Zero-Knowledge Authentication for Secure Multi-cloud Computing Environments
A multi-cloud computing refers to the environment where services such as resources and software, etc., can be shared and provided through an agreement between two or more cloud computing service providers. A user requires multiple authentications in order
- PDF / 175,384 Bytes
- 7 Pages / 439.37 x 666.14 pts Page_size
- 49 Downloads / 213 Views
Abstract&A multi-cloud computing refers to the environment where services such as resources and software, etc., can be shared and provided through an agreement between two or more cloud computing service providers. A user requires multiple authentications in order to use the cloud service between the shared service providers. However at such time, users are exposed to vulnerabilities such as their authentication information being exposed to service providers whom they did not sign up with or being exposed during the multiple authentications. Therefore in this paper, the zero-knowledge authentication protocol for ensuring anonymity is proposed. The proposed protocol is safe for all know vulnerabilities and can be used as a safe protocol in multi-cloud environment. Keywords Anonimity · Authentication · Multi-cloud computing · Security · Zero-knowledge
1
Introduction
A multi-cloud computing refers to the environment where cloud computing service providers with rich resources and cloud computing service providers lacking software can share the advantages and disadvantages to provide the service. In the case of multi-cloud computing based on IaaS(Infrastructure as a Service), since the resources are shared by the service providers, an accurate classification and security on the stored data is required. In the case of PaaS(Platform as a Service) or SaaS(Software as a Service), an accurate measurement such as on usage time is required. In addition, unlike IaaS, since the user must directly access the service providers whom they did not sign up with, association of authentication information and authentications are required [1]. H. Kim · H. Chung · J. Kang() Soongsil University, Dongjak-Gu, Republic of Korea e-mail: {hyungjoo.kim,hsj6553}@ssu.ac.kr, [email protected] © Springer Science+Business Media Singapore 2015 D.-S. Park et al. (eds.), Advances in Computer Science and Ubiquitous Computing, Lecture Notes in Electrical Engineering 373, DOI: 10.1007/978-981-10-0281-6_37
255
256
H. Kim et al.
To achieve this, SSO(Single Sign On), etc. was proposed but it holds problems for storing excessive authentication information and legal issues. In addition, a problem of authentication information being continuously transmitted to the network and a problem of having one's user history being exposed to the unknown service providers exists [2]. Therefore in this paper, a multi-cloud authentication protocol that supports the anonymity based on zero-knowledge is proposed. In the multi-cloud environment based on brokers, the proposed protocol can verify the suitability of the user based on anonymity without exposing themselves by using a temporary ID and zero-knowledge authentication [3].
2
Multi-cloud Computing
This section will describe the multi-cloud and the public, private and hybrid-cloud which form the multi-cloud [4].
2.1
Multi-cloud
A cloud service as an on-demand type of service providers can be used anytime, anywhere through billing. According to the service types, it is divided into SaaS, PaaS and IaaS, and acc
Data Loading...
