Article Preview
TopIntroduction
The use of mobile technologies grew by a phenomenal way during the recent years. According to the annual report of Ericsson mobile traffic increased by 55% between 2013 and 2014, more than 4 billion smartphones available on the market in 2016, and 90% of the world population will have a smartphone by 2020. The use of cloud computing has contributed directly to increasing use of mobile services, because it allows users to freely access and use different platforms and applications, and it allows them to store their data in remote servers that they can access anytime and anywhere.
The major concern of the use of Cloud Mobile is security (Fernando, Seng, & Rahayu, 2013) because many attackers constantly try to take advantage of vulnerabilities in mobile networks to access data stored in the remote cloud servers. The use of multi Cloud Computing (Ardagna, 2015) instead of single cloud allowed to offer more possibility in terms of security and data management (Tebaa, & El Hajji, 2014; Aljawarneh, 2011). It allows among others to reduce the risk of data loss, it duplicates the resources and allows dividing the security tasks across multiple servers.
Despite the use of multi cloud services, there are still number of security concerns that are related to the limitation of mobile device resources, the possibility of connection through any network even if it is not secure and lack of authentication and encryption platforms in the majority of the existing mobile applications, in addition to the risk of infection by worms or other malicious codes (Aljawarneh & others, 2016).
The aim of our work is to develop a security platform that allows user authentication and data encryption. We will use for that the properties of homomorphic encryption to generate a robust electronic signature. Then we'll use the features of multi Cloud computing to enhance the authentication mechanism by dividing the verification tasks on different virtual machines so that an attacker will never be able to recover or intercept passwords or some other personal information of the concerned mobile user. We will also use a mechanism that classify the data according to their degree of sensitivity and generates a new password for each new connection to reduce the risk that an attacker can gain access to user's account. As high availability is one of the main aspects of security in Mobile Cloud Computing networks, we developed a recovery mechanism by adding a new backup server, which communicates with the storage server and can take over in case of infection and attacks or when the storage server is down.
The rest of paper is structured as follows. In section 2 we discuss some security notion that will be used in our framework, we enumerate some security issue of mobile networks in Cloud and Multi Cloud Computing and we present some related works. In section 3 we present our proposed framework, and we detail the generation of the homomorphic signature, the authentication and the confidentiality mechanism, and the recovery scheme. We present also a security analysis to prove the robustness of our framework. In section 4 we conclude the paper.