Kok-Seng Wong, Myung-Ho Kim


Cloud computing is an emerging technology that allows different service providers to offer services in an on-demand environment. Due to the advantages such as flexibility, mobility, and costs saving, the number of cloud user has increased tremendously. Consequently, a more secure and privacy preserving authentication system is becoming important to ensure that only the data owner or the authorized user can gain access and manipulate data stored in the cloud. In the current approach, the service provider authenticates its users based on the credential submitted such as password, token and digital certificate. Unfortunately, these credentials can often be stolen, accidentally revealed or hard to remember. In view of this, we propose a biometric-based authentication protocol, which can be used as the second factor for the cloud users to send their authentication requests. In our solution, the credential submitted by the users consists of the biometric feature vector and the verification code. For the user to successful authenticate, both the biometric feature vector and the verification code must be combined, transformed, and shuffled correctly. Our proposed solution not only provides the security mechanism for the authentication process, but also supports the privacy protection for all sensitive information of the user.


  1. Brooks, C. 2009. Amazon adds onetime password token to entice the wary. SearchCloudComputing.
  2. Buyya, R., Yeo, C. S., Venugopal, S., Broberg, J. & Brandic, I. 2009. Cloud computing and emerging IT platforms: Vision, hype, and reality for delivering computing as the 5th utility. Future Gener. Comput. Syst., 25, 599-616.
  3. Canetti, R. 2004. Universally Composable Signature, Certification, and Authentication. Proceedings of the 17th IEEE workshop on Computer Security Foundations. IEEE Computer Society.
  4. Convery, S. 2007. Network Authentication, Authorization, and Accounting Part One: Concepts, Elements, and Approaches. The Internet Protocol Journal, 10, 2-11.
  5. Fiveash, K. 2008. HP sells cloud vision amidst economic downpour. Will customers get soaked on transformation journeys? : King's College London.
  6. Haller, N. 1994. The S/KEY One-Time Password System. Internet Society Symposium on Network and Distributed Systems.
  7. Krowneva. 2011. BioID Announces World's First Biometric Authentication as a Service (BaaS) [Online]. Available: 2011/03/04/bioid-announces-worlds-first-biometricauthentication-as-a-service-baas/ [Accessed].
  8. Lenk, A., Klems, M., Nimis, J., Tai, S. & Sandholm, T. 2009. What's inside the Cloud? An architectural map of the Cloud landscape. Proceedings of the 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing. IEEE Computer Society.
  9. Lloyd, B. & Simpson, W. 1992. PPP Authentication Protocols. RFC Editor.
  10. Mell, P. & Grance, T. 2009. The NIST Definition of Cloud Computing. Available: http://
  11. Neuman, B. C. & Ts'o, T. 1994. Kerberos: An Authentication Service for Open Network Systems. IEEE Communications, 32, 33-38.
  12. Paillier, P. 1999. Public-key cryptosystems based on composite degree residuosity classes. Proceedings of the 17th international conference on Theory and application of cryptographic techniques. Prague, Czech Republic: Springer-Verlag.
  13. Recordon, D. & Reed, D. 2006. OpenID 2.0: a platform for user-centric identity management. Proceedings of the second ACM workshop on Digital identity management. Alexandria, Virginia, USA: ACM.
  14. Rubin, A. D. 1995. Independent one-time passwords. Proceedings of the 5th conference on USENIX UNIX Security Symposium - Volume 5. Salt Lake City, Utah: USENIX Association.
  15. Senk, C. & Dotzler, F. 2011. Biometric Authentication as a Service for Enterprise Identity Management Deployment: A Data Protection Perspective. Sixth International Conference on Availability, Reliability and Security. Vienna Austria.
  16. Simpson, W. 1996. PPP Challenge Handshake Authentication Protocol (CHAP). RFC Editor.

Paper Citation

in Harvard Style

Wong K. and Kim M. (2012). TOWARDS BIOMETRIC-BASED AUTHENTICATION FOR CLOUD COMPUTING . In Proceedings of the 2nd International Conference on Cloud Computing and Services Science - Volume 1: CLOSER, ISBN 978-989-8565-05-1, pages 501-510. DOI: 10.5220/0003909305010510

in Bibtex Style

author={Kok-Seng Wong and Myung-Ho Kim},
booktitle={Proceedings of the 2nd International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,},

in EndNote Style

JO - Proceedings of the 2nd International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,
SN - 978-989-8565-05-1
AU - Wong K.
AU - Kim M.
PY - 2012
SP - 501
EP - 510
DO - 10.5220/0003909305010510