Towards secure and cost-effective fuzzy access control in mobile cloud computing

Wei Wu, Shun Hu, Xu Yang, Joseph K. Liu, Man Ho Au

    Research output: Contribution to journalArticleResearchpeer-review

    8 Citations (Scopus)

    Abstract

    In this article, we suggest a secure and cost-effective fuzzy access control protocol in mobile cloud computing. It is especially designed for small and medium enterprises (SMEs) providing business-to-customers services. Our protocol allows the SME to outsource its services to a cloud to reduce the running cost. At the same time, it does not require any communication between the cloud and the SME during user authentication stage. That is, SME can be offline after users have been registered. Users directly deal with the cloud for gaining access. This helps the SME to save a lot of resources, including a large bandwidth connecting with the cloud and a strong firewall system. Meanwhile, the user database never leaves the SME. In addition, our protocol can withstand common attacks such as dictionary attacks for server and phishing attacks for client. Our security protection is especially important for mobile users as mobile devices are easily exposed to such attacks. Furthermore, our protocol provides user traceability to SME and it is very efficient for mobile devices.

    Original languageEnglish
    Pages (from-to)2643-2649
    Number of pages7
    JournalSoft Computing
    Volume21
    Issue number10
    DOIs
    Publication statusPublished - 1 May 2017

    Keywords

    • B2C
    • Cost-effective
    • Fuzzy access-control
    • Mobile cloud
    • Secure
    • SME

    Cite this