Authentication in mobile cloud computing: A survey

Mobile cloud computing (MCC) is the state-of-the-art mobile distributed computing model that incorporates multitude of heterogeneous cloud-based resources to augment computational capabilities of the plethora of resource-constraint mobile devices. In MCC, execution time and energy consumption are significantly improved by transferring execution of resource-intensive tasks such as image processing, 3D rendering, and voice recognition from the hosting mobile to the cloud-based resources. However, accessing and exploiting remote cloud-based resources is associated with numerous security and privacy implications, including user authentication and authorization. User authentication in MCC is a critical requirement in securing cloud-based computations and communications. Despite its critical role, there is a gap for a comprehensive study of the authentication approaches in MCC which can provide a deep insight into the state-of-the-art research. This paper presents a comprehensive study of authentication methods in MCC to describe MCC authentication and compare it with that of cloud computing. The taxonomy of the state-of-the-art authentication methods is devised and the most credible efforts are critically reviewed. Moreover, we present a comparison of the state-of-the-art MCC authentication methods considering five evaluation metrics. The results suggest the need for futuristic authentication methods that are designed based on capabilities and limitations of MCC environment. Finally, the design factors deemed could lead to effective authentication mechanisms are presented, and open challenges are highlighted based on the weaknesses and strengths of existing authentication methods.