Research On Security Key Technologies In The Mobile Cloud

Cloud computing is a type of internet-based computing model. It can effectively integrate computing resources distributed in various spatial locations, such storage and bandwidth, and provide users with a simple and unified interface. Thus, cloud comput-ing has gained widely attention and practice in industry, and many companies, such as Amazon, Microsoft, IBM, and Google, have launched their cloud computing solutions. Mobile computing is a computing model, in which data are processed on mobile devices, such as smart phones and tablets, and transmitted through wireless networks. Since mobile computing enables the capability of obtaining information and services on the internet anytime and anywhere, it greatly changes people's daily life and work. Mobile cloud computing is the combination of cloud computing and mobile computing. Gen-erally speaking, service providers provide users with a variety of resources through the cloud computing model, while users obtain such cloud resources anytime and anywhere through the mobile computing model. Thus, mobile cloud computing has become an emerging paradigm of concern.Since mobile cloud computing platform is also an information system, it should meet the basic requirements in information security, including integrity, confidentiality, and availability. However, due to the characteristics of large scale, high dynamic, and limited client resources, there are many challenges to achieve security in the mobile cloud environment.With the popularity of cloud collaboration model, more and more cloud storage providers have introduced file sharing services for enterprise customers. In such services, a group of users can access and edit shared files stored in th cloud, and protecting the integrity of shared files is an urgent task. Traditional solutions cannot handle large-scale data and high dynamic membership, and even cannot meet the functional requirements of real-world cloud storage system, such as inserting data blocks and acquiring version history. To tackle this situation, we proposed an integrity auditing scheme for shared files in the cloud that supports full dynamic and efficient user revocation. Experimental results show that our scheme is suitable for resource-constrained mobile devices, and greatly reduces the computation and storage costs of cloud servers and auditors.Cloud computing has created a low-cost operating platform for service providers in various industries, thus it is adopted by many enterprise customers. For example, stream media service providers, such as Spotify and Netflix, have outsourced their services and data to the cloud. Thus, protecting data confidentiality and making authorized users to easily access the subscribed content become an urgent task. Traditional solutions bring huge computation and communication costs to the cloud servers and mobile devices when the membership frequently changes, which makes these solutions inefficient in this scenario. To tackle this situation, we proposed an access control scheme for stream media data in the cloud that supports independent update. Experimental results show that our scheme does not bring extra cost to the mobile devices when the membership is changed, and can effectively realize data confidentiality and access control.In order to authenticate mobile devices and verify the authenticity of messages, cloud servers usually employ digital signatures to verify received messages. Since the cloud servers has to deal with large-scale concurrent connections, and an attacker may be inject invalid signatures to consume server resources, it is a huge challenge to rapidly verify received requests and identify invalid signatures, which reduces the damage to systems and improves the availability of cloud services. Traditional solutions can only deal with specific types of attackers, and cannot effectively handle unknown adversaries in the cloud environment. To tackle this situation, we proposed a self-adaptive auto-match secure access scheme for mobile devices in the cloud. Experimental results show that our scheme can rapidly respond in various attack scenarios, and choose the most appropriate defence strategy.