Advertisement

Securing Cloud Storage by Transparent Biometric Cryptography

  • Leith AbedEmail author
  • Nathan Clarke
  • Bogdan Ghita
  • Abdulrahman Alruban
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11359)

Abstract

With the capability of storing huge volumes of data over the Internet, cloud storage has become a popular and desirable service for individuals and enterprises. The security issues, nevertheless, have been the intense debate within the cloud community. Given weak passwords, malicious attacks have been happened across a variety of well-known storage services (e.g. Dropbox and Google Drive) – resulting in loss the confidentiality. Although today’s use of third-party cryptographic applications can independently encrypt data, it is arguably cumbersome to manually cipher/decipher each file and administer many keys. Biometric key generation can produce robust keys replacing the need to recall them. However, it still poses usability issues in terms of having to present biometric credentials each time a file needs to be encrypted/decrypted. Transparent biometrics seeks to eliminate the explicit interaction for verification and thereby remove the user inconvenience. This paper investigates the feasibility of key generation on the fly via transparent modalities including fingerprint, face and keystrokes. Sets of experiments using functional datasets reflecting a transparent fashion are conducted to determine the reliability of creating a 256-bit key via pattern classification. Practically, the proposed approach needs to create the correct key once a minute. In view of collecting numerous samples transparently, it is possible then to trade-off the false rejection against the false acceptance to tackle the high error. Accordingly, the average FAR was 0.9%, 0.02%, and 0.06% for fingerprint, face, and keystrokes respectively.

Keywords

Cloud storage Biometric key generation Transparent biometric 

References

  1. 1.
    Kumar, N., Kushwaha, S.K., Kumar, A.: Cloud computing services and its application. Adv. Electron. Electric Eng. 4, 107–112 (2011)Google Scholar
  2. 2.
    Columbus, L.: Roundup of cloud computing forecasts and market estimates, 2016. Forbes (2016)Google Scholar
  3. 3.
    Phillipson, C.: Cloud storage for business: 37 cloud experts reveal the top cloud storage mistakes they see companies make. http://www.docurated.com/all-things-productivity
  4. 4.
    Gildred, J.: Dropbox vs Google Drive: the Battle of the Titans, 30 August 2018. https://www.cloudwards.net/dropbox-vs-google-drive/
  5. 5.
    Behl, A., Behl, K.: An analysis of cloud computing security issues, pp. 109–114 (2012)Google Scholar
  6. 6.
    Galibus, T., Krasnoproshin, V.V., de Oliveira Albuquerque, R., de Freitas, E.P.: Elements of Cloud Storage Security Concepts, Designs and Optimized Practices (2016). https://www.researchgate.net/CrossRefGoogle Scholar
  7. 7.
    Azam, A.S.M., Johnsson, M.: Mobile One Time Passwords and RC4 Encryption for Cloud Computing (2011)Google Scholar
  8. 8.
    Uludag, U., Pankanti, S., Prabhakar, S., Jain, A.K.: Biometric cryptosystems: issues and challenges. Proc. IEEE 92(6), 948–960 (2004)CrossRefGoogle Scholar
  9. 9.
    Kovach, S.: Nearly 7 Million Dropbox Passwords Have Been Hacked, 8 May 2015. http://www.businessinsider.com/
  10. 10.
    Vonnie: 5 million gmail passwords leaked today Here are 4 actions you need to take, 31 May 2015. http://www.fixedbyvonnie.com/
  11. 11.
    How to encrypt your files before uploading to Cloud Storage using CloudFogger, 5 May 2016. http://thehackernews.com/
  12. 12.
    Kanade, S., Petrovska-Delacrétaz, D., Dorizzi, B.: Multi-biometrics based cryptographic key regeneration scheme, pp. 1–7 (2009)Google Scholar
  13. 13.
    Clarke, N.: Transparent User Authentication: Biometrics. RFID and Behavioural Profiling. Springer, London (2011).  https://doi.org/10.1007/978-0-85729-805-8CrossRefGoogle Scholar
  14. 14.
    Rathgeb, C., Uhl, A.: A survey on biometric cryptosystems and cancelable biometrics. EURASIP J. Inf. Secur. 2011(1), 1 (2011)CrossRefGoogle Scholar
  15. 15.
    Kanade, S., Camara, D., Krichen, E., Petrovska-Delacrétaz, D., Dorizzi, B.: Three factor scheme for biometric-based cryptographic key regeneration using iris, pp. 59–64 (2008)Google Scholar
  16. 16.
    Jain, K., Nandakumar, K., Nagar, A.: Biometric template security. EURASIP J. Adv. Sig. Process. 2008, 113 (2008)Google Scholar
  17. 17.
    Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 523–540. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-24676-3_31CrossRefGoogle Scholar
  18. 18.
    Kanade, S., Camara, D., Petrovska-Delacrtaz, D., Dorizzi, B.: Application of biometrics to obtain high entropy cryptographic keys. World Acad. Sci. Eng. Tech. 52, 330 (2009)Google Scholar
  19. 19.
    Sutcu, Y., Li, Q., Memon, N.: Secure biometric templates from fingerprint-face features, pp. 1–6 (2007)Google Scholar
  20. 20.
    Li, P., Yang, X., Qiao, H., Cao, K., Liu, E., Tian, J.: An effective biometric cryptosystem combining fingerprints with error correction codes. Expert Syst. Appl. 39(7), 6562–6574 (2012)CrossRefGoogle Scholar
  21. 21.
    Feng, Y.C., Yuen, P.C.: Binary discriminant analysis for generating binary face template. IEEE Trans. Inf. Forensics Secur. 7(2), 613–624 (2012)CrossRefGoogle Scholar
  22. 22.
    Sutcu, Y., Rane, S., Yedidia, J.S., Draper, S.C., Vetro, A.: Feature transformation of biometric templates for secure biometric systems based on error correcting codes, pp. 1–6 (2008)Google Scholar
  23. 23.
    Chang, T.-Y.: Dynamically generate a long-lived private key based on password keystroke features and neural network. Inf. Sci. 211, 36–47 (2012)CrossRefGoogle Scholar
  24. 24.
    Yin, Y., Liu, L., Sun, X.: SDUMLA-HMT: a multimodal biometric database. In: Sun, Z., Lai, J., Chen, X., Tan, T. (eds.) CCBR 2011. LNCS, vol. 7098, pp. 260–268. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-25449-9_33CrossRefGoogle Scholar
  25. 25.
    Giot, R., El-Abed, M., Rosenberger, C.: Greyc keystroke: a benchmark for keystroke dynamics biometric systems, pp. 1–6 (2009)Google Scholar
  26. 26.
    Monrose, F., Rubin, A.D.: Keystroke dynamics as a biometric for authentication. Future Gener. Comput. Syst. 16(4), 351–359 (2000)CrossRefGoogle Scholar
  27. 27.
    Mohammadzade, H., Sayyafan, A., Ghojogh, B.: Pixel-level alignment of facial images for high accuracy recognition using ensemble of patches. JOSA A 35(7), 1149–1159 (2018)CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Leith Abed
    • 1
    • 2
    Email author
  • Nathan Clarke
    • 1
    • 3
  • Bogdan Ghita
    • 1
  • Abdulrahman Alruban
    • 1
    • 4
  1. 1.School of Computing, Electronics and MathematicsPlymouthUK
  2. 2.Middle Technical UniversityBaghdadIraq
  3. 3.Security Research InstituteEdith Cowan UniversityPerthAustralia
  4. 4.Computer Sciences and Information Technology CollegeMajmaah UniversityMajmaahSaudi Arabia

Personalised recommendations