20-10-2016, 10:30 AM
1460028111-ImplementationofBEBAprotocolforcolossalsecurityincloudenvironment.doc (Size: 382.5 KB / Downloads: 13)
Abstract
Cloud is the emerging and thirst area of research and advantageous in all the fields. But security is the major concern for not adopting cloud for every application. Most of the security issues are related to authentication and data protection with the reference to cloud security alliance (CSA). The Proposed BEBA (Biometric encryption and Biometric authentication) protocol will almost overcome all the security issues in cloud environment. In BEBA protocol biometric encryption has been provided for the cloud consumer’s valuable data and biometric authentication has been used in a novel way to reduce the issues related to authentication and authorization. By implementing such method will vanish out the untrustedness of adopting cloud, specifically public and hybrid clouds. Since all the users data have been stored in off premise. Adopting this protocol has given great results when comparing with existing work.
Introduction
Cloud computing has been the future of computing with plenty of advantages. Even though it has some lag in security so it has not been adopted by every industry. Has stated in NIST cloud reference architecture it has four deployment models (public, private, community and hybrid) and three service models (SAAS, PAAS, IAAS)1,2.
The public and hybrid clouds are the major models where the cloud consumers are afraid of storing their personal data. Since all the data have been stored and used in off premises without the knowledge of consumer . At the same time SAAS and IAAS are the services which are more vulnerable because cloud consumers data has been stored, used and manipulated.
Has stated in notorious nine the article published by cloud security alliance(CSA) in 2013, Nine major problems affects the trust of using cloud in which most of the problems are happening by lack of authentication3. If authentication and identity management has been properly used, then data leakage, date breaches, identity theft, unauthorized access, data modification and denial of service can be reduced drastically.
Biometric authentication is one of the best authentication mechanisms in which no need to possess anything and no need to remember anything but gives greater security4. Biometric authentication is also a problem when the biometric templates have not been stated and used securely. As stated in An innovative proposal for secure cloud authentication using encrypted biometric authentication scheme gives how to protect biometric templates using different types of encryption schemes5. If the template is secured then no one can compromise the biometric authentication module so it will increase the security of cloud environment6.
In this paper along with biometric authentication, biometric encryption have been used in the presence of cloud auditor. And the data protection key have been safe guarded by using biometric template. Such innovative method will change the vision about cloud environment and increase the number of consumers for using cloud environment.
Existing work
The reasons for the lack of trust against cloud is transparent access of data i remote locations and unauthorized usage of data. In order to overcome such problems lots and lots of literature surveys have been reviewed fro that many more encryption methodologies have been adopted to protected data storage in cloud and accessed in cloud10,11. Specifically in public and hybrid cloud the valuable data has been processed in off premise. For authentication and authorization already we have user names and passwords RFID cards barcode readers, phone and email messages and one time passwords, even biometrics is also there for authentication without possessing anything and remembering anything. But template security is the major issue in biometrics12,13.
In existing work cloud data have been protected by means of many types of encryption algorithms but key safety is the major concern since it has been passed in a un trusted network.
Proposed work
The proposed work has been separated into four different parts i) Template protection by public key encryption ii) Template protection by private key encryption iii) key safety by encrypting with template data as key iv) Encrypting consumers data with protected key. Our proposed methodology is suitable for both single and multi cloud since it is a door step to access cloud and secured data storage in cloud. Cloud auditor plays a vital role in comparing the biometric template and release of key and accessing of key.
In our proposed BEBA protocol we have used biometric finger print for authentication but it can be extended to any type of biometrics. The first two parts of proposed work that is i)Template protection by public key encryption ii) Template protection by private key encryption have been broadly classified into two levels based upon their usage i) Enrolment ii) Authentication
In the enrolment level the cloud consumer has to give their finger print from that features are extracted and converted into template data. This template data is encrypted by public key encryption(RSA)7,8 with the key provided by cloud authentication server. Then encrypted key is forwarded to cloud authentication server where is decrypted and again encrypted by private key encryption(AES) and then stored in a cloud data base14
Data Protection
The key(Kd) which is used to encrypt the cloud consumers data will encrypted by finger print template as key(Kk)16. After the authentication is completed the key (Kd) which has been decrypted(3DES)18 by finger print template as key(Kk). Then cloud consumers valuable data will be encrypted by blowfish algorithm with the key Kd17.
Implementation
The above discussed BEBA protocol have been implemented and all the experiments were done on an Intel Pentium dual core processor, with 2GB RAM and 160GB hard disk. In the software requirements wise windows XP operating system has been used. For front end designing purpose Visual studio 2008, and for back end data storage purpose MySQL 5.0 has been used. The development language Java has been used. For RSA,AES, 3DES,and Blowfish We used open source software codes from internet. For test data we used Biometrics ideal test website with the URL of http://biometrics.idealtest.org19. For cloud hosting layer shift(www.layershift.com) free cloud storage have been used with 15 days validity. In this implementation we have succeeded with the all parameters like template protection, user privacy, security, trust between client and server, cloud data protection , cloud authentication etc.
This result analysis has two portions one is false acceptance rate which gives falsely accepting invalid user.And another one is false rejection rate which gives falsely rejecting valid user. In both the results we have tested hunred different fingerprints in eight different iterations in which we got improved results when comparing with the existing work.This result indicates the proposed work improves the security along with reduces false acceptance rate and false rejection rate.
Conclusion
The above said BEBA protocol uses four different types of encryption algorithms each has some unique features based upon the place where it has been used. By implementing BEBA protocol the trust of cloud usage will be increased drastically. Though the authentication is very much secure enough it reduces identity theft, un authorized access, Denial of service etc. And Data breaches and data protection is maintained by Encryption with double protected key usage. And also Security, Privacy of data will be protected.
Future Work
In future the same work can be carried out with differennt biometrics ,since we used finger print with different encryption algorithms and more number of cloud servers. The levels of key encryption can also be increased if we need greater security.