The security is one of the most important problem in cloud computing. Recently, many user authentication schemes for cloud computing are proposed. However, most of the previous authentication schemes have some security problems which make the schemes not suitable for cloud computing environment. This paper analyzes an efifciently ID based authentication scheme which has securely problem, and corrects the error. Additionaly, a securely efifcient user authentication scheme is proposed in this paper. The proposed scheme is based on certiifcateless cryptology to enhance the security and shorten the cost as far as possible. Moreover, the terminal identity instead of the user’s real identity in the scheme to realize the anonymity. Besides, the time stamp is used to resist the reply attack. Compared with the related works, the proposed scheme has higher security levels and is more practical than the related works.%云计算的安全问题是云计算技术的核心问题之一。近年来,针对云计算中用户访问的安全问题提出了多个安全认证方案。但是,这些方案大都存在安全漏洞、流程复杂等缺陷,因此不适用于云计算环境。文章首先对一个高效的基于身份云计算认证协议进行分析,指出其算法的错误,并对其进行修正。其次提出一个适用于云计算环境下安全的用户认证方案。方案基于无对运算的无证书密码体系,避免基于身份认证方案的密钥泄露问题。在尽可能简化运算的前提下,提升了安全性。同时,方案使用临时身份代替用户真实身份,从而实现了用户匿名性。为了避免重放攻击,在方案中使用时戳以进一步增强了安全性。与现有相关协议相比,提出的方案有更高的安全级别和尽可能小的认证时延,因此更适合于云计算环境。
展开▼
