Electrical computers and digital processing systems: support – System access control based on user identification by... – Using record or token
Reexamination Certificate
1999-01-29
2001-11-13
Peeso, Thomas R. (Department: 2132)
Electrical computers and digital processing systems: support
System access control based on user identification by...
Using record or token
C713S151000, C713S182000, C380S044000, C380S286000
Reexamination Certificate
active
06317834
ABSTRACT:
FIELD OF THE INVENTION
The present invention relates to a method and a system for verifying the identity of an individual, and more particularly, a method and a system for providing enhanced identity verification security utilizing encryption and biometric techniques.
BACKGROUND OF THE INVENTION
In today's information age, the competitive edge of many companies and public trust in government institutions can depend on the security of the information held in its databases. Breaches of that security are a highly topical issue for both designers and users of database systems.
Therefore, it is desirable to provide a secure method to both identify and authenticate users of information services. Conventional biometric systems provide a partial solution to the aforementioned need. As used herein, the term “biometric” refers to the automated process of determining positive identification on the information contained within one or more of an individual's unique physiological characteristics. In general, a biometric authentication system includes a statistical model for a particular user, such as a mixture Gaussian speech model. A person is considered to be authenticated if the system provides a score below a rejection threshold. Other persons in the population, due to physiological differences, score much more poorly and likely appear outside the acceptance region. The biometric statistical model is represented using a set of statistical parameters, such as the average spectrum. The statistical parameters are typically stored in a data structure as part of a database used by the authentication algorithm. Fingerprints, hand geometry, voice pattern, retinal pattern, iris scans, signatures and others all constitute sources of unique physiological characteristic which can establish identity.
Traditional biometric systems store their biometric information in databases in an unencrypted form. There are drawbacks in storing information in such manner. Whenever information is stored in unencrypted form this situation can lead to any number of planned attacks by prospective unauthorized individuals. It may be possible, for example, for an unauthorized user to copy a parameter of an authorized user in such a way as to gain access to a system. For example, if the database was stolen by a prospective attacker, the attacker would be able to choose the most closely matching statistical model in the database and claim to be that person.
Therefore, there is a need for a system that stores biometric information in a secure manner so as to prevent the occurrence of theft and attacks from unauthorized personnel.
SUMMARY OF THE INVENTION
According to the present invention, there is provided a method and a system utilizing encrypted bio-characteristics for verifying the identity of an individual to permit access to a general database or other secured resource.
In one aspect of the invention, a method for the secure handling of data, comprising the steps of: acquiring a database of personal identifiers and data comprising repetitively: acquiring a biometric sample; acquiring a personal identifier; acquiring a password; generating a biometric model from the biometric sample; creating a first encryption key from the password; performing an encryption operation on the biometric model; storing an encrypted biometric record in a biometric database wherein the biometric record includes the encrypted biometric model and personal identifier stored in plaintext;
The method further provides means for verifying the identity of an individual to authorize access to a general database comprising the steps of: acquiring a current biometric sample; acquiring a current personal identifier; acquiring decryption key generation data; comparing the personal identifier with the database, and on a match with a personal identifier in the database; creating a decryption key from said decryption key generation data; performing a decryption operation on the retrieved biometric record utilizing the decryption key to decrypt the encrypted biometric model from the retrieved record; comparing the decrypted biometric model with the current biometric sample to determine statistical equivalence; when statistical equivalence is found verifying the individual as authorized to access the general database.
The method and system preferably further provides re-encrypting the retrieved decrypted biometric record comprising the steps of: creating a second encryption key; performing an encryption operation on said retrieved decrypted record utilizing the second encryption key; restoring the re-encrypted record in the biometric database.
According to another aspect of the invention, the encryption key is derived from a random combination of answers provided by the individual during a challenge/response session, where the system prompts the individual with a series of challenge questions. The challenge questions are preferably directed to personal information unique to each individual. An encryption key is created by concatenating a subset of the provided answers. The method, according to the present embodiment, comprises the steps of: acquiring a database of personal identifiers and data comprising repetitively: acquiring a biometric sample; acquiring a personal identifier; prompting the individual with a series of challenge questions; creating a random challenge list including a set of integers, where each random integer is an index to one of the challenge questions (i.e a pointer); concatenating those answers to challenge questions whose index is an element of the challenge list to create a first encryption key; generating a biometric model from the biometric sample; performing an encryption operation on said biometric model using the first encryption key; storing an encrypted biometric record in the encrypted biometric database wherein the biometric record includes the encrypted biometric model, wherein the encrypted answers to challenge questions. The personal identifier is preferably stored in plain text and the challenge list in plain text.
The means for verifying the individual includes means for receiving answers from individuals to questions contained in the retrieved challenge list. The answers can then be concatenated to create the decryption key to recover the biometric model.
According to a further aspect of the invention, the derivation of the secret key is made robust to mistakes in answering the challenge questions, requiring the individual to answer only m of the n challenge questions correctly (i.e. (m of n) threshold test). The present embodiment is advantageous in that the entire key is recoverable whenever any m shares of the key are available. In accordance with the present embodiment, the encryption key is divided into n-shares at an enrollment step and the biometric record is accordingly encrypted with the n-share key. At a verification step, answering any m out of n challenge questions correctly yields m-shares of the entire n-share key thereby permitting decryption of the biometric record.
The presently described embodiment provides means for verifying the identity of an individual to authorize access to a general database comprising the steps of: prompting the user for a personal identifier; comparing the personal identifier of a given individual with the database, and on a match with a personal identifier in the database retrieving the biometric record; extracting the challenge list from the retrieved biometric record and asking challenge questions whose index matches the elements (i.e. pointers) of the challenge list; combining the received answers to the challenge questions to create a decryption key; performing a decryption operation on answers along with decrypting the biometric model; generating a new challenge list randomly; and using the answers from the decrypted information to form a new encryption key. Preferably, the model and the answers are re-encrypted and stored with the new challenge list.
The re-encrypting the retrieved biometric record preferably comprising the steps of: creating a second encry
Gennaro Rosario
Halevi Shai
Maes Stephane
Rabin Tal
Sorensen Jeffrey
Darrow Justin T.
F. Chau & Associates LLP
International Business Machines - Corporation
Peeso Thomas R.
LandOfFree
Biometric authentication system with encrypted models does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Biometric authentication system with encrypted models, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Biometric authentication system with encrypted models will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2603348