Abstract—Cloud computing is one of the rising technologies, that takes set of connections users to the next level. Cloud is a technology where resources are paid as per usage rather than owned. One of the major challenges in this technology is Security. Biometric systems provide the answer to ensure that the rendered services are accessed only by a legal user or an authorized user and no one else. Biometric systems recognize users based on behavioral or physiological characteristics. The advantages of such systems over traditional validation methods, such as passwords and IDs, are well known and hence, biometric systems are progressively gaining ground in terms of usage. This paper brings about a new replica of a security system where in users have to offer multiple biometric finger prints during Enrollment for a service. These templates are stored at the cloud provider’s section. The users are authenticated based on these finger print designed templates which have to be provided in the order of arbitrary numbers or imaginary numbers that are generated every time continuously . Both finger prints templates and images are present and they provided every time duration are encrypted or modified for enhanced security.
Keywords—cloud computing; biometrics; services; technology; Fingerprint; Voice Recognition; Physical biometrics;
I. INTRODUCTION
Biometric Security is a familiar and useful security system which is in great demand now a days and its demand will certainly not going to decrease in the future . Biometric Security System improve security by linking or adopting a unique physical quality to the data that they are allowed to access . The word “biometrics” comes from the Greek language and is derived from the two special words bio (life) and metric (to determine or to examine).Biometrics (a security measure) refers to the recognition of humans by their behaaviour/characteristics.
In Computer science, biometrics is used as a form of identification purpose [1]. The user provides their fingerprint (or other biometric security) to the system, which is then real against a stored template. The Biometric Security is a unbeatable security and that’s the an important reason this is always preferred first while thinking about the other security essentials in terms of Information Technology or Cloud Computing. Biometric systems can be used in two different modes.
Identity verification occurs when the user claims to be
previously enrolled in the system ( ID card or login name) In this case the biometric data obtained from the user is compared to the user’s data which is already stored in the database.
Identification (also called recognition) occurs when the identity of the user is a prior unknown to someone else. In this case the user’s biometric data is matched against all the records which is present in the database as the user details can be anywhere in the database or he/she actually does not have to be present there at all [2].
Fig 1 : Sample finger print impression
II. AUTHENTICATION PROCESS IN BIOMETRIC SECURITY
A. Biometrics As Authentication Tool
Biometrics refers to the use of unique physiological uniqueness to identify an individual identity. A number of biometric behavior/methods have been developed and are used to authenticate the person’s identity. The main motto is to use the special characteristics of a person to identify an individual.
Biometric authentication uses human traits like finger prints, iris, tongue impressions and face recognitions techniques that are unique to each individual and thus differentiating users from the present working scenarios .
When using biometrics as an authentication tool, a cloud user, during Enrollment / use for a service, registers with his unique traits (such as finger prints, face,tongue, iris etc.). These usually get stored as templates at the cloud service provider’s section. Every time when an admittance is made, the cloud user is prompted to provide his enrolled trait or data that is compared against the template and is authenticated accordingly. Though these biometric traits are unique, therefore problems arise when eavesdroppers can gain access to these stored finger print templates.
B. Working System of Biometric Security
The authentication service provider maintains the biometric database of user .The data has to be stored in encrypted format using cryptography technique on biometric for the security reasons. The user initially enrolls with the biometric system which is provided by a cloud service / platform and once the identity is registered his/her biometric authentication details are stored in cloud service source database. The authorization details or important details are also entered at the registration time which is also present in encrypted format. Whenever the user wants to use any cloud service it first uses the biometric authentication service rather than a conventional password mechanism. Once authenticated, the user is redirected to the genuine cloud service platform for which he is authorized to use.
III. TYPES OF BIOMETRIC METHODS
In order to prevent virus or any other obstacle from entering in and to expand more security , there are some biometric methods which can definitely be adopted as a security measure in cloud computing technologies . The two classical biometric methods are :
A. Physical Biometrics
Physiological biometrics is based on size and data derived from direct measurement of a part of the human body. Fingerprint, iris-scan, hand geometry,retina-scan and facial recognition are leading physiological biometrics techniques which comes under this category . In Physical Biometrics , it uses physical impression rather than artificial impression for the passwords . It quickly scans the physical impression and set the pathway whether it is matched or not .If it is matched , then the user will move to next step for security .
.
B. Behavioral Characteristics
Behavioral characteristics are based on an action taken by a person regarding specific terms. Behavioral biometrics, in turn, are based on measurements and data derived from an action, and in a round about way measure the characteristics of the human body. Voice recognition, keystroke-scan, and signature-scan are leading and important behavioral biometric technologies present in today’s scenario. One of the major characteristics of a behavioral biometric is the inclusion of time as a measure [3].
A number of biometric methods have been developed over the years, but few have gained approval.
IV. PROS AND CONS OF DIFFERENT BIOMETRICS MEASURES
As per the name and also of its uses , Biometrics is one such phenomenon which is the most trusted security one can have . But beside all these myths there are also some pros and cons i.e merits and demerits of this system .On the basis of authenticity biometrics can be done as following :-
Fingerprint:- Fingerprint technology is one such technology which is quite common in today’s era and it starts first with the IT industry. Fingerprint starts the concept of biometrics . Today many companies are adopting the biometric security as a finger print scanner for the attendance of their employees . Biometric device keeps the record of the person in terms of their entry and exit in the company .
Facial Recognisition:- Facial recognition is the most conceptual technique of biometric identification. The method of distinguishing one individual from another is an ability of mostly every human beign.
The facial recognition systems usually use only the gray-scale information. Colors can be used as a aid in locating the face in the image only. The lighting conditions required are mainly dependent on the value of the camera used. In poor light condition, individual features may not be easily visible to the person. There subsist even infrared cameras that can be manipulated with the laser light and can be used with facial recognition systems adapter. Most of facial recognition systems generally require the user to maintain a precise distance from the camera and look front i.e (camera lens) at the camera. This ensures that the captured picture of the face is within a definite size tolerance and keeps the features (e.g. portion of eyes) in as similar position each time as possible.
Retina Scan :-Retina scan is based on the blood vessel prototype in the retina of the eye. Retina scan technology is far older than the iris scan technology that also uses a small part of the eye. A retina scan produces at least the same amount of data as that of a fingerprint image. Thus its discrimination rate is sufficient not only for confirmation purpose, but also for detection purpose. In the practical purpose, Retina scan is suitable for applications where the high protection is suitably required and the user’s acceptance is generally not a major aspect. Retina scan systems are used in many countries prisons to prove the prisoners when they were about to get released. The check of the eye aliveness is usually not of a significant concern as the method of obtaining the retina blood vessel pattern is rather complicated and requires an operator to manage .
Voice Authentication :-Voice authentication is exceptional and non disturbing method available in biometric security. Also the hardware requirements required for this type of authentication are cheap and can be observed readily. Microphones can be used for this purpose.
Generally the back ground noise must be prescribed, high
storage is required for this kind of authentication. This type of authentication can also be extraneously inclined by once sore throat and cold.[4]
Facial Scan :- Facial Scan is one type of scan in which some part of the face is scan in the system .One major advantage is that facial-scan technology is the only biometric capable of identification a distance without subject complicity or awareness measure. Another advantage of facial-scan technology is the fact that stationary images can be used to enroll a subject. [5]
Keystroke Dynamics :- Keystroke dynamics is a platform of verifying the identity of an person by uniquely identifying their typing rhythm which can make up with trained typists as well as the amateur two-finger typist. Systems can verify the user at the log-on stage or they can constantly monitor the typist with his/her writing techniques. These systems should be cheap to install as all that is needed is a software package.
V. PROPOSED SCHEMA IN CLOUD
Multi finger security model is a method or a technique where users, during registration can register with three finger templates of user’s choice and assign a single digit unique number for each of these three fingers. These recorded images are encrypted using Elliptical algorithm technique and is stored at the service provider’s section /coloum. The encryption algorithm is applied at three levels .
• Finger print scanner
• Three single digit unique numbers
• Mapping of the number to the other images
The new model can be evaluated at three phases namely
1. Enrollment phase
2. Access phase
3. Matching phase
VI. CONCLUSION AND FUTURE WORK
Even if the precision of the biometric techniques is not perfect till now, there are many mature biometric systems available now, in order to compete against the previous systems. Proper design and implementation of the biometric system can indeed a increase for overall security, especially the smartcard based solutions seem to be very promising in the near future. There are many numerous conditions that must be taken in account when designing a secure biometric system. First, it is necessary to realize that biometrics are not a secrets. This implies that biometric measurements cannot be used as a capability tokens and it is not secure to generate any cryptographic keys from them. Second, it is necessary to trust the input device and make the communication link protected and stronger. Third, the input device needs to check the liveness of the person being measured at a specific time and the device itself should be confirmed for example by a challenge-response method. In summary, as Biometrics allow for increased security ,convenience we can say that fused biometric authentication system can be stated as a novel solution for authenticating users on cloud computing ,which can be provided as service on cloud and can be worn or swear as a single sign on. Thus this research work brings about a new security model where three finger prints constitute an authentication and therefore defines Biometric Security .