Skip to main content
SpringerLink
Log in

Data security in mobile cloud computing paradigm: a survey, taxonomy and open research issues

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

The incessant spurt of research activities to augment capabilities of resource-constrained mobile devices by leveraging heterogeneous cloud resources has created a new research impetus called mobile cloud computing. However, this rapid relocation to the cloud has fueled security and privacy concerns as users’ data leave owner’s protection sphere and enter the cloud. Significant efforts have been devoted by academia and research community to study and build secure frameworks in cloud environment, but there exists a research gap for comprehensive study of security frameworks in mobile cloud computing environment. Therefore, we aim to conduct a comprehensive survey to analyze various cryptographic, biometric and multifactor lightweight solutions for data security in mobile cloud. This survey highlights the current security issues in mobile cloud environment and infrastructure, investigates various data security frameworks and provides a taxonomy of the state-of-the-art data security frameworks and deep insight into open research issues for ensuring security and privacy of data in mobile cloud computing platform.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11

Similar content being viewed by others

References

  1. Abolfazli S et al (2013) Cloud-based augmentation for mobile devices: motivation, taxonomies, and open challenges. IEEE Commun Surv Tutor 16(1):1–32

    Google Scholar 

  2. Sanaei Z, Abolfazli S, Gani A, Buyya R (2014) Heterogeneity in mobile cloud computing: taxonomy and open challenges. IEEE Commun Surv Tutor 16(1):369–392

    Article  Google Scholar 

  3. Dinh HT, Lee C, Niyato D, Wang P (2013) A survey of mobile cloud computing: architecture, applications, and approaches. Wirel Commun Mob Comput 13(18):1587–1611

    Article  Google Scholar 

  4. Williams B (2012) What is cloud computing?—The journey to cloud. In: Economics of Cloud Computing: An Overview for Decision Makers, 1st edn. Cisco Press, Indiana, pp 1–13

  5. Branch R et al (2014) Cloud computing and big data: a review of current service models and hardware perspectives. J Softw Eng Appl 7(8):686–693

    Article  Google Scholar 

  6. Contu R, Kavanagh KM (2013) Market Trends: Cloud-Based Security Services Market Worldwide, Gartner, G00253813

  7. Cisco Visual Networking Index (2016) Global mobile data traffic forecast update, 2015–2020. White paper, 3rd February 2016

  8. Mobile BPM Market by Solution, Service (Maintenance and Support, Integration and Design, Consulting, and Others), End User (SMBs and Enterprises), Vertical, Deployment Model (Public, Private, Hybrid), and Region—Global Forecast to 2020, Markets and Markets. http://www.marketsandmarkets.com/Market-Reports/mobile-bpm-market-31726258.html. Accessed 15 Feb 2016

  9. Rahimi MR et al (2014) Mobile cloud computing: a survey, state of art and future directions. Mob Netw Appl 19(2):133–143

    Article  Google Scholar 

  10. Fernando N, Loke SW, Rahayu W (2013) Mobile cloud computing: a survey. Future Gener Comput Syst 29(1):84–106

    Article  Google Scholar 

  11. Lei L (2013) Challenges on wireless heterogeneous networks for mobile cloud computing. IEEE Wirel Commun 20(3):34–44

    Article  Google Scholar 

  12. Alizadeh M, Hassan WH (2013) Challenges and opportunities of mobile cloud computing. In: Proceedings of the 9th International Wireless Communications and Mobile Computing Conference (IWCMC). Sardinia, Italy, pp 660–666

    Google Scholar 

  13. Ra MR et al (2011) Odessa: enabling interactive perception applications on mobile devices. In: Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services. ACM, Bethesda pp 43–56

  14. Kovachev D, Cao Y, Klamma R (2011) Mobile cloud computing: a comparison of application models. Comput Res Repos, CoRR. arXiv preprint. arXiv:1107.4940

  15. Guan L, Ke X, Song M, Song J (2011) A survey of research on mobile cloud computing. In: Proceedings of the 10th IEEE/ACIS International Conference on Computer and Information Science, (ICIS’11). Sanya, China, pp 387–392

    Chapter  Google Scholar 

  16. Rahimi MR, Venkatasubramanian N, Vasilakos AV (2013) Music: mobility-aware optimal service allocation in mobile cloud computing. In: Proceedings of the 6th International Conference on Cloud Computing. IEEE, Santa Clara, pp 75–82

    Google Scholar 

  17. Kumar K, Liu J, Lu YH, Bhargava B (2013) A survey of computation offloading for mobile systems. ACM/Springer MONET 18(1):129–140

    Google Scholar 

  18. Xia F et al (2014) Phone2Cloud: exploiting computation offloading for energy saving on smartphones in mobile cloud computing. Inf Syst Front 16(1):95–111

    Article  Google Scholar 

  19. Yang S et al (2013) Fast dynamic execution offloading for efficient mobile cloud computing. In: Proceedings of the International Conference on Pervasive Computing and Communications (PerCom). IEEE, San Diego, pp 20–28

    Google Scholar 

  20. Yang S et al (2014) Techniques to minimize state transfer costs for dynamic execution offloading in mobile cloud computing. IEEE Trans Mob Comput 13(11):2648–2660

    Article  Google Scholar 

  21. Kaewpuang R, Niyato D, Wang P, Hossain E (2013) A framework for cooperative resource management in mobile cloud computing. IEEE J Sel Areas Commun 31(12):2685–2700

    Article  Google Scholar 

  22. Suo H, Liu Z, Wan J, Zhou K (2013) Security and privacy in mobile cloud computing. In: Proceedings of the 9th International Wireless Communications and Mobile Computing Conference (IWCMC). Sardinia, Italy, pp 655–659

    Google Scholar 

  23. Shahzad A, Hussain M (2013) Security issues and challenges of mobile cloud computing. Int J Grid Distrib Comput 6(6):37–50

    Article  Google Scholar 

  24. Xiao Z, Xiao Y (2013) Security and privacy in cloud computing. IEEE Commun Surv Tutor 15(2):843–859

    Article  Google Scholar 

  25. Sun Y, Zhang J, Xiong Y, Zhu G (2014) Data security and privacy in cloud computing. Int J Distrib Sens Netw 2014:1–9. doi:10.1155/2014/190903

    Google Scholar 

  26. Gonzalez N et al (2012) A quantitative analysis of current security concerns and solutions for cloud computing. J Cloud Comput 1(1):1–18

    Article  Google Scholar 

  27. Shaikh R, Sasikumar M (2015) Trust model for measuring security strength of cloud computing service. Procedia Comput Sci 45:380–389

    Article  Google Scholar 

  28. Li J et al (2015) Identity-based encryption with outsourced revocation in cloud computing. IEEE Trans Comput 64(2):425–437

    Article  MathSciNet  MATH  Google Scholar 

  29. Sood SK (2012) A combined approach to ensure data security in cloud computing. J Netw Comput Appl 35(6):1831–1838

    Article  Google Scholar 

  30. Kumar R, Rajalakshmi S (2013) Mobile cloud computing: standard approach to protecting and securing of mobile cloud ecosystems. In: Proceedings of the International Conference on Computer Sciences and Applications (CSA). Wuhan, China, pp 663–669

    Google Scholar 

  31. Khan AN, Kiah MLM, Khan SU, Madani SA (2013) Towards secure mobile cloud computing: a survey. Future Gener Comput Syst 29(5):1278–1299

    Article  Google Scholar 

  32. Alizadeh M et al (2016) Authentication in mobile cloud computing: a survey. J Netw Comput Appl 61(2):59–80

    Article  Google Scholar 

  33. Somorovsky J et al (2011) All your clouds are belong to us: security analysis of cloud management interfaces. In: Proceedings of the 3rd ACM Workshop on Cloud Computing Security Workshop, New York, USA, pp 3–14

  34. Sermersheim J (2006) Lightweight directory access protocol (LDAP): the protocol. RFC 4511. http://www.ietf.org/rfc/rfc4511.txt. Accessed 10 Jan 2016

  35. Grobauer B, Walloschek T, Stocker E (2011) Understanding cloud-computing vulnerabilities. IEEE Secur Priv 9(2):50–57

    Google Scholar 

  36. Liu F et al (2013) Gearing resource-poor mobile devices with powerful clouds: architecture, challenges and applications. IEEE Wirel Commun Mag 20(3):14–22

    Article  Google Scholar 

  37. Modi C et al (2013) A survey on security issues and solutions at different layers of Cloud computing. J Supercomput 63(2):561–592

    Article  Google Scholar 

  38. Jansen W, Grance T (2011) Guidelines on security and privacy in public cloud computing. NIST Spec Publ 800(144):10–11

    Google Scholar 

  39. Anati I, Gueron S, Johnson S, Scarlata V (2013) Innovative technology for CPU based attestation and sealing. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy. Tel Aviv, Israel, pp 1–7

    Google Scholar 

  40. Zissis D, Lekkas D (2012) Addressing cloud computing security issues. Future Gener Comput Syst 28(3):583–592

    Article  Google Scholar 

  41. Lamport L (1981) Password authentication with insecure communication. Commun ACM 24(11):770–772

    Article  MathSciNet  Google Scholar 

  42. Ren W, Zeng L, Liu R, Cheng C (2016) F2AC: a lightweight, fine-grained, and flexible access control scheme for file storage in mobile cloud computing. Mob Inf Syst 2016:1–9. doi:10.1155/2016/5232846

    Google Scholar 

  43. Messerges TS, Dabbish EA, Sloan RH (2002) Examining smart-card security under the threat of power analysis attacks. IEEE Trans Comput 51(5):541–552

    Article  MathSciNet  Google Scholar 

  44. Shoup V, Rubin A (1996) Session key distribution using smart cards. In: Proceedings of the 15th Annual International Conference on Theory and Application of Cryptographic Techniques (EUROCRYPT 96). Saragossa, Spain, pp 321–331

    Google Scholar 

  45. Yang G et al (2008) Two-factor mutual authentication based on smart cards and passwords. J Comput Syst Sci 74(7):1160–1172

    Article  MathSciNet  MATH  Google Scholar 

  46. Halevi S, Krawczyk H (1999) Public-key cryptography and password protocols. ACM Trans Inf Syst Secur 2(3):230–268

    Article  Google Scholar 

  47. Hwang MS, Li LH (2000) A new remote user authentication scheme using smart cards. IEEE Trans Consum Electron 46(1):28–30

    Article  Google Scholar 

  48. Eyeprint ID. http://www.eyeverify.com/product-technology/core-technology. Accessed 3 April 2016

  49. BioID Web Services (BWS). http://www.bioid.com/products/bws.html. Accessed 3 April 2016

  50. Face.com Opens Free Facial Recognition API. http://www.programmableweb.com/api/face.com. Accessed 3 April 2016

  51. Animetrics Face Recognition (FaceR) API. http://animetrics.com/facer-api-for-face-recognition-applications/. Accessed 3 April 2016

  52. Cloud Based Biometric Authentication Solution for an Online Testing and Assessment company. http://www.calsoftlabs.com/resources/cloud-biometric-authentication-solution.html. Accessed 3 April 2016

  53. Zonouz S et al (2013) Secloud: a cloud based comprehensive and lightweight security solution for smartphones. Comput Secur 37(9):215–227

    Article  Google Scholar 

  54. Simmons GJ (1979) Symmetric and asymmetric encryption. ACM Comput Surv (CSUR) 11(4):305–330

    Article  MATH  Google Scholar 

  55. Neuman BC, Ts’O Theodore (1994) Kerberos: an authentication service for computer networks. IEEE Commun Mag 32(9):33–38

    Article  Google Scholar 

  56. Stallings W (2006) Cryptography and network security: principles and practice. Prentice Hall, Upper Saddle River

    Google Scholar 

  57. Krawczyk H, Canetti R, Bellare M (1997) HMAC: Keyed-hashing for message authentication. https://tools.ietf.org/html/rfc2104. Accessed 10 Jan 2015

  58. Pirzada AA, McDonald C (2004) Kerberos-assisted authentication in mobile ad hoc networks. In: Proceedings of the 27th Australasian Conference on Computer Science (ACSC ’04). Dunedin, New Zealand, pp 41–46

    Google Scholar 

  59. Carman DW, Kruus PS, Matt BJ (2000) Constraints and approaches for distributed sensor network security. DARPA Project report (Cryptographic Technologies Group, Trusted Information System, NAI Labs) 1(1)

  60. Ali M et al (2015) SeDaSC: secure data sharing in clouds. IEEE Syst J PP(99):1–10. doi:10.1109/JSYST.2014.2379646

  61. Ren W et al (2011) Lightweight and compromise resilient storage outsourcing with distributed secure accessibility in mobile cloud computing. J Tsinghua Sci Technol 16(5):520–528

    Article  Google Scholar 

  62. Khan AN et al (2014) BSS: block-based sharing scheme for secure data storage services in mobile cloud environment. J Supercomput 70(2):946–976

    Article  Google Scholar 

  63. Diffie W, Hellman ME (1976) New directions in cryptography. IEEE Trans Inf Theory 22(6):644–654

    Article  MathSciNet  MATH  Google Scholar 

  64. Koscielny C, Kurkowski M, Srebrny M (2013) Public key infrastructure. In: Modern Cryptography Primer. Springer, Berlin, pp 175–191. doi:10.1007/978-3-642-41386-5_7

  65. Hellman M (1978) An overview of public key cryptography. IEEE Commun Mag 16(6):24–32

    Article  Google Scholar 

  66. Rivest R, Shamir A, Adleman L (1978) A method for obtaining digital signatures and public-key cryptosystems. Commun ACM 21(2):120–126

    Article  MathSciNet  MATH  Google Scholar 

  67. ElGamal T (1985) A public-key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans Inf Theory 31(4):469–472

    Article  MathSciNet  MATH  Google Scholar 

  68. Miller V (1985) Use of elliptic curves in cryptography. CRYPTO. Lect Notes Comput Sci 85:417–426

    Google Scholar 

  69. Lamport L (1979) Constructing digital signatures from a one-way function. Technical Report CSL-98, SRI International, Palo Alto

  70. Merkle R (1990) A certified digital signature. In: Gilles Brassard G (ed) Advances in Cryptology—CRYPTO ’89. Springer, Berlin, pp 218–238

  71. Mehuron W (1994) Digital Signature Standard (DSS). US Department of Commerce, National Institute of Standards and Technology (NIST). Information Technology Laboratory (ITL). FIPS PEB 1994:186

  72. Han JH, Kim YJ, Jun SI, Chung KI, Seo CH (2002) Implementation of ECC/ECDSA cryptography algorithms based on Java card. In: Proceedings of the 22nd International Conference on Distributed Computing Systems Workshops. Austria, Vienna, pp 272–276

    Chapter  Google Scholar 

  73. Lee S et al (2010) Two factor authentication for cloud computing. J Inf Commun Converg Eng 8(4):427–432

    Google Scholar 

  74. Xiao S, Gong W (2010) Mobility can help: protect user identity with dynamic credential. In: Proceedings of the 11th International Conference on Mobile Data Management (MDM). IEEE, Kansas City, pp 378–380

    Google Scholar 

  75. Khan AN, Kiah MM, Madani SA, Ali M (2013) Enhanced dynamic credential generation scheme for protection of user identity in mobile-cloud computing. J Supercomput 66(3):1687–1706

    Article  Google Scholar 

  76. Khan AN et al (2013) A study of incremental cryptography for security schemes in mobile cloud computing environments. In: Proceedings of the IEEE Symposium on Wireless Technology and Applications (ISWTA). Kuching, Malaysia. IEEE, pp 62–67

    Google Scholar 

  77. Khalid U et al (2013) Cloud based secure and privacy enhanced authentication & authorization protocol. Procedia Comput Sci 22:680–688

    Article  Google Scholar 

  78. Annappaian DH, Agrawal VK (2015) Multilevel cryptography with metadata and lock approach for storing data in cloud. Trans Netw Commun 2(6):47–55

    Google Scholar 

  79. Lauter K (2004) The advantages of elliptic curve cryptography for wireless security. IEEE Wirel Commun 11(1):62–67

    Article  MathSciNet  Google Scholar 

  80. Toorani M, Beheshti A (2008) LPKI-a lightweight public key infrastructure for the mobile environments. In: Proceedings of the 11th International Conference on Communication Systems (ICCS). IEEE, Guangzhou, pp 162–166

    Google Scholar 

  81. Krawczyk H (2005) HMQV: a high-performance secure Diffie-Hellman protocol. In: Advances in Cryptology—CRYPTO’05. LNCS, vol 3621. Springer, Berlin, pp 546–566

  82. Baek J, Steinfeld R, Zheng Y (2007) Formal proofs for the security of signcryption. J Cryptol 20(2):203–235

    Article  MathSciNet  MATH  Google Scholar 

  83. Myers M et al (1999) X.509 Internet Public Key Infrastructure Online Certificate Status Protocol-OCSP, RFC 2560. http://www.ietf.org/rfc/rfc2560.txt. Accessed 10 March 2016

  84. Pinkas D, Housley R (2002) Delegated Path Validation and Delegated Path Discovery Protocol Requirements, RFC 3379. http://www.ietf.org/rfc/rfc3379.txt. Accessed 12 March 2016

  85. Boneh D, Franklin MK (2001) Identity-based encryption from the Weil pairing. In: Kilian J (ed) Advances in Cryptology-CRYPTO 2001. Springer, Berlin, pp 213–229

    Chapter  Google Scholar 

  86. Boneh D, Franklin MK (2003) Identity-based encryption from the Weil pairing. SIAM J Comput 32(3):586–615

    Article  MathSciNet  MATH  Google Scholar 

  87. Gentry C, Silverberg A (2002) Hierarchical ID-based cryptography. In: Zheng Y (ed) Proceedings of Asiacrypt 2002. Springer, Berlin, pp 548–566

    Chapter  Google Scholar 

  88. Ragini P, Mehrotra S, Venkatesan, (2014) An efficient model for privacy and security in Mobile Cloud Computing. In: Proceedings of the International Conference on Recent Trends in Information Technology (ICRTIT). Chennai, India, pp 1–6

  89. Li H, Dai Y, Tian L, Yang H (2009) Identity-based authentication for cloud computing. In: Jaatun M (ed) Cloud Computing. Springer, Berlin, pp 157–166

    Chapter  Google Scholar 

  90. Dong X et al (2015) SECO: secure and scalable data collaboration services in cloud computing. Comput Secur 50(5):91–105

    Article  Google Scholar 

  91. Liu W et al (2015) SAKE: scalable authenticated key exchange for mobile e-health networks. Secur Commun Netw. doi:10.1002/sec.1198

    Google Scholar 

  92. Sahai A, Waters B (2005) Fuzzy identity-based encryption. In: Cramer R (ed) Advances in Cryptology-EUROCRYPT. Springer, Berlin, pp 457–473

    Google Scholar 

  93. Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security. Alexandria, Virginia, USA, pp 89–98

    Google Scholar 

  94. Lv Z, Hong C, Zhang M, Feng D (2012) A secure and efficient revocation scheme for fine-grained access control in cloud storage. In: Proceedings of the 4th International Conference on Cloud Computing Technology and Science (CloudCom’12). Taipei, Chennai, India, pp 545–550

    Chapter  Google Scholar 

  95. Yang K, Jia X, Ren K, Zhang B, Xie R (2013) DAC-MACS: effective data access control for multiauthority cloud storage systems. IEEE Trans Inf Forensics Secur 8(11):1790–1801

    Article  Google Scholar 

  96. Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: Proceedings of 2007 IEEE Symposium on Security and Privacy. California, USA, Berkeley, pp 321–334

    Chapter  Google Scholar 

  97. Hur J, Noh DK (2011) Attribute-based access control with efficient revocation in data outsourcing systems. IEEE Trans Parallel Distrib Syst 22(7):1214–1221

    Article  Google Scholar 

  98. Yu S, Wang C, Ren K, Lou W (2010) Achieving secure, scalable, and fine-grained data access control in cloud computing. In: Proceedings of IEEE Conference on Computer Communications. San Diego, California, USA, pp 1–9

    Google Scholar 

  99. Sun GZ (2011) CP-ABE based data access control for cloud storage. J China Inst Commun 32(7):146–152

    Google Scholar 

  100. Sandhu RS, Coyne EJ, Feinstein HL, Youman CE (1996) Role-based access control models. Computer 29(2):38–47

    Article  Google Scholar 

  101. Huang D et al (2010) Mobicloud: building secure cloud framework for mobile computing and communication. In: Proceedings of the 5th IEEE International Symposium on Service Oriented System Engineering (SOSE). Nanjing, China, pp 27–34

    Google Scholar 

  102. Zhou Z, Huang D (2011) Efficient and secure data storage operations for mobile cloud computing. In: Proceedings of the 8th International Conference on Network and Service Management. Laxenburg, Austria, pp 37–45

    Google Scholar 

  103. Yu S, Wang C, Ren K, Lou W (2010) Attribute based data sharing with attribute revocation. In: Proceedings of the 5th ACM Symposium on Information. Computer and Communications Security, Beijing, China, pp 261–270

    Google Scholar 

  104. Li F, Rahulamathavan Y, Rajarajan M, Phan RC (2013) Low complexity multi-authority attribute based encryption scheme for mobile cloud computing. In: Proceedings of the 7th International Symposium on Service Oriented System Engineering (SOSE). IEEE, San Francisco, pp 573–577

    Google Scholar 

  105. Chase M, Chow SS (2009) Improving privacy and security in multi-authority attribute-based encryption. In: Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS ’09). Illinois, USA, Chicago, pp 121–130

    Google Scholar 

  106. Lv Z, Chi J, Zhang M, Feng D (2014) Efficiently attribute-based access control for mobile cloud storage system. In: Proceedings of the 13th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). IEEE, Beijing, pp 292–299

    Google Scholar 

  107. Fei L, Rahulamathavan Y, Rajarajan M (2014) LSD-ABAC: Lightweight static and dynamic attributes based access control scheme for secure data access in mobile environment. In: Proceedings of the 39th Conference on Local Computer Networks (LCN). IEE, Edmonton, Alberta, Canada, pp 354–361

    Google Scholar 

  108. Dong X et al (2014) Achieving an effective, scalable and privacy-preserving data sharing service in cloud computing. Comput Secur 42(5):151–164

    Article  Google Scholar 

  109. Wu W et al (2015) Towards secure and cost-effective fuzzy access control in mobile cloud computing. Soft Comput, pp 1–7. doi:10.1007/s00500-015-1964-2

  110. Al-Riyami S, Paterson K (2003) Certificateless public key cryptography. In: Laih CS (ed) Advances in Cryptology-ASIACRYPT. Springer, Berlin, pp 452–473

    Google Scholar 

  111. Xu L, Wu X, Zhang X (2012) CL-PRE: a certificateless proxy re-encryption scheme for secure data sharing with public cloud. In: Proceedings of the 7th ACM Symposium on Information. Seoul, Republic of Korea, Computer and Communications Security, pp 87–88

    Google Scholar 

  112. Seo SH, Nabeel M, Ding X, Bertino E (2014) An efficient certificateless encryption for secure data sharing in public clouds. IEEE Trans Knowl Data Eng 26(9):2107–2119

    Article  Google Scholar 

  113. Yang C, Wang F, Wang X (2007) Efficient mediated certificates public key encryption scheme without pairings. In: Proceedings of the 21st International Conference on Advanced Information Networking and Applications Workshops (AINAW’07). Niagara Falls, Ontario, Canada, pp 109–112

    Google Scholar 

  114. Tsai J (2015) A new efficient certificateless short signature scheme using bilinear pairings. IEEE Syst J PP(99):1–8. doi:10.1109/JSYST.2015.2490163

  115. Zhu L, Tung B (2006) RFC 4556: public key cryptography for initial authentication in Kerberos (PKINIT). IETF Network Working Group

  116. Harbitter A, Menasce DA (2001) The performance of public key-enabled Kerberos authentication in mobile computing applications. In: Proceedings of the 8th ACM Conference on Computer and Communications Security. Pennsylvania, Philadelphia, pp 78–85

    Google Scholar 

  117. Fox A, Gribble SD (1996) Security on the move: indirect authentication using Kerberos. In: Proceedings of the 2nd Annual International Conference on Mobile Computing and Networking. Rye, New York, USA, pp 155–164

    Chapter  Google Scholar 

  118. Park KW, Lim SS, Park KH (2008) Computationally efficient PKI-based single sign-on protocol, PKASSO for mobile devices. IEEE Trans Comput 57(6):821–834

    Article  MathSciNet  Google Scholar 

  119. Yang J et al (2011) Provable data possession of resource constrained mobile devices in cloud computing. J Netw 6(7):1033–1040

    Google Scholar 

  120. Wang Q et al (2009) Enabling public verifiability and data dynamics for storage security in cloud computing. In: Proceedings of the 14th European Conference on Research in Computer Security (ESORICS ’09). Saint-Malo, France, pp 355–370

    Google Scholar 

  121. Carts DA (2011) A review of the Diffie–Hellman algorithm and its use in secure internet protocols. http://www.sans.org/reading_room/whitepapers/vpns/review-diffiehellman-algorithm-secure-internet-protocols_751. Accessed 10 April 2016

  122. Nagaty KA (2014) Mobile health care on a secured hybrid cloud. J Sel Areas Health Inform 4(2):1–9

    Google Scholar 

  123. Sujithra M, Padmavathi G, Narayanan S (2015) Mobile device data security: a cryptographic approach by outsourcing mobile data to cloud. Procedia Comput Sci 47:480–485

    Article  Google Scholar 

  124. Blaze M, Bleumer G, Strauss M (1998) Divertible protocols and atomic proxy cryptography. In: Nyberg K (ed) Advances in Cryptology–EUROCRYPT’98. Springer, Berlin, pp 127–144

    Google Scholar 

  125. Green M, Ateniese G (2007) Identity-based proxy reencryption. In: Katz J (ed) Applied Cryptography and Network Security. Springer, Berlin, pp 288–306

    Chapter  Google Scholar 

  126. Jia W et al (2011) SDSM: a secure data service mechanism in mobile cloud computing. In: Proceedings of the IEEE Conference on Computer Communications Workshops. Shanghai, China, pp 1060–1065

    Google Scholar 

  127. Tysowski PK, Hasan MA (2011) Re-encryption-based key management towards secure and scalable mobile applications in clouds. In: IACR Cryptology ePrint Archive 668

  128. Khan AN, Kiah MM, Ali M, Shamshirband S (2015) A cloud-manager-based re-encryption scheme for mobile users in cloud environment: a hybrid approach. J Grid Comput 13(4):651–675

    Article  Google Scholar 

  129. Bellare M, Goldreich O, Goldwasser S (1994) Incremental cryptography: the case of hashing and signing. Advances in Cryptology-CRYPTO’94. Springer, Berlin, pp 216–233

    Google Scholar 

  130. Bellare M, Goldreich O, Goldwasser S (1995) Incremental cryptography and application to virus protection. In: Proceedings of the 27th Annual ACM Symposium on Theory of Computing. ACM, Riva, pp 45–56

    Google Scholar 

  131. Bellare M, Micciancio D (1997) A new paradigm for collision-free hashing: incrementality at reduced cost. Advances in Cryptology-EUROCRYPT’97. Springer, Berlin, pp 163–192

    Google Scholar 

  132. Itani W, Kayssi A, Chehab A (2010) Energy-efficient incremental integrity for securing storage in mobile cloud computing. In: Proceedings of the International Conference on Energy Aware Computing (ICEAC ’10). IEEE, Cairo, pp 1–2

    Chapter  Google Scholar 

  133. Khan AN et al (2014) Incremental proxy re-encryption scheme for mobile cloud computing environment. J Supercomput 68(2):624–651

    Article  Google Scholar 

  134. Wang C, Huaizhi Y (2010) Study of cloud computing security based on private face recognition. In: Proceedings of the International Conference on Computational Intelligence and Software Engineering (CiSE). Wuhan, China, pp 1–5

    Google Scholar 

  135. Derawi MO, Yang B, Busch C (2011) Fingerprint recognition with embedded cameras on mobile phones. In: Prasad R (ed) Security and Privacy in Mobile Information and Communication Systems. Springer, Berlin, pp 136–147

    Google Scholar 

  136. Omri F, Foufou S, Hamila R, Jarraya M (2013) Cloud-based mobile system for biometrics authentication. In: Proceedings of the 13th IEEE International Conference on ITS Telecommunications (ITST). Tampere, Finland, pp 325–330

    Google Scholar 

  137. Pawle A, Pawar P (2013) Face recognition system (FRS) on cloud computing for user authentication. Int J Soft Comput Eng 3(4):189–192

    Google Scholar 

  138. Rassan IA, AlShaher H (2014) Securing mobile cloud computing using biometric authentication (SMCBA). In: Proceedings of the 2014 International Conference on Computational Science and Computational Intelligence (CSCI’14). IEEE, Las Vegas, pp 157–161

    Google Scholar 

  139. Bommagani AS, Valenti MC, Ross A (2014) A framework for secure cloud-empowered mobile biometrics. In: Proceedings of the 2014 Military Communications Conference (MILCOM). IEEE, Baltimore, pp 255–261

    Chapter  Google Scholar 

  140. Viola P, Jones M (2001) Rapid object detection using a boosted cascade of simple features. In: Proceedings of the 2001 IEEE Conference on Computer Vision and Pattern Recognition, Kauai, Hawaii, USA, pp I-511–I-518

  141. Ahonen T, Hadid A, Pietikainen M (2006) Face description with local binary patterns: application to face recognition. IEEE Trans Pattern Anal Mach Intell 28(12):2037–2041

    Article  MATH  Google Scholar 

  142. Fan CI, Lin YH, Hsu RH (2006) Remote password authentication scheme with smart cards and biometrics. In: Proceedings of 49th Annual IEEE Global Telecommunications Conference (GLOBECOM). California, USA, San Francisco, pp 1–5

    Google Scholar 

  143. Khan MK, Kumari S, Gupta MK (2014) More efficient key-hash based fingerprint remote authentication scheme using mobile device. Computing 96(9):793–816

    Article  MathSciNet  Google Scholar 

  144. Wu F, Xu L, Kumari S, Li X (2015) A novel and provably secure biometrics-based three-factor remote authentication scheme for mobile client-server networks. Comput Electr Eng 45(7):274–285

    Article  Google Scholar 

  145. Jiang Q et al (2016) A privacy preserving three-factor authentication protocol for e-Health clouds. J Supercomput, pp 1–24. doi:10.1007/s11227-015-1610-x

  146. Wen J, Zhang M, Li X (2005) The study on the application of BAN logic in formal analysis of authentication protocols. In: Proceedings of the 7th International Conference on Electronic Commerce. Xi’an, China, pp 744–747

    Google Scholar 

  147. Xi K et al (2011) A fingerprint based bio-cryptographic security protocol designed for client/server authentication in mobile computing environment. Secur Commun Netw 4(5):487–499

    Article  Google Scholar 

  148. VeriFinger SDK. http://www.neurotechnology.com/verifinger.html. Accessed 15 Dec 2015

  149. Wang Y, Hu J, Phillips D (2007) A fingerprint orientation model based on 2D Fourier expansion (FOMFE) and its application to singular point detection and fingerprint indexing. IEEE Trans Pattern Anal Mach Intell 29(4):573–585

    Article  Google Scholar 

  150. Wang YA, Hu J (2011) Global ridge orientation modeling for partial fingerprint identification. IEEE Trans Pattern Anal Mach Intell 33(1):72–87

    Article  Google Scholar 

  151. Wang P, Ku CC Wang TC (2011) A new fingerprint authentication scheme based on secret-splitting for cloud computing security. Recent Application in Biometrics. InTech Open Access Publisher, Europe, pp 183–196

  152. Bhatia T, Verma AK (2014) Biometric authentication for cloud computing. In: Deka GS (ed) Handbook of Research on Securing Cloud-Based Databases with Biometric Applications. IGI Global, pp 209–235

  153. Chen CL, Lee CC, Hsu CY (2012) Mobile device integration of a fingerprint biometric remote authentication scheme. Int J Commun Syst 25(5):585–597

    Article  Google Scholar 

  154. Cheng H et al (2012) Identity based encryption and biometric authentication scheme for secure data access in cloud computing. Chin J Electron 21(2):254–259

    Google Scholar 

  155. Shor PW (1999) Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Rev 41(2):303–332

    Article  MathSciNet  MATH  Google Scholar 

  156. Bernstein DJ, Buchmann J, Dahmen E (2009) Post-quantum cryptography. Springer Science & Business Media, Berlin

    Book  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Thapar University, Patiala, India

    Tarunpreet Bhatia & A. K. Verma

Authors
  1. Tarunpreet Bhatia
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. A. K. Verma
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Tarunpreet Bhatia.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Bhatia, T., Verma, A.K. Data security in mobile cloud computing paradigm: a survey, taxonomy and open research issues. J Supercomput 73, 2558–2631 (2017). https://doi.org/10.1007/s11227-016-1945-y

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-016-1945-y

Keywords

Search

Navigation