Abstract
The incessant spurt of research activities to augment capabilities of resource-constrained mobile devices by leveraging heterogeneous cloud resources has created a new research impetus called mobile cloud computing. However, this rapid relocation to the cloud has fueled security and privacy concerns as users’ data leave owner’s protection sphere and enter the cloud. Significant efforts have been devoted by academia and research community to study and build secure frameworks in cloud environment, but there exists a research gap for comprehensive study of security frameworks in mobile cloud computing environment. Therefore, we aim to conduct a comprehensive survey to analyze various cryptographic, biometric and multifactor lightweight solutions for data security in mobile cloud. This survey highlights the current security issues in mobile cloud environment and infrastructure, investigates various data security frameworks and provides a taxonomy of the state-of-the-art data security frameworks and deep insight into open research issues for ensuring security and privacy of data in mobile cloud computing platform.
Similar content being viewed by others
References
Abolfazli S et al (2013) Cloud-based augmentation for mobile devices: motivation, taxonomies, and open challenges. IEEE Commun Surv Tutor 16(1):1–32
Sanaei Z, Abolfazli S, Gani A, Buyya R (2014) Heterogeneity in mobile cloud computing: taxonomy and open challenges. IEEE Commun Surv Tutor 16(1):369–392
Dinh HT, Lee C, Niyato D, Wang P (2013) A survey of mobile cloud computing: architecture, applications, and approaches. Wirel Commun Mob Comput 13(18):1587–1611
Williams B (2012) What is cloud computing?—The journey to cloud. In: Economics of Cloud Computing: An Overview for Decision Makers, 1st edn. Cisco Press, Indiana, pp 1–13
Branch R et al (2014) Cloud computing and big data: a review of current service models and hardware perspectives. J Softw Eng Appl 7(8):686–693
Contu R, Kavanagh KM (2013) Market Trends: Cloud-Based Security Services Market Worldwide, Gartner, G00253813
Cisco Visual Networking Index (2016) Global mobile data traffic forecast update, 2015–2020. White paper, 3rd February 2016
Mobile BPM Market by Solution, Service (Maintenance and Support, Integration and Design, Consulting, and Others), End User (SMBs and Enterprises), Vertical, Deployment Model (Public, Private, Hybrid), and Region—Global Forecast to 2020, Markets and Markets. http://www.marketsandmarkets.com/Market-Reports/mobile-bpm-market-31726258.html. Accessed 15 Feb 2016
Rahimi MR et al (2014) Mobile cloud computing: a survey, state of art and future directions. Mob Netw Appl 19(2):133–143
Fernando N, Loke SW, Rahayu W (2013) Mobile cloud computing: a survey. Future Gener Comput Syst 29(1):84–106
Lei L (2013) Challenges on wireless heterogeneous networks for mobile cloud computing. IEEE Wirel Commun 20(3):34–44
Alizadeh M, Hassan WH (2013) Challenges and opportunities of mobile cloud computing. In: Proceedings of the 9th International Wireless Communications and Mobile Computing Conference (IWCMC). Sardinia, Italy, pp 660–666
Ra MR et al (2011) Odessa: enabling interactive perception applications on mobile devices. In: Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services. ACM, Bethesda pp 43–56
Kovachev D, Cao Y, Klamma R (2011) Mobile cloud computing: a comparison of application models. Comput Res Repos, CoRR. arXiv preprint. arXiv:1107.4940
Guan L, Ke X, Song M, Song J (2011) A survey of research on mobile cloud computing. In: Proceedings of the 10th IEEE/ACIS International Conference on Computer and Information Science, (ICIS’11). Sanya, China, pp 387–392
Rahimi MR, Venkatasubramanian N, Vasilakos AV (2013) Music: mobility-aware optimal service allocation in mobile cloud computing. In: Proceedings of the 6th International Conference on Cloud Computing. IEEE, Santa Clara, pp 75–82
Kumar K, Liu J, Lu YH, Bhargava B (2013) A survey of computation offloading for mobile systems. ACM/Springer MONET 18(1):129–140
Xia F et al (2014) Phone2Cloud: exploiting computation offloading for energy saving on smartphones in mobile cloud computing. Inf Syst Front 16(1):95–111
Yang S et al (2013) Fast dynamic execution offloading for efficient mobile cloud computing. In: Proceedings of the International Conference on Pervasive Computing and Communications (PerCom). IEEE, San Diego, pp 20–28
Yang S et al (2014) Techniques to minimize state transfer costs for dynamic execution offloading in mobile cloud computing. IEEE Trans Mob Comput 13(11):2648–2660
Kaewpuang R, Niyato D, Wang P, Hossain E (2013) A framework for cooperative resource management in mobile cloud computing. IEEE J Sel Areas Commun 31(12):2685–2700
Suo H, Liu Z, Wan J, Zhou K (2013) Security and privacy in mobile cloud computing. In: Proceedings of the 9th International Wireless Communications and Mobile Computing Conference (IWCMC). Sardinia, Italy, pp 655–659
Shahzad A, Hussain M (2013) Security issues and challenges of mobile cloud computing. Int J Grid Distrib Comput 6(6):37–50
Xiao Z, Xiao Y (2013) Security and privacy in cloud computing. IEEE Commun Surv Tutor 15(2):843–859
Sun Y, Zhang J, Xiong Y, Zhu G (2014) Data security and privacy in cloud computing. Int J Distrib Sens Netw 2014:1–9. doi:10.1155/2014/190903
Gonzalez N et al (2012) A quantitative analysis of current security concerns and solutions for cloud computing. J Cloud Comput 1(1):1–18
Shaikh R, Sasikumar M (2015) Trust model for measuring security strength of cloud computing service. Procedia Comput Sci 45:380–389
Li J et al (2015) Identity-based encryption with outsourced revocation in cloud computing. IEEE Trans Comput 64(2):425–437
Sood SK (2012) A combined approach to ensure data security in cloud computing. J Netw Comput Appl 35(6):1831–1838
Kumar R, Rajalakshmi S (2013) Mobile cloud computing: standard approach to protecting and securing of mobile cloud ecosystems. In: Proceedings of the International Conference on Computer Sciences and Applications (CSA). Wuhan, China, pp 663–669
Khan AN, Kiah MLM, Khan SU, Madani SA (2013) Towards secure mobile cloud computing: a survey. Future Gener Comput Syst 29(5):1278–1299
Alizadeh M et al (2016) Authentication in mobile cloud computing: a survey. J Netw Comput Appl 61(2):59–80
Somorovsky J et al (2011) All your clouds are belong to us: security analysis of cloud management interfaces. In: Proceedings of the 3rd ACM Workshop on Cloud Computing Security Workshop, New York, USA, pp 3–14
Sermersheim J (2006) Lightweight directory access protocol (LDAP): the protocol. RFC 4511. http://www.ietf.org/rfc/rfc4511.txt. Accessed 10 Jan 2016
Grobauer B, Walloschek T, Stocker E (2011) Understanding cloud-computing vulnerabilities. IEEE Secur Priv 9(2):50–57
Liu F et al (2013) Gearing resource-poor mobile devices with powerful clouds: architecture, challenges and applications. IEEE Wirel Commun Mag 20(3):14–22
Modi C et al (2013) A survey on security issues and solutions at different layers of Cloud computing. J Supercomput 63(2):561–592
Jansen W, Grance T (2011) Guidelines on security and privacy in public cloud computing. NIST Spec Publ 800(144):10–11
Anati I, Gueron S, Johnson S, Scarlata V (2013) Innovative technology for CPU based attestation and sealing. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy. Tel Aviv, Israel, pp 1–7
Zissis D, Lekkas D (2012) Addressing cloud computing security issues. Future Gener Comput Syst 28(3):583–592
Lamport L (1981) Password authentication with insecure communication. Commun ACM 24(11):770–772
Ren W, Zeng L, Liu R, Cheng C (2016) F2AC: a lightweight, fine-grained, and flexible access control scheme for file storage in mobile cloud computing. Mob Inf Syst 2016:1–9. doi:10.1155/2016/5232846
Messerges TS, Dabbish EA, Sloan RH (2002) Examining smart-card security under the threat of power analysis attacks. IEEE Trans Comput 51(5):541–552
Shoup V, Rubin A (1996) Session key distribution using smart cards. In: Proceedings of the 15th Annual International Conference on Theory and Application of Cryptographic Techniques (EUROCRYPT 96). Saragossa, Spain, pp 321–331
Yang G et al (2008) Two-factor mutual authentication based on smart cards and passwords. J Comput Syst Sci 74(7):1160–1172
Halevi S, Krawczyk H (1999) Public-key cryptography and password protocols. ACM Trans Inf Syst Secur 2(3):230–268
Hwang MS, Li LH (2000) A new remote user authentication scheme using smart cards. IEEE Trans Consum Electron 46(1):28–30
Eyeprint ID. http://www.eyeverify.com/product-technology/core-technology. Accessed 3 April 2016
BioID Web Services (BWS). http://www.bioid.com/products/bws.html. Accessed 3 April 2016
Face.com Opens Free Facial Recognition API. http://www.programmableweb.com/api/face.com. Accessed 3 April 2016
Animetrics Face Recognition (FaceR) API. http://animetrics.com/facer-api-for-face-recognition-applications/. Accessed 3 April 2016
Cloud Based Biometric Authentication Solution for an Online Testing and Assessment company. http://www.calsoftlabs.com/resources/cloud-biometric-authentication-solution.html. Accessed 3 April 2016
Zonouz S et al (2013) Secloud: a cloud based comprehensive and lightweight security solution for smartphones. Comput Secur 37(9):215–227
Simmons GJ (1979) Symmetric and asymmetric encryption. ACM Comput Surv (CSUR) 11(4):305–330
Neuman BC, Ts’O Theodore (1994) Kerberos: an authentication service for computer networks. IEEE Commun Mag 32(9):33–38
Stallings W (2006) Cryptography and network security: principles and practice. Prentice Hall, Upper Saddle River
Krawczyk H, Canetti R, Bellare M (1997) HMAC: Keyed-hashing for message authentication. https://tools.ietf.org/html/rfc2104. Accessed 10 Jan 2015
Pirzada AA, McDonald C (2004) Kerberos-assisted authentication in mobile ad hoc networks. In: Proceedings of the 27th Australasian Conference on Computer Science (ACSC ’04). Dunedin, New Zealand, pp 41–46
Carman DW, Kruus PS, Matt BJ (2000) Constraints and approaches for distributed sensor network security. DARPA Project report (Cryptographic Technologies Group, Trusted Information System, NAI Labs) 1(1)
Ali M et al (2015) SeDaSC: secure data sharing in clouds. IEEE Syst J PP(99):1–10. doi:10.1109/JSYST.2014.2379646
Ren W et al (2011) Lightweight and compromise resilient storage outsourcing with distributed secure accessibility in mobile cloud computing. J Tsinghua Sci Technol 16(5):520–528
Khan AN et al (2014) BSS: block-based sharing scheme for secure data storage services in mobile cloud environment. J Supercomput 70(2):946–976
Diffie W, Hellman ME (1976) New directions in cryptography. IEEE Trans Inf Theory 22(6):644–654
Koscielny C, Kurkowski M, Srebrny M (2013) Public key infrastructure. In: Modern Cryptography Primer. Springer, Berlin, pp 175–191. doi:10.1007/978-3-642-41386-5_7
Hellman M (1978) An overview of public key cryptography. IEEE Commun Mag 16(6):24–32
Rivest R, Shamir A, Adleman L (1978) A method for obtaining digital signatures and public-key cryptosystems. Commun ACM 21(2):120–126
ElGamal T (1985) A public-key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans Inf Theory 31(4):469–472
Miller V (1985) Use of elliptic curves in cryptography. CRYPTO. Lect Notes Comput Sci 85:417–426
Lamport L (1979) Constructing digital signatures from a one-way function. Technical Report CSL-98, SRI International, Palo Alto
Merkle R (1990) A certified digital signature. In: Gilles Brassard G (ed) Advances in Cryptology—CRYPTO ’89. Springer, Berlin, pp 218–238
Mehuron W (1994) Digital Signature Standard (DSS). US Department of Commerce, National Institute of Standards and Technology (NIST). Information Technology Laboratory (ITL). FIPS PEB 1994:186
Han JH, Kim YJ, Jun SI, Chung KI, Seo CH (2002) Implementation of ECC/ECDSA cryptography algorithms based on Java card. In: Proceedings of the 22nd International Conference on Distributed Computing Systems Workshops. Austria, Vienna, pp 272–276
Lee S et al (2010) Two factor authentication for cloud computing. J Inf Commun Converg Eng 8(4):427–432
Xiao S, Gong W (2010) Mobility can help: protect user identity with dynamic credential. In: Proceedings of the 11th International Conference on Mobile Data Management (MDM). IEEE, Kansas City, pp 378–380
Khan AN, Kiah MM, Madani SA, Ali M (2013) Enhanced dynamic credential generation scheme for protection of user identity in mobile-cloud computing. J Supercomput 66(3):1687–1706
Khan AN et al (2013) A study of incremental cryptography for security schemes in mobile cloud computing environments. In: Proceedings of the IEEE Symposium on Wireless Technology and Applications (ISWTA). Kuching, Malaysia. IEEE, pp 62–67
Khalid U et al (2013) Cloud based secure and privacy enhanced authentication & authorization protocol. Procedia Comput Sci 22:680–688
Annappaian DH, Agrawal VK (2015) Multilevel cryptography with metadata and lock approach for storing data in cloud. Trans Netw Commun 2(6):47–55
Lauter K (2004) The advantages of elliptic curve cryptography for wireless security. IEEE Wirel Commun 11(1):62–67
Toorani M, Beheshti A (2008) LPKI-a lightweight public key infrastructure for the mobile environments. In: Proceedings of the 11th International Conference on Communication Systems (ICCS). IEEE, Guangzhou, pp 162–166
Krawczyk H (2005) HMQV: a high-performance secure Diffie-Hellman protocol. In: Advances in Cryptology—CRYPTO’05. LNCS, vol 3621. Springer, Berlin, pp 546–566
Baek J, Steinfeld R, Zheng Y (2007) Formal proofs for the security of signcryption. J Cryptol 20(2):203–235
Myers M et al (1999) X.509 Internet Public Key Infrastructure Online Certificate Status Protocol-OCSP, RFC 2560. http://www.ietf.org/rfc/rfc2560.txt. Accessed 10 March 2016
Pinkas D, Housley R (2002) Delegated Path Validation and Delegated Path Discovery Protocol Requirements, RFC 3379. http://www.ietf.org/rfc/rfc3379.txt. Accessed 12 March 2016
Boneh D, Franklin MK (2001) Identity-based encryption from the Weil pairing. In: Kilian J (ed) Advances in Cryptology-CRYPTO 2001. Springer, Berlin, pp 213–229
Boneh D, Franklin MK (2003) Identity-based encryption from the Weil pairing. SIAM J Comput 32(3):586–615
Gentry C, Silverberg A (2002) Hierarchical ID-based cryptography. In: Zheng Y (ed) Proceedings of Asiacrypt 2002. Springer, Berlin, pp 548–566
Ragini P, Mehrotra S, Venkatesan, (2014) An efficient model for privacy and security in Mobile Cloud Computing. In: Proceedings of the International Conference on Recent Trends in Information Technology (ICRTIT). Chennai, India, pp 1–6
Li H, Dai Y, Tian L, Yang H (2009) Identity-based authentication for cloud computing. In: Jaatun M (ed) Cloud Computing. Springer, Berlin, pp 157–166
Dong X et al (2015) SECO: secure and scalable data collaboration services in cloud computing. Comput Secur 50(5):91–105
Liu W et al (2015) SAKE: scalable authenticated key exchange for mobile e-health networks. Secur Commun Netw. doi:10.1002/sec.1198
Sahai A, Waters B (2005) Fuzzy identity-based encryption. In: Cramer R (ed) Advances in Cryptology-EUROCRYPT. Springer, Berlin, pp 457–473
Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security. Alexandria, Virginia, USA, pp 89–98
Lv Z, Hong C, Zhang M, Feng D (2012) A secure and efficient revocation scheme for fine-grained access control in cloud storage. In: Proceedings of the 4th International Conference on Cloud Computing Technology and Science (CloudCom’12). Taipei, Chennai, India, pp 545–550
Yang K, Jia X, Ren K, Zhang B, Xie R (2013) DAC-MACS: effective data access control for multiauthority cloud storage systems. IEEE Trans Inf Forensics Secur 8(11):1790–1801
Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: Proceedings of 2007 IEEE Symposium on Security and Privacy. California, USA, Berkeley, pp 321–334
Hur J, Noh DK (2011) Attribute-based access control with efficient revocation in data outsourcing systems. IEEE Trans Parallel Distrib Syst 22(7):1214–1221
Yu S, Wang C, Ren K, Lou W (2010) Achieving secure, scalable, and fine-grained data access control in cloud computing. In: Proceedings of IEEE Conference on Computer Communications. San Diego, California, USA, pp 1–9
Sun GZ (2011) CP-ABE based data access control for cloud storage. J China Inst Commun 32(7):146–152
Sandhu RS, Coyne EJ, Feinstein HL, Youman CE (1996) Role-based access control models. Computer 29(2):38–47
Huang D et al (2010) Mobicloud: building secure cloud framework for mobile computing and communication. In: Proceedings of the 5th IEEE International Symposium on Service Oriented System Engineering (SOSE). Nanjing, China, pp 27–34
Zhou Z, Huang D (2011) Efficient and secure data storage operations for mobile cloud computing. In: Proceedings of the 8th International Conference on Network and Service Management. Laxenburg, Austria, pp 37–45
Yu S, Wang C, Ren K, Lou W (2010) Attribute based data sharing with attribute revocation. In: Proceedings of the 5th ACM Symposium on Information. Computer and Communications Security, Beijing, China, pp 261–270
Li F, Rahulamathavan Y, Rajarajan M, Phan RC (2013) Low complexity multi-authority attribute based encryption scheme for mobile cloud computing. In: Proceedings of the 7th International Symposium on Service Oriented System Engineering (SOSE). IEEE, San Francisco, pp 573–577
Chase M, Chow SS (2009) Improving privacy and security in multi-authority attribute-based encryption. In: Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS ’09). Illinois, USA, Chicago, pp 121–130
Lv Z, Chi J, Zhang M, Feng D (2014) Efficiently attribute-based access control for mobile cloud storage system. In: Proceedings of the 13th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). IEEE, Beijing, pp 292–299
Fei L, Rahulamathavan Y, Rajarajan M (2014) LSD-ABAC: Lightweight static and dynamic attributes based access control scheme for secure data access in mobile environment. In: Proceedings of the 39th Conference on Local Computer Networks (LCN). IEE, Edmonton, Alberta, Canada, pp 354–361
Dong X et al (2014) Achieving an effective, scalable and privacy-preserving data sharing service in cloud computing. Comput Secur 42(5):151–164
Wu W et al (2015) Towards secure and cost-effective fuzzy access control in mobile cloud computing. Soft Comput, pp 1–7. doi:10.1007/s00500-015-1964-2
Al-Riyami S, Paterson K (2003) Certificateless public key cryptography. In: Laih CS (ed) Advances in Cryptology-ASIACRYPT. Springer, Berlin, pp 452–473
Xu L, Wu X, Zhang X (2012) CL-PRE: a certificateless proxy re-encryption scheme for secure data sharing with public cloud. In: Proceedings of the 7th ACM Symposium on Information. Seoul, Republic of Korea, Computer and Communications Security, pp 87–88
Seo SH, Nabeel M, Ding X, Bertino E (2014) An efficient certificateless encryption for secure data sharing in public clouds. IEEE Trans Knowl Data Eng 26(9):2107–2119
Yang C, Wang F, Wang X (2007) Efficient mediated certificates public key encryption scheme without pairings. In: Proceedings of the 21st International Conference on Advanced Information Networking and Applications Workshops (AINAW’07). Niagara Falls, Ontario, Canada, pp 109–112
Tsai J (2015) A new efficient certificateless short signature scheme using bilinear pairings. IEEE Syst J PP(99):1–8. doi:10.1109/JSYST.2015.2490163
Zhu L, Tung B (2006) RFC 4556: public key cryptography for initial authentication in Kerberos (PKINIT). IETF Network Working Group
Harbitter A, Menasce DA (2001) The performance of public key-enabled Kerberos authentication in mobile computing applications. In: Proceedings of the 8th ACM Conference on Computer and Communications Security. Pennsylvania, Philadelphia, pp 78–85
Fox A, Gribble SD (1996) Security on the move: indirect authentication using Kerberos. In: Proceedings of the 2nd Annual International Conference on Mobile Computing and Networking. Rye, New York, USA, pp 155–164
Park KW, Lim SS, Park KH (2008) Computationally efficient PKI-based single sign-on protocol, PKASSO for mobile devices. IEEE Trans Comput 57(6):821–834
Yang J et al (2011) Provable data possession of resource constrained mobile devices in cloud computing. J Netw 6(7):1033–1040
Wang Q et al (2009) Enabling public verifiability and data dynamics for storage security in cloud computing. In: Proceedings of the 14th European Conference on Research in Computer Security (ESORICS ’09). Saint-Malo, France, pp 355–370
Carts DA (2011) A review of the Diffie–Hellman algorithm and its use in secure internet protocols. http://www.sans.org/reading_room/whitepapers/vpns/review-diffiehellman-algorithm-secure-internet-protocols_751. Accessed 10 April 2016
Nagaty KA (2014) Mobile health care on a secured hybrid cloud. J Sel Areas Health Inform 4(2):1–9
Sujithra M, Padmavathi G, Narayanan S (2015) Mobile device data security: a cryptographic approach by outsourcing mobile data to cloud. Procedia Comput Sci 47:480–485
Blaze M, Bleumer G, Strauss M (1998) Divertible protocols and atomic proxy cryptography. In: Nyberg K (ed) Advances in Cryptology–EUROCRYPT’98. Springer, Berlin, pp 127–144
Green M, Ateniese G (2007) Identity-based proxy reencryption. In: Katz J (ed) Applied Cryptography and Network Security. Springer, Berlin, pp 288–306
Jia W et al (2011) SDSM: a secure data service mechanism in mobile cloud computing. In: Proceedings of the IEEE Conference on Computer Communications Workshops. Shanghai, China, pp 1060–1065
Tysowski PK, Hasan MA (2011) Re-encryption-based key management towards secure and scalable mobile applications in clouds. In: IACR Cryptology ePrint Archive 668
Khan AN, Kiah MM, Ali M, Shamshirband S (2015) A cloud-manager-based re-encryption scheme for mobile users in cloud environment: a hybrid approach. J Grid Comput 13(4):651–675
Bellare M, Goldreich O, Goldwasser S (1994) Incremental cryptography: the case of hashing and signing. Advances in Cryptology-CRYPTO’94. Springer, Berlin, pp 216–233
Bellare M, Goldreich O, Goldwasser S (1995) Incremental cryptography and application to virus protection. In: Proceedings of the 27th Annual ACM Symposium on Theory of Computing. ACM, Riva, pp 45–56
Bellare M, Micciancio D (1997) A new paradigm for collision-free hashing: incrementality at reduced cost. Advances in Cryptology-EUROCRYPT’97. Springer, Berlin, pp 163–192
Itani W, Kayssi A, Chehab A (2010) Energy-efficient incremental integrity for securing storage in mobile cloud computing. In: Proceedings of the International Conference on Energy Aware Computing (ICEAC ’10). IEEE, Cairo, pp 1–2
Khan AN et al (2014) Incremental proxy re-encryption scheme for mobile cloud computing environment. J Supercomput 68(2):624–651
Wang C, Huaizhi Y (2010) Study of cloud computing security based on private face recognition. In: Proceedings of the International Conference on Computational Intelligence and Software Engineering (CiSE). Wuhan, China, pp 1–5
Derawi MO, Yang B, Busch C (2011) Fingerprint recognition with embedded cameras on mobile phones. In: Prasad R (ed) Security and Privacy in Mobile Information and Communication Systems. Springer, Berlin, pp 136–147
Omri F, Foufou S, Hamila R, Jarraya M (2013) Cloud-based mobile system for biometrics authentication. In: Proceedings of the 13th IEEE International Conference on ITS Telecommunications (ITST). Tampere, Finland, pp 325–330
Pawle A, Pawar P (2013) Face recognition system (FRS) on cloud computing for user authentication. Int J Soft Comput Eng 3(4):189–192
Rassan IA, AlShaher H (2014) Securing mobile cloud computing using biometric authentication (SMCBA). In: Proceedings of the 2014 International Conference on Computational Science and Computational Intelligence (CSCI’14). IEEE, Las Vegas, pp 157–161
Bommagani AS, Valenti MC, Ross A (2014) A framework for secure cloud-empowered mobile biometrics. In: Proceedings of the 2014 Military Communications Conference (MILCOM). IEEE, Baltimore, pp 255–261
Viola P, Jones M (2001) Rapid object detection using a boosted cascade of simple features. In: Proceedings of the 2001 IEEE Conference on Computer Vision and Pattern Recognition, Kauai, Hawaii, USA, pp I-511–I-518
Ahonen T, Hadid A, Pietikainen M (2006) Face description with local binary patterns: application to face recognition. IEEE Trans Pattern Anal Mach Intell 28(12):2037–2041
Fan CI, Lin YH, Hsu RH (2006) Remote password authentication scheme with smart cards and biometrics. In: Proceedings of 49th Annual IEEE Global Telecommunications Conference (GLOBECOM). California, USA, San Francisco, pp 1–5
Khan MK, Kumari S, Gupta MK (2014) More efficient key-hash based fingerprint remote authentication scheme using mobile device. Computing 96(9):793–816
Wu F, Xu L, Kumari S, Li X (2015) A novel and provably secure biometrics-based three-factor remote authentication scheme for mobile client-server networks. Comput Electr Eng 45(7):274–285
Jiang Q et al (2016) A privacy preserving three-factor authentication protocol for e-Health clouds. J Supercomput, pp 1–24. doi:10.1007/s11227-015-1610-x
Wen J, Zhang M, Li X (2005) The study on the application of BAN logic in formal analysis of authentication protocols. In: Proceedings of the 7th International Conference on Electronic Commerce. Xi’an, China, pp 744–747
Xi K et al (2011) A fingerprint based bio-cryptographic security protocol designed for client/server authentication in mobile computing environment. Secur Commun Netw 4(5):487–499
VeriFinger SDK. http://www.neurotechnology.com/verifinger.html. Accessed 15 Dec 2015
Wang Y, Hu J, Phillips D (2007) A fingerprint orientation model based on 2D Fourier expansion (FOMFE) and its application to singular point detection and fingerprint indexing. IEEE Trans Pattern Anal Mach Intell 29(4):573–585
Wang YA, Hu J (2011) Global ridge orientation modeling for partial fingerprint identification. IEEE Trans Pattern Anal Mach Intell 33(1):72–87
Wang P, Ku CC Wang TC (2011) A new fingerprint authentication scheme based on secret-splitting for cloud computing security. Recent Application in Biometrics. InTech Open Access Publisher, Europe, pp 183–196
Bhatia T, Verma AK (2014) Biometric authentication for cloud computing. In: Deka GS (ed) Handbook of Research on Securing Cloud-Based Databases with Biometric Applications. IGI Global, pp 209–235
Chen CL, Lee CC, Hsu CY (2012) Mobile device integration of a fingerprint biometric remote authentication scheme. Int J Commun Syst 25(5):585–597
Cheng H et al (2012) Identity based encryption and biometric authentication scheme for secure data access in cloud computing. Chin J Electron 21(2):254–259
Shor PW (1999) Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Rev 41(2):303–332
Bernstein DJ, Buchmann J, Dahmen E (2009) Post-quantum cryptography. Springer Science & Business Media, Berlin
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Bhatia, T., Verma, A.K. Data security in mobile cloud computing paradigm: a survey, taxonomy and open research issues. J Supercomput 73, 2558–2631 (2017). https://doi.org/10.1007/s11227-016-1945-y
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-016-1945-y