An Enhanced Lightweight Authentication Scheme for Secure Access to Cloud Data

摘要

The use of cloud computing has become increasingly important due to many factors, including the cost-effective architecture that supports data transmission, storage and computation. It has become indispensable to setting up and providing IT services. Among these services, outsourced data storage, or Storage as a Service (StaaS), which is one of the most popular services in cloud computing; it reliably stores large volumes of data. In return, apart from its benefits in terms of cost and ease of management, StaaS poses new problems related to the security of data and their treatments during access. This is due to the storage of data at a distance beyond the perimeters of users and the involvement of one or more third parties such as service providers or infrastructure. Indeed, the provision of sensitive data to an external entity is a serious concern. The major issues of security, privacy and trust remain the main concerns that hamper the mass adoption of the cloud. Therefore, an automatic focus when using cloud services is the presence of a good strong authentication mechanism to properly authenticate users and mitigate as many vulnerabilities as possible. Our work is part of the research theme on security challenges including the protection of personal data during the authentication process, posed in cloud environments. With this in mind, we introduce an authentication mechanism that takes advantage of the opportunities offered by the hybrid cryptography techniques to protect each user's personal data in the cloud environment while preserving its privacy. The experiments show that the authentication mechanism, we offer, surpasses its competitors in terms of communication and computational costs, data confidentiality and integrity, and resistance to various types of attacks.