Electrical computers and digital processing systems: support – System access control based on user identification by... – Using record or token
Patent
1998-04-09
2000-12-26
Hayes, Gail O.
Electrical computers and digital processing systems: support
System access control based on user identification by...
Using record or token
713182, H04L 908
Patent
active
061675172
ABSTRACT:
One embodiment of the present invention provides a method for authenticating an identity of a user in order to secure access to a host system. In this embodiment, the host system receives an identifier for the user from a client system. This identifier is used to retrieve a template containing biometric data associated with the user, and this template is returned to the client. The client then gathers a biometric sample from the user, and compares this biometric sample with the template to produce a comparison result. Next, the client computes a message digest using the template, the comparison result and an encryption key, and sends the message digest to the host system. This computation takes places within a secure hardware module within the client computing system that contains a secure encryption key in order to guard against malicious users on the client system. Next, the host system receives the message digest and authenticates the user by determining whether the message digest was computed using the template, the encryption key, and a comparison result indicating a successful match between the biometric sample and the template. If so, the host has confidence that the client has successfully matched the template with the biometric sample, and the client is allowed to access a service on the host system. By requiring the secure hardware in the client system to include the template in the message digest, the host system can guard against a malicious user who substitutes another template to gain unauthorized access to the host system. In a variation on this embodiment, the host system retrieves the template from a centralized repository for templates.
REFERENCES:
patent: 5229764 (1993-07-01), Matchett et al.
patent: 5280527 (1994-01-01), Gullman et al.
patent: 5613012 (1997-03-01), Hoffman et al.
patent: 5648648 (1997-07-01), Chou et al.
patent: 5784566 (1998-07-01), Viavant et al.
patent: 5887131 (1999-03-01), Angelo
Michael Kuperstein, Face Reccognization, Definse & Security Electronics v28, n3, p28(2), Mar. 1996.
Bruce Schneier, Applied Cryptography 2e, John Wiley, pp. 30, 353-354,433-441, Oct. 1996.
Gilchrist Gary
Viavant Steven D.
Hayes Gail O.
Oracle Corporation
Seal James
LandOfFree
Trusted biometric client authentication does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Trusted biometric client authentication, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Trusted biometric client authentication will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-1006743