Mobile Cloud Computing: Security Analysis

Abstract

This paper provides a comprehensive security analysis of Mobile Cloud Computing (M2C). It first describes two Cloud Computing (CC) scenarios. The first scenario describes one Cloud service provider providing all necessary services. The second scenario describes the case of two Cloud service providers collaborating to provide necessary services for one Client. The two scenarios focus on Authentication. Based on the use-case scenarios, the paper presents a generic model for M2C with a description of entities and interactions among them. Based on this model, the paper analyzes potential security threats, in order to specify a set of general security requirements, with an emphasis on Authentication. These requirements could provide guidance to future security solutions or Authentication solutions for M2C communication and/or risk assessment.