range
of token
In this model of transient authentication system the
token provide authentication for mobile device, token
works as authentication server and mobile device
works as authentication client. As shown in figure 2
the wearable token continuously authenticates to the
mobile device using short range, wirelessly. The
communication between the device and token is in
encrypted form, a session key is used for encrypting
this communication.
The token periodically (let us say every second)
sense the device to ensure user’s presence. As shown
in figure 3 when user is away from the device token
ISSN: 0975 – 6698| NOV 11 TO OCT 12 | VOLUME – 02, ISSUE - 01
Page 128
JOURNAL OF INFORMATION, KNOWLEDGE AND RESEARCH IN
INFORMATION TECHNOLOGY
goes out of range with the mobile device then the
device will secure itself and will be disconnected
from the cloud computing system. When user returns
and mobile device comes in the range of the token,
connection will be re established and user will be
allowed to connect to the cloud.
Authentication
System
Swipe Card
Advantages
Disadvantages
No need to
remember user
credentials
USB Token
Uses USB port
for read write
purpose. No
extra card
reader is
required.
Provides high
level of security
for
authentication
Password can
not be reused
Card can be
stolen or theft.
Card can be
duplicated.
Card can be
lost, stolen or
broken.
Smart Card
One Time
Password
Generators
Wearable
Token
(Transient
Authentication)
Needs
additional
wearable token.
Card is costly.
Can be stolen
or lost.
Difficult to
remember new
password every
time. Card can
be stolen or lost
Provides strong
authentication
system.
Wearable token
is not
vulnerable to
theft or stolen.
Table: Comparison of token based authentication
systems
5. Conclusion
Cloud computing is gaining popularity due its various
advantages like security, elastic scalability, pay-asyou-go etc. Mobile devices have become very
common among the people, so cloud users can use
mobile devices to access cloud computing system.
Mobile devices are vulnerable to theft or loss. The
loss of the device can be the loss of critical data of
the user. Transient authentication system solves the
problem of data loss when device is lost. It uses a
hardware token like wearable watch, which remains
in continuous contact with the mobile devices using
short range wireless connectivity. When these tow
devices are in contact it shows the presence of the
user and allow to access the cloud. If these devices
looses the connection with token it shows the absence
of the user, and device will secure the users data and
will be disconnected from the cloud also. This way if
device is lost or theft and it is away from the token
(real user), no one will be allowed to access the
device and cloud.
Acknowledgment
I am thankful to my supervisor Prof DP Sharma for
his consistent support and review guidelines that
helped me to complete this theoretical research paper.
Bibliography
[1] NEC Company, Ltd. and information and privacy
commissioner, Ontario, (2010), Canada. “Modelling
Cloud
Computing
Architecture
without
Compromising Privacy: A Privacy by Design
Approach”.
http://www.ipc.on.ca/images/resources/pbd-NECcloud.pdf
[2] Dinh Thai Hoang, Dusit Niyato, and Ping Wang,
(2012), Optimal Admission Control Policy for
Mobile Cloud Computing Hotspot with Cloudlet.
http://www.mobile.ecs.soton.ac.uk/home/conference/
wcnc2012/papers/p3177-dinh.pdf
[3] The Open Group, (2012), The open group service
oriented architecture.
http://www.opengroup.org/subjectareas/soa
[4]
Russell
Kay,
(2007),
Quick
Study:
Representational State Transfer (REST).
http://www.computerworld.com/s/article/297424/Rep
resentational_State_Transfer_REST_
[5] Ramkumar Dargha, (2009), Infosys – Cloud
Computing: Key Consideration for Adoption.
http://www.infosys.com/cloud/resourcecenter/Docum
ents/cloud-computing.pdf
[6] Metasoft, (2011), Cloud Computing: Truly
Dependable and Highly Appriciable.
http://www.metasoftsolutions.com/CloudComputing.h
tml
[7] Tech Target, (2009), Public Cloud.
http://searchcloudcomputing.techtarget.com/definitio
n/public-cloud
[8] Jithesh Moothoor, Vasvi Bhatt, IBM, (2009), A
Cloud Computing Solution for Universities: irtual
Computing Lab.
http://www2.gsu.edu/~matpxp/SwIG/talks/ws-vcl.pdf
[9] GFI Software, (2010), ON-PREMISE VS.
CLOUD-BASED SOLUTIONS.
http://www.gfi.com/whitepapers/Hybrid_Technology.
pdf
[10] Dr. Matthias Henneberger, Dr. Achim Luhn,
(2010), Community Clouds supporting business
ecosystems with cloud computing SIEMENS.
http://www.sourcingfocus.com/uploaded/documents/S
iemens_Community_Clouds_Whitepaper.pdf
[11] Ajit, Open Gardens, (2010), Mobile Cloud
Computing: Issues and Risks from a Security
Privacy Perspective.
http://www.opengardensblog.futuretext.com/archives/
2010/03/mobile_cloud_co_2.html
[12]Soeung-Kon (Victor) Ko, JungHoonLee, Sung
Woo Kim, (2012), Mobile Cloud Computing
ISSN: 0975 – 6698| NOV 11 TO OCT 12 | VOLUME – 02, ISSUE - 01
Page 129
JOURNAL OF INFORMATION, KNOWLEDGE AND RESEARCH IN
INFORMATION TECHNOLOGY
Security Considerations. SERSE: Journal of
security engineering, Volume 9, No.2, ISSN: 17387531
[13] Valerie Vogel, Theresa Semmens, (2013),
Mobile Device Security: Ten Steps to Secure
Your Mobile Device.
https://wiki.internet2.edu/confluence/display/itsg2/M
obile+Device+Security
[14] Anu Gopalakrishnan, (2009), Cloud Computing
Identity Management. SETLabs Briefings VOL7.
http://www.infosys.com/infosyslabs/publications/setla
bs-briefings/Documents/cloud-computingidentitymanagement.pdf
[15] The Free Library, (), Swipe Card.
http://www.thefreedictionary.com/swipe+card
[16] Seth Thigpen, (), Authentication Methods Used
for Banking.
http://www.infosecwriters.com/text_resources/pdf/Au
thentication_Methods_For_Banking.pdf
[17]Rania
Abdelhameed,
Sabira
Khatun,
Borhanuddin Mohd Ali and Abdul Rahman Ramli.
(2005), Application of Cell-phonein Laptop Security,
Journal of Applied Sciences 5 (2): 215-219, 2005,
ISSN 1812-5654.
[18] Anthony J. Nicholson, Mark D. Corner, and
Brian D. Noble, (2006), Mobile Device Security
Using
Transient
Authentication,
IEEE
TRANSACTIONS ON MOBILE COMPUTING,
VOL. 5, NO. 11.
ISSN: 0975 – 6698| NOV 11 TO OCT 12 | VOLUME – 02, ISSUE - 01
Page 130
Related documents
Slide - People
Slide - People
Cloud Computing - Lutheran Services in America
Cloud Computing - Lutheran Services in America
Lisa Neal-Graves, Director Technology Insights, Intel
Lisa Neal-Graves, Director Technology Insights, Intel
Cisco Video Strategy - Distributed Computing Industry Association
Cisco Video Strategy - Distributed Computing Industry Association
Document
Document
MSc Internet and Database Systems
MSc Internet and Database Systems
Abstract
Abstract
Earth Science January 22, 2014 17.3 RCQ Pg 488 List 3 factors that
Earth Science January 22, 2014 17.3 RCQ Pg 488 List 3 factors that
Download
advertisement