Security Analysis of Smartphone and Cloud Computing Authentication Frameworks and Protocols
We live in a digital world where every detail of our information is being transferred from one smart device to another via cross-platform, third-party cloud services. Smart technologies, such as, Smartphones are playing dynamic roles in order to successfully complete our daily routines and official tasks that require access to all types of critical data. Before the advent of these smart technologies, securing critical information was quite a challenge. However, after the advent and global adoption of such technologies, information security has become one of the primary and most fundamental task for security professionals. The integration of social media has made this task even more challenging to undertake successfully. To this day, there are plentiful studies in which numerous authentication and security techniques were proposed and developed for Smartphone and cloud computing technologies. These studies have successfully addressed multiple authentication threats and other related issues in existing Smartphone and cloud computing technologies. However, to the best of our understanding and knowledge, these studies lack many aspects in terms of authentication attacks, logical authentication analysis and the absence of authentication implementation scenarios. Due to these authentication anomalies and ambiguities, such studies cannot be fully considered for successful implementation. Therefore, in this paper, we have performed a comprehensive security analysis and review of various Smartphone and cloud computing authentication frameworks and protocols to outline up-to-date authentication threats and issues in the literature. These authentication challenges are further summarized and presented in the form of different graphs to illustrate where the research is currently heading. Finally, based on those outcomes, we identify the latest and existing authentication uncertainties, threats and other related issues to address future directions and open research issues in the domain of Smartphone- and cloud-computing authentication.
Smartphones are playing a vigorous role to accomplish our daily tasks and routines. From waking-up to going-to-bed, every routine is now linked and performed with the help of Smartphone applications. Based on Web of Sciences citation analysis, the rising trend of Smartphone usage has made information security a more challenging task, and a consequent increase in research and citations in the past two decades. Additionally, with the advent and integration of Cloud Computing (CC) technologies, security and privacy issues have become more challenging. Our data, which was initially stored on our hard drives, is now mainly stored on third-party Cloud Servers. Moreover, 75% of Smartphone applications require access to critical user data, including Location, Device ID, Camera, Contacts etc.
• The use of those technologies has made smart phones vulnerable to Smartphone-level security threats, and has increased susceptibility to third-part security threats.
• The shared resources like CC, securing critical information is not a normal task due to its dependency on loosely coupled cloud resources.
In this work , multiple authentication frameworks and protocols are proposed and developed to provide end-to-end security, privacy and verification to all entities and domains. However, there remains plenty to cover and explore in terms of security and privacy in Smartphones and CC authentication frameworks. The purpose of this work is to analyze and document existing and primary security challenges pertaining to Smartphones and CC Authentication Frameworks and Protocols.
The use of modern technologies, such as Smartphone’s, have increased the demand for more secure, reliable and user- friendly authentication systems to facilitate genuine end-users. Existing Smartphone and CC authentication frameworks and protocols are defenseless against a number of authentication and security attacks. This study has performed a detailed review of several authentication frameworks and protocols to outline and address many persistent security issues/flaws and other limitations. The primary objective of this study was to summarize and highlight security vulnerabilities and other alarming issues to discover the current state-of-the-art in the domain. The security vulnerabilities and issues outlined shall assist in enabling the full and complete potential of 3FA authentication frameworks and protocols in Smartphones and CC environments.