Achieving robust biometric based access control mechanism for cloud computing

Cloud computing is an arresting emerging computing paradigm that offers users on demand network access to a large shared pool of computing resources. This paper focuses on leveraging biometric identity to achieve access control in cloud. Biometric possesses a lot of advantages like portability, uniqueness and verification clearness; nevertheless biometric measurements are always noisy. Additionally, there always exists key exposure problem in the context of access control. To protect sensitive data along with private key confidential against malicious servers or other external attackers and meet the requirement of removing the biometric noisy property, we exploit and combine techniques of fuzzy identity based encryption (FIBE), biometric measurement, and key insulated encryption. Specifically, we based on the idea that every time legal user or malicious one makes the request of accessing data of his interest will the cloud severs update the corresponding header file which only the legal user has the ability to decrypt. To our best knowledge, it is the first to consider the key insulated encryption in the access control of cloud computing. Extensive analysis shows that our proposed scheme is provably secure under existing security models.