ABSTRACT

In spite of their widespread use and ubiquity, passwords are unreliable as an

authentication methodology because they can be hacked or even guessed, yet when it comes to

biometrics it is very hard to impersonate someone. Therefore, biometric authentication schemes

are currently widely recognized as the strongest authentication technologies available on the

market.

Identity providers and claims-based identity are emerging technologies that aims to

decouple the authentication logic from the applicationâ€s business logic. This can be done by

assigning the authentication task to the identity provider and establishing a trust relationship

between the application and the identity provider so that the application relies on the identity

provider to authenticate the application users.

The project aims to develop an identity provider that uses fingerprint and facial

biometrics to authenticate users. The identity provider task is to determine the identity of the user

and pass the identity information to the relying applications which trust this identity provider.

For security purposes, the biometrics data of users is stored on a local server within the

sponsoring companyâ€s intranet. This local server is located behind firewalls and itâ€s address can

only be resolved internally within the intranet due to use of NAT. Therefore, the server doesnâ€t

have a global IP address. Windows Azure cloud platform has a powerful component called

â€�“Windows Azure Service Busâ€Â� which was used to solve this tough connectivity problem.

The project also aims to develop a simple employees management application that can be

used as an example of a relying application that relies on the developed identity provider to

authenticate the users.

Project management principles and software development lifecycle techniques were

applied during the project implementation. This approach has significantly streamlined the

project implementation process and the project objectives have been met.

TABLE OF CONTENTS

DICLARATION OF ORIGINALITY - - ii

ABSTRACT - - - .. iii

ØµÙ„Ø®ØªØ³Ù - Ù„Ø§ - - - . iv

ACKNOWLEDGEMENT - v

DEDICATION - .. vi

TABLE OF CONTENTS - - - . vii

LIST OF FIGURES - - - .. ix

LIST OF ABBREVIATIONS - - - xi

1 INTRODUCTION - - 1

1.1 Introduction - - - 1

1.2 Project Background - - - 1

1.3 Problem Statement - - .. 1

1.4 Motivation - . 1

1.5 Objectives - . 2

1.6 Thesis Layout - - 2

2 LITERATURE REVIEW - - - 3

2.1 Introduction - - - 3

2.2 Authentication - - - . 3

2.3 Biometrics - . 4

2.3.1 Generic biometric authentication system - - - - _ 5

2.3.2 Fingerprint biometrics - - - - - 6

2.3.2.1 Fingerprint characteristics - - - 6

2.3.2.2 Issues in fingerprint recognition technology - - .. 7

2.3.3 Face biometrics - - - - - 8

2.3.3.1 Processing workflow - . 8

2.4 Software Architectural Concepts - - 9

2.4.1 Claims-Based Authentication and Identity Providers - - - _ 9

2.4.1.1 Components of the claim-based authentication - - 10

2.4.1.2 Claims-based authentication standards - - 12

2.4.1.3 Token format standard : Security Assertion Markup Language 2.0 (SAML 2.0) - - 12

2.4.2 Service oriented Architecture - - - - - 13

2.4.3 Model-View-Controller (MVC) - - - - 14

2.4.3.1 Components interaction - - - .. 15

2.5 Programming Languages, Platforms, Technologies and Tools - 16

2.5.1 Programming languages - - - - _ 16

2.5.2 Platforms - - - - - - 16

2.5.3 Technologies - - - - - _ 16

2.5.4 Tools - - - - - - 18

3 METHODOLOGY - - - 20

3.1 Introduction - - 20

3.2 Project Initiation - 20

3.3 Project Planning - . 22

3.3.1 Scope planning - - - - - _ 22

3.3.2 Time planning - - - - - 22

3.3.3 Risk management planning - - - - - 23

3.4 Project Execution - - .. 23

3.4.1 Software requirements - - - - - 24

3.4.2 Software design - - - - - _ 24

3.4.2.1 BioSTS - - - .. 25

3.4.2.2 Employees Administration Module - - 35

3.4.2.3 Employees Access Module - .

DESIGN AND IMPLEMENTATION OF CLAIM BASED BIOMETRIC AUTHENTICATION SYSTEM OVER THE CLOUD

By

Osman Mirghani Osman Elsayed

Presented To

🔗 Related Topics