Securing Cloud Storage by Transparent Biometric Cryptography

With the capability of storing huge volumes of data over the Internet, cloud storage has become a popular and desirable service for individuals and enterprises. The security issues, nevertheless, have been the intense debate within the cloud community. Significant attacks can be taken place, the most common being guessing the (poor) passwords. Given weaknesses with verification credentials, malicious attacks have happened across a variety of well-known storage services (i.e. Dropbox and Google Drive) – resulting in loss the privacy and confidentiality of files. Whilst today's use of third-party cryptographic applications can independently encrypt data, it arguably places a significant burden upon the user in terms of manually ciphering/deciphering each file and administering numerous keys in addition to the login password. The field of biometric cryptography applies biometric modalities within cryptography to produce robust bio-crypto keys without having to remember them. There are, nonetheless, still specific flaws associated with the security of the established bio-crypto key and its usability. Users currently should present their biometric modalities intrusively each time a file needs to be encrypted/decrypted – thus leading to cumbersomeness and inconvenience while throughout usage. Transparent biometrics seeks to eliminate the explicit interaction for verification and thereby remove the user inconvenience. However, the application of transparent biometric within bio-cryptography can increase the variability of the biometric sample leading to further challenges on reproducing the bio-crypto key. An innovative bio-cryptographic approach is developed to non-intrusively encrypt/decrypt data by a bio-crypto key established from transparent biometrics on the fly without storing it somewhere using a backpropagation neural network. This approach seeks to handle the shortcomings of the password login, and concurrently removes the usability issues of the third-party cryptographic applications – thus enabling a more secure and usable user-oriented level of encryption to reinforce the security controls within cloud-based storage. The challenge represents the ability of the innovative bio-cryptographic approach to generate a reproducible bio-crypto key by selective transparent biometric modalities including fingerprint, face and keystrokes which are inherently noisier than their traditional counterparts. Accordingly, sets of experiments using functional and practical datasets reflecting a transparent and unconstrained sample collection are conducted to determine the reliability of creating a non-intrusive and repeatable bio-crypto key of a 256-bit length. With numerous samples being acquired in a non-intrusive fashion, the system would be spontaneously able to capture 6 samples within minute window of time. There is a possibility then to trade-off the false rejection against the false acceptance to tackle the high error, as long as the correct key can be generated via at least one successful sample. As such, the experiments demonstrate that a correct key can be generated to the genuine user once a minute and the average FAR was 0.9%, 0.06%, and 0.06% for fingerprint, face, and keystrokes respectively. For further reinforcing the effectiveness of the key generation approach, other sets of experiments are also implemented to determine what impact the multibiometric approach would have upon the performance at the feature phase versus the matching phase. Holistically, the multibiometric key generation approach demonstrates the superiority in generating the bio-crypto key of a 256-bit in comparison with the single biometric approach. In particular, the feature-level fusion outperforms the matching-level fusion at producing the valid correct key with limited illegitimacy attempts in compromising it – 0.02% FAR rate overall. Accordingly, the thesis proposes an innovative bio-cryptosystem architecture by which cloud-independent encryption is provided to protect the users' personal data in a more reliable and usable fashion using non-intrusive multimodal biometrics.Higher Committee of Education Development in Iraq (HCED

An improved Framework for Biometric Database’s privacy

Security and privacy are huge challenges in biometric systems. Biometrics are sensitive data that should be protected from any attacker and especially attackers targeting the confidentiality and integrity of biometric data. In this paper an extensive review of different physiological biometric techniques is provided. A comparative analysis of the various sus mentioned biometrics, including characteristics and properties is conducted. Qualitative and quantitative evaluation of the most relevant physiological biometrics is achieved. Furthermore, we propose a new framework for biometric database privacy. Our approach is based on the use of the promising fully homomorphic encryption technology. As a proof of concept, we establish an initial implementation of our security module using JAVA programming language

Region of interest extraction for biometric cryptosystem

Biometric technology is becoming more and more significant these days. Most of the application in store today are using biometric as a means of person authentication as it offer a convenient and easy way of authentication. Palm vein biometry is mostly used in many authentication system as it offer better security as veins are located on the subcutaneous layer of the skin and is impossible to be forged. However, there are still some issues in order to obtain high accuracy in palm vein authentication system such as some feature are not correctly extracted because of poor preprocessing process. Poor preprocessing process will produce weak keys for authentication purpose. Therefore, this paper proposed a hybrid of Gabor filter and maximum inscribe circle to obtain better region of interest for feature extraction as well as improving the accuracy of the authentication system

Certificateless Digital Signature Technology for e-Governance Solutions

. In spite of the fact that digital signing is an essential requirement for implementation of e-governance solutions in any organization, its use in large scale Government ICT implementation is negligible in India. In order to understand the reasons for low-level acceptance of the technology, authors performed a detailed study of a famous e-governance initiative of India. The outcome of the study revealed that the reasons are related to the challenges concerning the use of cryptographic devices carrying private key and the complicated process of generation, maintenance and disposal of Digital Signature Certificates (DSC).The solution, for the challenges understood from the case study, required implementation of a certificateless technology where private keys should be generated as and when required rather than storing them on cryptographic devices. Although many solutions which provide certificateless technology exist, to date there have been no practical implementation for using biometrics for implementing the solution. This paper presents the first realistic architecture to implement Identity Based Cryptography with biometrics using RSA algorithm. The solution presented in the paper is capable of providing a certificateless digital signature technology to the users, where public and private keys are generated on-the-fly

Hardware Accelerator Approach Towards Efficient Biometric Cryptosystems for Network Security

Protecting data and its communication is a critical part of the modern network. The science of protecting data, known as cryptography, uses secret keys to encrypt data in a format that is not easily decipherable. However, most commonly secure logons for a workstation connected to a network use passwords to perform user authentication. These passwords are a weak link in the security chain, and are a common point of attack on cryptography schemes. One alternative to password usage for network security is to use a person’s physical characteristics to verify who the person is and unlock the data correspondingly. This study focuses on the Cambridge biometric cryptosystem, a system for performing user authentication based on a user’s iris data. The implementation of this system expanded from a single-core software-only system to a collaborative system consisting of a single core and a hardware accelerator. The experiment takes place on a Xilinx Zynq-7000 All Programmable SoC. Software implementation is performed on one of the embedded ARM A9 cores while hardware implementation makes use of the programmable logic. Our hardware acceleration produced a speedup of 2.2X while reducing energy usage to 47.5 % of its original value for the combined enrolment and verification process. These results are also compared to a many-core acceleration of the same system, providing an analysis of different acceleration methods

A. Eye Detection Using Varients of Hough Transform B. Off-Line Signature Verification

PART (A): EYE DETECTION USING VARIANTS OF HOUGH TRANSFORM: Broadly eye detection is the process of tracking the location of human eye in a face image. Previous approaches use complex techniques like neural network, Radial Basis Function networks, Multi-Layer Perceptrons etc. In the developed project human eye is modeled as a circle (iris; the black circular region of eye) enclosed inside an ellipse (eye-lashes). Due to the sudden intensity variations in the iris with respect the inner region of eye-lashes the probability of false acceptance is very less. Since the image taken is a face image the probability of false acceptance further reduces. Hough transform is used for circle (iris) and ellipse (eye-lash) detection. Hough transform was the obvious choice because of its resistance towards the holes in the boundary and noise present in the image. Image smoothing is done to reduce the presence of noise in the image further it makes the image better for further processing like edge detection (Prewitt method). Compared to the aforementioned models the proposed model is simple and efficient. The proposed model can further be improved by including various features like orientation angle of eye-lashes (which is assumed constant in the proposed model), and by making the parameters adaptive. PART (B): OFF-LINE SIGNATURE VERIFICATION: Hand-written signature is widely used for authentication and identification of individual. It has been the target for fraudulence ever since. A novel off-line signature verification algorithm has been developed and tested successfully. Since the hand-written signature can be random, because of presence of various curves and features, techniques like character recognition cannot be applied for signature verification. The proposed algorithm incorporates a soft-computing technique “CLUSTERING” for extraction of feature points from the image of the signature. These feature points or centers are updated using the clustering update equations for required number of times, then these acts as extracted feature points of the signature image. To avoid interpersonal variation 6 to 8 signature images of the same person are taken and feature points are trained. These trained feature points are compared with the test signature images and based on a specific threshold, the signature is declared original or forgery. This approach works well if there is a high variation in the original signature, but for signatures with low variation, it produces incorrect results

Development of a new cryptographic construct using palmprint-based fuzzy vault

2009-2010 > Academic research: refereed > Publication in refereed journalVersion of RecordPublishe

Naval Reserve support to information Operations Warfighting

Since the mid-1990s, the Fleet Information Warfare Center (FIWC) has led the Navy's Information Operations (IO) support to the Fleet. Within the FIWC manning structure, there are in total 36 officer and 84 enlisted Naval Reserve billets that are manned to approximately 75 percent and located in Norfolk and San Diego Naval Reserve Centers. These Naval Reserve Force personnel could provide support to FIWC far and above what they are now contributing specifically in the areas of Computer Network Operations, Psychological Operations, Military Deception and Civil Affairs. Historically personnel conducting IO were primarily reservists and civilians in uniform with regular military officers being by far the minority. The Naval Reserve Force has the personnel to provide skilled IO operators but the lack of an effective manning document and training plans is hindering their opportunity to enhance FIWC's capabilities in lull spectrum IO. This research investigates the skill requirements of personnel in IO to verify that the Naval Reserve Force has the talent base for IO support and the feasibility of their expanded use in IO.http://archive.org/details/navalreservesupp109451098