Cloud User Voice Authentication enabled with Single Sign-On framework using OpenID



Similar documents
Single Sign-On for the Internet: A Security Story. Eugene Tsyrklevich eugene@tsyrklevich.name Vlad Tsyrklevich vlad902@gmail.com

Establishing the Uniqueness of the Human Voice for Security Applications

Hardware Implementation of Probabilistic State Machine for Word Recognition

Alternative Biometric as Method of Information Security of Healthcare Systems

Building Cloud-based Biometric Services

School Class Monitoring System Based on Audio Signal Processing

Dynamic Query Updation for User Authentication in cloud Environment

Multimodal Biometric Recognition Security System

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 8 Authentication

CHAPTER 1 INTRODUCTION

addressed. Specifically, a multi-biometric cryptosystem based on the fuzzy commitment scheme, in which a crypto-biometric key is derived from

Public Auditing & Automatic Protocol Blocking with 3-D Password Authentication for Secure Cloud Storage

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 10 Authentication and Account Management

Mathematical Model Based Total Security System with Qualitative and Quantitative Data of Human

L9: Cepstral analysis

Microcontroller Based Smart ATM Access & Security System Using Fingerprint Recognition & GSM Technology

COMBINE DIFFERENT TRUST MANAGEMENT TECHNIQUE: RECOMMENDATIONAND REPUTATION IN CLOUD SERVICE. B.Brithi #1, K. Kiruthikadevi *2

Near Sheltered and Loyal storage Space Navigating in Cloud

Associate Prof. Dr. Victor Onomza Waziri

Application-Specific Biometric Templates

IMPROVED SECURITY MEASURES FOR DATA IN KEY EXCHANGES IN CLOUD ENVIRONMENT

Framework for Biometric Enabled Unified Core Banking

FRACTAL RECOGNITION AND PATTERN CLASSIFIER BASED SPAM FILTERING IN SERVICE

HYBRID ENCRYPTION FOR CLOUD DATABASE SECURITY

The increasing popularity of mobile devices is rapidly changing how and where we

An Algorithm for Electronic Money Transaction Security (Three Layer Security): A New Approach

TCM: Transactional Completeness Measure based vulnerability analysis for Business Intelligence Support

Analysis on Secure Data sharing using ELGamal s Cryptosystem in Cloud

Myanmar Continuous Speech Recognition System Based on DTW and HMM

Dual Mechanism to Detect DDOS Attack Priyanka Dembla, Chander Diwaker 2 1 Research Scholar, 2 Assistant Professor

3-6 Toward Realizing Privacy-Preserving IP-Traceback

Image Compression through DCT and Huffman Coding Technique

The Top 5 Federated Single Sign-On Scenarios

LOCAL SURFACE PATCH BASED TIME ATTENDANCE SYSTEM USING FACE.

Secure Collaborative Privacy In Cloud Data With Advanced Symmetric Key Block Algorithm

AUTHORIZED WATERMARKING AND ENCRYPTION SYSTEM BASED ON WAVELET TRANSFORM FOR TELERADIOLOGY SECURITY ISSUES

Speech Signal Processing: An Overview

PARTNER INTEGRATION GUIDE. Edition 1.0

A comprehensive survey on various ETC techniques for secure Data transmission

How To Manage Your Web 2.0 Account On A Single Sign On On A Pc Or Mac Or Ipad (For A Free) On A Password Protected Computer (For Free) (For An Ipad) (Free) (Unhack)

FIDO: Fast Identity Online Alliance Privacy Principles Whitepaper vfeb2014

Multi-factor Authentication in Banking Sector

MANAGING OF AUTHENTICATING PASSWORD BY MEANS OF NUMEROUS SERVERS

Biometric Authentication using Online Signatures

Deployment Scenarios

Scalable Authentication

Secure Authentication of Distributed Networks by Single Sign-On Mechanism

A Comprehensive Data Forwarding Technique under Cloud with Dynamic Notification

Ensuring Security in Cloud with Multi-Level IDS and Log Management System

An Efficient Windows Cardspace identity Management Technique in Cloud Computing

Development of enhanced Third party Auditing Scheme for Secure Cloud Storage

Securing MANET Using Diffie Hellman Digital Signature Scheme

Emotion Detection from Speech

SECURITY ANALYSIS OF PASSWORD BASED MUTUAL AUTHENTICATION METHOD FOR REMOTE USER

BehavioSec participation in the DARPA AA Phase 2

PRIVACY ASSURED IMAGE STACK MANAGEMENT SERVICE IN CLOUD

Interoperate in Cloud with Federation

Keywords: fingerprints, attendance, enrollment, authentication, identification

ACL Based Dynamic Network Reachability in Cross Domain

Evaluation of different Open Source Identity management Systems

Cloud-based Identity and Access Control for Diagnostic Imaging Systems

Single Sign-On Secure Authentication Password Mechanism

Biometric Authentication Platform for a Safe, Secure, and Convenient Society

This document is downloaded from DR-NTU, Nanyang Technological University Library, Singapore.

ARM7 Based Smart ATM Access & Security System Using Fingerprint Recognition & GSM Technology

A Secure Authenticate Framework for Cloud Computing Environment

Scientific Journal Impact Factor (SJIF): 1.711

Remote Authentication and Single Sign-on Support in Tk20

A Survey on Security Issues and Security Schemes for Cloud and Multi-Cloud Computing

Web Applications Access Control Single Sign On

Skype network has three types of machines, all running the same software and treated equally:

Data Integrity Check using Hash Functions in Cloud environment

Analysis of Multimodal Biometric Fusion Based Authentication Techniques for Network Security

SECURITY ENHANCEMENT OF GROUP SHARING AND PUBLIC AUDITING FOR DATA STORAGE IN CLOUD

Security Considerations for DirectAccess Deployments. Whitepaper

A Secure & Efficient Data Integrity Model to establish trust in cloud computing using TPA

The Development of a Pressure-based Typing Biometrics User Authentication System

Krunal Patel Department of Information Technology A.D.I.T. Engineering College (G.T.U.) India. Fig. 1 P2P Network

EFFECTIVE DATA RECOVERY FOR CONSTRUCTIVE CLOUD PLATFORM

New Single Sign-on Options for IBM Lotus Notes & Domino IBM Corporation

A Review of Cloud Environment and Recognition of Highly Secure Public Data Verification Architecture using Secure Public Verifier Auditor

Federation Proxy for Cross Domain Identity Federation

Chapter 1: Introduction

SECURITY ANALYSIS OF A SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTER NETWORKS

Monitoring Data Integrity while using TPA in Cloud Environment

Voice Authentication for ATM Security

SAML AS AN SSO STANDARD FOR CUSTOMER IDENTITY MANAGEMENT. How to Create a Frictionless, Secure Customer Identity Management Strategy

Information Security Basic Concepts

Alternative authentication what does it really provide?

Volume 3, Issue 6, June 2015 International Journal of Advance Research in Computer Science and Management Studies

Transcription:

Cloud User Voice Authentication enabled with Single Sign-On framework using OpenID R.Gokulavanan Assistant Professor, Department of Information Technology, Nandha Engineering College, Erode, Tamil Nadu, India. Dr N.Shanthi Professor and Dean, Department of Computer Science And Engineering, Nandha Engineering College, Erode, Tamil Nadu, India. Abstract - Cloud computing promises to significantly change the way we use computers and access and store our personal and business information. With these new computing and communications paradigms arise new data security challenges. In order to deal with security, Authentication plays an important role. This paper presents a review on the Voice Biometric authentication techniques along with Single Sign-On. Single sign-on solutions allow users to sign on only once and have their identities automatically verified by each application or service they want to access afterwards. There are few practical and secure single sign-on models, even though it is of great importance to current distributed application environments. We build on OpenID Protocol schemes to introduce the first public key cryptographic approach to single sign-on frameworks, which represents an important milestone towards the construction of provably secure single sign-on schemes. Moreover, our approach significantly improves communication complexity by eliminating any communication between services and identity providers during user identity and access permission verification. Index Terms Cloud Computing, Voice Biometrics, Single SignOn, Multiple SignOff, OpenID protocol. I.INTRODUCTION When talking about Internet authentication, in most cases, people are still talking about passwords. One of the biggest problems with current authentication approaches is the existence of too many password account pairings for each user, which leads to forgetting or using the same username and password for multiple sites [2]. A possible solution to this problem can be found in the use of biometrics [3]. Biometric authentication techniques, which try to validate the identity of an user based on his/her physiological or behavioral traits, are already quite widely used for local authentication purposes (for private use), while their use on the Internet is still relatively modest. The main reason for this setting is open issues pertaining mainly to the accessibility and scalability of existing biometric technology. Similar issues are also encountered in other deployment domains of biometric technology, such as forensics, law-enforcement and alike. For example, according to [4], the biometric databases of the Federal Bureau of Investigation, the US State Department, Department of Defense, or the Department of Homeland Security are expected to grow significantly over the next few yours to accommodate several hundred millions (or even billions) of identities. Such expectations make it necessary to devise highly scalable biometric technology, capable of operating on enormous amounts of data, which, in turn, induces the need for sufficient storage capacity and significant processing power. The first solution that comes to mind with respect to the outlined issues is moving the existing biometric technology to a cloud platform that ensures appropriate scalability of the technology, sufficient amounts of storage, parallel processing capabilities, and with the widespread availability of mobile devices also provides an accessible entry point for various applications and services that rely on mobile clients. Hence, cloud computing is capable of addressing issues related to the next generation of biometric technology, but at the same time, offers new application possibilities for the existing generation of biometric systems [5], [6]. Vol. 4 Issue 1 June 2014 56 ISSN: 2319 1058

However, moving the existing biometric technology to the cloud is a nontrivial task. Developers attempting to tackle this task need to be aware of: the most common challenges and obstacles encountered, when moving the technology to a cloud platform, standards and recommendations pertaining to both cloud-based services as well as biometrics in general, and existing solutions that can be analyzed for examples of good practices. This paper tries to elaborate on the above listed issues and provide potential developers with some basic guidelines on how to move biometric technology to a cloud platform. It describes the most common pitfalls encountered in the development work and provides some directions for their avoidance. The main motivation for the paper stems from our own work in the field of cloud-based biometric services1 and the fact that the available literature on this field is extremely limited. The rest of the paper is structured as follows. In Section 2 Biometrics in cloud is highlighted. In Section 3 Voice Authentication Process are presented. In Section 4 Single Sign-On using OpenID protocol are elaborated on. In Section 5 a Crypto Key Generation is presented and, finally, the paper is concluded with some final comments and directions for future work in Section 6. II.BIOMETRICS IN THE CLOUD As emphasized in the previous section, there are certain aspects of biometric systems that are specific to cloud computing. First of all, the biometric engine2 is located in the cloud and not on some local processing unit, as it is the case with traditional (e.g. access control) biometric recognition systems. This characteristic makes the cloud based biometric technology broadly accessible and provides the necessary means for integration in other security and/or consumer applications. Second of all, storing biometric data in the cloud makes the system highly scalable and allows quick and reliable adaptation of the technology to an increasing user base [4]. On the other hand, storing biometric data in the cloud may raise privacy concerns and may not be in accordance with national legislation. Last but not least, a cloud implementation of biometric technology may harvest all merits of the cloud, such as real-time and parallel processing capabilities, billing by usage etc. [4]. All of the presented characteristics make cloud-based biometric recognition technology extremely appealing. When developing biometric technology for the cloud, one needs to make a number of design choices. Probably the most important choice is, which components to move to the cloud and which to implement locally. A review of some existing market solutions ([11], [12], [13], [14], [15]) from the field of cloud-based biometrics reveals that most often both the biometric engine as well as the biometric database is moved to the cloud. The commercial solutions typically operate on the principle of the client-server model. The local client (e.g. on the user s computer) is responsible for capturing a biometric sample of the user and sending it to the server (hosted in the cloud), where the matching process is executed. For the safety of the network traffic between the client and the server designated security protocols are commonly used. While the presented configuration makes full use of the merits of the cloud platform, it may not be conformant with the local legislation. Therefore, the possibility of using a locally hosted database needs to be considered when designing a cloud-based biometric system. Such a setting may limit the scalability of the technology to a certain extent, but is reasonable as it makes potential market-ready technology more easily adjustable to currently existing legislation. Another possible solution to the legislation problem could also be found in the use hybrid clouds. Vol. 4 Issue 1 June 2014 57 ISSN: 2319 1058

A.Authentication Using Voice Biometrics Figure1: Basic block diagram for biometric system The Voice Authentication process is performed in the proposed system is as follows: Preliminary Processing of the input signal - To adopt the input signal to some special shape(amplitude scaling,noise filtering,etc,) FFT(Spectrum) - Fast Fourier Transform to obtain the message spectrum. Reference Points - Definig the special area on the spectrum which can characterize the person. Spectrum Analyzer to compare the input data etalon and calculate the corelation coefficient K VA Speech Recognition to recongnize the input data as a random set of speech patterns. Speech Analyzer to compare the input data as a random set of speech pattern. Speech Models(patterns). Random Number Generator(RNG). Authentication Model Generation to obtain the authentication task from speech patterns controlled by the RNG. Authentication to calculate the weighted estimation of the authentication based on the input values. Vol. 4 Issue 1 June 2014 58 ISSN: 2319 1058

Figure2: Data Flow Diagram Vol. 4 Issue 1 June 2014 59 ISSN: 2319 1058

Figure 3:Voice Recognition Authentication B.Voice Recognition Algorithm The extraction of the best parametric representation of acoustic signals is an important task to produce a better recognition performance. The efficiency of this phase is important for the next phase since it affects its behavior. MFCC is based on human hearing perceptions which cannot perceive frequencies over 1Khz. In other words, in MFCC is based on known variation of the human ear s critical bandwidth with frequency [8-10]. MFCC has two Vol. 4 Issue 1 June 2014 60 ISSN: 2319 1058

types of filter which are spaced linearly at low frequency below 1000 Hz and logarithmic spacing above 1000Hz. A subjective pitch is present on Mel Frequency Scale to capture important characteristic of phonetic in speech. Pre emphasis This step processes the passing of signal through a filter which emphasizes higher frequencies. This process will increase the energy of signal at higher frequency. Framing The process of segmenting the speech samples obtained from analog to digital conversion (ADC) into a small frame with the length within the range of 20 to 40 msec. The voice signal is divided into frames of N samples. Figure 4:Segment Processing Hamming windowing Hamming window is used as window shape by considering the next block in feature extraction processing chain and integrates all the closest frequency lines. Discrete Cosine Transform This is the process to convert the log Mel spectrum into time domain using Discrete Cosine Transform (DCT). The result of the conversion is called Mel Frequency Cepstrum Coefficient. The set of coefficient is called acoustic vectors. Therefore, each input utterance is transformed into a sequence of acoustic vector. III.SINGLE SIGN-ON USING OPENID PROTOCOL OpenID is a Single Sign-On protocol that solves the problem of having an individual login and password for every web site. With OpenID, a user can register once with an Identity Provider (IdP) of their choice and then use that login on all OpedID enabled sites. As OpenID is a decentralized system, a user can register with any identity provider[5]. When an Identity Provider successfully authenticates a user, the IdP makes a basic assertion that a user owns a given URL. Vol. 4 Issue 1 June 2014 61 ISSN: 2319 1058

Figure 5:OpenID protocol IV.PROPOSED ALGORITHM A.Generating Crypto Keys Using Diffie-Hellman(DH) Algorithm To guarantee the integrity of the exchanged data, an Identity Provider and a Relying party need to agree on a shared cryptographic key. To achieve this, an IdP and an RP use the Diffie-Hellman(DH) algorithm to come up with a shared symmetric key to be used for a predetermined amount of time. Figure 6: Diffie-Hellman Exchange Vol. 4 Issue 1 June 2014 62 ISSN: 2319 1058

B.Identity Provider Authentication Once the user is redirecting to the Identity Provider (IdP) server, they log in and authorize the Relying Party. Once they are logged into one site, they can be automatically logged into other sites. The identity Provider becomes a central clearing place for all user logins. Thus a malicious IdP can easily spy on a user s activity on the Internet. Apart from using multiple OpenID logins, there is little that a user can do today to avoid disclosing their surfing habits, when using OpenID enabled sites, to their Identity Provider. V.RESULTS AND DISCUSSION V.CONCLUSION Cloud based biometric services have an enormous potential market value and as such attract the interest of research and development groups from all around the world. In this paper some directions on how to move existing biometric technology to a cloud platform were presented. We presented a new approach for practical efficient and secure single sign-on frameworks using OpenID protocol. The proposed framework provides seamless and transparent single sign-on without undermining overall Network security and without requiring any online communications between service providers and the identity provider. REFERENCES [1] Xinyi Huang, Yang Xiang, Member, IEEE, A Generic Framework for Three-Factor Authentication: Preserving Security and Privacy in Distributed Systems, IEEE Trans. Parallel and Distributed systems,vol.22,no.8,aug 2011 [2] D. Balfanz et al., "The future of authentication",ieee Security & Privacy, vol. 10, pp. 22-27, 2012. [3] A.K. Jain, A. Ross, and S. Prabhakar, An Introduction to Biometric Recognition, IEEE Transactions on Circuits and Video Technology vol. 14, no. 1, pp. 4-20, 2004. [4] Upen H Nathwani,Irvin Dua,Ved Vyas Diwedi, Authentication in Cloud Application:Claims-based Identity Model,Inventi Journals, Vol.2013, Issue 2,2012. [5] Rathi. G, Meenakshi. L, Saranya. C & Sindhu. M, Credit Card Endorsement using Biometrics in Cloud Computing, ISSN (Print) : 2278-8948, Volume-2, Issue-2, 2013. [6] Issa Traore,Isaac Woungang,Mohammad S,Obaidat,Youssef Nakkabi,Iris Lai, Online Risk Based Authentication using Behavioral Biometrics,Springer 05 June 2013 [7] Bassam Sayed,Issa Traore,Isaac Woungang,and Mohammad s,obaidat,fellow,ieee, Biometric Authentication Using Mouse Gesture Dynamics,IEEE System Journal,Vol 7,No 2,June 2013 [8] Jucheng Yang, A Fingerprint Recognition Scheme Based on Assembling Invariant Moments for Cloud Computing Communications, IEEE Trans. Systems Journal,Vol.5,No.4,Dec 2011. [9] Kyusuk Han,Taeshik Shon, Authentication of Mobile Applications through various local distributors,springer 01 June 2013 Shelly Iris recognition on Hadoop: A biometrics system implementation on cloud computing, IEEE Conference Page(s) 482-485, Sep 2011 Vol. 4 Issue 1 June 2014 63 ISSN: 2319 1058

[10] Choudhury A.J., Kumar P., A Strong User Authentication Framework for Cloud Computing, IEEE Conference Page(s) 110-115, Dec 2011 [11] Karl martin,haiping Lu,Francis Minhthang Bui,Konstantinos N.(Kostas)Plataniotis,Senior and Dimitrios Hatzinakos, A Biometric Encryption System for the Self-Exclusion Scenario of Face Recognition,IEEE System Journal,Vol 3,No 4,December 2009 [12] Boss G, Malladi P, Quan D, Hall H. Cloud Computing. IBM [13] WhitePaperhttp://download.boulder.ibm.com/ibmdl/pub/software/dw/wes/hipods/Cloud_computing_wp_final_8Oct.pdf [14] Cloud Bridge,White Paper, Four Key Elements of a Secure, High-Performance Hybrid Cloud Networking Strategy, in citrix.com [15] Himabindu Vallabhu, R V Satyanarayana, Biometric Authentication as a Service on Cloud: Novel Solution, International Journal of Soft Computing and Engineering (IJSCE), ISSN: 2231-2307, Volume-2, Issue-4, September 2012. [16] Neal Leavitt, Is Cloud Computing Really Ready for Prime Time?,IEEE Computer society,jan 2009. [17] Dong Yuan,Yun Yang,IEEE,Xiao Liu,IEEE,Wenhao Li,Lizhen Cui,Meng Xu,and jinjun Chen,IEEE, A Highly Practical Approach toward Achieving Minimum Data Sets Storage Cost in the Cloud, IEEE Transaction On Parallel and Distributed Systems,Vol 24,No 6,June 2013. Vol. 4 Issue 1 June 2014 64 ISSN: 2319 1058

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information