School Papers

2 Scalability Scalability is the ability of the

2 Evaluation criteria for security frameworks

Number of the security frameworks presented in the survey
deal with the security of files/data created and manipulated on a mobile device
or cloud servers. There is two categories to classifies existing security
frameworks for MCC: (a) data security frameworks and (b) application security
frameworks.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

2.1 Evaluation criteria for data security frameworks

the following evaluation parameters have been selected for
comparing the presented security frameworks.

2.1.1 Basic theory

The basic theory parameter is included to identify the
computational requirements of the discussed security frameworks.

2.1.2 Data protection

The data protection parameter identifies the category of
discussed security frameworks as Data Created and Manipulated on Device
(ProDCMD) or Data Created and Manipulated on Cloud (ProDCMC) .

2.1.3 Data integrity

The data integrity parameter identifies the consideration of
the integrity verification issue in discussed security frameworks.

2.1.4 Scalability

Scalability is the ability of the system to handle a growing
amount of users in an elegant manner. the scalability of the framework is
considered as moderate, otherwise poor.

 2.1.5 Assumption

The assumption parameter identifies the components that are
assumed to be fully trusted, semi-trusted, or distrusted to provide security
features in an MCC environment.

2.1.6 Data access

Data access can be divided into three categories: (a)
automated and (b) semi-automated. Data access is considered to be automated,
if users share encrypted files located on cloud servers among groups of
people and authorized users can access and decrypt files automatically (without
the physical involvement of the file’s owner). The data access is
considered to be semi-automated if the user requires to send some secret
information through other means to access and decrypt the uploaded file.

2.1.7 Authentication

The authentication parameter identifies the consideration of
authentication issue in discussed security frameworks.

2.2 Evaluation criteria for application security
frameworks

The following evaluation parameters have been selected for application
security frameworks.

2.2.1 Application type

Application type parameter is used to identify the mobile
application model or type of mobile application whose security aspects are
covered in the MCC environment.

2.2.2 Security features

Security features parameter identifies the covered security
aspect of mobile applications or mobile application models in the MCC
environment. The security features may be data security, data integrity,
identity privacy, location privacy, authentication, secure data access
management, risk management, or secure routing.

2.2.3 Assumptions

The assumptions’ parameter identifies components that are
assumed to be fully trusted, semi-trusted, or distrusted to provide security
features.

2.2.4 Scalability

The proposed security framework is dependent on some
centralized server managed by a third party to provide security features, the
scalability of the proposed framework is considered moderate, otherwise poor.

3 security frameworks for MCC

 In this
section, we present countermeasure solutions that have been proposed in the
scientific journals and conferences pertaining to securing MCC.

3.1 Data security frameworks

The countermeasures for data security frameworks are
presented in chronological order.

3.1.1 Energy efficient framework for integrity
verification of storage services in MCC

The energy efficient framework for mobile devices to ensure
the integrity of the mobile users’ files/data stored on the cloud server using
the concept of incremental cryptography and trusted computing. The system
design contains three main entities: (a) mobile client, (b) cloud service
provider, and (c) trusted third party.

3.1.2 A framework for secure data service in MCC

The secure data service that outsources data and security
management to cloud in trusted mode. The secure data service allows mobile
users to move data and data sharing overhead to cloud without disclosing any
information. There are three main entities involved in the proposed network
model: (a) data sharer, (b) data owner, and (c) cloud service provider.

3.1.3 A framework for secure storage services in MCC

The scheme for smart phones to ensure the security and
integrity of mobile users’ files stored on cloud server(s). The authors also
introduced an authentication mechanism to authenticate the owner of the
uploaded file on cloud. The proposed framework consists of four modules: (a)
mobile device, (b) cloud service provider, (c) certification authority, and (d)
telecommunication module.

3.1.4 A public provable data possession scheme for MCC

The public provable data possession scheme proposed in 47
for a resource constrained mobile device that ensures the privacy, confidentiality,
and integrity of mobile users’ data stored on cloud. The system model consists
of three main entities: (a) mobile end-user, (b) trusted third party, and (c)
cloud storage service.

3.1.5 Lightweight and compromise resilient storage
outsourcing in MCC

Three schemes to ensure the confidentiality and integrity of
the users’ files stored on cloud. The files are assumed to be created and
operated only on a mobile device. The files may be stored on single or multiple
cloud servers. The authors assume the cloud servers as distrusted nodes, the
mobile device as semi-trusted in case of storage, and trusted in case of
computation.

3.1.5.1 Encryption based scheme
(EnS)

 When a user wants to upload
a file on a cloud server through a mobile device, the user has to provide a
PWD.

3.1.5.2 Coding based scheme
(CoS)

CoS reduces the computation overhead of encryption imposed
by EnS using a lightweight computation operation to preserve the privacy of the
users’ files. When a mobile user wants to upload a file on the cloud server
through a mobile device, the user has to provide a PWD.

3.1.5.3 Sharing based scheme
(ShS)

ShS is more energy efficient as compared to EnS and CoS. The
ShS introduces a simple exclusive OR (xor) based secret sharing mechanism that
requires less computation power on the device side.

3.1.6 A security framework for efficient and secure data
storage services in MCC

A privacy preserving framework called Privacy Preserving
Cipher Policy Attribute-Based Encryption (PP-CP-ABE) for lightweight mobile
devices. The proposed scheme offloads the processing and storage intensive
encryption and decryption operations on cloud without revealing any information
about data contents and security key. The architecture of the proposed scheme
contains four components: (a) data owner,(b) encryption service provider, (c)
decryption service provider, and (d) storage service provider.

 

3.2 Application security frameworks

The countermeasures for application security frameworks are
presented in chronological order.

3.2.1 Securing elastic application on mobile device for
cloud computing

The model for securing an elastic mobile application in a
cloud environment. An elastic application consists of: (a) one or more
weblet(s), (b) user interface, and (c) manifest. The main component on
the device side is the Device Elasticity Manager (DEM) that configures the
application at launch time and makes configuration adjustments at runtime.

3.2.2 lightweight dynamic credential generation mechanism
for user identity protection in MCC

In a cloud computing environment, users’ identity is mainly
verified using digital credential. The problem becomes more sophisticated in a
mobile cloud environment due to the computational limitation of mobile device
of running sophisticated security software. Xiao and Gong 56 proposed a
lightweight algorithm for an MCC environment to generate the automatic dynamic
credentials with the mutual coordination of mobile devices and cloud.

3.2.3 In-device spatial cloaking mechanism for privacy
protection in MCC

Spatial cloaking is used to protect the privacy of a mobile
user while using the location-based services. The top down spatial cloaking
mechanism with and without optimization that utilizes cloud resources to
provide a scalable, efficient, and improved privacy preserving framework for
location based services.

3.2.4 MobiCloud: a secure cloud framework for mobile
computing and communication

The new MCC framework that not only provides conventional
computation services but also improves the functionality of the Mobile Adhoc
Network (MANET ) in terms of risk management, trust management, and secure
routing. The proposed framework alters traditional MANET into a new service
oriented model. The new service oriented model considers each mobile node as a
service node. The service node can provide or consume services depending on the
capability of the node.

3.2.5 Authentication framework for MCC

A policy based cloud authentication platform that
addresses the client device authentication issue in a simple and
flexible manner. The proposed system utilizes the Trusted Cube to manage
the authentication infrastructure and implicit authentication to translate user
behaviors into score. Implicit authentication is also referred as behavioral
authentication. The behavioral authentication uses habits instead of belonging
to authenticate users. With the help of a statistical model, probabilistic
authentication scores are assigned to client devices on the basis of observed
behaviors. The proposed authentication framework compares threshold values with
a user authentication score to identify whether the device is in the hands of a
legitimate user or not. The threshold value is dependent on the type of
application. There are four main components of the system model.

3.2.6 Secure data processing framework for MCC

The secure data processing model for MobiCloud that provides
enhanced security and privacy protection for mobile users with the help of
multi-tenant secure data management, trust management, and a ESSI data
processing model. The proposed model consists of three domains: (a) cloud
public service and storage domain, (b) cloud trusted domain, and (c) cloud
mobile and sensing domain.

3.2.7 A security framework of group location-based mobile
applications in cloud computing

Cloud offers an enormous amount of storage that motivates
the application provider to outsource original database on cloud. One of the
mobile applications that may take advantage of cloud storage is Location-Based
Services (LBS) for mobile. The LBS can utilize the cloud storage to maintain
the large database that may contain historical place information, hotel
information, or entertainment information depending on the application type. In
security framework for LBS that uses a location-based group scheduling service
called JOIN to investigate the security problem in LBS. The JOIN consumes cloud
storage to store data on an outsourced database. The JOIN gathers information
about friends around mobile user(s) and recommends some fascinating activity in
the user(s) vicinity. There are three main components in JOIN: (a) users, (b)
JOIN server, and (c) cloud database.

3.2.8 Privacy preserving schemes for scheduling services

The privacy preserving solutions for mobile devices while
using the scheduling services hosted on cloud. The proposed schemes utilize the
homomorphic properties of well-known cryptographic systems to evaluate the
common availability of the users securely.

3.2.8.1 SchedElG algorithm

The scheme utilizes the homomorphic property of the ELGamal
cryptographic system that allows the scheduling server to compute the
aggregated availability of group members. The aggregated availability is
evaluated by applying multiplication operations on an encrypted schedule of
group members.

3.2.8.2 SchedPa algorithm

The scheme utilizes the homomorphic property of the Paillier
cryptographic system that allows the scheduling server to compute the
aggregated availability of all group members. The aggregated availability is
evaluated by applying multiplication and exponential operations on encrypted
schedule of the group members.

3.2.8.3 SchedGM algorithm

The scheme utilizes the homomorphic property ofthe
Goldwasser–Micali cryptographic system that allows the scheduling server to
compute the common availability of group members. The common availability is
evaluated by applying the multiplication operations on the encrypted schedule
of each group member.

x

Hi!
I'm Rhonda!

Would you like to get a custom essay? How about receiving a customized one?

Check it out