Abstract
For the purpose of enabling terminal users to access to sensitive data in cloud server, a security protocol TTAP (Trusted Terminal Access Protocol) is proposed for users, terminal, cloud server and attestation server based on TPM (Trusted Network Connect) and TNC (Trusted Network Connect). TTAP establishes a secure tunnel between cloud server and attestation server, which successfully proves the credibility of trusted terminal and the legitimacy of users. Moreover, strand space model is extended and new authentication tests theorem, namely signature test theorem and HMac (Hash Message Authentication Code) test theorem are proposed in this paper. The new theorems could be used to analysis complicated protocols with signature and HMac of algorithm complexity. TTPA proved by formal analysis method based on authentication tests is safe, so terminal users access to the cloud environment by TTPA are credible.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Kong, G.: Advances on secure authentication and trusted admission protocols for cloud computing. J. Henan Univ. 47(1), 62–64 (2017)
Luo, D., Wu, X., Zheng, X., Hu, Y.: OOAP: a novel authorization protocol for access to sensitive data in trusted cloud computing platforms. Int. J. Secur. Appl. 8(6), 397–404 (2014)
Lai, Y., Chen, Y., Zou, Q., Liu, Z., Yang, Z.: Design and analysis on trusted network equipment access authentication protocol. Simul. Model. Pract. Theory 51(51), 157–169 (2015)
Wang, J., Zhang, Z., Chang, Y.: A security protocol for trusted access to cloud environment. Recent Adv. Electr. Electron. Eng. 8(2), 1–10 (2015)
Bo, Y., Guo, F.D., Yu, Q., Zhang, Y.J.: Secure access scheme of cloud services for trusted mobile terminals using trustzone. J. Softw. 27(6), 1366–1383 (2016)
Bo, Z., Zhu, X., Shuang, X., Bing, Y.: C-TNC: trusted cloud access protocol for openstack. J. Huazhong Univ. Sci. Technol. 44(3), 83–89 (2016)
Kim, G.L., Lim, J.D., Kim, J.N.: Secure user authentication based on the trusted platform for mobile devices. EURASIP J. Wirel. Commun. Netw. 2016(1), 233 (2016)
Song, W.T., Bin, H.U.: One strong authentication test suitable for analysis of nested encryption protocols. Comput. Sci. 42(1), 149–169 (2015)
Xiong, L., Peng, D.Y.: An improved authentication test for security protocol analysis. Commun. Technol. 47(8), 951–954 (2014)
Muhammad, S.: Applying authentication tests to discover man-in-the-middle attack in security protocols. In: Eighth International Conference on Digital Information Management, pp. 35–40 (2013)
Lei, Y.U.: Analysis on properties for principals’ keys on construction of test components. Comput. Eng. Appl. 49(6), 114–117 (2013)
Wei, F., Feng, D.G.: Analyzing trusted computing protocol based on the strand spaces model. Chin. J. Comput. 38(4), 701–716 (2015)
Guttman, J.D.: State and progress in strand spaces: Proving fair exchange. J. Autom. Reason. 48(2), 159–195 (2012)
Ramsdell, J.D., Dougherty, D.J., Guttman, J.D., Rowe, P.D.: A hybrid analysis for security protocols with state. In: Albert, E., Sekerinski, E. (eds.) IFM 2014. LNCS, vol. 8739, pp. 272–287. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10181-1_17
Liu, J.: Automatic verification of security protocols with strand space theory. J. Comput. Appl. 35(7), 1870–1876 (2015)
Khader, A.S., Lai, D.: Preventing man-in-the-middle attack in Diffie-Hellman key exchange protocol. In: International Conference on Telecommunications, pp. 204–208 (2015)
Xu, C., Jia, Z., Ma, Y.: Cryptanalysis and improvement of an enhanced smart card based remote user authentication scheme. J. Comput. Inf. Syst. 10(5), 2035–2042 (2014)
Xu, C., Jia, Z., Wen, F., Ma, Y.: Cryptanalysis and improvement of a dynamic id based remote user authentication scheme using smart cards. J. Comput. Inf. Syst. 9(14), 5513–5520 (2013)
Guttman, J.D., Thayer, F.J.: Authentication tests. In: Proceedings of 2000 IEEE Symposium on Security and Privacy, S&P 2000, pp. 96–109 (2000)
Guttman, J.D., Thayer, F.J.: Authentication tests and the structure of bundles. Theoret. Comput. Sci. 283(2), 333–380 (2002)
Dolev, D., Yao, A.C.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(2), 198–208 (1983)
Diffie, W., Hellman, M.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Yao, M., Zhou, D., Deng, R., Liu, M. (2018). A Security Protocol for Access to Sensitive Data in Trusted Cloud Server. In: Sun, X., Pan, Z., Bertino, E. (eds) Cloud Computing and Security. ICCCS 2018. Lecture Notes in Computer Science(), vol 11064. Springer, Cham. https://doi.org/10.1007/978-3-030-00009-7_48
Download citation
DOI: https://doi.org/10.1007/978-3-030-00009-7_48
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-00008-0
Online ISBN: 978-3-030-00009-7
eBook Packages: Computer ScienceComputer Science (R0)