[LCB17] Property based Token Attestation in Mobile Computing

Revue Internationale avec comité de lecture : Journal Concurrency and Computation: Practice and Experience, pp. to appear, 2017
Résumé: The surge of the presence of personal mobile devices in multi-environment makes a significant attention to the mobile cloud computing. Along with this concern, security issues also appear as a barrier to prevent the propagation of this trend. This paper focuses on an important feature in many security protocols and application, which is the device attestation in the Mobile Cloud Computing (MCC). The existing remote attestation mechanisms are currently used in trusted computing environment such as Binary Attestation and Property based Attestation. In this paper, by taking advantage of the combination of technologies and trends, such as Trusted Platform Module (TPM), Cloud Computing, and Bring Your Own Device (BYOD), we introduce Property based Token Attestation (PTA) to secure the mobile user in the enterprise cloud environment. In order to accomplish a secure MCC environment, security threats need to be studied and acted accordingly, and therefore, we first represent the common threats and then explain a novel attestation schema for addressing these threats by providing security proofs. In addition, Scyther is in use to verify the correctness of our protocol.


@article {
title="{Property based Token Attestation in Mobile Computing }",
author="T. Le Vinh and H. Cagnon and S. Bouzefrane and B. Soumya ",
journal="Concurrency and Computation: Practice and Experience",
pages="to appear",