Security analysis of authentication protocols for next-generation mobile and CE cloud services

Digest of Technical Papers - IEEE International Conference on Consumer Electronics

Volumn , Issue , 2011, Pages 83-87

  Grzonkowski, Slawomir ^a   Corcoran, Peter M ^a   Coughlin, Thomas ^b  

^a NATIONAL UNIVERSITY OF IRELAND   (Ireland)

^b NONE

Author keywords

authentication protocol; mobile home network services; mutual authentication; phishing; single sign on; trusted third party; two factor authentication; zero knowledge proof

Indexed keywords

AUTHENTICATION PROTOCOLS; HOME NETWORK SERVICES; MUTUAL AUTHENTICATION; PHISHING; SINGLE SIGN ON; TRUSTED THIRD PARTIES; TWO FACTOR AUTHENTICATION; ZERO KNOWLEDGE PROOF;

AUTHENTICATION; CLOUD COMPUTING; COMPUTER CRIME; CONSUMER ELECTRONICS; NETWORK PROTOCOLS; PERSONAL COMMUNICATION SYSTEMS;

NETWORK SECURITY;

EID: 80054816611     PISSN: 0747668X     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ICCE-Berlin.2011.6031855     Document Type: Conference Paper

References (23)

1. T. Coughlin and M. Alvarex, Angels in our Midst: Associative Metadata in Cloud Storage, CE Society Newsletter, Spring 2011.
2. B. C. Neuman and T. Ts'o. Kerberos: An Authentication Service for Computer Networks. In IEEE Communications, 32(9):33-38, September 1994.
3. B. C. Neuman, T. Yu, S. Hartman and K. Raeburn. The Kerberos Network Authentication System (RFC4120), July 2005.
4. R. M. Needham and M. D. Schroeder. Using encryption for authentication in large networks of computers. Commun. ACM, vol. 21, no. 12, pages 993-999, 1978.
5. S. M. Bellovin and M. Merritt. Limitations of the Kerberos authentication system. SIGCOMM Comput. Commun. Rev., vol. 20, no. 5, pages 119-132, 1990.
6. T. Wen-Guey and H. Chi-Ming. Inter-protocol interleaving attacks on some authentication and key distribution protocols. Information Processing Letters, vol. 69, no. 6, pages 297-302, 1999.
7. T. Yu, S. Hartman and K. Raeburn. The Perils of Unauthenticated Encryption: Kerberos Version 4. In Proceedings of the Network and Distributed System Security Symposium. The Internet Society, 2004.
8. D. Recordon and D. Reed. OpenID 2.0: a platform for user-centric identity management. In DIM'06: Proceedings of the second ACM workshop on Digital identity management, pages 11-16, New York, NY, USA, 2006. ACM Press.
9. B. Adida. The Browser as a Secure Platform for Loosely Coupled Private-Data Mashups. In W2SP 2007, Proceedings of the First Workshop on Web 2.0 Security and Privacy, Oakland, CA, USA, 2007.
10. E. Hammer-Lahav, Ed. The OAuth 1.0 Protocol., http://tools.ietf.org/html/ draft-hammer-oauth-10
11. S. Grzonkowski, W. Zaremba, M. Zaremba and B. McDaniel. Extending Web Applications with a Lightweight Zero Knowledge Proof Authentication. In CSTST'08: Proceedings of the 5th international conference on Soft computing as transdisciplinary science and technology
12. S. Grzonkowski. SeDiCi: An Authentication Service Taking Advantage of Zero-Knowledge Proofs. In Financial Cryptography. Springer, 2010
13. D F Parkhill, The Challenge of the Computer Utility, Addison-Wesley Publishing Company, (1966)
14. S. Subashini, V. Kavitha, "A survey on security issues in service delivery models of cloud computing" in Journal of Network and Computer Applications, Vol. 34, no. 1. (15 January 2011), pp. 1-11.
15. T., Ristenpart, E., Tromer, H., Shacham, and S., Savage. Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In Proceedings of the 16th ACM conference on Computer and communications security (CCS'09). ACM, New York, NY, USA, 199-212, 2009.
16. R., Chow, P., Golle, M. Jakobsson, E., Shi, J., Staddon, R., Masuoka, and J. Molina. Controlling data in the cloud: outsourcing computation without outsourcing control. In Proceedings of the 2009 ACM workshop on Cloud computing security (CCSW'09). ACM, New York, NY, USA, 85-90, 2009.
17. L. M., Kaufman;, Data Security in the World of Cloud Computing, Security & Privacy, IEEE, vol. 7, no. 4, pp. 61-64, July-Aug. 2009
18. M., Armbrust, A., Fox, R., Griffith, A. D., Joseph, R., Katz, A., Konwinski, G., Lee, D., Patterson, A., Rabkin, I., Stoica, and M., Zaharia. 2010. A view of cloud computing. Commun. ACM 53, 4(April 2010), 50-58.
19. B. P., Rimal, A., Jukan, D., Katsaros and Y. Goeleven, Architectural Requirements for Cloud Computing Systems: An Enterprise Cloud Approach, Journal of Grid Computing, Volume 9, Number 1, (March 2011) pp. 3-26.
20. J., Schwenk, N. Gruschka, L. Iacono;, On Technical Security Issues in Cloud Computing, Cloud Computing, 2009. CLOUD'09. IEEE International Conference on, vol., no., pp. 109-116, 21-25 Sept. 2009
21. Cong Wang; Qian Wang; Kui Ren; Wenjing Lou;, Ensuring data storage security in Cloud Computing, Quality of Service, 2009. IWQoS. 17th International Workshop on, vol., no., pp. 1-9, 13-15 July 2009
22. S. Grzonkowski, P. M. Corcoran. A secure and efficient micropayment solution for online gaming. In Proceedings of the International IEEE Consumer Electronics Society's Games Innovations Conference 2009(ICE-GIC 09), 2009.
23. B. Adida. Beamauth: two-factor web authentication with a bookmark. In CCS'07: Proceedings of the 14th ACM conference on Computer and communications security, pages 48-57, New York, NY, USA, 2007. ACM.