Secure identity management in mobile cloud computing

Mobile cloud computing (MCC) is a platform that allows mobile users to offload the computationally rigorous and storage demanding tasks on available cloud resources using wireless access. The major concern with MCC is the privacy of data. Mobile users give confidential information through the network, that if not safeguarded may lead to security issues. Identity Management (IDM) is the management of user identities, their authentication, and authorization in the cloud environment. The existing Consolidated Identity Management (CIDM) overcomes the network traffic interception in the traditional IDM but is prone to Identity theft in case of Identity Management Server (IDMS) compromise. This work is focused on the development of a Secure Identity Management (SIDM) that alleviates the attacks in the CIDM by using techniques that strengthens the authentication process and identity privacy. A secure IDM is developed using two-step authentication process which involves Zero Knowledge Proof (ZKP) and token verification. The proposed SIDM model reduces the consequences of Identity server compromise attack. There is a marginal increase in the communication overhead of SIDM compared to that of CIDM but it can be compromised to realize the benefits of identity privacy. The analysis of the experimental results shows that there is an overall increase of thirty percent in communication overhead when compared to CIDM.