Abstract
With the capability of storing huge volumes of data over the Internet, cloud storage has become a popular and desirable service for individuals and enterprises. The security issues, nevertheless, have been the intense debate within the cloud community. Given weak passwords, malicious attacks have been happened across a variety of well-known storage services (e.g. Dropbox and Google Drive) – resulting in loss the confidentiality. Although today’s use of third-party cryptographic applications can independently encrypt data, it is arguably cumbersome to manually cipher/decipher each file and administer many keys. Biometric key generation can produce robust keys replacing the need to recall them. However, it still poses usability issues in terms of having to present biometric credentials each time a file needs to be encrypted/decrypted. Transparent biometrics seeks to eliminate the explicit interaction for verification and thereby remove the user inconvenience. This paper investigates the feasibility of key generation on the fly via transparent modalities including fingerprint, face and keystrokes. Sets of experiments using functional datasets reflecting a transparent fashion are conducted to determine the reliability of creating a 256-bit key via pattern classification. Practically, the proposed approach needs to create the correct key once a minute. In view of collecting numerous samples transparently, it is possible then to trade-off the false rejection against the false acceptance to tackle the high error. Accordingly, the average FAR was 0.9%, 0.02%, and 0.06% for fingerprint, face, and keystrokes respectively.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Kumar, N., Kushwaha, S.K., Kumar, A.: Cloud computing services and its application. Adv. Electron. Electric Eng. 4, 107–112 (2011)
Columbus, L.: Roundup of cloud computing forecasts and market estimates, 2016. Forbes (2016)
Phillipson, C.: Cloud storage for business: 37 cloud experts reveal the top cloud storage mistakes they see companies make. http://www.docurated.com/all-things-productivity
Gildred, J.: Dropbox vs Google Drive: the Battle of the Titans, 30 August 2018. https://www.cloudwards.net/dropbox-vs-google-drive/
Behl, A., Behl, K.: An analysis of cloud computing security issues, pp. 109–114 (2012)
Galibus, T., Krasnoproshin, V.V., de Oliveira Albuquerque, R., de Freitas, E.P.: Elements of Cloud Storage Security Concepts, Designs and Optimized Practices (2016). https://www.researchgate.net/
Azam, A.S.M., Johnsson, M.: Mobile One Time Passwords and RC4 Encryption for Cloud Computing (2011)
Uludag, U., Pankanti, S., Prabhakar, S., Jain, A.K.: Biometric cryptosystems: issues and challenges. Proc. IEEE 92(6), 948–960 (2004)
Kovach, S.: Nearly 7 Million Dropbox Passwords Have Been Hacked, 8 May 2015. http://www.businessinsider.com/
Vonnie: 5 million gmail passwords leaked today Here are 4 actions you need to take, 31 May 2015. http://www.fixedbyvonnie.com/
How to encrypt your files before uploading to Cloud Storage using CloudFogger, 5 May 2016. http://thehackernews.com/
Kanade, S., Petrovska-Delacrétaz, D., Dorizzi, B.: Multi-biometrics based cryptographic key regeneration scheme, pp. 1–7 (2009)
Clarke, N.: Transparent User Authentication: Biometrics. RFID and Behavioural Profiling. Springer, London (2011). https://doi.org/10.1007/978-0-85729-805-8
Rathgeb, C., Uhl, A.: A survey on biometric cryptosystems and cancelable biometrics. EURASIP J. Inf. Secur. 2011(1), 1 (2011)
Kanade, S., Camara, D., Krichen, E., Petrovska-Delacrétaz, D., Dorizzi, B.: Three factor scheme for biometric-based cryptographic key regeneration using iris, pp. 59–64 (2008)
Jain, K., Nandakumar, K., Nagar, A.: Biometric template security. EURASIP J. Adv. Sig. Process. 2008, 113 (2008)
Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 523–540. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24676-3_31
Kanade, S., Camara, D., Petrovska-Delacrtaz, D., Dorizzi, B.: Application of biometrics to obtain high entropy cryptographic keys. World Acad. Sci. Eng. Tech. 52, 330 (2009)
Sutcu, Y., Li, Q., Memon, N.: Secure biometric templates from fingerprint-face features, pp. 1–6 (2007)
Li, P., Yang, X., Qiao, H., Cao, K., Liu, E., Tian, J.: An effective biometric cryptosystem combining fingerprints with error correction codes. Expert Syst. Appl. 39(7), 6562–6574 (2012)
Feng, Y.C., Yuen, P.C.: Binary discriminant analysis for generating binary face template. IEEE Trans. Inf. Forensics Secur. 7(2), 613–624 (2012)
Sutcu, Y., Rane, S., Yedidia, J.S., Draper, S.C., Vetro, A.: Feature transformation of biometric templates for secure biometric systems based on error correcting codes, pp. 1–6 (2008)
Chang, T.-Y.: Dynamically generate a long-lived private key based on password keystroke features and neural network. Inf. Sci. 211, 36–47 (2012)
Yin, Y., Liu, L., Sun, X.: SDUMLA-HMT: a multimodal biometric database. In: Sun, Z., Lai, J., Chen, X., Tan, T. (eds.) CCBR 2011. LNCS, vol. 7098, pp. 260–268. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25449-9_33
Giot, R., El-Abed, M., Rosenberger, C.: Greyc keystroke: a benchmark for keystroke dynamics biometric systems, pp. 1–6 (2009)
Monrose, F., Rubin, A.D.: Keystroke dynamics as a biometric for authentication. Future Gener. Comput. Syst. 16(4), 351–359 (2000)
Mohammadzade, H., Sayyafan, A., Ghojogh, B.: Pixel-level alignment of facial images for high accuracy recognition using ensemble of patches. JOSA A 35(7), 1149–1159 (2018)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Abed, L., Clarke, N., Ghita, B., Alruban, A. (2019). Securing Cloud Storage by Transparent Biometric Cryptography. In: Lanet, JL., Toma, C. (eds) Innovative Security Solutions for Information Technology and Communications. SECITC 2018. Lecture Notes in Computer Science(), vol 11359. Springer, Cham. https://doi.org/10.1007/978-3-030-12942-2_9
Download citation
DOI: https://doi.org/10.1007/978-3-030-12942-2_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-12941-5
Online ISBN: 978-3-030-12942-2
eBook Packages: Computer ScienceComputer Science (R0)