Özet:

Cloud computing is one of the fastest growingsegments of IT industry since the users’ commitments forinvestment and operations are minimized, and costs are in directrelation to usage and demand. In general, cloud services arerequired to authenticate the user and most of the practical cloudservices do not provide anonymity of the users. Namely, cloudprovider can track the users easily, so privacy and authenticityare two critical aspects of security. Anonymous authenticationis a technique enabling users to prove that they have privilegewithout disclosing real identities. This type of authenticationcan be useful especially in scenarios where it is sufficient toensure the server that the claiming parties are indeed registered.Some motivating applications in the cloud for an anonymousauthentication protocol are E-commerce, E-voting, E-library, Ecashand mobile agent applications.Many existing anonymous authentication protocols assumeabsolute trust to the cloud provider in which all private keysare stored. This trust may result in serious security and privacyissues in case of private key leakage from the cloud provider.In this paper, we propose forward secure anonymous andmutual authentication protocols using RFID technology for cloudservices. These protocols avoid the trustworthiness to the cloudprovider. Meaning that, even if the private keys are obtainedfrom the corrupted tags or from the server owners of these tagscannot be traced from the past authentication actions. In fact,anonymity of the users will still be ensured even the private keysof tags are compromised.

Anahtar Kelimeler: