Applications of Biometrics in Cloud Security
CHAPTER ONE 1. 1 INTRODUCTION The success of modern day technologies highly depends on its effectiveness of the world’s norms, its ease of use by end users and most importantly its degree of information security and control. Cloud computing is a style of computing in which dynamically scalable and often virtualized resources are provided as a service over the Internet. Users need not have knowledge of, expertise in, or control over the technology infrastructure ‘in the cloud’ that supports them [15, 16].
Authentication, thus, becomes pretty important for cloud security. Biometric is the most secure and convenient authentication tool. It cannot be borrowed, stolen, or forgotten and forging one is practically impossible. The term comes from the Greek words bios (life) and metrikos (measure). To make a personal recognition, biometrics relies on who you are or what you do—as opposed to what you know. OBJECTIVES 1 To know and understand the meaning of biometric, its uses, the characteristics and also its advantages and challenges. To know and understand the full meaning of cloud computing its type and its service providers 3 To explain the about cloud security and its shortfalls 4 To know how biometric technology can be applied to enhance security in cloud computing CHAPTER TWO 2. 0 BIOMETRICS The word “biometrics” comes from the Greek language and is derived from the words bio (life) and metric (to measure). Biometrics (or biometric authentication) refers to the identification of humans by their characteristics or traits.
Computer science, biometrics to be specific, is used as a form of identification . Biometrics is automated methods of recognizing a person based on a physiological or behavioural characteristic . Biometrics offers new perspectives in high-security applications while supporting natural, user-friendly and fast authentication. Biometric technology uses these characteristics to identify individuals automatically1. Ideally the characteristic should be universally present, unique to the individual, stable over time and easily measurable . 2. Biometric systems A biometric system provides an automated method of recognizing an individual based on the individual’s biometric. A biometric is a measurement of a biological characteristic such as fingerprint, iris pattern, retina image, face or hand geometry; or a behavioural characteristic such as voice, gait or signature. Behavioural biometrics are related to the behaviour of a Person, including but not limited to: typing rhythm, gait, and voice. Some researchers have coined the term behaviourmetrics to describe the behaviour class of biometrics .
A biometric system is essentially a pattern-recognition system that recognizes a person based on a feature vector derived from a specific physiological or behavioural characteristic that the person possesses . Biometric systems can be used in two different modes. Identity verification occurs when the user claims to be already enrolled in the system (presents an ID card or login name); in this case the biometric data obtained from the user is compared to the user’s data already stored in the database Identification (also called search) occurs when the identity of the user is a priori unknown.
In this case the user’s biometric data is matched against all the records in the database as the user can be anywhere in the database or he/she actually does not have to be there at all . The combination of biometric data systems and biometrics recognition/ identification technologies creates the biometric security systems. 2. 2 Biometric Authentication Authentication on the other hand, is a process where a known person’s live biometric is compared to a stored template of that person.
For example, an individual’s identity is revealed to the biometric system upon entering a PIN (Personal Identification Number). To authenticate that this is the person associated with this PIN, a live biometric is presented by the individual and compared to the template and a match is determined. This is known as a ‘one to one’ search. It is more accurate than the ‘one to many’ application and is the predominant biometric process in place today and the more privacy friendly of the two systems.
This answers the question – Are you who you say you are? Two general uses of biometrics are identification and verification which both require the existence of reference data that the person’s measured traits will be compared with reference templates or raw data. During these processes, a biometric data sample is compared against the respective biometric data of every person enrolled in the database or against a single reference template of a particular enrolled individual in order to confirm the identity of that person respectively.
When a biometric system correctly identifies a person, then the result of the identification process is a true positive, whereas if the system correctly rejects a person as not matching the respective enrolled template, the result is a true negative. Similarly, when the system incorrectly identifies or rejects a person then we speak about a false positive or a false negative. Fig 2. 1 Components of a Biometric Authentication System 2. 3 BIOMETRIC SECURITY SYSTEM The biometric security system is a lock and capture mechanism to control access to specific data.
In order to access the biometric security system, an individual will need to provide their unique characteristics or traits which will be matched to a database in the system. If there is a match, the locking system will provide access to the data for the user. The locking and capturing system will activate and record information of users who accessed the data. The relationship between the biometric and biometric security system is also known as the lock and key system. The biometrics security system is the lock and biometrics is the key to open that lock . 2. 4 CRITERIA FOR BIOMETRIC SYSTEM
There are seven basic criteria for biometric security system:  * Uniqueness: uniqueness is considered as the priority one requirement for biometric data. It will indicate how differently and uniquely the biometric system will be able to recognize each user among groups of users . For instance, the DNA of each person is unique and it is impossible to replicate. * Universality: Universality is a criterion for the biometric security that indicates requirements for unique characteristics of each person in the world, which cannot be replicated. For example, retinal and iris are characteristics will satisfy this requirement. Permanence: permanence parameter is required for every single characteristic or trait which is recorded in the database of the system and needs to be constant for a certain period of time period. This parameter will mostly be affected by the age of the user * Collectability: The collectability parameter requires the collection of each characteristic and trait by the system in order to verify their identification * Performance: performance outlines how well the security system works. The accuracy and robustness are main factors for the biometric security system.
These factors will decide the performance of the biometric security system * Acceptability: The acceptability parameter will choose fields in which biometric technologies are acceptable. * Circumvention: circumvention will decide how easily each characteristic and trait provided by the user can lead to failure during the verification process. DNA is believed to be the most difficult characteristic leading to the failure of the verification process . Figure 2. 2 Basic Criteria for Biometrics Security System  2. 5 TYPES OF BIOMETRIC systems Two classes of biometric methods are: 1) Physical Biometrics:
Physiological biometrics is based on measurements and data derived from direct measurement of a part of the human body. * Fingerprint: Fingerprint recognition is one of the best known and most widely used Biometric technologies. Fingerprint recognition technology extracts features from impressions made by the distinct ridges on the fingertips. * Iris-scan: Iris recognition technology is based on the distinctly coloured ring surrounding the pupil of the eye. Iris recognition systems use a small, high-quality camera to capture a black and white, high-resolution image of the iris. Retina-scan: Retina recognition technology captures and analyses the patterns of blood vessels on the thin nerve on the back of the eyeball that processes light entering through the pupil. * Hand geometry: Hand geometry technology takes 96 measurements of the hand, including the width, height, and length of the fingers; distances between joints; and shape of the knuckles. * Facial recognition : Facial recognition technology identifies people by analysing features of the face not easily altered—the upper outlines of the eye sockets, the areas around the cheekbones, and the sides of the mouth..
Facial recognition can be used in both verification and identification systems. 2) Behavioural characteristics are based on an action taken by a person. Behavioural biometrics, in turn, are based on measurements and data derived from an action, and indirectly measure characteristics of the human body * Voice recognition: Voice authentication is unique and non-intrusive method and also the hardware requirements required for this type of authentication are cheap and are available readily. Microphones can be used for this purpose.
However the back ground noise must be controlled, high storage is required for this kind of authentication. This type of authentication can also be extraneously influenced by once sore throat and cold.  * Keystroke-scan: Keystroke dynamics is a biometric based on the assumption that different people type in uniquely characteristic manners. Observation of telegraph operators in the 19th century revealed personally distinctive patterns when keying messages over telegraph lines, and telegraph operators could recognize each other based on only their keying dynamics .
Keystroke dynamics is known with a few different names: keyboard dynamics, keystroke analysis, typing biometrics and typing rhythms . Currently users begin information to computer systems via physical keyboards or keyboards on touch screens. The main advantage of using keystroke dynamics is that it can be used without any additional hardware. Thus it is inexpensive. The user acceptance of a keystroke dynamics biometric system is very high, since it is not intrusive and users do not necessarily even notice that such a system is used [22, 27]. Signature Recognition: Signature recognition authenticates identity by measuring handwritten signatures. The signature is treated as a series of movements that contain unique biometric data, such as personal rhythm, acceleration, and pressure flow. In a signature recognition system, a person signs his or her name on a digitized graphics tablet or personal digital assistant. The technology can also track each person’s natural signature fluctuations over time. The signature dynamics information is encrypted and compressed into a template.
One of the defining characteristics of a behavioural biometric is the incorporation of time as a metric – the measured behaviour has a beginning, middle and end . A number of biometric methods have been introduced over the years, but few have gained wide acceptance. 2. 6 PERFORMANCE OF BIOMETRICS SYSTEMS The following are used as performance metrics for biometric systems . * False Accept Rate FAR and False Reject Rate FRR: The FAR gives a measure of the probability that an individual will be ‘falsely accepted’ by the system (i. . that the system accepts someone who is not enrolled on the system, or makes an incorrect identification). The FRR indicates how likely it is that a legitimate user will be rejected. The balance between the FAR and the FRR greatly influences both the security and usability of the system. The False Rejection Rate (FRR) is usually caused by lighting, climate conditions, low quality equipment or inexperience. The False Acceptance Rate (FAR) is caused by the security standard being too low . False Match Rate FMR and False NonMatch Rate FNMR: A false match occurs when a system incorrectly matches an identity, In verification and positive identification systems, unauthorized people can be granted access to facilities or resources as the result of incorrect matches. That occurs when a subsequent reading does not properly match the enrolled biometric relating to that individual, something that results in Denial of Access to services. * The Crossover Error Rate (CER): The Crossover Error Rate (CER) is defined as the error rate of the system when the FAR and FRR are equal.
Usually expressed as a percentage, the CER can be used to compare the performance of different biometric systems. * False enrol rate: This occurs when a person’s biometric is either unrecognizable, or when it is not of a sufficiently high standard for the machine to make a judgment, something that does not allow the user to enrol in the system in the first place. The fingerprints of people who work extensively at manual labour are often too worn to be captured. A high percentage of people are unable to enrol in retina recognition systems because of the precision such systems require.
People who are mute cannot use voice systems, and people lacking fingers or hands from congenital disease, surgery, or injury cannot use fingerprint or hand geometry systems . Applications of biometrics 2. 7ADVANTAGES OF BIOMETRIC SECURITY  1. The first advantage of using this new technology is the uniqueness and it is also the main characteristic which allows biometrics technology to become more and more important in our lives. With uniqueness of biometrics technology, each individual’s identification will be single most effective identification for that user.
A chance of two users having the same identification in the biometrics security technology system is nearly zero. 2. Secondly, the highly secure way of identifying users makes this technology less prone for users to share access to highly sensitive data. For example, users can share their fingerprints, iris and so forth allowing other users access to secure information. Each trait used during identification is a single property of that user. In other words, it is extremely hard or impossible to make duplicate or share biometrics accessing data with other users.
This makes it ever more secure allowing user information and data to be kept highly secure from unauthorized users. 3. This identification of users though biometrics cannot be lost, stolen or forgotten. This aspect of biometrics technology allows it to become more popular in its use. This method of identifying and giving access to user makes user identification a lot easier. Finally, most biometrics security systems are easy to install and it requires small amount of funding for equipment (except modern biometrics technology such as: DNA/retinal/iris recognition). . 8 CHALLENGES AND ISSUES Nothing is 100% secure, not even biometrics. Nevertheless, biometrics does provide the means to present security credentials that are unique. Unlike other systems that may rely on passwords or tokens that can be vulnerable to loss or exploitation, no one is going enter your live biometric as a means of impersonation Just as a firewall does not constitute a network security solution but rather a component of a defensive strategy, biometrics could be viewed in the same manner.
It is not enough to assume absolute verification with biometrics alone but rather as part of a well designed security implementation that considers strong two factor authentication. The second major threat is concerned with modification of the components of the authentication system. The capture device could be modified to output a different image to the one captured. Alternatively, it could be modified to create a denial-of-service (DoS) that will prevent legitimate users accessing the system (by smashing a camera, for example). The processes of emplate generation or template matching could be subverted to produce erroneous results; for example, a piece of malicious code could interfere with the template generation software to produce the attacker’s template rather than that of the legitimate user, or the matching process could be modified to produce an artificially high or low matching score. CHAPTER THREE 3. 1 CLOUD COMPUTING Cloud computing is a means of accessing computer facilities via the Internet, where the adjective “cloud” reflects the diagrammatic use of a cloud as a metaphor for the Internet.
Most of us have been using cloud-computing facilities in one form or another for years through ordinary email and the World Wide Web. Recently, the term has come to reflect the use of software and the running of computer applications via the Internet where the computer infrastructure and software are not “on premises. ” Cloud computing, as a form of service provisioning, has given rise to several related concepts, such as mesh computing, cloud platforms, and software plus service. Cloud Computing is a new computing model that distributes the computing missions on a resource pool that includes a large amount of computing resources.
In a survey undertaken by the International Data Corporation (IDC) group between 2008 and 2009, the majority of results point to employing Cloud computing as a low-cost viable option to users  developers or research projects and even e-commerce entrepreneurs. Using Cloud computing can help in keeping one’s IT budget to a bare minimum. It is also ideally suited for development and testing scenarios. It is the easiest solution to test potential proof of concepts without investing too much capital.
Using cloud computing service, users can store their critical data in servers and can access their data anywhere they can with the Internet and do not need to worry about system breakdown or disk faults, etc. Also, different users in one system can share their information and work, as well as play games together. Many important companies such as Amazon, Google, IBM, Microsoft, and Yahoo are the forerunners that provide cloud computing services. Recently more and more companies such as SalesForce, Facebook, YouTube, MySpace etc. also begin to provide all kinds of cloud computing services for Internet users . 2 TYPES OF CLOUDS  In providing a secure Cloud computing solution, a major decision is to decide on the type of cloud to be implemented. Currently there are three types of cloud deployment models offered, namely, a public, private and hybrid cloud. A. Public Cloud A public cloud is a model which allows users’ access to the cloud via interfaces using mainstream web browsers. It’s typically based on a pay-per-use model, similar to a prepaid electricity metering system which is flexible enough to cater for spikes in demand for cloud optimisation.
This helps cloud clients to better match their IT expenditure at an operational level by decreasing its capital expenditure on IT infrastructure . Public clouds are less secure than the other cloud models because it places an additional burden of ensuring all applications and data accessed on the public cloud are not subjected to malicious attacks. Therefore trust and privacy concerns are rife when dealing with Public clouds with the Cloud SLA at its core. B. Private Cloud A private cloud is set up within an organisation’s internal enterprise datacenter.
It is easier to align with security, compliance, and regulatory requirements, and provides more enterprise control over deployment and use. In the private cloud, scalable resources and virtual applications provided by the cloud vendor are pooled together and available for cloud users to share and use. It differs from the public cloud in that all the cloud resources and applications are managed by the organisation itself, similar to Intranet functionality. Utilisation on the private cloud can be much more secure than that of the public cloud because of its specified internal exposure.
Only the organisation and designated stakeholders may have access to operate on a specific Private cloud . C. Hybrid Cloud A hybrid cloud is a private cloud linked to one or more external cloud services, centrally managed, provisioned as a single unit, and circumscribed by a secure network . It provides virtual IT solutions through a mix of both public and private clouds. Hybrid Clouds provide more secure control of the data and applications and allows various parties to access information over the Internet. It also has an open architecture that allows interfaces with other management systems. . 3 CLOUD COMPUTING DELIVERY MODELS  The architecture of Cloud computing can be categorised according to the three types of delivery models, namely Infrastructure as a service (IaaS), Software as a service (SaaS) and Platform as a service (PaaS). A. Infrastructure as a Service (IaaS) Infrastructure as a Service is a single tenant cloud layer where the Cloud computing vendor’s dedicated resources are only shared with contracted clients at a pay-per-use fee. This greatly minimizes the need for huge initial investment in computing hardware such as servers, networking devices and processing power.
They also allow varying degrees of financial and functional flexibility not found in internal data centers or with co-location services, because computing resources can be added or released much more quickly and cost-effectively than in an internal data center or with a colocation service . B. Software as a Service (SaaS) Software as a Service also operates on the virtualised and pay-per-use costing model whereby software applications are leased out to contracted organisations by specialised SaaS vendors. This is traditionally accessed remotely using a web browser via the Internet.
Software as a service applications are accessed using web browsers over the Internet therefore web browser security is vitally important. Information security officers will need to consider various methods of securing SaaS applications. Web Services (WS) security, Extendable Markup Language (XML) encryption, Secure Socket Layer (SSL) and available options which are used in enforcing data protection transmitted over the Internet. C. Platform as a Service (PaaS) Platform as a service cloud layer works like IaaS but it provides an additional level of “rented” functionality.
Clients using PaaS services transfer even more costs from capital investment to operational expenses but must acknowledge the additional constraints and possibly some degree of lock-in posed by the additional functionality layers  . The use of virtual machines act as a catalyst in the PaaS layer in Cloud computing. Virtual machines must be protected against malicious attacks such as cloud malware. Therefore maintaining the integrity of applications and well enforcing accurate authentication checks during the transfer of data across the entire networking channels is fundamental.
Figure 3. 1 CLOUD COMPUTING MAP  3. 4 CLOUD SECURITY Cloud computing have many advantages in cost reduction, resource sharing and time saving for new service deployment. While in a cloud computing system, most data and software that users use reside on the Internet, which bring some new challenges for the system, especially security and privacy. Since each application may use resource from multiple servers. The servers are potentially based at multiple locations and the services provided by the cloud may use different infrastructures across organizations.
All these characteristics of cloud computing make it complicated to provide security in cloud computing. To ensure adequate security in cloud computing, various security issues, such as authentication, data confidentiality and integrity, and non-repudiation, all need to be taken into account. The biggest challenge in implementing successful Cloud computing technologies is managing the security. As with any new technology enhancements, criticisms are driven by fear of unknown variables and changes to current control procedures. How can cloud stakeholders ensure and promote the security of Cloud computing?
In the Cloud Computing Services Survey conducted during August 08/09 by IDC IT group , users were asked to rate their issues and challenges experienced with Cloud computing. The results illustrate that security is the biggest concern. Security is the main issue users are concerned with when considering Cloud computing solutions. CHAPTER FOUR 4. 1 APPLICATION OF BIOMETRICS IN CLOUD SECURITY One of the Security risks in cloud computing according to Garfunkel  is hacked passwords or data intrusion. If someone hacks a password they get control over the resources.
They can manipulate the information or disable the services. Furthermore, there is a possibility for the user’s email (Amazon user name) to be hacked (see  for a discussion of the potential risks of email), and since Amazon allows a lost password to be reset by email, the hacker may still be able to log in to the account after receiving the new reset password . As an excellent storage scheme for tenants’ big data, cloud computing has been a hot issue for a lot of consumers, generally, tenants’ different data should be processed by different security modes.
Biometric authentication has the advantage of exclusive for tenant in data access. When any registered cloud tenant , want to access the data stored in cloud, first, he must pass the cloud system check such as cloud_sys_checker A Hybrid biometric method can be developed by fusing finger prints and voice biometric methods. The fused value can be used as signal sign on for multiple resources provided by cloud. This encrypted data is used for authentication 4. 2BIOMETRIC AUTHENTICATION SYSTEM AS A CLOUD SERVICE:
The authentication service provider maintains the biometric data base . The data has to be stored in encrypted format using cryptography on biometric for the security reasons 4. 2. 1ARCHITECTURE BIOMETRICS AUTHENTICATION SYSTEM A secure data access scheme based on identity-based Encryption and biometric authentication for cloud communication Cloud Services1 CS1 Cloud Services1 CS3 Cloud Services1 CS2 Biometric Authentication Service Org1 User1 User2 … Org2 User1 User2 Fig4. 1: Biometric Authenticating System in cloud .
The user initially enrols with the biometric system which is provided by a cloud, once the identity is registered his/her biometric authentication details are stored in cloud service provider database. The authorization details are also entered at the registration time which is also encrypted. Whenever the user wants to use any cloud service user first uses the biometric authentication service rather than a traditional password mechanism. Once authenticated, the user is redirected to the actual cloud service for which he is authorized to use. 4. 3 A PROPOSED METHOD  Step1: Setup cloud side parameters . Initialization On the cloud service side, given a security parameter 2. Key generation When tenants are registered in cloud computing providers, each tenant will obtain a unique identity to identify him or her. The phase generates private key corresponding to given registered ID of every tenant in cloud computing. Step2: Generate tenant’s biometric template Cloud computing is a pervasive service environment for tenants, different tenants have different security requirement. To these tenants who have special security concern on data can generate their biometric template and be stored in cloud database.
Biometric authentication must be needed when someone wants to access the data. Step3: Encrypt cloud data Input: cloud data (which is created by cloud tenants and stored in the database of cloud platform), a private key (the cloud service providers), and an ID (the cloud tenant who want to access the data); output: encrypted cloud data. Step4: Biometric authentication As an excellent storage scheme for tenants’ big data, cloud computing has been a hot issue for a lot of consumers, generally, tenants’ different data should be processed by different security modes.
Biometric authentication has the advantage of exclusive for tenant in data access. Step4: Biometric authentication As an excellent storage scheme for tenants’ big data, cloud computing has been a hot issue for a lot of consumers, generally, tenants’ different data should be processed by different security modes. Biometric authentication has the advantage of exclusive for tenant in data access. When any registered cloud tenant say, p, want to access the data stored in cloud, first, he must pass the cloud system check such as cloud_sys_checker.
Then, cloud tenants use registered identity ID to create their biometric template and all of the created templates are stored in cloud_sys_database. In cloud data access, cloud tenant p must pass the biometric authentication performed by biometric matcher in cloud computing. Step5: Decrypt cloud data Input: encrypted cloud data ciphertext (which is generated in Step3), an ID (the cloud service provider’s), a private key (the cloud tenant who want to access the data), and output: the corresponding plaintext i. e. cloud data. CHAPTER FIVE 5. 1 SUMMARY
In summary, as Biometrics allow for increased security, convenience we can say that fused biometric authentication system will be novel solution for authenticating users on cloud computing ,which can be provided as service on cloud . By following guiding principles discussed in this paper, a great deal of insecurities may be easily expelled, saving business owners’ valuable time and investment. Cloud computing has the potential to become a frontrunner in promoting a secure, virtual and economically viable IT solution. Future work and progress lies in standardising Cloud computing security protocols 5. CONCLUSION . Authentication is necessary in Cloud Computing. In order to seek a secure data access method for cloud tenants, a proposed method presented a secure data access mechanism based on identity-based encryption and biometric authentication in this paper, the mechanism set double protection for confidential data of cloud tenants, encryption will make the tenants data secure against the peekers and biometric authentication will eliminate the maloperations over tenants data by root administrator in cloud service. The security of data is maintained even though the same application is shared by multitenant.
To ensure the correctness of users’ data in cloud data storage, an effective and flexible biometric is proposed. i believe that data storage security in Cloud Computing, an area full of challenges and of paramount importance, is still in its infancy now, and many research problems are yet to be identified. This proposed method can be implemented with more security by using strong biometric m easures like eye. REFERENCES  http://en. wikipedia. org/wiki/Biometrics  J. L. Wayman, “Fundamentals of Biometric Authentication Xhtp:/ww. engr. sisu. edu/biometrics/nbtcw. p 4] http://www. fi. muni. cz/reports/files/older/FIMU-RS-2000-08. pdf  http://www. indexbiometrics. com/physiological_or_behavioral. htm  http://ntrg. cs. tcd. ie  Cernet. “CHARACTERISTICS OF BIOMETRIC SYSTEMS”. [online] available: http://www. ccert. edu. cn/education/cissp/hism/039-041. html. February 2013  V. Vijaya Kumari and N. Suriyanarayanan. “Performance Measure of Local Operators in Fingerprint Detection. ” Academic Open Internet Journal, vol. 23, pp. 1-7, (2008).  www. gao. gov/cgi-bin/getrpt? GAO-03-1137T. February 2013  Jain, A. K. ; Ross, A. Pankanti, S. , “Biometrics: a tool for information security” Volume: 1 Issue: 2, Issue Date: June 2006, page(s): 125 – 143  Michael E. Schuckers, “Some Statistical Aspects of Biometric Identification Device Performance”, 2001  Sandra Maestre, Sean Nichols “DNA Biometrics”, 2009  Massimo Tistarelli and Marks Nixon, “Advances In Biometrics”, Springer-Verlag Berlin Heidelberg 2009, ISBN 03029743 Erdogmus, H. : Cloud Computing: Does Nirvana Hide behind the Nebula? IEEE Software 26(2), 4–6 (2009)  Leavitt, N. : Is Cloud Computing Really Ready for Prime Time?
Computer 42(1), 15–20(2009)  Gens F, 2009,’ New IDC IT Cloud Services Survey: Top Benefits and Challenges’,IDC eXchange, viewed 18 February 2010, Accessed online @ <http://blogs. idc. com/ie/? p=730>. February 2013 Ramgovind S, Eloff MM, Smith E,” The Management of Security in Cloud Computing” [Online] Available: http://uir. unisa. ac. za/bitstream/handle/10500/3883/ramgovind. pdf;jsessionid=75882F66B5AF28B3D640A3C5F9CFD837? sequence=1 February 2013  A Platform Computing Whitepaper, ‘Enterprise Cloud Computing: Transforming IT’, Platform Computing, pp6, viewed 13March 2010. 20]Global Netoptex Incorporated, 2009, “Demystifying the cloud. Important opportunities, crucial choices” , [online] pp 4-14 Available: http://www. gni. com, February 2013  Brodkin J, 2008, ‘Gartner: Seven cloud-computing security risks’, Infoworld, Accessed [email protected] http://www. infoworld. com/d/security-central/gartner-seven-cloudcomputing-Security-risks-853? page=0,1 February 2013  J. Ilonen, Keystroke dynamics, Lappeenranta University of Technology, Finland, http://www. it. lut . fi/kurssit/03-04/010970000/seminars/Ilonen. pdf (2003)  S. L.
Garfinkel, “An evaluation of amazon’s grid computing services: EC2, S3, and SQS”, Technical Report TR-08-07, Computer ScienceGroup, Harvard University, Citeseer, 2007  S. L. Garfinkel, “Email-based identification and authentication: An alternative to PKI? “, IEEE Security and Privacy, 1(6), 2003  Cloud Computing Security: From Single to Multi-Clouds [Online] Available: http://ieeexplore. ieee. org/stamp/stamp. jsp? tp=&arnumber=614956 February 2013  Rahultech “IT trends-latest/recent trends in information technology” 2010[online] available: