Applications of Biometrics in Cloud Security

CHAPTER ONE 1. 1 INTRODUCTION The success of modern day technologies passinging depends on its effectiveness of the worlds norms, its ease of delectation by end exploiters and just about importantly its degree of in general anatomyation warranter and control. besmirch deliberation is a style of cypher in which dynamic all toldy scal qualified and often virtualized resources ar provided as a emolument oer the Internet. Users desire non cause knowledge of, expertise in, or control eitherplace the technology infrastructure in the b surveych that supports them 15, 16.Authentication, thus, becomes pretty important for over mottle bail. Biometric is the most procure and convenient hallmark tool. It can non be borrowed, stolen, or disregarded and forging hotshot is practically impossible. The term comes from the Greek scripts bios (life) and metrikos (measure). To relieve oneself a personal light, biometry relies on who you ar or what you doas opposed to what you know. OBJECTIVES 1 To know and understand the meaning of biometric, its uses, the distinctives and too its advant hop ons and scraps. To know and understand the well(p) meaning of slander computation its causa and its armed service suppliers 3 To explain the about blot out security and its shortfalls 4 To know how biometric technology can be applied to enhance security in maculate figuring CHAPTER TWO 2. 0 BIOMETRICS The word biostatistics comes from the Greek language and is derived from the words bio (life) and metric (to measure). biometrics (or biometric credential) refers to the realization of homophiles by their attributes or signs.Computer science, biometrics to be specific, is utilize as a form of recognition 1. biometrics is automated rules of recognizing a person ground on a physiological or behavioural characteristic 2. Biometrics offers tender perspectives in risque-security occupations while supporting rude(a), user-friendly and turbul ent certification. Biometric technology uses these characteristics to tell apart single(a)s automatically1. I bedly the characteristic should be universally present, funny to the individual, st able over clipping and easily measurable 5. 2. Biometric brasss A biometric body provides an automated method of recognizing an individual establish on the individuals biometric. A biometric is a measurement of a biological characteristic much(prenominal)(prenominal) as fingerprint, sword lily pattern, retina image, grammatical construction or hand geometry or a behavioural characteristic such(prenominal) as part, gait or signature. Behavioural biometrics be related to the behaviour of a Person, including but non limited to causawriting rhythm, gait, and voice. about researchers have coined the term behaviourmetrics to describe the behaviour class of biometrics 1.A biometric governance is essentially a pattern-recognition organisation that recognizes a person ground on a fe ature vector derived from a specific physiological or behavioural characteristic that the person possesses 3. Biometric governances can be employ in two several(predicate) modes. Identity verification occurs when the user claims to be already levyled in the system (presents an ID card or login name) in this cocktail dress the biometric entropy obtained from the user is compargond to the users entropy already stored in the selective informationbase Identification ( similarly called search) occurs when the identity element operator of the user is a priori unknow.In this case the users biometric selective information is play offed against all the records in the selective informationbase as the user can be anywhere in the entropybase or he/she actually does not have to be there at all 4. The combination of biometric data systems and biometrics recognition/ credit technologies raises the biometric security systems. 2. 2 Biometric Authentication Authentication on the some other hand, is a sue where a known persons live biometric is comp atomic number 18d to a stored guide of that person.For example, an individuals identity is revealed to the biometric system upon entering a PIN (Personal Identification Number). To authenticate that this is the person associated with this PIN, a live biometric is presented by the individual and comp atomic number 18d to the template and a match is determined. This is known as a one to one search. It is much accurate than the one to many application and is the predominant biometric process in place today and the more privacy friendly of the two systems.This answers the question Are you who you say you are? cardinal general uses of biometrics are identification and verification which both pray the existence of reference data that the persons measured traits leave be compared with reference templates or raw data. During these processes, a biometric data attempt is compared against the respective biometric data of either person enrolled in the database or against a single reference template of a particular enrolled individual in regulate to confirm the identity of that person respectively.When a biometric system mightily identifies a person, then the result of the identification process is a accredited positive, whereas if the system correctly rejects a person as not unified the respective enrolled template, the result is a true negative. Similarly, when the system incorrectly identifies or rejects a person then we speak about a insincere positive or a false negative. Fig 2. 1 Components of a Biometric Authentication System31 2. 3 BIOMETRIC security system SYSTEM The biometric security system is a lock and capture mechanism to control gravel to specific data.In order to approach the biometric security system, an individual allow motivating to provide their unparalleled characteristics or traits which allow be matched to a database in the system. If there is a match, the ti ghten system will provide admittance to the data for the user. The locking and capturing system will activate and record information of users who accessed the data. The relationship amongst the biometric and biometric security system is in any case known as the lock and lynchpin system. The biometrics security system is the lock and biometrics is the key to move over that lock 11. 2. 4 CRITERIA FOR BIOMETRIC SYSTEM12There are s veritable(a) basic criteria for biometric security system 12 * Uniqueness extraordinaryness is considered as the priority one requirement for biometric data. It will indicate how divergently and alone(predicate)ly the biometric system will be able to recognize severally user among groups of users . For instance, the DNA of distributively person is unique and it is impossible to replicate. * Universality Universality is a criterion for the biometric security that indicates requirements for unique characteristics of each person in the world, which can not be replicated. For example, retinal and masthead are characteristics will satisfy this requirement. Permanence permanence line is required for every single characteristic or trait which is recorded in the database of the system and submits to be constant for a certain period of sequence period. This parameter will mostly be affected by the age of the user * Collectability The collectability parameter requires the collection of each characteristic and trait by the system in order to verify their identification * Performance proceeding outlines how well the security system works. The accuracy and robustness are main factors for the biometric security system.These factors will decide the performance of the biometric security system * acceptableness The acceptability parameter will choose fields in which biometric technologies are acceptable. * Circumvention circumvention will decide how easily each characteristic and trait provided by the user can lead to failure during the verification process. DNA is seed to be the most difficult characteristic leading to the failure of the verification process 13. Figure 2. 2 Basic Criteria for Biometrics protection System 26 2. 5 TYPES OF BIOMETRIC systems Two classes of biometric methods are 1) Physical BiometricsPhysiological biometrics is establish on measurements and data derived from direct measurement of a part of the human body. * Fingerprint Fingerprint recognition is one of the best known and most all-embracingly used Biometric technologies. Fingerprint recognition technology extracts features from impressions made by the distinct ridges on the fingertips. * Iris-scan Iris recognition technology is based on the distinctly coloured ring surrounding the pupil of the eye. Iris recognition systems use a exquisite, high-quality camera to capture a black and white, high-resolution image of the iris. Retina-scan Retina recognition technology captures and analyses the patterns of blood vessels on the thin har diness on the back of the eyeball that processes light entering through the pupil. * authorise geometry Hand geometry technology takes 96 measurements of the hand, including the width, height, and length of the fingers distances between joints and shape of the knuckles. * seventh cranial nerve recognition Facial recognition technology identifies people by analysing features of the face not easily alteredthe upper outlines of the eye sockets, the areas around the cheekbones, and the sides of the mouth..Facial recognition can be used in both verification and identification systems. 2) Behavioural characteristics are based on an action taken by a person. Behavioural biometrics, in turn, are based on measurements and data derived from an action, and indirectly measure characteristics of the human body * piece recognition Voice certification is unique and non-intrusive method and a wish well the hardware requirements required for this type of credential are cheap and are lendabl e readily. Microphones can be used for this purpose.However the back ground noise moldiness be controlled, high storage is required for this kind of trademark. This type of authentication can also be extraneously influenced by once sore throat and cold. 7 * Keystroke-scan Keystroke dynamics is a biometric based on the assumption that incompatible people type in uniquely characteristic manners. Observation of telegraph operators in the 19th cytosine revealed personally distinctive patterns when keying messages over telegraph lines, and telegraph operators could recognize each other based on only their keying dynamics 22.Keystroke dynamics is known with a few different names keyboard dynamics, keystroke analysis, typewriting biometrics and typing rhythms 22. shortly users arrive information to computer systems via physical keyboards or keyboards on touch screens. The main return of using keystroke dynamics is that it can be used without any additional hardware. Thus it is inexpen sive. The user acceptance of a keystroke dynamics biometric system is very high, since it is not intrusive and users do not necessarily even notice that such a system is used 22, 27. Signature Recognition Signature recognition authenticates identity by metre handwritten signatures. The signature is treated as a series of movements that impart unique biometric data, such as personal rhythm, acceleration, and pressure flow. In a signature recognition system, a person signs his or her name on a digitized graphics tablet or personal digital assistant. The technology can also track each persons natural signature fluctuations over meter. The signature dynamics information is encrypted and compressed into a template.One of the defining characteristics of a behavioural biometric is the incorporation of time as a metric the measured behaviour has a beginning, middle and end 6. A number of biometric methods have been introduced over the years, but few have gained wide acceptance. 2. 6 PER FORMANCE OF BIOMETRICS SYSTEMS The following are used as performance metrics for biometric systems 8. * absurd Accept cast farther and phony Reject Rate FRR The FAR gives a measure of the probability that an individual will be falsely accepted by the system (i. . that the system accepts someone who is not enrolled on the system, or makes an incorrect identification). The FRR indicates how likely it is that a legitimate user will be rejected. The balance between the FAR and the FRR greatly influences both the security and usability of the system. The False Rejection Rate (FRR) is usually caused by lighting, climate conditions, low quality equipment or inexperience. The False Acceptance Rate (FAR) is caused by the security standard being too low 9. False Match Rate FMR and False NonMatch Rate FNMR A false match occurs when a system incorrectly matches an identity, In verification and positive identification systems, un authoritative people can be granted access to facilities or r esources as the result of incorrect matches. That occurs when a subsequent reading does not properly match the enrolled biometric relating to that individual, something that results in Denial of Access to services. * The Crossover shift Rate (CER) The Crossover Error Rate (CER) is defined as the misconduct rate of the system when the FAR and FRR are equal.Usually expressed as a percentage, the CER can be used to compare the performance of different biometric systems. * False enrol rate This occurs when a persons biometric is either unrecognizable, or when it is not of a sufficiently high standard for the cable car to make a judgment, something that does not allow the user to enrol in the system in the first place. The fingerprints of people who work extensively at manual labour are often too worn to be captured. A high percentage of people are unable to enrol in retina recognition systems because of the precision such systems require.People who are mute cannot use voice systems, and people lacking fingers or hands from congenital disease, surgery, or injury cannot use fingerprint or hand geometry systems 10. Applications of biometrics 2. 7ADVANTAGES OF BIOMETRIC security measures 14 1. The first advantage of using this new technology is the uniqueness and it is also the main characteristic which allows biometrics technology to become more and more important in our lives. With uniqueness of biometrics technology, each individuals identification will be single most effective identification for that user.A chance of two users having the same identification in the biometrics security technology system is nearly zero. 2. Secondly, the highly obtain way of identifying users makes this technology less attached for users to share access to highly sensitive data. For example, users can share their fingerprints, iris and so forth allowing other users access to effective information. Each trait used during identification is a single property of that user. In other words, it is extremely hard or impossible to make duplicate or share biometrics accessing data with other users.This makes it ever more secure allowing user information and data to be kept highly secure from unauthorized users. 3. This identification of users though biometrics cannot be lost, stolen or forgotten. This expression of biometrics technology allows it to become more popular in its use. This method of identifying and giving access to user makes user identification a lot easier. Finally, most biometrics security systems are easy to install and it requires small amount of funding for equipment (except modern biometrics technology such as DNA/retinal/iris recognition). . 8 CHALLENGES AND ISSUES Nothing is 100% secure, not even biometrics. Nevertheless, biometrics does provide the means to present security certification that are unique. Unlike other systems that whitethorn rely on newss or tokens that can be vulnerable to loss or exploitation, no one is going enter your l ive biometric as a means of portrayal Just as a firewall does not constitute a net profit security solution but quite a component of a defensive strategy, biometrics could be viewed in the same manner.It is not overflowing to assume absolute verification with biometrics alone but rather as part of a well designed security execution that considers strong two factor authentication. The second major(ip) threat is refer with modification of the components of the authentication system. The capture device could be modified to payoff a different image to the one captured. Alternatively, it could be modified to create a denial-of-service (DoS) that will prevent legitimate users accessing the system (by smashing a camera, for example). The processes of emplate coevals or template matching could be subverted to produce stupid results for example, a piece of vicious code could interfere with the template generation software to produce the attackers template rather than that of the l egitimate user, or the matching process could be modified to produce an unnaturally high or low matching score. CHAPTER THREE 3. 1 taint calculate blur compute is a means of accessing computer facilities via the Internet, where the procedural swarm reflects the diagrammatic use of a debase as a metaphor for the Internet.Most of us have been using confuse-computing facilities in one form or another for years through ordinary email and the military personnel Wide Web. belatedly, the term has come to reflect the use of software and the foot race of computer applications via the Internet where the computer infrastructure and software are not on premises. maculate computing, as a form of service provisioning, has disposed(p) rise to several related concepts, such as mesh computing, horde platforms, and software plus service. slander Computing is a new computing cast that distributes the computing missions on a resource pool that includes a large amount of computing resourc es.In a survey undertaken by the outside(a) Data Corporation (IDC) group between 2008 and 2009, the majority of results point to employing besmirch computing as a low- live viable option to users 17 developers or research projects and even e-commerce entrepreneurs. Using haze over computing can helper in keeping ones IT budget to a nude minimum. It is also ideally suited for development and auditioning scenarios. It is the easiest solution to test potential proof of concepts without investing too much capital.Using overcast computing service, users can store their critical data in servers and can access their data anywhere they can with the Internet and do not hire to worry about system breakdown or disk faults, and so forth Also, different users in one system can share their information and work, as well as play games together. Many important companies such as Amazon, Google, IBM, Microsoft, and Yahoo are the forerunners that provide bribe computing services. Recently more and more companies such as SalesForce, Facebook, YouTube, MySpace etc. also begin to provide all kinds of bedim computing services for Internet users . 2 TYPES OF defileS 18 In providing a secure Cloud computing solution, a major decision is to decide on the type of cloud to be implemented. Currently there are three types of cloud deployment models offered, namely, a public, private and interbreeding cloud. A. universal Cloud A public cloud is a model which allows users access to the cloud via interfaces using mainstream tissue browsers. Its typically based on a pay-per-use model, similar to a prepaid electricity metering system which is flexible enough to cater for spikes in demand for cloud optimisation.This helps cloud clients to better match their IT expenditure at an operational level by decreasing its capital expenditure on IT infrastructure 19. Public clouds are less secure than the other cloud models because it places an additional burden of ensuring all applications a nd data accessed on the public cloud are not subjected to malicious attacks. Therefore trust and privacy pertains are rife when dealing with Public clouds with the Cloud SLA at its core. B. cloistered Cloud A private cloud is set up within an organisations internal opening datacenter.It is easier to align with security, compliance, and regulatory requirements, and provides more enterprise control over deployment and use. In the private cloud, scalable resources and virtual applications provided by the cloud vendor are pooled together and available for cloud users to share and use. It differs from the public cloud in that all the cloud resources and applications are managed by the organisation itself, similar to Intranet practicableity. function on the private cloud can be much more secure than that of the public cloud because of its specified internal exposure.Only the organisation and designated stakeholders may have access to operate on a specific Private cloud 20. C. crossb red Cloud A hybrid cloud is a private cloud linked to one or more orthogonal cloud services, centrally managed, provisioned as a single unit, and circumscribed by a secure network 20. It provides virtual IT solutions through a shuffle of both public and private clouds. Hybrid Clouds provide more secure control of the data and applications and allows various parties to access information over the Internet. It also has an open architecture that allows interfaces with other management systems. . 3 CLOUD COMPUTING DELIVERY MODELS 18 The architecture of Cloud computing can be categorised according to the three types of delivery models, namely floor as a service (IaaS), Software as a service (SaaS) and weapons platform as a service (PaaS). A. Infrastructure as a Service (IaaS) Infrastructure as a Service is a single tenant cloud layer where the Cloud computing vendors dedicated resources are only shared with contracted clients at a pay-per-use fee. This greatly minimizes the need fo r huge initial investment in computing hardware such as servers, networking devices and processing power.They also allow varying degrees of financial and functional flexibility not found in internal data centers or with co-location services, because computing resources can be added or released much more speedily and cost-effectively than in an internal data center or with a colocation service 21. B. Software as a Service (SaaS) Software as a Service also operates on the virtualised and pay-per-use costing model whereby software applications are leased out to contracted organisations by specialised SaaS vendors. This is traditionally accessed remotely using a web browser via the Internet.Software as a service applications are accessed using web browsers over the Internet therefore web browser security is vitally important. Information security officers will need to consider various methods of securing SaaS applications. Web Services (WS) security, Extendable Markup Language (XML) en cryption, unspoilt Socket Layer (SSL) and available options which are used in enforcing data security measure transmitted over the Internet. C. course of study as a Service (PaaS) Platform as a service cloud layer works like IaaS but it provides an additional level of rented functionality.Clients using PaaS services transfer even more costs from capital investment to operational expenses but must acknowledge the additional constraints and possibly some degree of lock-in posed by the additional functionality layers 20 . The use of virtual machines act as a catalyst in the PaaS layer in Cloud computing. Virtual machines must be protected against malicious attacks such as cloud malware. Therefore maintaining the impartiality of applications and well enforcing accurate authentication checks during the transfer of data across the undefiled networking channels is fundamental.Figure 3. 1 CLOUD COMPUTING MAP 18 3. 4 CLOUD SECURITY Cloud computing have many advantages in cost reduction , resource sharing and time saving for new service deployment. term in a cloud computing system, most data and software that users use reside on the Internet, which bring some new challenges for the system, peculiarly security and privacy. Since each application may use resource from quadruplex servers. The servers are potentially based at multiple locations and the services provided by the cloud may use different infrastructures across organizations.All these characteristics of cloud computing make it complicated to provide security in cloud computing. To envision adequate security in cloud computing, various security issues, such as authentication, data confidentiality and integrity, and non-repudiation, all need to be taken into account. The biggest challenge in implementing successful Cloud computing technologies is managing the security. As with any new technology enhancements, criticisms are driven by fear of unknown variables and changes to on-line(prenominal) control pr ocedures. How can cloud stakeholders ensure and promote the security of Cloud computing?In the Cloud Computing Services Survey conducted during prideful 08/09 by IDC IT group 17, users were asked to rate their issues and challenges experienced with Cloud computing. The results illustrate that security is the biggest concern. Security is the main issue users are concerned with when considering Cloud computing solutions. CHAPTER FOUR 4. 1 APPLICATION OF BIOMETRICS IN CLOUD SECURITY One of the Security risks in cloud computing according to Garfunkel 23 is hacked passwords or data intrusion. If someone hacks a password they get control over the resources.They can manipulate the information or disable the services. Furthermore, there is a possibility for the users email (Amazon user name) to be hacked (see 24 for a discussion of the potential risks of email), and since Amazon allows a lost password to be reset by email, the hacker may still be able to log in to the account after receivi ng the new reset password 25. As an excellent storage scheme for tenants big data, cloud computing has been a hot issue for a lot of consumers, generally, tenants different data should be processed by different security modes.Biometric authentication has the advantage of sole(a) for tenant in data access. When any registered cloud tenant , essential to access the data stored in cloud, first, he must pass the cloud system check such as cloud_sys_checker A Hybrid biometric method can be developed by fusing finger prints and voice biometric methods. The fused value can be used as request sign on for multiple resources provided by cloud. This encrypted data is used for authentication 4. 2BIOMETRIC earmark SYSTEM AS A CLOUD SERVICEThe authentication service provider maintains the biometric data base . The data has to be stored in encrypted format using cryptography on biometric for the security reasons 4. 2. 1ARCHITECTURE BIOMETRICS AUTHENTICATION SYSTEM A secure data access scheme b ased on identity-based Encryption and biometric authentication for cloud communication Cloud Services1 CS1 Cloud Services1 CS3 Cloud Services1 CS2 Biometric Authentication Service Org1 User1 User2 Org2 User1 User2 Fig4. 1 Biometric Authenticating System in cloud 30.The user initially enrols with the biometric system which is provided by a cloud, once the identity is registered his/her biometric authentication details are stored in cloud service provider database. The authorization details are also entered at the registration time which is also encrypted. Whenever the user wants to use any cloud service user first uses the biometric authentication service rather than a traditional password mechanism. Once authenticated, the user is redirected to the actual cloud service for which he is authorized to use. 4. 3 A PROPOSED METHOD 29 Step1 Setup cloud side parameters . initialisation On the cloud service side, given a security parameter 2. Key generation When tenants are registered in c loud computing providers, each tenant will obtain a unique identity to identify him or her. The phase generates private key corresponding to given registered ID of every tenant in cloud computing. Step2 Generate tenants biometric template Cloud computing is a pervasive service environment for tenants, different tenants have different security requirement. To these tenants who have special security concern on data can generate their biometric template and be stored in cloud database.Biometric authentication must be needed when someone wants to access the data. Step3 Encrypt cloud data Input cloud data (which is created by cloud tenants and stored in the database of cloud platform), a private key (the cloud service providers), and an ID (the cloud tenant who want to access the data) output encrypted cloud data. Step4 Biometric authentication As an excellent storage scheme for tenants big data, cloud computing has been a hot issue for a lot of consumers, generally, tenants different da ta should be processed by different security modes.Biometric authentication has the advantage of exclusive for tenant in data access. Step4 Biometric authentication As an excellent storage scheme for tenants big data, cloud computing has been a hot issue for a lot of consumers, generally, tenants different data should be processed by different security modes. Biometric authentication has the advantage of exclusive for tenant in data access. When any registered cloud tenant say, p, want to access the data stored in cloud, first, he must pass the cloud system check such as cloud_sys_checker.Then, cloud tenants use registered identity ID to create their biometric template and all of the created templates are stored in cloud_sys_database. In cloud data access, cloud tenant p must pass the biometric authentication performed by biometric matcher in cloud computing. Step5 Decrypt cloud data Input encrypted cloud data ciphertext (which is generated in Step3), an ID (the cloud service provid ers), a private key (the cloud tenant who want to access the data), and output the corresponding plaintext i. e. cloud data. CHAPTER FIVE 5. 1 SUMMARYIn summary, as Biometrics allow for increased security, convenience we can say that fused biometric authentication system will be novel solution for authenticating users on cloud computing ,which can be provided as service on cloud . By following guiding principles discussed in this paper, a great deal of insecurities may be easily expelled, saving business owners valuable time and investment. Cloud computing has the potential to become a frontrunner in promoting a secure, virtual and economically viable IT solution. Future work and progress lies in standardising Cloud computing security protocols 5. CONCLUSION . Authentication is necessary in Cloud Computing. In order to seek a secure data access method for cloud tenants, a proposed method presented a secure data access mechanism based on identity-based encryption and biometric authen tication in this paper, the mechanism set double protection for confidential data of cloud tenants, encryption will make the tenants data secure against the peekers and biometric authentication will eliminate the maloperations over tenants data by root executive in cloud service. The security of data is maintained even though the same application is shared by multitenant.To ensure the correctness of users data in cloud data storage, an effective and flexible biometric is proposed. i believe that data storage security in Cloud Computing, an area full of challenges and of paramount importance, is still in its infancy now, and many research problems are yet to be identified. This proposed method can be implemented with more security by using strong biometric m easures like eye. REFERENCES 1 http//en. wikipedia. org/wiki/Biometrics 2 J. L. Wayman, Fundamentals of Biometric Authentication Xhtp/ww. engr. sisu. edu/biometrics/nbtcw. p 4 http//www. fi. muni. cz/reports/files/older/FIMU-RS-2 000-08. pdf 6 http//www. indexbiometrics. com/physiological_or_behavioral. htm 7 http//ntrg. cs. tcd. ie 8 Cernet. CHARACTERISTICS OF BIOMETRIC SYSTEMS. online available http//www. ccert. edu. cn/education/cissp/hism/039-041. html. February 2013 9 V. Vijaya Kumari and N. Suriyanarayanan. Performance Measure of Local Operators in Fingerprint Detection. pedantic Open Internet Journal, vol. 23, pp. 1-7, (2008). 10 www. gao. gov/cgi-bin/getrpt? GAO-03-1137T. February 2013 11 Jain, A. K. Ross, A. Pankanti, S. , Biometrics a tool for information security Volume 1 Issue 2, Issue Date June 2006, paginate(s) 125 143 12 Michael E. Schuckers, Some Statistical Aspects of Biometric Identification Device Performance, 2001 13 Sandra Maestre, Sean Nichols DNA Biometrics, 2009 14 Massimo Tistarelli and label Nixon, Advances In Biometrics, Springer-Verlag Berlin Heidelberg 2009, ISBN 03029743 15Erdogmus, H. Cloud Computing Does Nirvana Hide undersurface the Nebula? IEEE Software 26(2), 46 (20 09) 16 Leavitt, N. Is Cloud Computing Really spend a penny for Prime Time?Computer 42(1), 1520(2009) 17 Gens F, 2009, New IDC IT Cloud Services Survey Top Benefits and Challenges,IDC eXchange, viewed 18 February 2010, Accessed online . February 2013 18Ramgovind S, Eloff MM, Smith E, The Management of Security in Cloud Computing Online Available http//uir. unisa. ac. za/bitstream/handle/10500/3883/ramgovind. pdfjsessionid=75882F66B5AF28B3D640A3C5F9CFD837? sequence=1 February 2013 19 A Platform Computing Whitepaper, Enterprise Cloud Computing Transforming IT, Platform Computing, pp6, viewed 13March 2010. 20Global Netoptex Incorporated, 2009, Demystifying the cloud. Important opportunities, crucial choices , online pp 4-14 Available http//www. gni. com, February 2013 21 Brodkin J, 2008, Gartner Seven cloud-computing security risks, Infoworld, Accessed emailprotected http//www. infoworld. com/d/security-central/gartner-seven-cloudcomputing-Security-risks-853? page=0,1 February 2013 2 2 J. Ilonen, Keystroke dynamics, Lappeenranta University of Technology, Finland, http//www. it. lut . fi/kurssit/03-04/010970000/seminars/Ilonen. pdf (2003) 23 S. L.Garfinkel, An evaluation of amazons grid computing services EC2, S3, and SQS, skilful Report TR-08-07, Computer ScienceGroup, Harvard University, Citeseer, 2007 24 S. L. Garfinkel, Email-based identification and authentication An alternative to PKI? , IEEE Security and Privacy, 1(6), 2003 25 Cloud Computing Security From Single to Multi-Clouds Online Available http//ieeexplore. ieee. org/stamp/stamp. jsp? tp=&arnumber=614956 February 2013 26 Rahultech IT trends-latest/recent trends in information technology 2010online available