Article: A trusted authentication model for remote users under cloud architecture Journal: International Journal of Internet Protocol Technology (IJIPT) 2018 Vol.11 No.2 pp.110 - 117 Abstract: Trusted computing is principle measure to ensure the security of computing platform, which improves the creditability by functions including data protection, identity authentication, integrity measurement, storage and reports. In order to easily provide architecture for security authentication of terminal members, and to protect the user's privacy and secret data, this article studies the remote identification for TPM. It introduces DAA anonymous authentication technology to traditional PKI and adopts improved DAA scheme to provide trusted identity authentication, secure channel establishment and sub-certificate update operation. We propose a new model for identity authentication under trusted computing environment. The scheme constructs a safe elliptic hyperbola by ISSUER and generate DAA certificate, which awards zero knowledge proof to each platform to achieve DAA certificate respectively. Then the code service provided by OPENSSL is used to establish PCA and simulated the AIK certificate process according to creation of AIK certificate. Finally, the experiments are performed under VMware-workstation and SUSE virtual machines, with TPM Emulator and TPM chips simulation, to verify the feasibility of remote user trustworthiness authentication scheme. The remote authentication scheme focused by this article is a protocol with anonymity, authentication and security, which will be useful and applicable in current information society. Inderscience Publishers - linking academia, business and industry through research

Title: A trusted authentication model for remote users under cloud architecture

Authors: Yu-xin Song; Zhong-xia Liao; Yan-hua Liang

Addresses: Zhengzhou Shu Qing Medical College, Zhengzhou City of Henan Province, 450064, China ' Zhengzhou Shu Qing Medical College, Zhengzhou City of Henan Province, 450064, China ' Zhengzhou Shu Qing Medical College, Zhengzhou City of Henan Province, 450064, China

Abstract: Trusted computing is principle measure to ensure the security of computing platform, which improves the creditability by functions including data protection, identity authentication, integrity measurement, storage and reports. In order to easily provide architecture for security authentication of terminal members, and to protect the user's privacy and secret data, this article studies the remote identification for TPM. It introduces DAA anonymous authentication technology to traditional PKI and adopts improved DAA scheme to provide trusted identity authentication, secure channel establishment and sub-certificate update operation. We propose a new model for identity authentication under trusted computing environment. The scheme constructs a safe elliptic hyperbola by ISSUER and generate DAA certificate, which awards zero knowledge proof to each platform to achieve DAA certificate respectively. Then the code service provided by OPENSSL is used to establish PCA and simulated the AIK certificate process according to creation of AIK certificate. Finally, the experiments are performed under VMware-workstation and SUSE virtual machines, with TPM Emulator and TPM chips simulation, to verify the feasibility of remote user trustworthiness authentication scheme. The remote authentication scheme focused by this article is a protocol with anonymity, authentication and security, which will be useful and applicable in current information society.

Keywords: trusted computing; authentication; direct anonymous attestation; DAA; attestation identity key; AIK; TPM; cloud computing.

DOI: 10.1504/IJIPT.2018.092479

International Journal of Internet Protocol Technology, 2018 Vol.11 No.2, pp.110 - 117

Received: 05 Dec 2017
Accepted: 04 Feb 2018
Published online: 21 Jun 2018 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article

Title: A trusted authentication model for remote users under cloud architecture

Keep up-to-date