A Two Level-Security Model For Cloud Computing Based On The Biometric Features and Multi-Level Encryption
A Two Level-Security Model For Cloud Computing Based On The Biometric Features and Multi-Level Encryption
A Two Level-Security Model For Cloud Computing Based On The Biometric Features and Multi-Level Encryption
net/publication/283720774
CITATIONS READS
2 101
2 authors:
Some of the authors of this publication are also working on these related projects:
RGB Digital Image Forgery Detection with Using Singular Value Decomposition and One Dimensional Cellular Automata View project
All content following this page was uploaded by Nilofar Mansourzadeh on 12 November 2015.
ABSTRACT I. INTRODUCTION
Cloud computing is a well-known subject in IT Since customers of cloud computing transfer their
system and is based on network and computer utilities. applications and data to the cloud environment, it
Cloud computing is the main source of storage is essentially important that the security level
facilities for small, medium and large companies in provided in the cloud be same as traditional IT
recent years. Since, many customers look for cloud environment or even better than before. Lack of
computing facilities and services, thus the security of
information must be guaranteed to give a full
security and protection for cloud environment
confidence for that customer who has trusted to use would cause unauthorized network access by an
these facilities and ready to store their valuable outside hacker in which effects company
information on the cloud computing and distributed productivity and impede the capability to
networks. The fundamental problem in cloud compete.
computing is the security of the stored data.[1]
In cloud computing, security controls are the
This paper describes the process of storing the images same as those traditional IT environments.
and scanned documents over the cloud by using our Although in cloud computing several
proposed security model which is based on the organizational division of responsibilities as well
biometric features and multilevel encryption. On the as technologies are used to enable the cloud
other hand, it will discuss about cloud computing services but cloud environment might encounters
environment, issues and concerns regarding to
various kinds of risk to a company than
security, authentication by using biometric features,
and new security algorithms and models. The traditional IT solutions. One of the important
Security algorithms, which are used in this paper, are parts in cloud computing is to understand the
consisting of the scrambling algorithm and two level level of risk tolerance and concentrate on
encryption methods. In addition, we have proposed alleviating the risks, which the company cannot
two different scenarios that improve the DEPSKY neglect this issue.
model. We have recommended a two-level security
model based on encryption and biometric
Biometrics is the knowledge of setting the identity of authentication. Our paper is formed as following:
an individual related to the inherent physical or In section II we talk about cloud computing
attitude characteristics connected with the person. The service models and their security concerns. In
relationship between the perceived authentication section III we discuss about cloud computing
content and perceived content of biometric features is
security considerations. In section IV we
studied. The process of developing the algorithms and
the model is documented in the proposed section. concentrate on the biometric authentication. In
section V the proposed model is illustrated. In
Keywords: cloud computing, data security, data section VI, the conclusion results are given and
integrity, availability, depsky model, Bioemtric ,SVD future works is presented [9].
Platform as a service is a cloud service, which Data integrity is the guarantee that the
prepare users with a configurable application information is valid and complete. Although data
platform containing a pre-installed software integrity contains the atomicity, consistency,
group. PaaS may be considered as an abstraction isolation and durability, in cloud computing
layer of hardware, operating system and technology three more standards are added to
virtualization. It decreases convolution of ensure the integrity such as Data Integrity Field
infrastructure and application preservation and let (DIF), SNIA and Cloud Data Management
us focusing on core of the software development Interface (CDMI).
qualification.
3) Data Availability:
3) Software as a Service (SaaS):
Availability means that all requested data and
This cloud service model suggests a requested information by user be ready and an accessible so
online software subscription. According to SaaS that all machines have to deliver, store and
offers, the internal IT support costs and the process information when the customer need
expense of the transfer preservation responsibility them. Cloud service providers’ use a reliable back
in companies are decreased due to usage of low up system to save and store the user data, a
cost cloud facilities and inexpensive array of caching proxy server to provide data availability
storage devices. and then switch over from the online-server to the
Some of the SaaS services are as following: hot-standby server. The capability to quickly run
two same samples of the application on the same
1) Security in Cisco, McAfee, or AppRiver cloud, or in various data centers, supply the final
approach to high availability. [9,10]
2) Data Storage and Durability: By raising concerns regarding to security and fast
progress in networking, communication and
In addition to the known domain of mobility the necessity for reliable user
predestination storage places data could authentication methods has enhanced. Biometric,
be existed on cloud service provider used explained as a science of identifying an individual
for keeping of the cloud infrastructure, based on his or her physical or behavioral
like VM images, backups and monitoring features, is starting to reach admission as a legal
logs. For recovery and high availability method for specifying an individual personality.
goals, data stored in memory may be A list of some common biometric attributes is
written on disk as well. This kind of data illustrated as following:
could quickly be forgotten and not
secured by data security controls. All 1) Face:
possible obtained points must be
recognized and controlled as essential to Face identification is not a new method,
avoid unintended or unsecured storage or and facial features are likely the most
transition of sensitive data. popular biometric attributes used by
human to distinguish one another. The
3) Data Classification: most common approaches to face
identification are based on, (1) the
Data grouping and the control of data location and shape of facial features, like
based on its group will different from eyes, eyebrows, nose, lips and chin and
company to company. A certain data- the special relationships, or (2) the total
classification system can help companies analysis of the face image, which displays
to recognize sensitive and secret data. face as a serious composition of a number
This permits companies to allocate of standard faces.
For many decades human have applied In this paper we focus on two level of cloud
fingerprints for personal recognition. A computing security and we just applied our
fingerprint is the combination of edges algorithms on image but it is possible to use it in
and valleys on the external of a finger other types of information like voice, text,
whose formation is defined during the multimedia and even movie.
first seven months of fetal growth. The
precision of the present available
fingerprint identification systems is Mid-level of security:
sufficient for authentication systems in
multiple applications, especially forensics. First of all we have chosen four images and
Multiple fingerprints of a person prepare merged them to obtain a group image to be able
extra information to permit for much to implement our model on the group image and
recognition containing millions of compare its result with the DEPSKY model.[8]
personality. When the group image is formed, then three
levels of securities are applied to obtain a highly
3) Human geometry: secure stored image on the cloud as following
[13]:
Hand geometry identification systems
contain a number of evaluations obtained 1) Layer One of Securities: In the first layer of
from the human hand such as shape, size security we have applied our scrambling
of palm, and the lengths and widths of the algorithm on the group image.
fingers. External factors like dry weather
or individual anomalies like dry skin do 2) Layer Two of Securities: Once the group
not emerge to adversely modify the image is scrambled we have applied the
verification precision of hand geometry
XOR operations on the elements of the
systems.
Scrambled Group Image (SGI) with the
4) Iris: elements of Malakooti Transform (MT)
Algorithm used as the General Key (GK)
The complicated iris contexture conveys Matrix, to implement additional security
very specific information helpful for on the stored images.
human identification. The precision and
speed of present expanded iris 3) Layer Three of Securities: In the third
identification systems is promising and level, we have applied more complex
help the possibility of recognition on iris algorithm, based on the combination of,
information systems. Malakooti Randomized Key Generator
(MKG), and Malakooti Polynomial
5) Voice: Algorithm (MPA), to generate four
Individual keys(IK) required for the third
Voice is a compound of physical and
behavioral biometric features. The level of securities.
physical characteristics of a human’s
voice are based on the size and shape of
appendages, which are used in
combination of the sound. The behavioral
perspective of the speech modifies over
time because of age, medical conditions or
emotional state. [12]
Scramble Algorithm:
1) Enter two integer numbers, a and b, i.e., a=1, We have divided the scrambled and encrypted
b=2. group imaged into four sub-images, the same size
as the original individual images. We also
2) Let M0=1 (5-1) generated four individual keys to be applied on
the scrambled and encrypted sub- images
3) M[0,0]=M0 (5-2) as following:
5) Apply XOR operations on the elements SGI 2) Generate the Malakooti Randomized keys
and GK Matrices (MRK).
EncImg[i, j]= ImgSc[i, j] XOR M [i, j] (5-4)
A. Enter two large prime numbers to start
the key gen algorithm.
IK (3) = A3,1P1(x) + A3,2P2(x) + A3,3P3(x) + Here is the 8*8 matrices of RED, GREEN and
A3,4P4(x) BLUE pixels before and after the encryption and
IK (4) = A4,1P1(x) + A4,2P2(x) + A4,3P3(x) + it shows that all pixels are same and the error
A4,4P4(x) (5-7) equals to 0.
Where A i,j are the elements of the MRK and Pi Before the encryption:
are the elements of Malakooti Polynomial
coefficients.
We finally apply the XOR operations the
elements of each scrambled and encrypted sub-
image with its corresponding individual key to
implement the third level of security on the
images that are going to be stored on the cloud
environment.
Fig. 8- encrypted image by 4 different keys Fig. 10- 8*8 pixels of grouped image
Figure 9 indicates the 8*8 pixels of second step After the decryption:
encryption as following:
Fig. 13- Divide the image and distribute the parts into
Four cloud providers
Scenario 2:
|[R- λI]|=0 Eigen values = λ1, λ2, …, λn (5-8) Generate the Error:
S=
Input Matrix=
U=
Input Matrix=
able to have all employee face feature for apply [5]D.Yuefa, Wu Bo, G.Yaqiang, Z.Quan, Tang
suitable privacy in company. Chaojing, , “Data Security Model for Cloud
The main goal in any research is to improve the Computing”, Proceeding of IWISA 2009, Nov.
different area of the special topic. In these days 2009, P.141-144,Qingdao, China.
security problems are very vital to solved and any
user prefer to store his data on secure place. [6] K. Govinda, Y.Ngabirano, , “ Secure Data
The mentioned algorithms especially biometric Storage in Cloud Computing Using Biometric”,
features could be use in other critical area such as IJARCSSE, Vol. 2, Issue 5, May 2012,P. 11-16.
ATM. For example, for more security in addition
to face detection we can use Iris, fingerprint or [7] M.Marwaha, R.Bedi, “Applying Encryption
even voice detection in ATM machines, and Algorithm for Data Security and Privacy in Cloud
apply different level of security policy on that. Computing”, IJCSI International Journal of
In this research we use the mentioned equation Computer Science Issues, Vol. 10, Issue 1, No 1,
for error calculation but it would be a good idea P. 367-370, January 2013.
to consider the equation, which is based on each [8] A.Bessani, M.Correia, B.Quaresma F.Andr´e
user feature and according to each user the Paulo Sousa, “DEPSKY: Dependable and Secure
threshold is different. Storage in a Cloud-of-Clouds”, University of
Lisbon, Faculty of Sciences, Portugal.