Vol 15 No 4 - July 2015

International Journal of Computer Science
and Business Informatics

(IJCSBI.ORG)
ISSN: 1694-2507 (Print)

VOL 15, NO 4
ISSN: 1694-2108 (Online) JULY 2015
IJCSBI.ORG
Table of Contents VOL 15, NO 4 JULY 2015
Impact of Human Capital Development on the Managerial Workforce of SMEs in Sabah, Malaysia ...... 1
Noraini Abdullah and Nurul Fatihah Rosli
A Survey of Mobile Cloud Computing: Advantages, Challenges and Approaches ................................ 14

Mohammad Rasoul Momeni
An Efficient Authentication Protocol for Mobile Cloud Environments using ECC ................................. 29
International Journal of Computer Science and Business Informatics
IJCSBI.ORG
Impact of Human Capital

Development on the Managerial
Workforce of SMEs in Sabah,
Malaysia
Noraini Abdullah
Mathematics with Economics Programme
Faculty of Science and Natural Resources
Universiti Malaysia Sabah, Malaysia
Nurul Fatihah Rosli

Department of Mathematics with Economics
Centre of Postgraduate Studies
Universiti Malaysia Sabah, Malaysia
ABSTRACT
Globalisation and entrepreneurship expansion have led to the emergence of Small and
Medium Enterprises (SMEs) in economic development. These would contribute to a
countrys national income, poverty reduction, and thus increase the standard of living in
underdeveloped, rural and urban areas. However, restrictions on SMEs performances,
capital flows and entrepreneurship activities have not been studied extensively. The goal of
this study is thus to investigate the factors affecting the performances of these SMEs.
Factors under study were Entrepreneurship Orientation (EO), Human Resource
Management (HRM), Marketing Orientation (MO), and Information and Communication
Technology (ICT). Data were collected from 200 questionnaires distributed to the SMEs
services sector in Kota Kinabalu, in Sabah, Malaysia where only 129 were usable; hence, a
successful response rate of 64.5%. Structural equation modelling (SEM) using partial least
squares (PLS) method is conceptualized and executed. The data were analyzed and
interpreted using the Statistical Package for Social Science (SPSS) version 20.0 and
SmartPLS 3.0. The results found that male entrepreneurs constituted 61.2% with a low
women participation of 38.8% in the SMEs managerial workforce. Potential human capital
development can be focused based on age and education. Human resources management
(HRM) had highly contributed to the SMEs performances with 0.928 (composite reliability)
and 0.773 (path coefficient), and then followed by MO and EO. ICT was found to have a
significant impact, but its hypothesis was not supported. This study thus suggested that
entrepreneurial investment in ICT could further help the SMEs owners or managers
managed their businesses effectively and efficiently.
Keywords
Small and Medium Enterprises (SMEs), Partial Least Squares (PLS), Structural Equation
Modelling (SEM), human capital development, managerial workforce.
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 1

IJCSBI.ORG
1. INTRODUCTION
One of the most important role in generating national income is through
Small and Medium Enterprises (SMEs). Despite the competitive business
environment, the performances of Malaysian SMEs remained encouraging.
[1] recorded that SMEs had contributed 6.3% to the GDP growth compared
to 2012 with only 6%. Besides, SMEs had largely contributed by the
services sector, and further supported by the construction sector. It was also
recorded in 2013 that there was a growth of 6.8% value-added of SMEs in
the services sector compared with only 5.9%. in 2012. Thus, this strong
performance was driven by the overall services sector as well as related
services sub-sectors namely, telecommunications, private education, health
care, finance, insurance, professional and business services. In todays
competitive business environment the economy is constantly evolving,
therefore it is necessary to develop the human capital in order to face these
challenges. The shortage of skilled workers in SMEs and the characteristics
of SMEs owners-managers might restrict them to expand their businesses.
A survey which had been conducted by SME Corporation showed
that generally the respondents did not much emphasis on human capital
development [2]. There were various human capital development
programmes that had been implemented, such as the followings:
National Dual Training System (NDTS)
SME Training Needs Analysis
HR Capabilities Building Programme for SMEs
Entrepreneurship Development for Orang Asli Community
Inkubator Keusahawanan Ibu Tunggal (I-KIT)
SME Human Capital Development.
Thus, the objective of this study would be to investigate the factors

affecting the human capital development and their impacts on SMEs in
Sabah, Malaysia. This paper is divided into five sections. The first section is
the overview on the importance of SMEs, section two is on the background
study related to the determinants of SMEs performance. The third section is
on past researches on similar studies, while the fourth section is on the
methodology and the fifth section is on the research findings. The last
section is the conclusions of the study.
2. BACKGROUND STUDY
Management practice is defined in terms of funding, marketing, operations
and human resource [3] where sales, profit, business stability, business
growth, increase in the number of employees, customers satisfaction,
increase in the value of assets and business networking were some the
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 2

IJCSBI.ORG
SMEs business performance indicators. On the other hand, other indicators
on business performances were such as Entrepreneurship Orientation (EO),
Marketing Orientation (MO), Human Resource Management (HRM) and
Information and Communication Technology (ICT).
Entrepreneurial Orientation (EO) was defined by [4] as a managerial
attitude oriented toward the strategy-making processes that would provide
organizations with a basis for entrepreneurial decisions and actions, while
[5] stated that Marketing Orientation (MO) was one of the important tools in
measuring SMEs business performances. However, on Human Resource
Management (HRM) [6] claimed that it was important to note that unlike
other resources in organization, human resources were potentially be non-
obsolete, and their skills could be transferable. A research also had been
done in Malaysia regarding HRM practices enhanced organizational
performance of SMEs by [7]. The research had found that improved SMEs
performance could be gained through HRM practices and organizational
innovative capability. [8] further had found out that organizational
effectiveness was enhanced through the technology adoption in SMEs
where the use of technology would help SMEs to compete globally.
Meanwhile, [9] found that there was a positive relationship between ICT
adoption and SMEs performance.
3. LITERATURE REVIEW
In recent studies, [3] had identified that entrepreneurial characteristics and
management practices were important attributes for the performance of
enterprises. The sample comprised of a total of 158 small enterprises under
Tunas Mekar programme that operated in Terengganu and Kelantan,
Malaysia. Of the total population, only 62 respondents responded to the
survey. From the multiple regression analysis, the findings showed that
there were several determinants on the performance of small enterprises.
However, only three variables indicated significant relationships with the
enterprises performance, viz. entrepreneur characteristics, management
practice, training and guidance. This study claimed that the relationship
between entrepreneur characteristics and small businesses indirectly
supported the Theory of Economic Development. Furthermore, the
evidences clearly indicated that management practices especially on
financial, accounting, marketing and operations were very important factors
in determining the performance. Besides,this study also found that the more
training programmes and guidance undertaken by an enterprise, the better
would be the performance.
A study which was conducted in Bangladesh by [6] discussed the
significance on Human Resources Management (HRM) of the SMEs. This
study suggested that human resources were potentially be non-obsolete and
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 3

IJCSBI.ORG
their skills were transferable across varieties of products, technologies and
markets. In addition, HRM practices focused on human element activities
for sustainability of an organization. Thus, it was recommended that more
research on managing human resource in SMEs would be conducted.
Meanwhile, [10] analyzed the strategic human resource management
practices in Iranian international sector performance. Human resources
planning, managing change, performance of employee, compensation,
health, safety, legality, labor and industrial relations were the basic criteria
which every firm had to follow. The research found that the proposed
variables namely, recruitment, performance appraisal, compensation and
training had a considerable positive association with the international sector
performance.
Most of the SMEs were found not being able to sustain in recent
competitive environment. This was due to the lack of preparedness and too
dependable on government support [7]. Hence, SMEs need to implement
appropriate strategies, especially on human resources management (HRM).
In the Malaysian context, five basic HRM practices had been selected,
namely training and development, reward system, performance appraisal, as
well as communication and information sharing. In addition, [7] had
highlighted that SMEs were able to obtain better performances by an
effective use of their organizational resources and capabilities.This was
supported by [11] where HRM practices were systematically designed
towards improving the effectiveness of SMEs performances.
The role of ICT can be seen its vitality via the social media where it
was found to be one of the alternatives which gave direct influence in
business success [12]. A case study carried out in Zimbabwe had highlighted
on the several advantages to promote any business activities through the
social media, namely:
a) Gain better understanding of customer needs
b) Increase brand awareness
c) Create relationships between customers and suppliers
d) Create business network
e) Low cost of marketing strategy
On top of that, women were mentioned by [12] as the dominant group

influenced the most by the social media in the buying behaviour. Hence, in
todays environment, business entrepreneurs should consider to take this
opportunity as one of their business strategies for success.
A practical approach was developed by [13] to improve customers
satisfaction. This was because customers dissatisfaction could give a bad
impression on an organizations image as well as its performance. There
were three systems in the approach, viz. decision system, effective system
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 4

IJCSBI.ORG
and information system. Hence, this approach could reduce any action that
might lead to the loss of customers interest, and consequently, leading to
losses in profit and sales.
4. METHODOLOGY
For this study, a survey questionnaire (closed-questions) served as an
instrument for data collection. A total of 200 SMEs services sector in Kota
Kinabalu, Sabah were selected from SME Corporation of Malaysia. Out of
200 questionnaires distributed to the owners or managers, only 129
questionnaires were usable. This produced a response rate of 64.5%.
The data were then analyzed and interpreted using the Statistical
Package for Social Science (SPSS) 20.0 and SmartPLS 3.0 software
program [14]. SPSS was used to analyze the demographic profiles of the
respondents, while the partial least squares-structural equation modelling
(PLS-SEM) was used to investigate the factors affecting the performances
of the SMEs.
The dependent and independent variables of the study were adopted
and modified from previous literatures. There were seven items measured
under entrepreneur orientation (EO) which were adopted from [15].
Similarly, seven items were measured under human resource management
(HRM) from [16]. For market orientation (MO), following [17], only six
items were measured. In addition, five information technology (ICT)s
measurements were used with single item measure for SMEs performance
had been adopted from [18].
Figure 1: The Framework of Relationships between IVs and DV [19].
Figure 1 shows the framework of relationships between independent

variables (IVs): Entrepreneurship Orientation (EO), Human Resource
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 5

IJCSBI.ORG
Management (HRM), Marketing Orientation (MO), Information and
Communication Technology (ICT) towards the dependent variable (DV):
the SMEs Performance. The following hypotheses were obtained:
H1: Entrepreneur Orientation is positively related to SMEs performance.
H2: Market Orientation positively related to SMEs performance.
H3: Human Resource Management is positively related to SMEs
performance.
H4: Information and Communication Technology is positively related to
SMEsperformance.
Data Analysis Using PLS-SEM

Structural equation modeling (SEM) was a well-known research tool for
theory development especially in the social and marketing studies. [20]
stated that SEM was a general term to describe the validity of substantive
theories with multivariate statistical models and empirical data. SEM
comprised of two main approaches, namely, a co-variance based (CB-SEM)
and variance-based such as partial least square (PLS-SEM). This study
employed PLS-SEM for data analysis.
According to [21], PLS were defined using two sets of linear
equations: inner model (structural) and outer model (measurement). The
measurement discussed the relationships between latent variables. In
contrast, the structural model specifies the relationships between a latent
variable and its manifest variables. Moreover, the structural model can only
be analyzed after the measurement model. The PLS path modeling
characteristics are summarized as follows [21];
PLS delivers latent variable scores, i.e proxies of constructs which are
measured by one or several indicators.
PLS path modeling avoids small sample sizes problems and therefore
can be applied in some situations when other methods unable to do so.
PLS path modeling can predict very complex models with several latent
and manifest variables.
PLS can handle both reflective and formative measurement models.
Table 1 summarized the validity guidelines for measurement and

structural model. For this study, the measurement model was evaluated
using the following analyses: internal consistency reliability, indicator
reliability, convergent reliability and discriminant validity. Next, the
coefficient of determination (R) and path coefficients were evaluated in
structural model assessment. Higher (R) indicated the higher predictive
ability and the variance explained by the independent variables.
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 6

IJCSBI.ORG
Table 1: Validity Guidelines for PLS-SEM Analysis [22]
5. RESULTS AND DISCUSSIONS
Table 2: Demographic Profiles of the Sabah Respondents on SMEs

Sabah
Category N Percentage %
Gender
Male 79 61.2
Female 50 38.8
Age
21 - 35 44 34.1
36 - 45 44 34.1
46 and Above 41 31.8
Education Level
Primary School 19 14.7
Secondary School 68 52.7
Diploma / Degree 37 28.7
Other 5 3.9
Table 2 depicted the demographic profiles of the respondents which

showed that 61.2% of the owners/manager of SMEs in Kota Kinabalu,
Sabah were males, while 38.8% were females. This revealed that there was
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 7

IJCSBI.ORG
still a low participation by the women workforce eventhough great efforts to
increase women participation in entrepreneurship had been made. However,
recent trends had indicated that the women entrepreneurs were seemed
trying to catch up with the male entrepreneurs due to their change in
attitudes and paradigm shift. Hence, there was an increase from the more
urbanized state of Selangor [21] where the females entrepreneurs formed
only 14.4% of the managerial workforce and the males were still in
dominance at 86%. This has thus indicated a dynamic participative role of
women entrepreneurship since the SME annual report of [2] on the
economic and human capital development of small and medium enterprises
(SMEs) between Malaysias urban (Selangor) and sub-urban areas (Sabah).
Next, this study considered the age of the SMEs respondents. In
Kota Kinabalu, 34.1% of the owner-mangers were between 21-35 years and
between 36-45 years, while about 31.8% of them were above 46 years and
above. This study revealed that most of the SMEs owners in sub-urban area
were dominated by younger entrepreneurs. Besides, 14.7% of the owners
were having educational qualification of primary school, with 52.7% were
found with secondary schools qualification and 28.7% with
Diploma/Degree qualifications. Only 3.9% with other qualifications. Thus,
it can be clearly suggested that in Sabah, more initiatives and activities
should be implemented especially on the human capital development.
As mentioned earlier, there were 7 items of EO, 7 items of HRM, 6
items of MO and 5 items measured under ICT. Items with indicator loadings
of greater than 0.5 and significant levels of more than 0.05 would remain in
the model. Hence, it could be seen from Table 3 that the items which had
remained in the model were three items of EO (E3, E4, E5), four items of
HRM (H4, H5, H6, H7), three items of MO ( MO2, MO4, MO5) and two
items of ICT (ICT4 and ICT5) that had achieved satisfaction level.
A measurement model has satisfactory internal consistency
reliability when the composite reliability (CR) of each construct exceeds the
threshold value of 0.7. Table 3 showed that the CR of each construct for
these SMEs ranged from 0.860 to 0.928. This indicated that the items used
had satisfactory internal consistency reliability.
Next, the indicator reliability was measured by examining the item
loadings. A measurement model is said to have satisfactory indicator
reliability when each items loading is at least 0.7 and significant at least at
the 0.05 level. As shown in Table 3, each item loading ranged from 0.790 to
0.923 except for item E5. Convergent validity is then assessed by its
average variance extracted (AVE) value. Convergent validity is adequate
when the constructs have AVE value of at least 0.50. From Table 3, it could
be seen that all constructs had AVE ranging from 0.607 to 0.775
respectively, hence greater than 0.50.
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 8

IJCSBI.ORG
Table 3: Internal Consistency, Indicator Reliability and Consistency Reliability
Model Construct Measurement Loadings CR AVE
Items
Entrepreneurs Orientation E3 0.834
(EO) E4 0.790 0.860 0.607
E5 0.692
Human Resources H4 0.894
Management (HRM) H5 0.918 0.928 0.684
H6 0.885
H7 0.898
Marketing Orientation (MO) MO2 0.820
MO4 0.870 0.906 0.707
MO5 0.808
Information & ICT4 0.802
Communication Technology ICT5 0.923 0.911 0.775
(ICT)
The discriminant validity is assessed by using Fornell and Larckers

criterion [24]. The square root of AVE should exceed the correlations
between the measure and all the other measures, and the indicators loadings
are higher against their respective construct compared to the other
constructs. These results were tabulated in Table 4. The item loadings of
each indicator could be seen to be highest for its designated constructs.
Hence, this study had proven that all the reliability and validity tests
conducted for the measurement model had achieved satisfactory level.
Table 4: Discriminant Validity
EO HRM ICT MO SME
EO 0.774
HRM 0.469 0.899
ICT 0.200 0.487 0.865
MO 0.424 0.544 0.451 0.833
SME 0.500 0.870 0.544 0.527 0.890
The structural model was assessed using the coefficient of

determination (R) and the path coefficients. The R value indicated the
amount of variance in the dependent variable that would be explained by the
independent variables. Higher (R) would indicate the higher predictive
ability. For this study, SmartPLS algorithm was used to obtain the R
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 9

IJCSBI.ORG
values, while SmartPLS bootstrapping was used to generate the t-statistics
values [15]. The bootstrapping generated 500 sub-samples from 300
maximum iterations. The R value for model was 0.986. Each path
connecting two latent variables represented a hypothesis. Based on the t-
statistics output in Table 5, the significant level of each relationship was
examined with at least 0.1, positive sign direction and consist of a path
coefficient value () ranging from 0.061 to 0.773 [25; 26]. Assessment of
the path coefficients for the model showed that all the proposed hypothesis
were supported except for H4, i.e. Information and Communication
Technology (ICT) on the performance of SMEs in Sabah. This was
expected since Sabah is still a developing state whereby there is room for
improvement in the infrastructural facilities, physical development and
internet accessability. Human Resource Management (HRM) was the most
significant on the SMEs performance with a path coefficient of 0.773.
Table 5: Path Coefficients
Path Standard
Coefficients t-
Error Statistics
Supported Hypotheses
() (STERR)
EO => SMEs
Performance
0.264 0.104 2.555 YES H1
HRM => SMEs

0.773 0.113 5.439 YES H2
Performance
MO => SMEs
0.328 0.129 2.001 YES H3
Performance
ICT => SMEs
0.061 0.327 0.616 NO H4
Performance
6. CONCLUSIONS
The results obtained in this study show that human capital development
involving Human Resources Management (HRM) has the highest
significant relationship on the SMEs performance compared to the other
determinants. This is supported by [7] who also claimed that improved
SMEs performance can be gained from human resource management. For
Malaysia to transform to the new Malaysian economic model, SMEs need to
seek opportunities to upgrade themselves besides developing their
organizational capabilities. This is in line with the Malaysian economic
strategies to become a high-income, developed country by 2020 [1]. Women
entrepreneurs in Sabah are found to have played a more promising role in
managerial activities as compared to Selangor [23]. From the PLS-SEM
analyses, there are positive relationships between entrepreneur orientation,
human resource management and marketing orientation with respect to the
performance of SMEs, except for information and communication
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 10

IJCSBI.ORG
technology. ICT is identified as an entrepreneurial investment for SMEs to
gain and exploit the positive outcomes in productivity growth, organization
expansion, efficiency, effectiveness, competitiveness, etc. as confirmed by
[27]. The structural model obtained demonstrated achievable satisfactory
validity and reliability of the performance indicators. This study thus
concludes that the SMEs owners or managers are able to manage their
businesses effectively and efficiently. However, there are several limitations
encountered in the study. Firstly, the study is merely carried out on the
service sectors only. Hence, more studies should be devoted on different
sectors of the SMEs in Malaysia. Secondly, this study had used four specific
independent variables only. Further research can thus be suggested to be
carried out on more independent variables and/or with the inclusion of
moderating variables. Finally, biasedness in answering the distributed
questionnaires may occur due to the respondentsdifferent background and
managerial experience.
7. ACKNOWLEDGMENTS
This research would not have been possible without the funding provided by
Universiti Malaysia Sabah under the grant number SBK0159-SS-2014 which the
authors would greatly like to thank for.
REFERENCES
[1] SME Annual Report. 2013/2014. Small and Medium Enterprise (SME) Annual Report
2014. [Retrieved from http://www.smecorp.gov.my/vn2/.
[2] SME Annual Report. 2012/2013. Small and Medium Enterprise (SME) Annual Report
2014. [Retrieved from http://www.smecorp.gov.my/vn2/
[3] Yaacob, Najihah M., Mahmood, R., Mat Zin, S., & Puteh, M. An Investigation of the
Small Business Start-Ups Performance. Journal of Basic and Applied Scientific
Research, 4(3s), pp.10-17. (2014).
[4] Jawad, H., Kamariah, I. & C. Shoaib, A. Linking Entrepreneurial Orientation with
Organizational Performance of Small and Medium Sized Enterprises: A Conceptual
Approach. Asian Social Science, 11(7), pp.1-10. (2015).
[5] Aliyu, M. S. & Rosli, M. Market Orientation and Organizational cultures impacton
SME Performance: A SEM approach. International Affairs and Global
Strategy,24,pp.1-10. (2014).
[6] Mohammad, A. A. & Ezaz, A. Managing Human Resources in Small and Medium
Enterprises (SMEs) in Developing Countries: A Research Agenda for Bangladesh
SMEs. International Proceedings of Economics Development and Research (IPEDR),
55, 2012, pp.215-219.
[7] Nazlina, K. Enhancing Organizational Performance of Malaysian SMEs Through
Human Resource Management (HRM) Practices and Organizational Innovative
Capability: A Proposed Framework. Proceedings of the 3rd International Conference
on Management, 10th - 11th June, 2013, Penang, Malaysia.
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 11

IJCSBI.ORG
[8] Abdullah, N.H., Wahab, E., & Shamsudin, A. Exploring the Common Technology
Adoption Enablers among Malaysian SMEs: Qualitative Findings. Journal of
Management and Sustainability, 3(4), pp.78-91. (2013)
[9] Bayo-Moriones, A., Billon, M., & Lera-Lopez, F. Perceived performance effects of
ICT in manufacturing SMEs. Industrial Management& Data Systems, 113(1), 117
135. (2013).
[10] Shila, S., & Choi, S. L. An Examination of Strategic Human Resource Management
Practices in Iranian International Sector Performance. Journal of Applied Sciences,
Engineering and Technology, 8 (23), pp.2363-2368. (2014).
[11] Agarwala, T. Innovative human resource practices and organizational commitment: an
empirical investigation. International Journal of Human Resource Management, 14(2),
pp.175-197. (2003).
[12] Samuel, M., Gwendolyn, Z. T., Muyaradzi, Z. & Caroline, R. Harnessing Social
Media for Business Success. Case Study of Zimbabwe. International Journal of
Computer Science and Business Information, 11 (1), pp.80 - 89. (2014).
[13] Amina, E. K. & A. Namir. An Approach for Customer Satisfaction, Evaluation and
Validation. International Journal of Computer Science and Business Information, 14
(1), pp.79 - 92. (2014).
[14] Ringle, C., Wende, S., & Will, A. SmartPLS 2.0.M3. [Retrieved from
http://www.smartpls.de. (2004).
[15] Rosli, M. & Norshafizah, H. Entrepreneurial Orientation and Business Performance of
Women-Owned Small and Medium Enterprises in Malaysia: Competitive Advantage
as a Mediator. International Journal of Business and Social Science, 4(1), pp.82-90.
(2013).
[16] Ahmad, S. & Schroeder, R. G. The Impact of Human Resource Management Practices
on Operational Performance; Recognizing Country and Industry Differences. Journal
of Operations Management, 21, pp.19-43. (2003).
[17] Tomaska, I. E. The Current Methods of Measurement of Market Orientation.
European Research Studies, 12 (3), pp.135-150. (2009).
[18] Chinomona, R. The Fostering Role of Information Technology on SMEss Strategic
Purchasing, Logistics Intergration and Business Performance. Southern African
Business Review, 17 (1), pp. 76-97. (2013).
[19] Moorthy, M., Annie T., Caroline C., Chang S. W., Jonathan T. Y. P. & Tan K. L.A
Study on Factors Affecting the Performance of SMEs in Malaysia. International
Journal of Academic Research in Business and Social Sciences, 2(4), pp.224-239.
(2012)
[20] Lei, P-W. & Wu, Q. Introduction to Structural Equation Modeling: Issues and
Practical Considerations. Instructional Topics in Educational Measurement, 33-43.
(2007).
[21] Henseler, J., Ringle, C.M., & Sinkovics, R. The use of Partial Least Squares path
modeling in International Marketing. International Marketing, 20, pp. 277-319. (2009).
[22] Kamarul, F. H. PhD. Thesis. Understanding the determinants of continuous knowledge
sharing intention within business online communities, Auckland University of
Technology.(2012).
[23] Noraini Abdullah & Nurul Fatihah Rosli. Gender Managerial Workforce and Partial
Least Squares On Small and Medium Enterprises (SMEs) in Selangor, Malaysia.
International Journal of Business & Management, 3(3), pp. 185-192. (March 2015).
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 12

IJCSBI.ORG
[24] Fornell, C. & Larcker, D.F. Evaluating structural equation models with unobservable
and measurement error. Journal of Marketing Research, 34(2), pp. 161-188. (1981).
[25] Hair, J.F., Ringle, C.M. & Sarstedt, M. PLS-SEM: Indeed a silver bullet. Journal of
Marketing Theory and Practice, 19(2), pp.139-151. (2011).
[26] Wetzels, M., Odekerken-Schroder, G. & van Oppen, C. Using PLS path modeling for
assessing hiererchical construct models: Guidelines and empirical illustration. MIS
Quarterly, 33(1), pp.177-195. (2009).
[27] Tarute, A. & Gatautis, R. ICT Impact on SMEs Performance. Procedia-Social and
Behavioural Sciences, 110, pp. 1218-1225. (2014).
This paper may be cited as:

Noraini A. and Nurul, F. R., 2015. Impact of Human Capital Development
on the Managerial Workforce of SMEs in Sabah, Malaysia. International
Journal of Computer Science and Business Informatics, Special Issue: Vol.
15, No. 4, pp. 1-13.
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 13

IJCSBI.ORG
A Survey of Mobile Cloud

Computing: Advantages,
Challenges and Approaches
Department of Computer Engineering, Faculty of Electrical and Computer Engineering,
Imam Reza International University of Mashhad, Mashhad, Iran
ABSTRACT
Despite explosive growth of mobile computing and its popularity, full exploiting from it, is
difficult due to lack of sufficient processing power, storage, also problems such as mobility,
frequent disconnections and so on. With exploiting cloud computing along mobile
computing a new technology appears called mobile cloud computing. It can overcome these
obstacles by executing mobile applications on the cloud instead of mobile devices. Mobile
cloud is a new and applicable technology that covers many fields such as: healthcare,
vehicular, gaming, commerce and so on. The ABI Research believes that the number of
mobile cloud computing users is expected to grow from 43 million (1.1% of total mobile
users) in 2008 to 998 million (19% of total mobile users) in 2015. This paper presents a
comprehensive survey of mobile cloud computing and explains its advantages, challenges
and approaches. Also the future research directions are given.
Key words:
Mobile cloud computing, mobile applications, mobile computing, mobility.
1. INTRODUCTION
By increasing usage of mobile computing, mobile devices play an important
role in human life as most effective communication tools are ready in every
place and time. Mobile users utilize various services from mobile
applications such as Google apps which run on mobile devices locally or are
offloaded to remote servers for remote execution.
Mobile devices are facing many problems about their resources (e.g. battery
life, storage and bandwidth) and communications (e.g. mobility and
security) [1], Hence QoS is not satisfying. Mobile devices cannot run
resource-intensive applications due to lack of sufficient processing power
and storage, hence mobile users prefer to utilize more powerful devices like
PCs and laptops about resource scarcity problems.
To overcome these obstacles we can support mobile computing by cloud
computing. Cloud computing can be defined as the aggregation of
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 14

IJCSBI.ORG
computing as a utility and software as a service [2], also called pay-as-you-
go-computing. Cloud service providers offer Infrastructure as a Service
(IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS).
Offloading heavy computing can help mobile devices to save energy and
mobile users to faster and more efficient execution. There are some
resource-intensive applications that mobile devices never can run but with
help of cloud computing, running them is easily, because cloud service
providers have many powerful resources. As a result, with supporting of
cloud computing for mobile users, mobile cloud- computing is introduced as
combination of cloud computing by mobile computing and network
technology, hence resource-intensive applications can be executed on
resource-constraint mobile devices.
The reminder of this paper is as follows: Section 2 provides a brief overview
of cloud computing including definitions, architecture and advantages.
Section 3 describes mobile cloud computing, including its definitions,
architecture, and motivation for developing, advantages, challenges and
future research directions. Finally section 4 is conclusions.
2. CLOUD COMPUTING CONCEPT

For better understanding of mobile cloud computing, we need to understand
cloud computing, because it is infrastructure of mobile cloud concept. The
best definition for cloud computing is provided by NIST. NIST defines
Cloud computing as a model for enabling ubiquitous, convenient on
demand network access to a shared computing resources that can be
delivered with minimal managerial effort [3]. It uses a simple pay as you
go model which allows organizations or users to pay for the services they
use. Hence we do not need to maintain datacenters and use expensive
hardware and software, only we use when we need them. Cost reduction is
the main factor to use cloud computing by small and large organizations.
91% of organizations in US and Europe said that cost reduction is the major
reason for them to use cloud computing technology [4].
The cloud computing model can be considered as combination of three
delivery models and four deployment models as follows.
The four deployment models are public, private, community and hybrid.
Public: all users can access to cloud services.
Private: cloud services are accessible for special group of users.
Community: cloud services are shared among user groups,
enterprises and etc.
Hybrid: cloud services are composed of any combination of public,
private and hybrid.
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 15

IJCSBI.ORG
Three delivery models are IaaS, PaaS and SaaS.
Infrastructure as a Service (IaaS): IaaS enables provision of key
components such as hardware, storage and network devices.
Amazon EC2 (Elastic cloud computing) and S3 (Simple storage
service) are examples of IaaS.
Platform as a Service (PaaS): It is the framework for building,
testing and deploying applications. Examples of PaaS are Google
App Engine and Microsoft Azure.
Software as a Service (SaaS): It enables subscribers to use
applications on pay-as- you-go basis. Examples of SaaS are
Salesforce and Microsoft Live Mesh.
2.1 Advantages of Cloud computing
Cloud computing moves us from a traditional technology to a dynamic and
flexible one. Cloud computing refers to both the applications delivered as
services over the Internet and the hardware and systems software in the
datacenters that provide those services [5].
In following some advantages of cloud computing discussed [6].
On-demand services: service providers can configure services per
subscriber requirements and they can access and use prepared
services on-demand.
Low cost: there is no need to prepare infrastructure, hardware and
software. In fact, subscribers connect to the cloud and use from the
infrastructure supplied by the service provider.
Robustness and flexibility: we need robustness and flexibility for
fast fault recovery and to adapt to non-deterministic nature of user
behavior and service access pattern.
3. OVERVIEW OF MOBILE CLOUD COMPUTING

3.1 Definition
Mobile cloud computing at its simplest, refers to an infrastructure where
both the data storage and data processing occur outside of the mobile
device [7]. Alternatively mobile cloud computing can be defined as an
integration of mobile web and cloud- computing [8], [9].
With mobile cloud computing technology, mobile devices do not need
powerful configuration, because data processing and storage happen in the
cloud instead of in the mobile devices.
3.2 Mobile cloud computing architecture
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 16

IJCSBI.ORG
Figure 1. Architecture of mobile cloud computing [11].

General architecture of mobile cloud computing depicted in Figure 1.
According to this figure mobile devices connect to mobile networks via
BTS, access point or satellites. First request are forwarding to central
processors that are connected to servers. The cloud controller receives and
processes mobile user request for using cloud services. It uses the datacenter
to provide different services for mobile users. In Figure 2. We see cloud
computing architecture. It follows a bottom-top approach. Cloud services
extensively defined in section 2. The server layer consists of virtual and
physical servers and switches. This layer is responsible to allocate hardware
resources to mobile client. On top of stack, client utilizes services and only
pay for his/her usage. There is no concerns about hardware and software
maintenance.
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 17

IJCSBI.ORG
Figure 2. Cloud computing architecture [12].
3.3 Motivations for developing mobile cloud computing

Mobile devices have recently gained significant role in human life in many
areas such as governmental agencies, social service providers (e.g.
insurance, police), healthcare, education, and engineering organizations
[13]-[15]. Despite of significant improvement in mobile devices technology,
computing capabilities still is low. As mentioned mobile devices are
resource-constraint devices and we need to augment them for better user
experience. There are different ways to augment mobile devices mentioned
in [16].
Hardware
Researchers aim to augment mobile devices by exploiting powerful
processors, large screen and long lasting battery [17]. In this approach main
focus is on CPU, Memory, Storage, Screen and Battery. This approach is
low and expensive.
Software
Software approaches are categorized into six groups, which are remote
execution, remote storage, multi-tier programming, live cloud-streaming,
resource-aware computing and fidelity adaptation.
- Remote execution:
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 18

IJCSBI.ORG
Some components of mobile applications are migrated from mobile devices
to resource rich computing device(s), hence mobile devices can save energy.
Remote execution (offloading or cyber foraging) is a popular option and
there are many researches in this field. The efficiency of this approach is
highly depends on partitioning concept.
- Remote storage:
In this approach applications and dada are kept outside the mobile devices
and storage space improves significantly. By using cloud resources such as
Jupiter [18] and SmartBox [19] instead of traditional resources, we have
more efficiency.
- Multi-tier programming:
In this approach, we develop applications which need to less native
resources. Heavy components of applications migrate from device and
lightweight components remain inside the device.
- Live cloud-streaming:
In this approach [20] execution process entirely occur in the cloud and then
results are transmitting to the mobile devices. There are some problems like
latency, bandwidth and network traffic congestion.
- Resource-aware computing:
In these approaches [21]-[23], researchers utilize application-level resource
management methods (with using software such as compiler and OS) thus
requirements of mobile applications are reduced. Resource conservation is
performed well via efficient selection of available execution approaches
[24].
- Fidelity adaptation:
When remote resources and online connectivity are not available, this
approach is an option to perform. Main idea is to decrease quality of
application execution that lead to resource conservation. For better
performance, researchers [25], [26] combined cyber foraging by fidelity
adaptation.
Cloud computing enables virtualization technology that facilitates access to
cloud services for users. Virtualization is needed for improving scalability
and resource utilization ratio. It enables the illusion of infinite resources to
the cloud subscribers [27].
3.4 Advantages
Before discussing advantages of mobile cloud computing in this section, in
order to better understanding mobile cloud computing concept, we examine
the definitions of mobile computing, cloud computing and network
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 19

IJCSBI.ORG
technology. Because mobile cloud computing consists of these three main
concepts.
- Mobile computing:
Information at fingertips anywhere, anytime [28]. Or The mobile
computing no longer requires users to maintain a fix and universally known
position in the network and enables almost unrestricted mobility [29].
- Cloud computing:
NIST defines Cloud computing as a model for enabling ubiquitous,
convenient on demand network access to a shared computing resources that
can be rapidly delivered with minimal managerial effort [3].
- Network technology:
Majority of communications occur in wireless environments.
Advantages of mobile cloud computing are:
- Improving processing power:
Resource-intensive mobile applications offload to cloud for execution,
because cloud resources (specially its processors) are powerful. Thus mobile
devices can virtually perform and actually deliver the results of heavy
transactions that usually cannot perform [16].
- Expanded storage capacity:
Mobile applications are constrained by storage capacity on mobile devices.
Due to handiness, size and price issues, Mobile devices cannot have large
storage capacity. A common solution is to use infinite storage capacity of
cloud resources. Amazon S3 prepares file storage service [30]. Another
example is Image Exchange which utilizes large storage capacity for mobile
users [31]. Also Flicker is the mobile photo sharing applications based on
mobile cloud computing [32].
- Improving battery lifetime:
Long time application execution and giant processing entities lead to large
amount of power consumption. A solution is to utilize offloading methods
and remote application execution that significantly extend battery lifetime.
In the other words, offloading heavy and energy-intensive applications to
the cloud for execution can save energy. For example researchers believe
offloading a compiler optimization for Image processing can reduce 41% for
energy consumption in a mobile device [33].
- Improving reliability:
Due to resource scarcity in the mobile devices, providing complex
encryption provisions and sufficient security services is not feasible. By
storing data in the cloud storage [34], [35] mobile users ensure data
protection and availability. Also cloud can provide security services such as
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 20

IJCSBI.ORG
authentication, virus scanning and malicious code detection for mobile users
[36]. To deal with data lost on mobile devices, offloading data to the cloud
is efficient because cloud can backup data on a group of computers.
- Easy content and resource sharing:
By storing data and applications in the cloud, mobile users can access to
contents every time, in the other words cloud service providers facilitate
content and resource sharing among authorized users.
3.5 Challenges in mobile cloud computing
- Service availability:
Service availability is a big concern in mobile cloud computing, because
majority of communications occur in wireless environments and wireless
communications are not confident. Mobile users are faced with problems
such as network traffic, network congestion and out-of-signal.
- Heterogeneity:
As mentioned in [10]. Heterogeneity in the mobile cloud computing refers
to existence of differentiated hardware, architectures, infrastructure and
technologies of mobile devices, clouds and wireless networks.
Intelligent Radio Network Access (IRNA [37]) is a model to deal with
dynamics and heterogeneity of networks. In order to utilize IRNA in the
mobile cloud computing, in [38] authors propose a context management
architecture for acquire, management
And distribution a context Information.
- Offloading:
As mentioned in previous section, computing offloading and then remote
execution is one way to improve battery lifetime. Note that offloading is not
always the optimal solution to save energy, because it might consume more
energy than local execution especially when the size of content is small.
Methods of offloading are classified into three main directions: client-server
communication methods, virtualization and mobile agents [27]. The
decision of when to offload and which partitions of application need to be
offloaded are important issues that need to be considered.
- Security and privacy:
Security and privacy issues are too complex in mobile cloud computing due
to inherent challenges of wireless communications such as insecure nature
and problems related to heterogeneity. Due to energy constraints in mobile
devices, mobile users need to lightweight security algorithms. Security
issues are classified into mobile application security framework and data
security framework.
- Mobile application security framework:
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 21

IJCSBI.ORG
Mobile devices are resource-constraint devices and cannot running heavy
security software such as: anti-virus, intrusion detection and firewall, thus
applications can be offloaded to the cloud for a detailed security assessment.
For example [38] presents a method to offload the threat detection
capabilities to the cloud instead of executing in the mobile device, that lead
to save energy significantly. Evaluation parameters for application security
frameworks are: application type, security features, assumption and
scalability [39]. Also in [57] authors proposed a security framework for
analyzing the security of mobile application and detecting mobile malwares.
The cloud based security approach provides strong security for mobile
devices.
- Data security framework:
Data security is very important because mobile users dont have direct
control on stored data on the cloud. Two important aspects of data security
are:
- Data integrity:
Data integrity is a big issue for mobile users. Several solutions proposed in
this area are such as [40], [41], and [43]. [42] Considers energy
consumption unlike the two methods. Proposed scheme in [42] includes
three main components: mobile client, cloud storage service and trusted
third party and has three phases namely initialization, update and
verification. Researchers used Message Authentication Code (MAC) in this
method. Significant improvement in this method is this idea that checking
and verification are performed on trusted third party and Mobile users only
comparison the results. This improvement lead to save energy and
bandwidth significantly.
- Authentication:
Authentication is an important initial step to guarantee the security of user
data and files stored on cloud. In [43] authors proposed an authentication
mechanism to authenticate the owner of the uploaded file on cloud and also
integrity of mobile users data stored on cloud. The proposed scheme
includes four components namely mobile device, cloud service provider,
certification authority and telecommunication module depicted in Figure 3.
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 22

IJCSBI.ORG
Figure 3. Proposed scheme [43]
The certification authority performs authentication of mobile devices in this

scheme. [44] Proposes a framework that combines TrustCube [45] and
implicit authentication [46], [47] to authenticate mobile users. Implicit
authentication or behavioral authentication uses habits to authenticate users
and maps mobile user behaviors to score. TrustCube is a policy-based cloud
authentication and supports the integration of various authentication
methods. Also authors in [58] proposed asymmetric encryption for
providing better security. They utilized user location for providing a rigid
authentication, but we know that asymmetric encryption has high power
consumption and bandwidth. In [59] authors utilized secret sharing concept
to propose a rigid data security framework. Their security framework is
robust against related security attacks. Finally in [60] Momeni proposed a
lightweight and efficient authentication protocol for mobile cloud
environments. His proposed scheme is enough strong against related attacks
and it is according to real communication scenarios.
- Privacy:
In [49] the authors showed that following requirements is necessary to
ensure users Privacy: protection against misuse, adjustment of laws (for
more security in special circumstances), ease of use and identification of
pirated datasets. Anonymous routing such as onion routing can be used to
prepare privacy for mobile nodes in a decentralized mobile cloud [40].
Examples in P2P domain are [49], [50] and [51].
- Seamless communication:
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 23

IJCSBI.ORG
Due to heterogeneity of wireless communications, maintaining a seamless
communication between mobile users and mobile service provider is
difficult. Mobility and frequent disconnections decrease resource utilization
ratio [16]. One solution after disconnection is local execution. Note that
Results obtained before disconnection is not sufficient and execution must
be resumed.
- Improving the efficiency of data access:
Handling the data resources on cloud is difficult due to some problems such
as low bandwidth, mobility and limitation of resource capacity of mobile
devices. One easy solution to improve the efficiency of data access is a local
storage cache [11]. For example [52] addresses three issues: maintaining
seamless communication among subscribers and cloud, handling cache
consistency and supporting data privacy. Proposed scheme has two main
functional blocks namely RFS client on the mobile device and RFS server
on cloud. In proposed scheme authors using RESTful web service [53] for
service provider and HTTP for communication protocol. Also it addresses
issues such as wireless connectivity and data privacy.
3.6 Future research directions
Some problems may occur when mobile users try to use cloud resources,
such as disconnection, congestion and signal attenuation. These problems
lead to user dissatisfaction and decreasing quality of service. Instead of
communicating with a remote cloud, a better solution is to connect to
Cloudlet [54]. A cloudlet is resource rich computer or cluster of computers
which is Connected to the Internet and available for use by close mobile
devices [11]. This approach enables mobile devices to bypass latency and
bandwidth issues caused by connecting to remote cloud. In the absence of
close cloudlets mobile users may using local execution or connection to
remote cloud server.
- Security, trust and privacy:
With the development of cyber-crime applying security, trust and privacy is
required to protect mobile user contents and success of mobile cloud
computing. Indeed, how cloud service providers ensure confidentiality of
user content is a critical factor. Trust establishment based on the service
providers reputation and aggregation of trust from each service node would
be a valuable approach that requires future research [10].
- Low bandwidth:
Due to inherent problems of wireless environment, still bandwidth is a big
problem for mobile users. One solution is to use 4G networks that improve
bandwidth capacity for mobile users. Advantages of 4G networks are:
broading mobile coverage area, differed services, etc. [55]. [56] Discusses
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 24

IJCSBI.ORG
about 4G wireless network issues such as architecture, quality of service,
etc.
4. CONCLUSIONS
Mobile cloud computing aims to augment the resource-constraint mobile
devices, but currently it is like a baby that requires attention. The ABI
research believes more than 240 million business will use services provided
by cloud service providers through mobile devices by 2015. Mobile cloud
computing is a growing technology that includes both cloud computing and
mobile computing benefits. Also it is highly applicable for mobile devices.
This paper has given an extensive and survey of mobile cloud computing
technology including its definitions, architecture, motivation for developing,
advantages, challenges and future research directions. For better
understanding of mobile cloud computing before describing it, cloud
computing is described.
REFERENCES
[1] M. Satyanarayanan, 1996. Fundamental challenges in mobile computing, in

Proceedings of the 5th annual ACM symposium on Principles of distributed computing,
pp. 1-7.
[2] W. Vogels, A head in the clouds the power of infrastructure as a service, in: Proceedings
of the1st Workshop on Cloud Computing and Applications, CCA08.
[3] Mell P, Grance T (2011) the nist definition of cloud computing (draft).
http://csrc.nist.gov/publications/drafts/800145/Draft-SP-800-145_cloud-definition.pdf.
[4] Ponemon (2011) Security of cloud computing providers study.
http://www.ca.com/~/media/Files/ IndustryResearch/security-of-cloud-computing-
providers-final-april-2011.pdf
[5] M. Armbrust, A. Fox, R. Griffith, A. Joseph, R. Katz, A. Konwinski, G. Lee, D.
Patterson, A. Rabkin and I. Stoica, . 2009. above the clouds: a Berkeley view of cloud
computing, Technical Report UCB/EECS-2009-28.
[6] M. Armbrust, A. Fox, R. Griffith, A.D. Joseph, R. Katz, 2010. A. Konwinski, et al., A
view of Cloud computing, Communication ACM. Vol.53, pp. 5058.
[7] http://www.mobilecloudcomputingforum.com/
[8] Jacson H. Christensen, 2009. Using RESTful web-services and cloud computing to
create next generation mobile applications, in Proceedings of the 24th ACM SIGPLAN
conference companion on Object oriented programming systems languages and
applications (OOPSLA), pp. 627-634.
[9] L. Liu, R. Moulic, and D. Shea, 2011. Cloud Service Portal for Mobile Device
Management, in Proceedings of IEEE 7th International Conference on e-Business
Engineering (ICEBE), pp. 474.
[10] Z. Sanaei, S. Abolfazli, A. Gani, and R. K. Buyya, 2013. Heterogeneity in Mobile
Cloud Computing: Taxonomy and Open Challenges, IEEE Communications Surveys
& Tutorials, Vol.16, pp. 369-392.
[11] Hoang T. Dinh, Chonho Lee, Dusit Niyato, and Ping Wang., 2013. A Survey of Mobile
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 25

IJCSBI.ORG
Cloud Computing: Architecture, Applications, and Approaches Wiley wireless
communications and mobile computing, Vol.13, pp. 1587-1611.
[12] Modi, C., Patel, D., Borisaniya, B., Patel, B., Rajarajan, M., 2013. A survey on security
issues and solutions at different layers of Cloud computing springer Journal of
Supercomput, Vol.63, pp. 561592.
[13] K. Bent. (2012, May) Obama: Government Agencies Have One Year To Deploy
Smartphone-Friendly Services.
[14] T. Khalifa, K. Naik, and A. Nayak., 2011. A Survey of Communication Protocols for
Automatic Meter Reading Applications, IEEE Communications Surveys & Tutorials,
Vol. 13, No. 2, pp. 168182.
[15] R. Buyya, C. Vecchiola, and T. Selvi, 2013. Mastering Cloud Computing. Morgan
Kaufmann, USA.
[16] S. Abolfazli, Z. Sanaei, Ejaz Ahmed, Abdullah Gani, Rajkumar Buyya, 2013. Cloud-
Based Augmentation for Mobile Devices: Motivation, Taxonomies, and Open
Challenges IEEE Communications Surveys & Tutorials, Vol.16, pp. 337-368.
[17] K. Jackson. (2009) Missouri University Researchers Create Smaller and More Efficient
Nuclear Battery.
[18] Y. Guo, L. Zhang, J. Kong, J. Sun, T. Feng, and X. Chen, 2011. Jupiter: transparent
augmentation of smartphone capabilities through cloud computing, in Proc. ACM
MobiHeld 11, Cascais, Portugal.
[19] W. Zheng, P. Xu, X. Huang, and N. Wu, 2010. Design a cloud storage platform for
pervasive computing environments, Cluster Computing, vol. 13, no. 2, pp. 141151.
[20] G. Lawton, Cloud Streaming Brings Video to Mobile Devices, 2012. IEEE Computer,
vol. 45, no. 2, pp. 1416.
[21] B. Seshasayee, R. Nathuji, and K. Schwan, 2007. Energy-aware mobile service
overlays: Cooperative dynamic power management in distributed mobile systems, in
Proc. IEEE ICAC07, Jacksonville, Florida, USA, p. 6.
[22] Y. J. Hong, K. Kumar, and Y. H. Lu, 2009. Energy efficient content-based image
retrieval for mobile systems in Proc. IEEE ISCAS 09, Taipei, Taiwan, pp. 16731676.
[23] Kremer, J. Hicks, and J. Rehg, 2003. A compilation framework for power and energy
management on mobile computers, Languages and Compilers for Parallel Computing,
pp. 115131.
[24] S. Gurun and C. Krintz, 2003. Addressing the energy crisis in mobile computing with
developing power aware software, vol. 8, no. 64.
[25] J. Flinn and M. Satyanarayanan, 1999. Energy-aware adaptation for mobile
applications, in Proc. ACM SOSP 99, vol. 33, pp. 4863.
[26] E. D. Lara, D. S. Wallach, and W. Zwaenepoel, 2001. Puppeteer: Component-based
adaptation for mobile computing, in Proc. USENIX USITS, pp. 1425.
[27] Niroshinie Fernando, Seng W. Loke, Wenny Rahayu, 2013. Mobile cloud computing:
A survey Elsevier Future Generation Computer Systems, Vol.29, pp. 84106.
[28] M. Satyanarayanan, 2011. Mobile computing: the next decade, ACM SIGMOBILE
Mobile Computing and Communications Review, vol. 15, no. 2, pp. 210.
[29] T. Imielinski and H. Korth, 1996. Introduction to Mobile Computing, ser. The Springer
International Series in Engineering and Computer Science, vol. 353, pp. 143.
[30] http://aws.amazon.com/s3/
[31] E. Vartiainen, and K. V. -V. Mattila, 2010. User experience of mobile photo sharing in
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 26

IJCSBI.ORG
the cloud, in Proceedings of the 9th International Conference on Mobile and
Ubiquitous Multimedia (MUM).
[32] http://www.flickr.com/
[33] U. Kremer, J. Hicks, and J. Rehg, 2001. A Compilation Framework for Power and
Energy Management on Mobile Computers, in Proceedings of the 14th International
Conference on Languages and Compliers for Parallel Computing, pp. 115 - 131, August.
[34] W. Zheng, P. Xu, X. Huang, and N. Wu, 2010. Design a cloud storage platform for
pervasive computing environments, Cluster Computing, vol. 13, no. 2, pp. 141151.
[35] W. Zeng, Y. Zhao, K. Ou, and W. Song, 2009. Research on cloud storage architecture
and key technologies, in Proc. ACM ICIS 09, Seoul, Republic of Korea, pp. 1044
1048.
[36] J. Oberheide, K. Veeraraghavan, E. Cooke, J. Flinn, and F. Jahanian. 2008. Virtualized
in-cloud security services for mobile devices, in Proceedings of the 1st Workshop on
Virtualization in Mobile Computing, pp. 31-35.
[37] A. Klein, C. Mannweiler, and H. D. Schotten, 2009. A Framework for Intelligent
Radio Network Access Based on Context Models, in Proceedings of the 22nd WWRF
meeting 2009.
[38] A. Klein, C. Mannweiler, J. Schneider, and D. Hans, 2010. Access Schemes for Mobile
Cloud Computing, in Proceedings of the 11th International Conference on Mobile Data
Management (MDM), pp. 387.
[39] Abdul Nasir Khan, M.L. Mat Kiah, Samee U. Khan, Sajjad A. Madani, 2013. Towards
secure mobile cloud computing: A survey Elsevier Future Generation Computer
Systems Vol.29, pp.12781299.
[40] A. Tanenbaum and M. Van Steen, 2007. Distributed Systems: Principles and
Paradigms, Pearson Prentice Hall.
[41] W. Wang, Z. Li, R. Owens, and B. Bhargava, 2009. Secure and efficient access to
outsourced data, in ACM Cloud Computing Security Workshop (CCSW), pp. 55 - 66.
[42] W. Itani, A. Kayssi, and A. Chehab, 2011. Energy-efficient incremental integrity for
securing storage in mobile cloud computing, International Conference on Energy
Aware Computing (ICEAC), pp. 1.
[43] S.C. Hsueh, J.Y. Lin, M.Y. Lin, 2011. Secure cloud storage for conventional data
archive of smart phones, in: Proc. 15th IEEE Int. Symposium on Consumer Electronics,
ISCE 11, Singapore.
[44] R. Chow, M. Jakobsson, R. Masuoka, J. Molina, Y. Niu, E. Shi, and Z. Song,
2010.Authentication in the clouds: a framework and its application to mobile users, in
Proceedings of the 2010 ACM workshop on Cloud computing security workshop
(CCSW), pp. 1 - 6.
[45] Z. Song, J. Molina, S. Lee, S. Kotani, and R. Masuoka. 2009. TrustCube: An
Infrastructure that Builds Trust in Client, in Proceedings of the 1st International
Conference on Future of Trust in Computing.
[46] M. Jakobsson, E. Shi, P. Golle, and R.Chow, 2009. Implicit Authentication for Mobile
Devices, in Processing of the 4th USENIX Workshop on Hot Topics in Security
(HotSec).
[47] E. Shi, Y. Niu, M. Jakobsson, and R. Chow. 2010. Implicit Authentication through
Learning User Behavior, in Proceedings of the implicit authentication Security
Conference (ISC).
[48] M. Fahrmair, W. Sitou, B. Spanfelner, 2011. Security and privacy rights management
for mobile and ubiquitous computing, in: Workshop on UbiComp Privacy, pp. 9708.
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 27

IJCSBI.ORG
[49] J. Han, Y. Zhu, Y. Liu, J. Cai, L. Hu, 2005. Provide privacy for mobile p2p systems, in:
25th IEEE International Conference on Distributed Computing Systems Workshops, pp.
829834.
[50] J. Han, Y. Liu, Rumor, 2006. Riding: anonymizing unstructured peer-to-peer systems,
in: Proceedings of the 2006 14th IEEE International Conference on Network Protocols,
2006, ICNP06, pp. 2231.
[51] G. Ghinita, P. Kalnis, S. Skiadopoulos, 2007. Prive: anonymous location-based queries
in distributed mobile systems, in: Proceedings of the 16th International Conference on
World Wide Web , ACM, New York, USA, pp. 371380.
[52] Y. Dong, J. Peng, D. Wang, H. Zhu, F. Wang, Sun C. Chan, and Michael P. Mesnier,
2011. RFS: a network file system for mobile devices and the cloud, ACM SIGOPS
Operating Systems Review, vol. 45, no. 1, pp. 101-111.
[53] Jacson H. Christensen, 2009. Using RESTful web-services and cloud computing to
create next generation mobile applications, in Proceedings of the 24th ACM SIGPLAN
conference companion on Object oriented programming systems languages and
applications (OOPSLA), pp. 627-634.
[54] M. Satyanarayanan, P. Bahl, R. Caceres, N. Davies, 2009. The case for VM-based
cloudlets in mobile computing, IEEE Pervasive Computing Vol.8, pp. 1423.
[55] M. Rahman and F. A. M. Mir, 2007. Fourth Generation (4G) Mobile Networks -
Features, Technologies & Issues, in Proceedings of the 6th IEEE International
Conference on 3G and Beyond, pp. 1.
[56] U. Varshney and R. Jain, 2002. Issues in emerging 4G wireless networks, Computer,
vol. 34, no. 6, pp. 94 96.
[57] S. Zonouz, A. Houmansadr, R. Berthier, N. Borisov, W. Sanders, 2013. Secloud: A
cloud-based comprehensive and lightweight security solution for smartphones; Proc:
Elsevier.
[58] Md. AI-Hasan, Kaushik Deb, Mohammad Obaidur Rahman, 2013. User Authentication
Approach for Data Security between Smartphone and Cloud; Strategic Technology
(IFOST), 8th International Forum on, Publisher: IEEE.
[59] Hong gang Wang, Shaoen Wu, Min Chen, Wei Wang, 2014. Security Protection
between Users and the Mobile Media Cloud, IEEE Communications Magazine.
[60] 60. Momeni, M. R., 2014. A Lightweight Authentication Scheme for Mobile Cloud
Computing. International Journal of Computer Science and Business Informatics,
Vol. 14, No. 2, pp. 153-160.

Momeni, M. R., 2015. A Survey of Mobile Cloud Computing: Advantages,
Challenges and Approaches. International Journal of Computer Science and
Business Informatics, Special Issue: Vol. 15, No. 4, pp. 14-28.
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 28

IJCSBI.ORG
An Efficient Authentication Protocol for

Mobile Cloud Environments using ECC

Department of Computer Engineering, Faculty of Electrical and Computer Engineering,
Imam Reza International University of Mashhad, Iran
ABSTRACT
The growth of mobile cloud computing users is rapid and now many mobile users utilize
from mobile cloud computing technology. This technology makes mobile users stronger
beyond the mobile computing capabilities. The security risks have become a hurdle in the
rapid adaptability of the mobile cloud computing technology. Significant efforts have been
devoted in research organizations and academia to securing the mobile cloud computing
technology. In this paper we proposed a lightweight and efficient authentication protocol
for mobile cloud environment. According to significant advantages of ECC (elliptic curve
cryptosystem), it has been adopted through this paper. Our proposed protocol has many
advantages such as: supporting user anonymity, identity management and also resistance
against related attacks such as replay attack, stolen verifier attack, modification attack,
server spoofing attack and so on.
Key words
Mobile cloud computing, lightweight authentication, ECC, user anonymity, security risks.
1. INTRODUCTION
Mobile cloud computing is a technology that aims to augment mobile
devices beyond their capabilities. Mobile devices have limited processing
and storage capabilities and their battery lifetime will exhaust soon [1].
Authentication is the most important factor to protect systems against
attacks. If this mechanism works well other mechanisms can be lightweight.
Authentication methods are grouped to four classes. 1. What you are (E.g.
fingerprint), 2.what you have (E.g. smart cards), 3.what you know (E.g.
passwords) and 4.what you do or implicit authentication. Due to inherent
challenges of wireless communications such as insecure nature and
problems related to heterogeneity, security and privacy issues are too
complex in mobile cloud computing. ECC based schemes with smaller key
size, strict security and high efficiency are the best choice for securing the
mobile cloud computing technology. For example ECC with 160 bits key
size and RSA with 1024 bits key size have the same security level. ECC is
good for environments with these properties: low bandwidth, limited
processing power and storage capacity, battery lifetime limitation. Firstly
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 29

IJCSBI.ORG
lamport in 1981 proposed an authentication scheme over an open channel
[2]. His scheme was resistance against impersonation attack and servers
data eavesdropping attack but vulnerable to replay attack. Peyravian and
Zunic proposed an authentication scheme without encryption techniques [3].
It only used hash function. Lee et al. demonstrated that this scheme is
vulnerable to offline password guessing attack and then improved it [4].
Later ku et al showed lee et al scheme is vulnerable to attacks such as denial
of service, offline password guessing and stolen verifier [5]. Yoon et al then
improved lee et al scheme in the year 2004 [6], but ku et al demonstrated
this scheme is vulnerable to offline password guessing attack and stolen
verifier attack [7]. Later hwang and yeh demonstrated Peyravian and
Zunics scheme is vulnerable to password guessing attack and server
spoofing attack [8]. Then they improved it with public key cryptosystem.
Their scheme satisfies mutual authentication, but ku et al mentioned it is
vulnerable to replay attack [9]. Lin and hwang demonstrated denial of
service attack is applicable to hwang and yeh scheme [10]. Also they
mentioned hwang and yeh scheme cannot satisfy perfect forward secrecy.
Peyravian and Jeffries improved Peyravian and Zunics scheme [11], but
shim claimed that their scheme is vulnerable to offline password guessing
attack and denial of service attack [12]. Zhu et al mentioned that Hwang and
Yehs scheme still vulnerable to replay attack, stolen verifier attack and
impersonation attack and then proposed an improved scheme to eliminate
the weaknesses of Hwang and Yehs scheme [13]. Their scheme is based on
timestamp and salting techniques. Momeni proposed a lightweight
authentication scheme [14]. His protocol has little processing and
communication overhead and is enough strong against related attacks. The
rest of the paper is organized as follows: in Section 2, we propose our
authentication protocol. Section 3 and 4 describe the security and
performance analysis respectively. And finally section 5 concludes the
paper. The notations to be used in this paper are in Table 1.
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 30

IJCSBI.ORG
Table 1. Notations
Symbols Description
IDU User identity
PWU Password
S Private key (server)
Q = S.P Public key (server)
AKU = S.ZU Authentication key
ZU = PWU.P Password verifier
DIDU Dynamic identity of user
P Base point
|| Concatenation operator
H( ) Hash function
r1 , r2 Random numbers
EAK( ) Symmetric encryption function
2. PROPOSED SCHEME
In this section our protocol is presented. Our proposed protocol consists of
four phases namely: registration phase, mutual authentication and session
key agreement phase, password change phase and finally user eviction
phase. Now we describe the registration phase.
2.1 Registration Phase

In this phase mobile user performs registration phase via secure channel as
follows. Note that registration phase is done only once.
1. Mobile user sends his identity and password verifier to authentication
server through secure channel.
2. Now the server checks this identity and if already exists in the server
database rejects it, Mobile user must prepares unique identity. It is clear to
see that in this step identity management is provided. Now server can
compute authentication key as AKU = S.ZU. In this step authentication server
stores user identity, password verifier and status bit in the users table.
3. Finally the server returns authentication key to mobile user.
When mobile user login to system, status bit sets to one and in the other
words it sets to zero. In the following we show a sample of users table.
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 31

IJCSBI.ORG
Table 2. Users table
Identity Password Verifier Status bit
IDA ZA = PWA.P 0-1
IDB ZB = PWB.P 0-1
IDC ZC = PWC.P 0-1
Registration phase has shown in figure 1.
Figure 1. Registration phase
2.2 Mutual authentication and session key agreement phase

After registration whenever mobile user wants to use cloud services, he/she
must be authenticated. Hence he/she sends a login request message to the
server and then server verifies the authenticity of the login request message
as follows.
1. Mobile user generates a random number r1 and calculates R = r1.Q and
also M = r1.PWU.P. Next mobile user generates dynamic identity to protect
his real identity as follows: DIDU = IDU H(AKU || R). Mobile user sends
M1 = (DIDU, EAK (R, M), H(DIDU, EAK (R, M))) to the server.
2. After receiving M1, the server computes H*(DIDU, EAK (R, M)), then
checks H = H* for detecting modification attack. If H is not equal to H*,
server aborts the current session. Hence denial of service can be eliminated.
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 32

IJCSBI.ORG
Then server obtains R and M by decrypting the message. Also in this step
server calculates the real identity from dynamic identity as follows: IDU =
DIDU H(AKU || R). Then validates it according to identities that exists in
the users table. Now the server generates r2 and calculates N = r2.Q. Finally
the server sends message M2 = ((M+N), H(N)) to mobile user.
3. After receiving M2, mobile user calculates N from M+N-M and then
computes H*(N) and compares it by received H(N) to detect modification
attack. If H is not equal to H* mobile user aborts the current session, Hence
denial of service can be eliminated. Mobile user computes message M3 =
(H(M || N), DIDU) and sends it to the server. Also he/she computes the
session key SK = r1.PWU.N = r1.PWU.r2.S.P = r1.r2.S.P.PWU in this step.
4. After receiving M3, the server computes H*(M || N) and then compares it
by received H(M || N) to detect modification attack. If H is not equal to H*
the server aborts the current session, Hence denial of service can be
eliminated. Now the server computes session key as follows: SK = r2.S.M =
r2.S.r1.PWU.P = r1.r2.S.P.PWU. Note that SK is valid only for this session.
Mutual authentication and session key agreement phase has shown in
following.
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 33

IJCSBI.ORG
Authentication
Mobile User Server
r1, R = r1.Q
M = r1.PWU.P 1
DIDU = H(AKU || R) IDU
M1 = (DIDU, EAK (R, M), H(DIDU, EAK (R, M)))
H*(DIDU, EAK (R, M))

Obtaining R, M
2
IDU = H(AKU || R) DIDU
R2, N = r2.Q
M2 = ((M+N), H(N))
M+N-M = N, H*(N)
H(M || N)
3
SK = r1.PWU.N = r1.PWU.r2.S.P
= r1.r2.S.P.PWU
M3 = (H(M || N), DIDU)
H*(M || N)
4 SK = r2.S.M = r2.S.r1.PWU.P =
r1.r2.S.P.PWU
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 34

IJCSBI.ORG
2.3 Password change phase

In this phase mobile user can change his/her password without any
intervention from server. This property brings high security and user
friendly for our proposed scheme. After choosing new password and
computing password verifier for it, only password verifier transmits to the
server. The channel in this phase is secure. The steps of this phase are as
follows.
1. Mobile user sends his/her identity and password verifier with a password
change request to the server.
2. After verifying the received identity if he/she is a legitimate mobile user,
the server computes H(IDU || SK) and sends it to mobile user.
3. Then mobile user computes H*(IDU || SK) and compares it with received
H(IDU || SK). If H* is equal by H then mobile user selects new password and
computes password verifier for it as follows: ZU* = PWU*.P. Finally only
password verifier will send to the server.
Figure 2. Password change request
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 35

IJCSBI.ORG
2.4 User eviction phase

In the proposed protocol server can evict malicious users. In order to evict
malicious users, the server should remove related tuples from users table. If
an evicted user tries to login to the system, he/she will fail because in the
second phase of the mutual authentication and session key agreement
identity management will be conducted. Thus the server will know this
identity does not exist in the users table. As a result evicted users cannot
login to the system and use cloud resources.
3. SECURITY ANALYSIS
In this section security features of our proposed protocol is presented and
we demonstrate proposed protocol can withstand against related security
attacks.
3.1 Stolen verifier attack resistance
Our proposed protocol is robust against stolen verifier attack because server
does not keep any secret table or any pre-shared secret key. Hence adversary
cannot gain any valuable information from this attack.
3.2 Server spoofing attack resistance
Our proposed protocol provides mutual authentication for both participants.
Mobile user authenticates the server and also server can authenticate the
mobile user. Hence sever spoofing attack is ineffective.
3.3 Modification attack resistance
In order to avoid modification attack we used a collision free one way hash
function. If an adversary sends a modified message, soon mobile user will
know that the received message is not valid because two hash results are not
equal.
3.4 Replay attack resistance
Proposed scheme uses random numbers to avoid replay attack. It is hard for
adversary to guess the random numbers, because they change in each
session and every time of authentication. Thus this attack is not applicable
to our scheme.
3.5 Insider attack resistance
A client CL may register with some servers S1, S2 and so on using a
common password pw and the identity id for his convenience, and if the
privileged-insider U1 of S1 has the knowledge of CLs pw and id, then U1
may try to access other servers S2, S3, and so on by using the same pw and
id. In our proposed protocol the server only stores password verifier and
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 36

IJCSBI.ORG
extraction of password from it is very hard due to hardness of elliptic curve
discrete logarithm problem (ECDLP).
3.6 Many logged-in users attack resistance

Consider the password PWA and the login-id IDA of a client A, are leaked to
many adversaries. In the proposed protocol only one adversary can login the
server at the same time out of all who know the valid password PWA and
login-id IDA. When an adversary logged-in by using the valid password
PWA and login-id IDA, then the server sets the status bit to one and
meanwhile if other adversaries try to login the server at the same time with
same password PWA and login-id IDA, the server denies all the received
requests because the status bit mechanism indicates still someone is logged
in.
3.7 User anonymity
User anonymity means protecting real identity of user against public, no
server [15]. Our proposed scheme satisfies user anonymity, because in the
registration and password change phases that real identity transmits, the
channel is secure and in the mutual authentication and session key
agreement phase that channel is not secure instead of real identity, dynamic
identity transmits.
3.8 No clock synchronization problem
Many proposed authentication protocols use timestamps to avoid replay
attacks but timestamp mechanism is difficult and expensive in wireless
mobile communications [16] and distributed networks [17,18,19]. Our
proposed protocol is nonce-based and does not have clock synchronization
problem.
3.9 Session key agreement
In our proposed protocol a session key is generated which uses random
numbers like r1 and r2. This session key provides secure communications
over open channel by encrypting the exchanged messages.
3.10 Password change phase
Our proposed protocol supports Password change phase, hence our protocol
is more secure than other authentication protocols. In addition mobile user
can change his/her password without any intervention from server. This
property brings high security and user friendly for our proposed scheme.
4. PERFORMANCE ANALYSIS
In this section we evaluate the performance of our proposed protocol. Note
that a good authentication scheme for mobile cloud computing must have
low computation cost. We compared our proposed protocol with a new
proposed scheme in terms of computation cost. Table 3 shows that our
proposed protocol is more efficient, especially in the mobile user side. This
improvement makes less power consumption in the mobile devices which
are faced with battery lifetime limitation.
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 37

IJCSBI.ORG
Hafizful & Biswas [20] Proposed Protocol
Client: 7EM + 2EA + 1sym Client: 5EM + 1EA + 1sym
Server: 3EM + 2EA + 1sym Server: 3EM + 1EA + 1sym
5. CONCLUSIONS
In this paper we proposed a lightweight authentication protocol for mobile
cloud computing. In the proposed protocol we used elliptic curve
cryptosystem which has many advantages includes smaller key size, strict
security and high efficiency. Also our proposed protocol satisfies user
anonymity, mutual authentication, session key agreement and so on. In
terms of resistance against related attacks, our proposed protocol is robust
against replay attack, stolen verifier attack, modification attack, server
spoofing attack and so on. It is important to note that proposed protocol is
according to real communication scenarios.
REFERENCES
[1]. Momeni, M. R., 2015. A Survey of Mobile Cloud Computing: Advantages,
Challenges and Approaches. International Journal of Computer Science and Business
Informatics, special issue: Vol. 15, No. 4, pp. 14-28.
[2]. L. Lamport, Password authentication with insecure communication,
Communications of the ACM 24 (11) (1981) 770772.
[3]. M. Peyravian, N. Zunic, Methods for protecting password transmission, Computers
and Security 19 (5) (2000) 466469.
[4]. C.C. Lee, L.H. Li, M.S. Hwang, A remote user authentication scheme using hash
functions, ACM Operating Systems Review 36 (4) (2002) 2329.
[5]. W.C. Ku, C.M. Chen, H.L. Lee, Weaknesses of LeeLiHwangs Hash-based
password authentication scheme, ACM Operating Systems Review 37 (4) (2003) 1925.
[6]. E.J. Yoon, E.K. Ruy, K.Y. Roo, A secure user authentication scheme using hash
functions, ACM Operating Systems Review 38 (2) (2004) 6268.
[7]. W.C. Ku, M.H. Chaing, S.T. Chang, Weaknesses of YoonRyuYoos hash-based
password authentication scheme, ACM Operating Systems Review 39 (1) (2005) 8589.
[8]. J.J. Hwang, T.C. Yeh, Improvement on PeyravianZunics password authentication

schemes, IEICE Transactions on Communications E85-B (4) (2002) 823825.
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 38

IJCSBI.ORG
[9]. W.C. Ku, C.M. Chen, L. Hui, Cryptanalysis of a variant of PeyravianZunics
password authentication scheme, IEICE Transactions on Communications E86-B (5)
(2002) 16821684.
[10]. C.L. Lin, T. Hwang, A password authentication scheme with secure password
updating, Computers and Security 22 (1) (2003) 6872.
[11]. M. Peyravian, C. Jeffries, Secure remote user access over insecure networks,
Computer Communications 29 (5) (2006) 660667.
[12]. K.A. Shim, Security flaws of remote user access over insecure networks, Computer
communications 30 (1) (2006) 117121.
[13]. L. Zhu, S. Yu, X. Zhang, Improvement upon mutual password authentication
scheme, International seminar on business and information management, 2008, pp. 400
403.
[14]. Momeni, M. R., 2014. A Lightweight Authentication Scheme for Mobile Cloud
Computing. International Journal of Computer Science and Business Informatics,
Vol. 14, No. 2, pp. 153-160.
[15]. D. Wanga, Chun-guang, Cryptanalysis of a remote user authentication scheme for
mobile clientserver environment based on ECC, Information Fusion 14 (2013) 498
503.
[16]. Giridhar, P. Kumar, Distributed clock synchronization over wireless networks:
algorithms and analysis, in: Proceedings of the 45th IEEE Conference on Decision and
Control, IEEE, 2006, pp. 49154920.
[17]. D. Mills, Internet time synchronization: the network time protocol, IEEE
Transactions on Communications 39 (10) (1991) 13931482.
[18]. J. Han, D. Jeong, A practical implementation of IEEE 15882008 transparent clock
for distributed measurement and control systems, IEEE Transactions on Instrumentation
and Measurement 59 (2) (2010) 433439.
[19]. R. Baldoni, A. Corsaro, L. Querzoni, S. Scipioni, S. Piergiovanni, Coupling-based
internal clock synchronization for large-scale dynamic distributed systems, IEEE
Transactions on Parallel and Distributed Systems 21 (5) (2010) 607619.
[20]. SK Hafizul Islam, G.P. Biswas, Design of improved password authentication and
update scheme based on elliptic curve cryptography, Mathematical and Computer
Modelling 57 (2013) 27032717.

Momeni, M. R., 2015. An Efficient Authentication Protocol for Mobile
Cloud Environments using ECC. International Journal of Computer Science
and Business Informatics, Special Issue: Vol. 15, No. 4, pp. 29-39.
ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 39

Vol 15 No 4 - July 2015

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Vol 15 No 4 - July 2015

Uploaded by

Copyright:

Available Formats

International Journal of Computer Science

and Business Informatics

ISSN: 1694-2507 (Print)

A Survey of Mobile Cloud Computing: Advantages, Challenges and Approaches ................................ 14

Impact of Human Capital

Nurul Fatihah Rosli

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 1

Thus, the objective of this study would be to investigate the factors

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 2

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 3

On top of that, women were mentioned by [12] as the dominant group

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 4

Figure 1: The Framework of Relationships between IVs and DV [19].

Figure 1 shows the framework of relationships between independent

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 5

Data Analysis Using PLS-SEM

Table 1 summarized the validity guidelines for measurement and

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 6

5. RESULTS AND DISCUSSIONS

Table 2: Demographic Profiles of the Sabah Respondents on SMEs

Table 2 depicted the demographic profiles of the respondents which

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 7

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 8

The discriminant validity is assessed by using Fornell and Larckers

The structural model was assessed using the coefficient of

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 9

HRM => SMEs

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 10

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 11

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 12

This paper may be cited as:

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 13

A Survey of Mobile Cloud

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 14

2. CLOUD COMPUTING CONCEPT

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 15

3. OVERVIEW OF MOBILE CLOUD COMPUTING

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 16

Figure 1. Architecture of mobile cloud computing [11].

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 17

Figure 2. Cloud computing architecture [12].

3.3 Motivations for developing mobile cloud computing

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 18

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 19

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 20

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 21

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 22

Figure 3. Proposed scheme [43]

The certification authority performs authentication of mobile devices in this

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 23

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 24

[1] M. Satyanarayanan, 1996. Fundamental challenges in mobile computing, in

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 25

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 26

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 27

This paper may be cited as:

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 28

An Efficient Authentication Protocol for

Mohammad Rasoul Momeni

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 29

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 30

2.1 Registration Phase

ISSN: 1694-2108 | Vol. 15, No. 4. JULY 2015 31

Registration phase has shown in figure 1.