we will inspect the approaches for the safety and privacy of the mobile cloud computing, and more detail on the management of the mobile terminal, the network access and transmission security, privacy protection, key supervision an encryption, access management, and so on.
A. Aiming at Mobile Terminal Security
J) Anti-malware For the mobile terminal, there are two things to try to aiming at malware. The one is to notice and take away the malware. to beat the resource restriction of mobile terminals, we are able to move the malware exposure to the cloud. By this manner we are able to improve the exposure rate and lesser the resource consumption of the mobile terminals. And once a malware is detected, legal software system from the cloud is allotted to the mobile terminal and be run to get rid of the mal ware. This legal software system suggests that it’s attested and licensed, and it is renovated within the mobile terminal. CloudA V is a certain example for anti-malware. CloudA V may be a new model for malware detection on mobile terminal supported providing Associate in Nursingtivirus as an in-cloud network service. CloudA V provides many vital edges as follows: higher detection of malicious software; eliminating the impact of antivirus vulnerabilities; retrospective detection of antecedently infected hosts; enhanced forensics capabilities; improved deploy ability and management. And it includes cross-platform host agent and a network service with 10 antivirus engines and two behavioural detection engines, that greatly improve the detection rate 5-6, 9. the opposite is hindrance to mal ware. to forestall the mobile devices from being put in maware, the users ought to watch out of their behaviors. this can be mentioned well within the following section of users’ behavior. 2) software system VulnerabilitiesFor software system vulnerabi lities, on the one hand, the users ought to concentrate to the update info of movablesoftware, and timely transfer and install the patches or revamped versions from the analysis and development company of the software. Meanwhile, they must watch out of downloading the third party software system. On the opposite hand, to cut back the software system vulnerabilities, we should always adopt a series of technical measures. as an example, checking the software system legitimacy and integrity is that the vital procedure before the software system is applied.
3) regulation Users’ Behavior Much malware is downloaded and run thanks to the users’ mis-operation or lack of security awareness. Soimproving the safety awareness of the users is that the key live to forestall the malware. as an example, do not click the unexplained links; watch out of receiving the info transmission from strange phone; avoid install new unauthorized software; finish off the interface of Bluetoothor Wi-Fi etc. in order that the transmission risk of the malware are going to be reduced; then on.B. Aiming at Mobile Network SecurityNow we are going to discuss a way to defend the mobile network security from 2 aspects. The one is encryption. as a result of solely encrypted info is relativly secure throughout the transmission over the mobile network, in despite thatmeans the mobile terminals access the mobile network. the opposite is that the security protocol. For all types of access ways that, researching the safety protocol is that the core to cut back varied attacks.C. Aiming at Mobile Cloud SecurityJ) Protection to Platform dependablenessThe dependableness and convenience of the mobile cloud computing platform ar vital for each of the cloud suppliersand users. initial of all, the cloud suppliers ought to integrate the present security technologies together with VPN technology, authentication and access management, coding and different technical suggests that, then that they willgive the continual offered service against varied attacks like DOS attacks and data stealing. second the cloud suppliers ought to supply complete backup and recovery resolution so as to recover the users’ information once serious attacks happen. By these suggests that the cloud platform will improve the standard of service and increase the users’ confidence.2) encryption and Key Management The sensitive information would like coding technology within the survival amount from storage to transmission. toforestall sensitive info from unseaworthy, the info ought to be hold on in cipher text within the cloud. but codingcan cut back the use rate of the info, therefore the focus is captive to with efficiency analyzing and process the cipher text. the present analysis on the cipher text process is that the privacy homomorphy algorithmic rule. meantime key management is another vital work for enterprise users.3) Authentication and Access management Now there are two varieties of authentication approaches which are a magnet for vital attention. The one is user centrically identity authentication. during this approach, a user is known and outlined through identifiers or attributes, and a user is allowed to own multiple identifiers. By this manner we are able to analysis a desired user centrical identity management mechanism for mobile clouds 13. the opposite is behavioural authentication within which we are able to determine users by their habits and behavior like memorized information, their belongings. Through this implicit authentication we are able to cut back a risk of fraud in mobile cloud. Once users end the info transmission to the cloud, the access management can play an immediate role. currently there ar 2 varieties of access management mechanism. One is to assign the access permission to grade of account, and every one the tenants share this delegated account. the opposite is to pre-assign the access permissions to the associated tenant accounts victimization the Access management List (ACL) mechanism 14, 15.4) Privacy Protection So far, to safeguard the info privacy, the governments from everywhere set upet|the globe} have already developed the protection plan and strategy. as an example, Brits government introduced the info Protection Act in 1998, and also the Europe issued Europe information protection directive in 1995, and so on. On the opposite hand, technology ways have continuously compete vital roles in privacy protection. P3P (Platform for Privacy Preferences) may be aterribly example, that is proclaimed by the WWW association as Associate in Nursing electronic agreement on personal information privacy protection between the network service suppliers. currently the four-hundredth of the highest one hundred international websites ar in use or arrange to use P3P technology that’s conjointly suggested by some students. To add it up, the present approaches for the safety and privacy of the mobile cloud computing are shown as Table II.