Cloud User Voice Authentication enabled with
Single Sign-On framework using OpenID
R.Gokulavanan
Assistant Professor, Department of Information Technology, Nandha Engineering College, Erode, Tamil Nadu, India.
Dr N.Shanthi
Professor and Dean, Department of Computer Science And Engineering, Nandha Engineering College, Erode, Tamil Nadu, India.
Abstract - Cloud computing promises to significantly change the way we use computers and access and store our personal and business information. With these new computing and communications paradigms arise new data security challenges. In order to deal with security, Authentication plays an important role. This paper presents a review on the Voice Biometric authentication techniques along with Single Sign-On. Single sign-on solutions allow users to sign on only once and have their identities automatically verified by each application or service they want to access afterwards. There are few practical and secure single sign-on models, even though it is of great importance to current distributed application environments. We build on OpenID Protocol schemes to introduce the first public key cryptographic approach to single sign-on frameworks, which represents an important milestone towards the construction of provably secure single sign-on schemes. Moreover, our approach significantly improves communication complexity by eliminating any communication between services and identity providers during user identity and access permission verification. Index Terms – Cloud Computing, Voice Biometrics, Single SignOn, Multiple SignOff, OpenID protocol.
I.INTRODUCTION
When talking about Internet authentication, in most cases, people are still talking about passwords. One of the biggest problems with current authentication approaches is the existence of too many password account pairings for each user, which leads to forgetting or using the same username and password for multiple sites [2]. A possible solution to this problem can be found in the use of biometrics [3]. Biometric authentication techniques, which try to validate the identity of an user based on his/her physiological or behavioral traits, are already quite widely used for local authentication purposes (for private use), while their use on the Internet is still relatively modest. The main reason for this setting is open issues pertaining mainly to the accessibility and scalability of existing biometric technology.
Similar issues are also encountered in other deployment domains of biometric technology, such as forensics, law-enforcement and alike. For example, according to [4], the biometric databases of the Federal Bureau of Investigation, the US State Department, Department of Defense, or the Department of Homeland Security are expected to grow significantly over the next few yours to accommodate several hundred millions (or even billions) of identities. Such expectations make it necessary to devise highly scalable biometric technology, capable of operating on enormous amounts of data, which, in turn, induces the need for sufficient storage capacity and significant processing power.
guidelines on how to move biometric technology to a cloud platform. It describes the most common pitfalls encountered in the development work and provides some directions for their avoidance. The main motivation for the paper stems from our own work in the field of cloud-based biometric services1 and the fact that the available literature on this field is extremely limited.
The rest of the paper is structured as follows. In Section 2 Biometrics in cloud is highlighted. In Section 3 Voice Authentication Process are presented. In Section 4 Single Sign-On using OpenID protocol are elaborated on. In Section 5 a Crypto Key Generation is presented and, finally, the paper is concluded with some final comments and directions for future work in Section 6.
II.BIOMETRICS IN THE CLOUD
As emphasized in the previous section, there are certain aspects of biometric systems that are specific to cloud computing. First of all, the biometric engine2 is located in the cloud and not on some local processing unit, as it is the case with traditional (e.g. access control) biometric recognition systems. This characteristic makes the cloud based biometric technology broadly accessible and provides the necessary means for integration in other security and/or consumer applications. Second of all, storing biometric data in the cloud makes the system highly scalable and allows quick and reliable adaptation of the technology to an increasing user base [4].
On the other hand, storing biometric data in the cloud may raise privacy concerns and may not be in accordance with national legislation. Last but not least, a cloud implementation of biometric technology may harvest all merits of the cloud, such as real-time and parallel processing capabilities, billing by usage etc. [4]. All of the presented characteristics make cloud-based biometric recognition technology extremely appealing.
When developing biometric technology for the cloud, one needs to make a number of design choices. Probably the most important choice is, which components to move to the cloud and which to implement locally. A review of some existing market solutions ([11], [12], [13], [14], [15]) from the field of cloud-based biometrics reveals that most often both the biometric engine as well as the biometric database is moved to the cloud. The commercial solutions typically operate on the principle of the client-server model. The local client (e.g. on the user’s computer) is responsible for capturing a biometric sample of the user and sending it to the server (hosted in the cloud), where the matching process is executed. For the safety of the network traffic between the client and the server designated security protocols are commonly used.
While the presented configuration makes full use of the merits of the cloud platform, it may not be conformant with the local legislation. Therefore, the possibility of using a locally hosted database needs to be considered when designing a cloud-based biometric system. Such a setting may limit the scalability of the technology to a certain extent, but is reasonable as it makes potential market-ready technology more easily adjustable to currently existing legislation. Another possible solution to the legislation problem could also be found in the use hybrid clouds.
Figure1: Basic block diagram for biometric system A.Authentication Using Voice Biometrics
The Voice Authentication process is performed in the proposed system is as follows:
x Preliminary Processing of the input signal - To adopt the input signal to some special shape(amplitude scaling,noise filtering,etc,)
x FFT(Spectrum) - Fast Fourier Transform to obtain the message spectrum.
x Reference Points - Definig the special area on the spectrum which can characterize the person. x Spectrum Analyzer – to compare the input data etalon and calculate the corelation coefficient KVA x Speech Recognition – to recongnize the input data as a random set of speech patterns.
x Speech Analyzer – to compare the input data as a random set of speech pattern. x Speech Models(patterns).
x Random Number Generator(RNG).
x Authentication Model Generation – to obtain the authentication task from speech patterns controlled by the RNG.
x Authentication – to calculate the weighted estimation of the authentication based on the input values.
Figure 4:Segment Processing
Hamming windowing Hamming window is used as window shape by considering the next block in feature extraction processing chain and integrates all the closest frequency lines.
Discrete Cosine Transform This is the process to convert the log Mel spectrum into time domain using Discrete Cosine Transform (DCT). The result of the conversion is called Mel Frequency Cepstrum Coefficient. The set of coefficient is called acoustic vectors. Therefore, each input utterance is transformed into a sequence of acoustic vector.
III.SINGLE SIGN-ON USING OPENID PROTOCOL
OpenID is a Single Sign-On protocol that solves the problem of having an individual login and password for every web site. With OpenID , a user can register once with an Identity Provider (IdP) of their choice and then use that login on all OpedID enabled sites. As OpenID is a decentralized system, a user can register with any identity provider[5].
When an Identity Provider successfully authenticates a user , the IdP makes a basic assertion that a user owns a given URL.
Figure 5:OpenID protocol
IV.PROPOSED ALGORITHM
A.Generating Crypto Keys Using Diffie-Hellman(DH) Algorithm
To guarantee the integrity of the exchanged data , an Identity Provider and a Relying party need to agree on a shared cryptographic key. To achieve this , an IdP and an RP use the Diffie-Hellman(DH) algorithm to come up with a shared symmetric key to be used for a predetermined amount of time.
V.CONCLUSION
Cloud based biometric services have an enormous potential market value and as such attract the interest of research and development groups from all around the world. In this paper some directions on how to move existing biometric technology to a cloud platform were presented. We presented a new approach for practical efficient and secure single sign-on frameworks using OpenID protocol. The proposed framework provides seamless and transparent single sign-on without undermining overall Network security and without requiring any online communications between service providers and the identity provider.
REFERENCES
[1] Xinyi Huang, Yang Xiang, Member, IEEE, “ A Generic Framework for Three-Factor Authentication: Preserving Security and Privacy in Distributed Systems “, IEEE Trans. Parallel and Distributed systems,Vol.22,No.8,Aug 2011
[2] D. Balfanz et al., "The future of authentication",IEEE Security & Privacy , vol. 10, pp. 22-27, 2012.
[3] A.K. Jain, A. Ross, and S. Prabhakar, “An Introduction to Biometric Recognition,” IEEE Transactions on Circuits and Video Technology vol. 14, no. 1, pp. 4-20, 2004.
[4] Upen H Nathwani,Irvin Dua,Ved Vyas Diwedi,“Authentication in Cloud Application:Claims-based Identity Model” ,Inventi Journals , Vol.2013 , Issue 2,2012.
[5] Rathi. G, Meenakshi. L, Saranya. C & Sindhu. M , ” Credit Card Endorsement using Biometrics in Cloud Computing, ISSN (Print) : 2278-8948, Volume-2, Issue-2, 2013 .
[6] Issa Traore,Isaac Woungang,Mohammad S,Obaidat,Youssef Nakkabi,Iris Lai,“Online Risk Based Authentication using Behavioral Biometrics”,Springer 05 June 2013
[7] Bassam Sayed,Issa Traore,Isaac Woungang,and Mohammad s,Obaidat,Fellow,IEEE ,“Biometric Authentication Using Mouse Gesture Dynamics”,IEEE System Journal,Vol 7,No 2,June 2013
[8] Jucheng Yang, “A Fingerprint Recognition Scheme Based on Assembling Invariant Moments for Cloud Computing Communications”, IEEE Trans. Systems Journal,Vol.5,No.4,Dec 2011.
[10] Choudhury A.J., Kumar P.,” A Strong User Authentication Framework for Cloud Computing” , IEEE Conference Page(s) 110-115, Dec 2011
[11] Karl martin ,Haiping Lu,Francis Minhthang Bui,Konstantinos N.(Kostas)Plataniotis,Senior and Dimitrios Hatzinakos, “A Biometric Encryption System for the Self-Exclusion Scenario of Face Recognition”,IEEE System Journal,Vol 3,No 4,December 2009 [12] Boss G , Malladi P , Quan D , Hall H. Cloud Computing . IBM
[13] WhitePaperhttp://download.boulder.ibm.com/ibmdl/pub/software/dw/wes/hipods/Cloud_computing_wp_final_8Oct.pdf
[14] Cloud Bridge ,White Paper ,” Four Key Elements of a Secure, High-Performance Hybrid Cloud Networking Strategy,” in citrix.com [15] Himabindu Vallabhu, R V Satyanarayana,” Biometric Authentication as a Service on Cloud: Novel Solution” , International Journal of
Soft Computing and Engineering (IJSCE) , ISSN: 2231-2307, Volume-2, Issue-4, September 2012. [16] Neal Leavitt,”Is Cloud Computing Really Ready for Prime Time?”,IEEE Computer society ,Jan 2009.
[17] Dong Yuan,Yun Yang,IEEE,Xiao Liu,IEEE,Wenhao Li,Lizhen Cui,Meng Xu,and jinjun Chen,IEEE, “A Highly Practical Approach toward Achieving Minimum Data Sets Storage Cost in the Cloud”, IEEE Transaction On Parallel and Distributed Systems,Vol 24,No 6,June 2013.
