Biometric Authentication and Data Security in Cloud Computing



Two important topics related to the cloud security are discussed in this chapter: the authentication of logical users accessing the cloud, and the security of data stored on public cloud servers. A real cloud platform is used as example; it is designed and implemented to support basic web applications, and to be shared by small and medium companies. Such platform is built using the OpenStack architecture. The user authentication is based on an original biometric approach exploiting fingerprints and open to multimodal improvements. The platform guarantees secure access of multiple users and complete logical separation of computational and data resources, related to different companies. High level of protection of the data, stored in the cloud, is ensured by adopting a peculiar data fragmentation approach.

Details are given about the authentication process and of the service modules involved in the biometric authentication. Furthermore are discussed the key issues, related to the integration of the biometric authentication, in the cloud platform.


  1. 1.
    Srinavasin, M. K., et al. (2012). State of the art cloud computing security taxonomies: A classification of security challenges in the present cloud computing environment. In ICACCI 2012 proceedings of the international conference on advances in computing, communications and informatics (pp. 470–476). ACM.Google Scholar
  2. 2.
    Zissis, D., & Lekkas, D. (2012). Addressing cloud computing security issues. Future Generation Computer Systems, 28(3), 583–592.CrossRefGoogle Scholar
  3. 3.
    Subashini, S., & Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing. Journal of Network and Computer Applications, 34(1), 1–11.CrossRefGoogle Scholar
  4. 4.
    Nelson, C., & Teller, T. (2016). Cloud attacks illustrated: Insights from the cloud provider. In RSA conference, February 29, 2016–March 4, 2016. Moscone Center San Francisco.Google Scholar
  5. 5.
    Skokowski, P. (2014). Lessons from Apple iCloud Data Leak. CSA–Cloud Security Alliance Industry Blog [Online].
  6. 6.
    Gonsalves, A. (2013). Data leakage risk rises with cloud storage services. Computer world Hong Kong [Online].
  7. 7.
    Konstantas, J. (2011). What does the Sony PlayStation network breach teach us about cloud security? Security week [Online].
  8. 8.
    Sotto, L. J., Treacy, B. C., & McLellan, M. L. (2010). Privacy and data security risks in cloud computing. World Communications Regulation Report, 5(2), 38.Google Scholar
  9. 9.
    European Commission (2012). Exploiting the potential of cloud computing in Europe, September 27, 2012 [Online]. Available:
  10. 10.
    Yinqian Zhang, M. K. (2012). Cross-VM side channels and their use to extract private keys. In CCS’12. Raleigh, North Carolina, USA.Google Scholar
  11. 11.
    NIST (2013). NIST Cloud Computing Standards Roadmap. NISTGoogle Scholar
  12. 12.
    Ross, A. A., Nandakumar, K., & Jain, A. K. (2006). Handbook of multibiometrics (Vol. 6). Berlin: Springer.Google Scholar
  13. 13.
    Vielhauer, C. (2005). Biometric user authentication for IT security: From fundamentals to handwriting (advances in information security) (Vol. 18). New York: Springer.Google Scholar
  14. 14.
    Ratha, N. K., Connell, J. H., & Bolle, R. M. (2001). Enhancing security and privacy in biometrics-based authentication systems. IBM Systems Journal, 40(3), 614–634. Chicago.CrossRefGoogle Scholar
  15. 15.
    Juels, A., & Sudan M. (2002). A fuzzy vault scheme. In Proceedings of the 2002 IEEE international symposium on information theory (p. 408). IEEE.Google Scholar
  16. 16.
    Soutar, C., Roberge, D., Stoianov, A., Gilroy, R., & Kumar, B. V. (1998). Biometric encryption using image processing. In van Renesse, R. L. (Ed.), Proceedings of the SPIE, optical security and counterfeit deterrence techniques II (Vol. 3314, p. 178U188).Google Scholar
  17. 17.
    Ratha, N. K., Connell, J. H., & Bolle, R. M. (2001). Enhancing security and privacy of biometric-based authentication systems. IBM Systems Journal, 40, 614–634.CrossRefGoogle Scholar
  18. 18.
    Linnartz, J.-P., & Tuyls, P. (2003). New shielding functions to enhance privacy and prevent misuse of biometric templates. In Proceedings of the 4th international conference on Audio- and video-based biometric person authentication (AVBPA’03) (pp. 393–402). Springer.Google Scholar
  19. 19.
    Chang, Y., Zhang, W., & Chen, T. (2004). Biometrics-based cryptographic key generation. In Proceedings of the IEEE international conference on multimedia and expo (ICME ‘04) (pp. 2203–2206). IEEE Computer Society.Google Scholar
  20. 20.
    Chen, C., Veldhuis, R., Kevenaar, T., & Akkermans, A. (2007). Multibits biometric string generation based on the likelyhood ratio. In Proceedings of the IEEE conference on biometrics: Theory, applications and systems (BTAS ‘07) (pp. 1–6). IEEE Computer Society.Google Scholar
  21. 21.
    Juels, A., & Wattenberg, M. (1999). A fuzzy commitment scheme. In Proceedings of the 6th ACM conference on computer and communication security (pp. 28–36). ACM.Google Scholar
  22. 22.
    Martini, U., & Beinlich, S. (2003). Virtual PIN: Biometric encryption using coding theory. In Brömme, A., & Busch, C. (Eds.), BIOSIG 2003: Biometrics and electronic signatures, ser. Lecture notes in informatics (Vol. 31, pp. 91–99). Gesellschaft fur Informatik.Google Scholar
  23. 23.
    Masala, G. L, Ruiu P, Brunetti A, Terzo O, & Grosso E (2015). Biometric authentication and data security in cloud computing. In Proceeding of the international conference on security and management (SAM). The Steering Committee of The World Congress in Computer Science (p. 9). Computer Engineering and Applied Computing (WorldComp).Google Scholar
  24. 24.
    Ruiu, P., Caragnano, G., Masala, G. L., & Grosso, E. (2016). Accessing cloud services through biometrics authentication on proceedings of the international conference on complex, intelligent, and software intensive systems (CISIS-2016), July 6–8, 2016. Japan: Fukuoka Institute of Technology (FIT).Google Scholar
  25. 25.
    Maltoni, D., Maio, D., Jain, A., & Prabhakar, S. (2009). Handbook of fingerprint recognition (2nd ed.). Berlin: Springer.CrossRefzbMATHGoogle Scholar
  26. 26.
    OpenStack. OpenStack cloud administrator guide [Online]. Available
  27. 27.
    Aggarwal, G., Bawa, M., Ganesan, P., Garcia-Molina, H., Kenthapadi, K., Motwani, R., Srivastava, U., Thomas, D., & Xu, Y.. Two can keep a secret: A distributed architecture for secure database services. In: Proceeding of the 2nd conference on innovative data systems research (CIDR). Asilomar, California, USA.Google Scholar
  28. 28.
    Ciriani, V., Di Vimercati, S. D. C., Foresti, S., Jajodia, S., Paraboschi, S., & Samarati, P. (2007). Fragmentation and encryption to enforce privacy in data storage. In European symposium on research in computer security (pp. 171–186). Berlin, Heidelberg: Springer.Google Scholar
  29. 29.
    Damiani, E., De Capitani, S., di Vimercati, S., Jajodia, S., Paraboschi, S., & Samarati, P. (2003). Balancing confidentiality and efficiency in untrusted relational DBMSs. In: CCS03 proceeding of the 10th ACM conference on computer and communications security, Washington, DC, USA, October 2003. New York: ACM Press.Google Scholar
  30. 30.
    Hacigümüs, H., Iyer, B., & Mehrotra, S. (2002). Providing database as a service. In ICDE’02 proceedings of the 18th international conference on data engineering, San Jose, California, USA. Los Alamitos, California: IEEE Computer Society.Google Scholar
  31. 31.
    Lowe, D. (1999). Object recognition from local scale-invariant features. In International conference on computer vision and pattern recognition (pp. 1150–1157).Google Scholar
  32. 32.
    Lowe, D. (2004). Distinctive image features from scale-invariant keypoints. International Journal of Computer Vision, 60(2), 91–110.CrossRefGoogle Scholar
  33. 33.
    Lowe, D. (2001). Local feature view clustering for 3d object recognition. In IEEE conference on computer vision and pattern recognition (pp. 682–688).Google Scholar
  34. 34.
    Bicego, M., Lagorio, A., Grosso, E., & Tistarelli, M. (2006). On the use of SIFT features for face authentication. In CVPRW'06 Conference on computer vision and pattern recognition workshop (pp. 35–35). IEEE.Google Scholar
  35. 35.
    Ke, Y., & Sukthankar, R. (2004). PCA-SIFT: A more distinctive representation for local image descriptors. In IEEE conference on computer vision and pattern recognition.Google Scholar
  36. 36.
    Heusch, G., Rodriguez, Y., & Marcel, S. (2005). Local binary patterns as an image preprocessing for face authentication. IDIAP-RR 76, IDIAP.Google Scholar
  37. 37.
    Zhang, G., Huang, X., Li, S., Wang, Y., & Wu, X. (2004). Boosting local binary pattern (lbp)-based face recognition. In L. 3338, SINOBIOMETRICS (pp. 179–186). Springer.Google Scholar
  38. 38.
    Fierrez, J., Galbally, J., Ortega-Garcia, J., et al. (2010). BiosecurID: A multimodal biometric database. Pattern Analysis and Applications, 13, 235.MathSciNetCrossRefGoogle Scholar
  39. 39.
    Placek, M., & Buyya, R. (2006). The University of Melbourne, a taxonomy of distributed storage systems. Reporte Técnico, Universidad de Melbourne, Laboratorio de Sistemas Distribuidos y Cómputo Grid.Google Scholar
  40. 40.
    Assunção, M. D., Calheiros, R. N., Bianchi, S., Netto, M. A., & Buyya, R. (2015). Big Data computing and clouds: Trends and future directions. Journal of Parallel and Distributed Computing, 79, 3–15.CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2018

Authors and Affiliations

  1. 1.School of Computing, Electronics and MathematicsPlymouth UniversityPlymouthUK
  2. 2.Istituto Superiore Mario Boella (ISMB)TorinoItaly
  3. 3.Department POLCOMINGUniversity of SassariSassariItaly

Personalised recommendations