Elsevier, Future Generation Computer Systems, (78), p. 1005-1019
DOI: 10.1016/j.future.2016.12.028
Full text: Unavailable
With the widespread popularity and usage of Internet-enabled devices, Internet of things has become popular now a days. However, data generated from various smart devices in IoT is one of the biggest concerns. To process such a large database repository generated from all types of devices in IoT, Cloud Computing (CC) has emerged as a key technology. But, the private information from IoT devices is stored in distributed private cloud server so that only legitimate users are allowed to access the sensitive information from the cloud server. Keeping focus on all these points, this article first shows security vulnerabilities of the multi-server cloud environment of the protocols proposed by Xue et al. and Chuang et al. Then, we propose an architecture which is applicable for distributed cloud environment and based on it, an authentication protocol using smartcard has been proposed, where the registered user can access all private information securely from all the private cloud servers. To proof security strength of our protocol, we have used AVISPA tool and BAN logic model in this article. In addition, informal cryptanalysis confirms that the protocol is protected against all possible security threats. The performance analysis and comparison confirm that the proposed protocol is superior than its counterparts.