Leveraging Continuous Multi-Modal Authentication for Access Control in Mobile Cloud Environments


Mobile cloud computing integrates cloud computing into mobile environments, allowing users to use data, infrastructure, platforms, and applications on the cloud from their mobile devices. However, accessing and exploiting cloud-based resources and services is associated with numerous security implications (e.g. authentication and authorization) which represent the major barriers making individuals and organizations hesitant to migrate data or processing to the cloud. Using biometric techniques is increasingly emerging to secure such users’ assets. In this paper, we propose a bi-modal continuous authentication approach integrating face and touch biometrics into mobile cloud environments, going beyond traditional one-off authentication. The system reacts to sliding windows of recent user’s actions to dynamically update the trust in genuineness for the current user. For each biometric trait, it calculates the similarity scores resulting from the comparison between probes and templates, then they are fused together. If the fusion score is above a given threshold, the system rewards the current user; otherwise, they are penalized. In case the trust in the current user drops below a predefined threshold, the system raises an alarm. Experimental results indicate the advantage offered by our approach on performance of continuous authentication systems, providing a good security-usability tradeoff to mobile cloud environments.

Catania (Italy)