ABE and Auditing Algorithm Based Secure Fine-Grained Data Access Control Over Multiple Cloud Servers

(1)

ISSN 2395-1621 ABE and Auditing Algorithm Based

Secure Fine-Grained Data Access Control Over Multiple Cloud Servers

#1Mrs. Nilam Manikrao Deshmukh, ^#2Prof. Rakesh S. Shirsath

1[email protected]

#12Computer Engineering Department,

#1PG Student, Savitribai Phule Pune University,

#2Assistant Professor, SPPU SITRC, Nashik-422213, India

ABSTRACT ARTICLE INFO

With the flourishing growth of the cloud computing, privacy and security worries of outsourcing data have been increasing to a great extent. Mobile cloud model aids for analysing the information related with patients data and to give recommendations in healthcare applications. A fine-grained level access management of multi-server cloud information is an essential requirement for successful implementation of end users applications, in mobile cloud computing In this paper, we present a new plan that gives a combined approach of fine grained access control over cloud-based multi- server information beside a incontrovertibly secure mobile user authentication mechanism for the Healthcare Industry using ABE algorithm. We as a proposed system will use an auditing technique for fraud detection of data on cloud side. First, a distributed and modular perceiving architecture for large-scale virtual machines service behaviour is proposed relying on distributed monitoring agents. Then, an adaptive, lightweight, and parallel trust computing scheme is proposed for big monitored data. Evaluation of analysis and results of the experiment confirms the feasibility and effectiveness of the proposed scheme.

Keywords: Put Distributed mobile cloud computing, Healthcare industry 4.0, Fine grained access control, User authentication, attribute-based encryption, Security.

Article History Received: 1^stApril 2019 Received in revised form : 1^stApril 2019

Accepted: 3^rd April 2019 Published online : 11^th April 2019

I. INTRODUCTION

The fast advent along with evolution of cloud/edge computing, Internet of Things (IoT), and big data technologies transforming Health and the entire Industry 4.0.

in the healthcare applications. The Healthcare Industry 4.0 permits to increasing flexibility in various aspects including production, speed up both manufacturing as well as market processes, increase both the productivity, quality of product and change business models modifying the interaction with value chain, competitors and clients. Physicians and hospitals opt for some strategies in order to improve flexibility in business, while exhibiting greater healthcare value. Ratchinsky pointed out that 3:73 billion in healthcare spending on cloud services already occurs in the year 2015 and it will push that number nearly threefold to 9:5 billion by 2020. Thus, cloud-based computing is on the rise in healthcare as physicians, hospital administrators and patients demand cost efficiency, access to information, and security In distributed mobile cloud computing (MCC),

mobile users access cloud server data from various cloud servers using mobile App or web browser. The MCC environment is composed of various mobile users and multiple distributed cloud servers. These cloud servers may contain various types of data attributes, which can be accessed by a wide range of mobile users. Interestingly, these cloud server data attributes are quite heterogeneous in nature. There might be some server data attributes which are restricted to be accessed by only privileged users. Hence, a fine-grained access control of data attributes of multiple servers is required. Fine grained access control provides access permission to a particular privileged user.

 The proposed scheme is the first to realize fine- grained data access management over multiple cloud servers in an exceedingly mobile cloud computing environment.

 The proposed scheme provides a combined approach of mutual authentication of users and fine-grained access control over the multi-server environment.

(2)

 The user authentication and fine-grained server data access control procedure avoid any involvement of registration center (except setup and registration phases).

 Design of proposed scheme is mostly based on one way hash function and bitwise XOR operations, thereby making it practically apt for a battery-limited mobile devices and resource-limited smart card.

 The proposed scheme is provably secure to defend possible security attacks. Moreover, it supports mobile user untraceability and anonymity.

A. Objectives

Objectives of System are to provide a combined approach of fine-grained access control over cloud-based multi-server data, to pursue fine-grained data access control over multiple cloud servers, to detect possible security attacks real-time, to provide prevention technique.

 To provide authorized access with reduced computation time and less user overhead using fine grained access control algorithms.

 To reduce a load of cloud server through multi- authority access control scheme and efficient.

 Key distribution.

 To provide a combined approach of fine-grained access control over cloud based multi-server data.

 To pursue fine-grained data access control over multiple cloud servers.

 To detect possible security attacks real-time.

 To provide prevention technique

II. LITERATURESURVEY

Attribute Based Access Control. There is a sizable literature on ABAC in general. Damiani et al [8] described a framework for ABAC in open environments. Wang et al [9]

proposed a framework that models an ABAC system using logic programming with set constraints of an estimable theory. The flexible access control system [10] can specify various ABAC policies and provide a language that permits the specification of general constraints on authorizations.

Fine-grained Data Access Control in Cloud Computing.

A fine grained access control policies is proposed for privacy preserving data sharing in the cloud that ensures both semantic security and effective availability of user data.

Proposed a hierarchical fine-grained access control scheme that relies on Hierarchical CBE and CP-ABE.

Attribute-Based Encryption.(ABE) determines decipherment ability supported a user’s attributes. In a multi-authority ABE scheme, multiple attribute authorities monitor completely different sets of attributes and issue corresponding decryption keys to users and encryptions can require that a user acquire keys for applicable attributes from each authority before decrypting a message.

We briefly discuss the potential for cloud computing in the healthcare industry indicating how the healthcare industry takes advantage of cloud based technology [3], [4], [5]. The fast advent along with evolution of cloud/edge computing, Internet of Things (IoT), and big data

technologies transform eHealth and the entire Industry 4.0 in the healthcare applications. The Healthcare Industry 4.0 permits to increase flexibility in various aspects including production, speed up both manufacturing as well as market processes, increase both the productivity, quality of product and change business models modifying the interaction with value chain, Competitors and clients. Hospitals and physicians opt for some strategies in order to increase business flexibility, while demonstrating greater healthcare value.

Ratchinsky [6] pointed out that 3:73 billion in healthcare spending on cloud services already occurs in the year 2015 and it will push that number nearly threefold to 9:5 billion by 2020. Thus, cloud-based computing is on the rise in healthcare as physicians, hospital administrators and patients demand cost efficiency, access to information, and security. Over the last few years, researchers have put separate contribution for the design of multi-server user authentication and fine-grained access control over data stored on cloud servers. Based on primitive work of Key- Policy Attribute- Based Encryption (KP-ABE) [8], several fine-grained access control schemes have been proposed in recent years, which are designed for different applications:

wireless sensor network (WSN) security [9], [10], cloud security [11] and e-healthcare system [12].

Also, some other works on user authentication schemes over distributed mobile cloud computing are detailed in [2], [13], [14]. As mobile users access cloud server data over a public and insecure channel, secure mutual authentication between mobile users and cloud servers has utmost importance [2], [15]. Keeping in view about the resource- constrained condition of user mobile device, the design of this authentication process should be sufficiently lightweight. A brief literature survey on authentication mechanism in mobile cloud computing reveals that no such notable research work has been executed on the design of dynamic fine-grained data access control over multiple cloud server data [8], [12]. All the existing related fine- grained access control schemes were designed for a single server environment only. Before granting access permission of own data attributes, every cloud server CSj verifies the authenticity of the mobile user. The authentic user MUi can access the data attributes of server CSj , if it has proper access privilege or access permission as set by the respective server.

The idea of ABE was presented by Sahai and Waters, who also offered a particular system called Fuzzy Identity- Based Encryption. The Fuzzy-IBE system builds on several data through Identity-Based Encryption in IBE, an identity is considered as a set of attributes. FIBE allows for a private key for an identity, to decrypt to a cipher text encrypted with an identity, only if the identities are related to each other as measured by the distance metric. meaning, if the message is encrypted with combination of an attributes, a private key for a set of attributes enables decrypting that message, Thus, FIBE attain error tolerance making it appropriate for use with biometric identities. But, it has limited applicability to access control of data.

A distributed mobile cloud computing environment contains multiple cloud servers with a wide range of data attributes. In various cases, these cloud servers might not intend to provide all data access to all the mobile users.

(3)

different server’s data access right. Different mobile users can access multiple cloud server data as per their access privilege. Moreover, as cloud servers allow an access to their data to the mobile users, a secured user authentication mechanism is quite necessary. The authentication procedure should be lightweight as users might use a low-cost resource-constrained device. This motivates us to design a scheme for one-grained access control of multiple server data along combined with secure mutual authentication of mobile users.

III. PROPOSEDSYSTEM

a. Problem statement and Motivation

A distributed mobile cloud computing environment contains multiple cloud servers with a wide range of data attributes. In various cases, these cloud servers might not intend to provide all data access to all the mobile users.

However, different user’s privilege might be set to control different server’s data-access right. Different mobile users can access multiple cloud server data as per their access privilege. Furthermore, as cloud servers permit an access to their information to the mobile users, a secured user authentication mechanism is quite necessary. The authentication procedure should be light weight as users might use a low-cost resource-constrained device. This motivates us to design a scheme for fine-grained access control of multiple server data along combined with secure mutual authentication of mobile users. To develop a new plan which can provide a combined approach of fine- grained access control over cloud based multi-server data along with a provably secure mobile user authentication mechanism.

b. System Overview

Proposed work is detailed as below. Initially basic modules of the system are mentioned and later their detail working is explained.

 Setup phase

 Mobile user registration phase

 Login phase

 User authentication and authorization phase

 Password change phase

 Data auditing phase

Fig. 1. Architecture of System

The proposed scheme is the first to realize fine-grained data access control over several cloud servers in a cloud computing environment. The proposed scheme provides a

combined approach of mutual authentication of users and fine-grained access control over the multi-server environment. The user authentication and fine-grained server data access control procedure avoid any involvement of registration centre (except setup and registration phases).

Design of suggested scheme is mostly based on one way hash function and bitwise XOR operations, thereby making it practically apt for a battery limited mobile devices and resource-limited smart card. The proposed scheme is provably secure to defend possible security attacks.

Moreover, it supports mobile user untraceability and anonymity.

IV. METHODOLOGY

In distributed mobile cloud computing (MCC), mobile user’s access cloud server data from various cloud servers using mobile App or web browser. The MCC environment is composed of various mobile users and multiple distributed cloud servers. These cloud servers may contain various types of data attributes, which can be accessed by a wide range of mobile users. Interestingly, these cloud server data attributes are quite heterogeneous in nature. There may be few server data attributes which can be restricted to be accessed by only privileged users. Therefore, fine-grained access control of data of multiple servers is necessary. Fine grained access control provides access permission to a particular privileged user. All the existing associated fine- grained access control system was intended for a single server environment only.

A. Data Flow

In this section, the solving approaches and efficiency issue are described. It explains the block diagram of system and steps of process. In the proposed system as mention earlier, Objectives of System are to provide a combined approach of fine-grained access control over cloud-based multi-server data, to pursue fine-grained data access control over multiple cloud servers, to detect possible security attacks real-time, to provide prevention technique.

Fig. 2.System Block Diagram

As shown in figure there are various components involves in proposed framework.

(4)

servers CSj , RC stores necessary information like server id, the master secret key, cyclic group and generators in respective servers.

2) Module 2-Mobile user registration phase: MUi registers to RC through a secure channel by selecting own credentials. RC selects user-server pair wise parameters and loads necessary information in user smart card.

3) Module 3-Login phase: MUi submits own credentials and uses smart card stored parameters in order to login into desired cloud server CSj .MUi does not use the separate credential to login into different cloud servers.

4) Module 4-User authentication and authorization phase: In this phase, CSj verifies the authenticity of the intended user MUi, and sends its data attribute set and an encrypted key. MUi is able to decrypt this key and thereby, can establish the shared session key only if he/she has proper access permission.

5) Module 5-Password change phase: This phase enables MUi to update existing password in the local environment without contacting the RC further.

6) Module 6-Data Auditing phase: In this module we will do auditing of data of hospital weather a data is been edited by cloud side or not. If been altered a message will be shown to user.

B. Algorithm

The algorithm used for proposed framework is as follows:

1) Attribute-Based Encryption Algorithm: A key-policy attribute-based encryption system for message space M and access structure area G is an tuple of the subsequent algorithms:

Setup (λ, U )→ (PK, MK) :

Setup algorithm takes an input a security parameter λ and U (universe description), which interprets (define) the set of allowed attributes in the system. It outputs the public parameters PK and the master secret key MK.

Encrypt (PK, M, S) → (CT):

The encryption algorithmic rule takes as input the general public parameters PK, message M and set of attributes S and outputs a cipher text CT related to the attribute set.

KeyGen (MK, A) → (SK) :

The algorithm of key generation takes as input the master 0secret key MK and an access structure A and outputs private key SK associated with the attributes.

Decrypt (SK, CT) → (M):

The algorithm of decryption takes as input a private key SK related with access structure A and a cipher text CT associated with attribute set S and gives output message M if S satisfies A or the error message ┴ otherwise.

2) Hashing Algorithm:

1) The client will engender keying materials via Key Genand File Proc after that he upload the data to CSS. here in this scheme, the client will store

RMHT as metadata, as compared to preceding schemes.

2) Later, TPA will be authorized by client though sharing value sign auth.

3) Verifiable Data Updating: the CSS performs the clients fine-grained update requests via Perform update on users information.

4) Client will run Verify Update to ensure whether or not CSS has performed the update on both the data blocks and their analogous authenticators (used for auditing) honestly.

5) Confront Proof Generation and Verification:

describe how the data storage integrity on CSS is verified byTPA via Gen Challenge, Gen Proof and Verify.

6) Auditability aware data scheduling: In this scheme we are clustering various tasks submitted in a request both from the user and auditor on the basis of their main concern.

3) Algorithm:

1) Start

2) Read data owner id (udoid) 3) If (doid ≠ udoid)

4) Stop

5) Read file name from AWS

6) Select the blocks number the user want to verify 7) Get the auxiliary information for block chal from

TPA xml

8) Based on Auxiliary information generate new root for MHT

9) If (new root≠root) file modified 10) Else File not modified

11) Stop

V. PROBLEMFORMULATION

A. Mathematical Model

G_m0: The initial game G_m0 is considered to be identical with the actual protocol executing under the ROR model. Hence, we have,

G_m1: This game considers simulation of Send, Test, Execute, Reveal, and Corrupt queries with respect to the proposed scheme and considers lists L_H, L_A, and L_T for storing results of various oracle queries. Due to distinguishably of

G_m0 and G_m1, we obtain, P_r[S₁] = P_r[S₀].

G_m2: This game takes the collision probability of random oracle query and hash (H) oracle query into account. MU_i and CS_j use random numbers RDN_i , RDN_j and current time stamps T

m

_i and Tm_j , respectively in Message 1 = {Z₁, XI_d * Ui , Tm_i , H₁} and Message 2 = {Z₂, ES_j, Ci_j ,H₃ , Tm_j}.

This causes collision probability at most (q_s + q_e)² / (2^lr+1).

According to birthday paradox, use of H oracle query results in collision probability of q² H / (2^lH+1).

S= {HD, SP, UR, LP, UA, DA}

Where,

(5)

SP: Setup Phase

UR: Mobile user registration phase LP: Login phase

UA: User authentication and authorization phase DA: Data Auditing

Input-

I₁: Set of hospital data or patient data as an input: {q₁, q_2, q_n }

I₂: user attributes will also be an input.

Functions-

F1: Hospital Dataset F2: Setup Phase

F3: Mobile user registration phase F4: Login phase

F5: Data Auditing

Output-

O1: Access Control

b. System Implementation

Proposed system will use Windows 7 platform. Hardware and Software requirement for proposed framework is as follows:

 Processor : Pentium- IV

 Ram : 512 MB

 Hard disk : 40 GB

 CD-ROM Drive : 32 HZ

 Framework : .Net Framework

 Front end : C# .Net––––

 sql server : 2008

VI. CONCLUSION

This work proposes a novel framework of achieving fine grained access control for sharing personal data. taking into account partially trustworthy cloud servers, it argues that to fully realize the patient-centric concept, patients shall have total control of their own privacy through encrypting their PHR files to allow fine-grained access. The framework addresses the unique challenges brought by multiple PHR owners and users, therein greatly lowers the complexness of key management while enhance the privacy guarantees compared with previous contributions. It utilizes attribute based encryption to encrypt the PHR data, so that patients will permits access not only by personal users, but additionally diverse users from public domains with different professional roles, qualifications, and affiliations we present experiments aimed at evaluating the performance of our ABCL enforcement algorithm during user attribute assignment (discussed in section IV). The experiments were conducted on a machine having the following configuration:

2.40GHz with 2GB RAM running a Windows 7 enterprise OS and .Net Framework 4.0. As shown in section IV- 4.

Dataset Used: We can use companies database or dataset for this system. employees information or database will be used to maintain security for access control.

ACKNOWLEDGEMENT

I would sincerely like to thank our Head of Department Prof.(Dr.) Amol Potgantwar, Computer Engineering and I will always remain obliged for the support and guidance extended by guide, Professor Rakesh S. Sirsath, Department of Computer Engineering, SITRC, Nashik for his motivation, guidance and the interest shown in this project by timely suggestions in this work. His expert suggestions had greatly improved the effectiveness of this work. Lastly I would like to thank departmental staff of College for making all the requirements simply available whenever required.

REFRENCES

[1] L. A. Tawalbeh, W. Bakhader, R. Mehmood, and H.

Song. ”Cloudlet-Based Mobile Cloud Computing for Healthcare Applications,” in IEEE Global Communications Conference(GLOBECOM’16),Washington, DC, USA,2016, pp.1-6.

[2] S. Roy, S. Chatterjee, A. K. Das, S. Chattopadhyay, N.

Kumar,and A. V. Vasilakos. ”On the Design of Provably Secure Lightweight Remote User Authentication Scheme for Mobile Cloud Computing Services,” IEEE Access, vol.

5, no. 1, pp. 25 808-25 825, 2017.

[3] H. Wang, D. He, Y. Sun, N. Kumar, and K.-K. R.

Choo. ”PAT: A precise reward scheme achieving anonymity and traceability for crowd computing in public clouds.

Future Generation Computer Systems,” vol. 79, pp. 262-270, 2018.

[4] L.Wu, B. Chen, K.-K.R. Choo, and D. He. ”Efficient and secure searchable encryption protocol for cloud-based Internet of Things. Journal of Parallel and Distributed Computing,” vol. 111, pp 152-161,2018..

[5] D. He, N. Kumar, H. Wang, L. Wang, and K.-K. R.

Choo. ”Privacy preserving certificateless provable data possession scheme for big data storage on cloud. Applied Mathematics and Computation,” vol. 314, pp.31-43, 2017.

[6] K. Ratchinsky, :Cloud today and tomorrow: Why hospitals are tripling the use of cloud services,”

http://www.healthcareitnews.com Accessed on November 2017.

[7] V. Goyal, O. Pandey, A. Sahai, and B.

Waters. ”Attribute-based Encryption for Fine-grained Access Control of Encrypted Data. in 57 Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS’06),” Alexandria, Virginia, USA, 2006, pp.

89-98.

[8] S. Yu, K. Ren, and W. Lou. ”FDAC: Toward fine grained distributed data access control in wireless sensor networks,” IEEE Transactions on Parallel and Distributed Systems,vol. 22, no. 4, pp. 673-686, 2011

[9] S. Chatterjee and S. Roy. ”Cryptanalysis and Enhancement of A Distributed Fine-grained Access Control in Wireless Sensor Networks,” in Proceedings of IEEE International Conference on Advances in Computing, Communications and Informatics (ICACCI), New Delhi, India, 2014, pp. 2074-2083.

[10] C. C. Lee, P. S. Chung, and M. S. Hwang. ”A Survey on Attribute based Encryption Schemes of Access Control in Cloud Environments,” International Journal of Network Security, vol. 15, no. 4, pp. 231-240, 2013.

(6)

Kumar, A.G. Reddy, K. Park, and Y. Park. ”On the Design of Fine Grained Access Control with User Authentication Scheme for Telecare Medicine Information Systems,” IEEE Access, vol. 5, no. 1, pp. 7012-7030, 2017.

[12] J. L. Tsai and N. Lo. ”A privacy-aware authentication scheme for distributed mobile cloud computing services,”

IEEE Systems Journal, vol. 9, no. 3, pp. 805-815, 2015.

[13] P. Gope and A. K. Das. :Robust anonymous mutual authentication scheme for n-times ubiquitous mobile cloud computing services,” IEEE Internet of Things Journal, vol. 4, no. 5, pp. 1764-1772, 2017.

[14] V. Odelu, A. K. Das, S. Kumari, X. Huang, and M.

Wazid. ”Provably secure authenticated key agreement scheme for distributed mobile cloud computing services,”

Future Generation Computer Systems, vol. 68, pp. 74-88, 2017.

[15] D. Dolev and A. Yao. ”On the security of public key protocols,” IEEE Transactions on Information Theory, vol.

29, no. 2, pp. 198-208, 1983.

[16] P. Kocher, J. Jaffe, and B. Jun. ”Differential Power Analysis,” in Proceedings of 19th Annual International Cryptology Conference (CRYPTO’99), LNCS, vol. 1666, Santa Barbara, California, USA, 1999, pp. 388-397.

[17] S. Chatterjee, S. Roy, A. K. Das, S. Chattopadhyay, N.

Kumar, and A. V. Vasilakos. ”Secure Biometric-Based Authentication Scheme using Chebyshev Chaotic Map for Multi-Server Environment,” IEEE Transactions on Dependable and Secure Computing, 2016, DOI:

10.1109/TDSC.2016.2616876.

[18] M. Wazid, A. K. Das, V. Odelu, N. Kumar, and W.

Susilo. ”Secure Remote User Authenticated Key Establishment Protocol for Smart Home Environment,”

IEEE Transactions on Dependable and Secure Computing, 2017, DOI: 10.1109/TDSC.2017.2764083.

[19] A. K. Das, M. Wazid, N. Kumar, M. K. Khan, K. K. R.

Choo, and Y. Park. ”Design of Secure and Lightweight Authentication Protocol for Wearable Devices Environment,” IEEE Journal of Biomedical and Health Informatics, 2017, DOI: 10.1109/JBHI.2017.2753464.

[20] Y. Dodis, L. Reyzin, and A. Smith. ”Fuzzy extractors:

how to generate strong keys from biometrics and other noisy data,” in Proceedings of the Advances in Cryptology (Eurocrypt’04), Lecture Notes in Computer Science, vol.

3027, Interlaken, Switzerland, 2004, pp. 523-540.

[21] F. B. Hildebrand. ”Introduction to Numerical Analysis,” 2nd ed. New York: Dover, 1974.

[22] A. A. K. Das. ”Analysis and improvement on an efficient biometric based remote user authentication scheme using smart cards,” IET Information Security, vol. 5, no. 3, pp. 145-151, 2011.

[23] D. Wang, D. He, P. Wang, and C. H.

Chu. ”Anonymous Two-Factor Authentication in Distributed Systems: Certain Goals Are Beyond Attainment,” IEEE Transactions on Dependable and Secure Computing, vol. 12, no. 4, pp. 428-442, 2015.

[24] M. Abdalla, P. A. Fouque, and D.

Pointcheval. ”Password-based authenticated key exchange in the three-party setting,” in 8th International Workshop on Theory and Practice in Public Key Cryptography (PKC’05), Lecture Notes in Computer Science, vol. 3386, Les Diablerets, Switzerland, 2005, pp. 65-84.

[25] S. Roy, S. Chatterjee, A. K. Das, S. Chattopadhyay, S.

Kumari, and M. Jo. ”Chaotic Map-based Anonymous User Authentication Scheme with User Biometrics and Fuzzy Extractor for Crowd sourcing Internet of Things,” IEEE Internet of Things Journal, 2017, DOI:

10.1109/JIOT.2017.2714179.

[26] M. Ballare and P. Rogaway. ”Random oracles are practical: A paradigm for designing efficient protocols,” in Proceedings of the 1st ACM Conference on Computer and Communications Security (CCS’93), Fairfox, VA, USA, 1993, pp. 62-73.

[27] V. Shoup. ”Sequences of games: A tool for taming complexity in security proofs,” cryptology ePrintarchieve,

Report 2004/332. Available at

http://eprint.iacr.org/2004/332, 2004.

[28] D. Wang, H. Cheng, P. Wang, X. Huang, and G.

Jian. ”Zipf’s Law in Passwords,” IEEE Transactions on Information Forensics and Security, vol. 12, no. 11, pp.

2776-2791, Nov 2017.

[29] D. Pointcheval and S. Zimmer. ”Multi-factor authenticated key exchange,” in International Conference on Applied Cryptography and Network Security. New York, USA: Springer, 2008, pp. 277-295.

[30] B. Blanchet. ”An Efficient Cryptographic Protocol Verifier Based on Prolog Rules,” in Proceedings of the 14^th IEEEWorkshop on Computer Security Foundations (CSFW’01), Washington, DC, USA, 2001, pp. 82- 96.

[31] M. Abadi and B. Blanchet. ”Analyzing Security Protocols with Secrecy Types and Logic Programs,” Journal of the ACM, vol. 52, no. 1, pp. 102-146, 2005.

[32] B. Blanchet, M. Abadi, and C. Fournet. ”Automated verification of selected equivalences for security protocols,”

Journal of Logic and Algebraic Programming, vol. 75, no. 1, pp. 3-51, 2008.

[33] X. Allamigeon and B. Blanchet. ”Reconstruction of attacks against cryptographic protocols,” in 18th IEEE Computer Security Foundations Workshop (CSFW’05), Aix-en-Provence, France, 2005, pp 140-154.

[34] M. Abadi, B. Blanchet, and H. Comon-Lundh. ”Models and Proofs of Protocol Security: A Progress Report. in Proceedings of 21st International Conference on Computer Aided Verification (CAV’09),” Grenoble, France, 2009, pp.

35-49.

[35] Y. M. Tseng, S. S. Huang, T. T. Tsai, and J. H.

Ke. ”List-Free ID-Based Mutual Authentication and Key Agreement Protocol for Multi server Architectures,” IEEE Transactions on Emerging Topics in Computing, vol. 4, no.

1, pp. 102-112, 2016.

[36] D. He and D.Wang. ”Robust Biometrics-Based Authentication Scheme for Multi server Environment,”

IEEE Systems Journal, vol. 9, no. 3, pp. 816-823, 2015.

[37] H. Shen, C. Gao, D. He, and L. Wu. ”New biometrics based authentication scheme for multi-server environment in critical systems,” Journal of Ambient Intelligence and Humanized Computing, vol. 6, no. 6, pp. 825-834, 2015.

[38] M. Scott, N. Costigan, and W.

Abdulwahab. ”Implementing Cryptographic Pairings on Smartcards,” in Proceedings of 8th International Workshop on Cryptographic Hardware and Embedded Systems (CHES’06), Yokohama, Japan, 2006, pp. 134-14.