| Summary: | Abstract The emerging area of mobile cloud computing will influence the future of varied applications, such as electronic commerce and health informatics. It is expected to rise in popularity over other models in cloud computing. This is facilitated by its simplicity, accessibility and ease of use. With mobile cloud computing, resource-constrained mobile devices could capitalize on the computation/storage resources of cloud servers via communication networks. Despite the advantage of this innovative computing model, mobile devices in mobile cloud computing are open to more security risks because they often have to access cloud servers through untrusted networks from different locations. Therefore, security is a critical problem to be tackled in mobile cloud computing. One of the most important aspects of mobile cloud computing security is to establish authenticated communication sessions between mobile devices and cloud servers. In this paper, we present a novel authentication scheme, Message Digest-based Authentication (MDA). Technically, MDA strategically incorporates hashing, in addition to traditional user ID and passwords, to achieve mutual authentication. The effectiveness of MDA is validated with Scyther, a widely-used security protocol analyzer. Our experimental results indicate that MDA is capable of withstanding a variety of different security attacks, such as man-in-the-middle, replay attacks, etc.
|
|---|
