Secure Biometric-Based Authentication for Cloud Computing

  • Kok-Seng Wong
  • Myung Ho Kim
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 367)


Over the past several years, many companies have gained benefits from the implementation of cloud solutions within the organization. Due to the advantages such as flexibility, mobility, and costs saving, the number of cloud users is expected to grow rapidly. Consequently, organizations need a secure way to authenticate its users in order to ensure the functionality of their services and data stored in the cloud storages are managed in a private environment. In the current approaches, the user authentication in cloud computing is based on the credentials submitted by the user such as password, token and digital certificate. Unfortunately, these credentials can often be stolen, accidentally revealed or hard to remember. In view of this, we propose a biometric-based authentication protocol to support the user authentication for the cloud environment. Our solution can be used as the second factor for the cloud users to send their authentication requests. In our design, we incorporate several players (client, service agent and service provider) to collaborate together to perform the matching operation between the query feature vector and the biometric template of the user. In particular, we consider a distributed scenario where the biometric templates are stored in the cloud storage while the user authentication is performed without the leakage of any sensitive information.


Biometric-based Authentication Cloud Authentication System Privacy Preserving Squared Euclidean Distance Data Protection 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Mell, P., Grance, T.: The NIST Definition of Cloud Computing. National Instituite of Standards and Technology (2009)Google Scholar
  2. 2.
    Buyya, R., Yeo, C.S., Venugopal, S., Broberg, J., Brandic, I.: Cloud computing and emerging IT platforms: Vision, hype, and reality for delivering computing as the 5th utility. Future Gener. Comput. Syst. 25, 599–616 (2009)CrossRefGoogle Scholar
  3. 3.
    Neuman, B.C., Ts’o, T.: Kerberos: An Authentication Service for Open Network Systems. IEEE Communications 32, 33–38 (1994)CrossRefGoogle Scholar
  4. 4.
    Recordon, D., Reed, D.: OpenID 2.0: a platform for user-centric identity management. In: Proceedings of the Second ACM Workshop on Digital Identity Management, pp. 11–16. ACM, Alexandria (2006)CrossRefGoogle Scholar
  5. 5.
    Lenk, A., Klems, M., Nimis, J., Tai, S., Sandholm, T.: What’s inside the Cloud? An architectural map of the Cloud landscape. In: Proceedings of the 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing, pp. 23–31. IEEE Computer Society (2009)Google Scholar
  6. 6.
    Fiveash, K.: HP sells cloud vision amidst economic downpour. Will customers get soaked on transformation journeys? King’s College London (2008)Google Scholar
  7. 7.
    Senk, C., Dotzler, F.: Biometric Authentication as a Service for Enterprise Identity Management Deployment: A Data Protection Perspective. In: Sixth International Conference on Availability, Reliability and Security, Vienna Austria, pp. 43–50 (2011)Google Scholar
  8. 8.
    Convery, S.: Network Authentication, Authorization, and Accounting Part One: Concepts, Elements, and Approaches. The Internet Protocol Journal 10, 2–11 (2007)Google Scholar
  9. 9.
    Lloyd, B., Simpson, W.: PPP Authentication Protocols. RFC Editor (1992)Google Scholar
  10. 10.
    Simpson, W.: PPP Challenge Handshake Authentication Protocol (CHAP). RFC Editor (1996)Google Scholar
  11. 11.
    Canetti, R.: Universally Composable Signature, Certification, and Authentication. In: Proceedings of the 17th IEEE Workshop on Computer Security Foundations, p. 219. IEEE Computer Society (2004)Google Scholar
  12. 12.
    Haller, N.: The S/KEY One-Time Password System. In: Internet Society Symposium on Network and Distributed Systems, pp. 151–157 (1994)Google Scholar
  13. 13.
    Rubin, A.D.: Independent one-time passwords. In: Proceedings of the 5th Conference on USENIX UNIX Security Symposium, vol. 5, p. 15. USENIX Association, Salt Lake City (1995)Google Scholar
  14. 14.
    Brooks, C.: Amazon adds onetime password token to entice the wary. SearchCloudComputing (2009)Google Scholar
  15. 15.
  16. 16.
    Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2013

Authors and Affiliations

  • Kok-Seng Wong
    • 1
  • Myung Ho Kim
    • 1
  1. 1.School of Computer Science and EngineeringSoongsil UniversitySeoulKorea

Personalised recommendations