Electrical computers and digital processing systems: support – System access control based on user identification by... – Using record or token
Reexamination Certificate
1999-10-01
2004-04-27
Peeso, Thomas R. (Department: 2132)
Electrical computers and digital processing systems: support
System access control based on user identification by...
Using record or token
C713S182000, C713S185000, C713S189000, C713S193000, C713S152000, C713S152000
Reexamination Certificate
active
06728881
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
This invention is in the field of computer and information systems. More specifically, it relates to hardware devices, such as smart cards and signature devices that authenticate a user of a system. These systems use biometric characteristics that are unique to an individual user. Fingerprint identification is one example of such devices. Signature verification is another such characteristic unique to a specific user.
2. Description of the Prior Art
The nineteen eighties and nineties have seen enormous developments in computers, communications, networks, Internet, and the World Wide Web (Web). The Internet and the Web, in particular have allowed people from anywhere in the world to connect instantaneously to others on the Web. Remote operation of devices and remote access to information from anywhere globally is now possible.
This ability to connect anywhere into a network of computers has given rise to problems of security. Several types of computer attacks are now possible due to this open connectivity. Hackers can connect into your network and wreak havoc on the system. Adversaries can gain access to information and use it in unintended ways against the original owners. Adversaries can even shut down systems or turn them against the owners. The miscreants and adversaries can be from within an organization's network or from outside a network. After several serious attacks on vital systems, Information Systems Security has been recognized as a real and serious issue.
Security of information, by itself, is nothing new. People, organizations, businesses, and governments have been guarding information for a long time. Cryptography, encryption, and other forms of safeguarding information has been in vogue for many centuries.
One of the facets of information security consists in identifying a user as who he/she claims he/she is. Use of a password to identify a person has long been accepted as a reasonable method of authorization of a user. However, as computer systems are increasingly applied to vital information (e.g. defense and financial systems), mere password protection of systems is unacceptable. Moreover, hackers and abusers are becoming increasingly sophisticated at discovering (spoofing) passwords. They are able to break system security and gain entry to systems.
When users and system administrators deal with multiple systems and individual passwords for each system and application, the verification and authentication process becomes highly complicated. Fearing that they might forget their passwords, people tend to write their passwords in some file and expose their information and the systems to security risks. To avoid such risks, fingerprints are seen as identification marks for all systems and applications that one is allowed access to.
Use of Biometric devices has been accepted as a more secure method of user identification. Finger prints, face prints, eye prints, and voice prints are some of the examples of an individual's characteristics now being used for identification purposes. Currently, many commercial developments are on the market.
American Biometric Company, Ottawa Canada has developed a system, called BioMouse that authenticates a rightful user and prevents other intruders into a system. New biometric sensors from Phillips Flat Display Systems, San Jose, Calif. and Who? Vision Systems Inc., Lake Forest, Calif., ensure that only authorized users can access portable computing and consumer electronic products. The thin devices can be integrated into mobile phones and personal computers.
Smart-card acceptance is expected to surge over the next year as hardware vendors, responding to increased demand for enterprise security, install smart-card readers into hardware. The cards will store x.509 certificates for user authentication, using Gemplus Corporation smart card systems. Smart-card manufacturers, such as Baltimore-based Information Resource Engineering Inc., are pushing the technology envelope. According to this report, the market for the smart-cards will jump from $941 million in 1997 to $4.7 billion in 2002. Users place the card in the reader and a finger on the silicon chip on the card. The chip will take a 300-point snap shot of the fingerprint and permanently store it in that card. From that point, the card won't activate unless it receives that image. The card also stores a private key that is used in public key exchanges with servers to add another layer of user authentication and encryption.
Biometric vendors are looking to jump-start their market with cheaper and more effective technologies geared for PCs. Verdicom will show a fingerprint recognition module that uses a Universal Serial Bus, PCMCIA or a parallel port to connect to PCs. The Santa Clara, Calif. company's FPS 100 fingerprint chip, which costs $30 in volume, will be used in notebooks from Acer America Inc., Hewlette-Packard Co., and NEC Computer Systems Division. WhoVision, of Lake Forest, Calif., will demonstrate keyboards from Mag Innovision Inc. that use its fingerprint sensor technology. SAFLink, of Tampa, Fla., will release a new desktop application called SAFty (Secure Authentication Facility) Latch. SAFty Latch will enable users to employ voice recognition technology to encrypt desktop files with the Blowfish symmetric algorithm. Visionics, of Jersey City, N.J., will demonstrate FaceIT NT, its facial recognition software. IrisScan, of Mount Laurel, N.J., will ship its new PC Iris product.
Compaq's FIT (Fingerprint Identification Technology) examines what are called fingerprint minutiae—the contours and points unique to each fingerprint. FIT stores the minutiae-point pattern in an NT database in the same place as authentication passwords.
ApproveIT 3.5 for Office 3.5, helps you capture and authenticate electronic signatures. The result is that you can have binding approval cycles with individuals' signatures and verify that documents have not been altered in unauthorized ways. These are important in specific applications such as those in legal and regulatory industries, where document approval is part of an audit trail or approval process. Organizations that are both concerned with document security and trying to “go paperless” have this tool from Silanis Technology Inc.
SUMMARY OF THE INVENTION
It is an object of the invention to provide the following benefits over conventional cards, devices and systems: two fingerprints add greater security; fingerprint images are carried by the user and are not (necessarily) stored in any computer system; fingerprint images are not output at any time; an encrypted signal is sent to the access processor; the encrypted signal is sent only upon verification of the authenticator's signature; the pen design makes it easy to carry around and sign key legal and financial electronic documents; it can also record signature numbers and what documents they were placed on; no third party sees the actual fingerprint or the actual signature, thus avoiding chances of forgery on paper documents. The result of the invention is a high degree of mutual security of the card or pen and the access processor from each other is maintained.
The invention embodied by the card has several component modules. There are two capacitance grids to simultaneously convert fingerprint images of the thumb and pointing finger into an electrical signal. There is authenticator software of a Certifying authority for authenticating the user name, User ID, and finger prints. There is an authenticator signature storage to authenticate the agency's electronic signature. Also provided is an image processor to process the fingerprint image(s) with the authenticator's signature algorithm and an access signal generator to gain access to the connected machine. The system has image storage for the encrypted electronic image of the fingerprints and data storage for encrypted user data as well as a power supply to operate card circuits.
The operation of this card system is in two phases. In
Clohan, Jr. Paul S.
Peeso Thomas R.
Randolph William W.
The United States of America as represented by the Secretary of
LandOfFree
Fingerprint and signature identification and authorization... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Fingerprint and signature identification and authorization..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Fingerprint and signature identification and authorization... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3270944