Litcius/Paper detail

Two-Factor Mutual Authentication Offloading for Mobile Cloud Computing

Abdelouahid Derhab, Mohamed Belaoued, Mohamed Guerroumi, Farrukh Aslam Khan

2020IEEE Access42 citationsDOIOpen Access PDF

Abstract

Security analysts have shown that it is possible to compromise the mobile two-factor authentication applications that employ SMS-based authentication. In this paper, we consider that offloading mobile applications to the cloud, which is resource-rich and provides a more secure environment, represents a good solution when energy limitation and security constraints are raised. To this end, we propose an offloading architecture for the two-factor mutual authentication applications, and a novel two-factor mutual authentication scheme based on a novel mechanism, named virtual smart card. We also propose a decision-making process to offload the authentication application and its virtual smart card, based on three conditions: security, mobile device's residual energy, and energy cost. We analytically derive the lower-bound on the mobile application running time from the energy cost formula to perform offloading. We analyze and verify the security properties of the proposed architecture, and provide evaluation results of the two-factor mutual authentication protocol and the offloading decision-making process.

Topics & Concepts

Computer scienceMutual authenticationAuthentication (law)Authentication protocolLightweight Extensible Authentication ProtocolComputer networkMobile cloud computingMulti-factor authenticationCloud computingMobile computingMobile deviceComputer securityOperating systemUser Authentication and Security SystemsAdvanced Authentication Protocols SecurityIoT and Edge/Fog Computing