Authentication method and apparatus using biometric information and context information

US 10,609,023 B2
Filed: 08/27/2015
Issued: 03/31/2020
Est. Priority Date: 08/29/2014
Status: Active Grant

First Claim

Patent Images

1. A method for performing an authentication by a first terminal, the method comprising:

obtaining main authentication information requiring a user'"'"'s cooperation, based on an initial condition for obtaining the main authentication information being triggered;

performing a first authentication based on the main authentication information;

requesting, to a second terminal, first auxiliary authentication information not requiring the user'"'"'s cooperation, based on the first authentication being successful;

receiving, from the second terminal, the first auxiliary authentication information;

performing a second authentication based on the first auxiliary authentication information, wherein performing the second authentication comprises;

determining a distance between the first terminal and the second terminal, the distance being identified based on a strength of a signal including the first auxiliary authentication information;

determining, in case that the main authentication information and the first auxiliary authentication information are information of same type, whether a degree of overlap between the main authentication information and the first auxiliary authentication information is higher than a first reference value;

determining, in case that the main authentication information and the first auxiliary authentication information are not information of same type, whether a degree of relevance between the main authentication information and the first auxiliary authentication information is higher than a second reference value; and

determining that the second authentication is failed, in case that the distance is greater than a threshold, the degree of overlap is lower than the first reference value, or the degree of relevance is lower than the second reference value;

determining that a third authentication is required by identifying that an error range that occurred in a result of the second authentication is within a threshold range, based on the second authentication having failed;

obtaining second auxiliary authentication information requiring the user'"'"'s cooperation, based on the determination;

performing a third authentication based on the second auxiliary authentication information; and

performing an operation according to an authentication based on the third authentication being successful, by obtaining an authority level selected by the user and storing the authority level matched with the second auxiliary authentication information,wherein the operation according to the success of the authentication is set according to the main authentication information, the first auxiliary authentication information and the second auxiliary authentication information,wherein the main authentication information and the second auxiliary authentication information include at least one of the user'"'"'s signature information, password information, and biometric information requiring the user'"'"'s cooperation, andwherein the first auxiliary authentication information includes at least one of context information and biometric information not requiring the user'"'"'s cooperation.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present disclosure relates to a communication method and system for converging a 5th-Generation (5G) communication system for supporting higher data rates beyond a 4th-Generation (4G) system with a technology for Internet of Things (IoT). The present disclosure may be applied to intelligent services based on the 5G communication technology and the IoT-related technology, such as smart home, smart building, smart city, smart car, connected car, health care, digital education, smart retail, security and safety services. A terminal is provided, which includes a sensing unit configured to collect authentication information; and a control unit configured to perform the authentication based on first authentication information and second authentication information, to control the sensing unit to collect third authentication information if it is determined that the authentication based on the first authentication information has succeeded and the authentication based on the second authentication information has failed, and to perform the authentication based on the third authentication information. Since the authentication is performed through a combination of biometric information and context information that are acquired from two or more terminals, reliability and security of the authentication can be heightened.

Citations

6 Claims

1. A method for performing an authentication by a first terminal, the method comprising:
- obtaining main authentication information requiring a user'"'"'s cooperation, based on an initial condition for obtaining the main authentication information being triggered;
  
  performing a first authentication based on the main authentication information;
  
  requesting, to a second terminal, first auxiliary authentication information not requiring the user'"'"'s cooperation, based on the first authentication being successful;
  
  receiving, from the second terminal, the first auxiliary authentication information;
  
  performing a second authentication based on the first auxiliary authentication information, wherein performing the second authentication comprises;
  
  determining a distance between the first terminal and the second terminal, the distance being identified based on a strength of a signal including the first auxiliary authentication information;
  
  determining, in case that the main authentication information and the first auxiliary authentication information are information of same type, whether a degree of overlap between the main authentication information and the first auxiliary authentication information is higher than a first reference value;
  
  determining, in case that the main authentication information and the first auxiliary authentication information are not information of same type, whether a degree of relevance between the main authentication information and the first auxiliary authentication information is higher than a second reference value; and
  
  determining that the second authentication is failed, in case that the distance is greater than a threshold, the degree of overlap is lower than the first reference value, or the degree of relevance is lower than the second reference value;
  
  determining that a third authentication is required by identifying that an error range that occurred in a result of the second authentication is within a threshold range, based on the second authentication having failed;
  
  obtaining second auxiliary authentication information requiring the user'"'"'s cooperation, based on the determination;
  
  performing a third authentication based on the second auxiliary authentication information; and
  
  performing an operation according to an authentication based on the third authentication being successful, by obtaining an authority level selected by the user and storing the authority level matched with the second auxiliary authentication information,wherein the operation according to the success of the authentication is set according to the main authentication information, the first auxiliary authentication information and the second auxiliary authentication information,wherein the main authentication information and the second auxiliary authentication information include at least one of the user'"'"'s signature information, password information, and biometric information requiring the user'"'"'s cooperation, andwherein the first auxiliary authentication information includes at least one of context information and biometric information not requiring the user'"'"'s cooperation.
- View Dependent Claims (2, 3)
- - 2. The method of claim 1, wherein the second auxiliary authentication information is reserved to provide for failure of the second authentication.
  - 3. The method of claim 1, wherein performing the first authentication comprises:
    - transmitting the main authentication information to an authentication server; and
      
      receiving a result of the first authentication based on the main authentication information from the authentication server.

4. A first terminal that performs an authentication, the first terminal comprising:
- a sensor configured to obtain authentication information; and
  
  a controller configured to;
  
  obtain main authentication information requiring a user'"'"'s cooperation, based on an initial condition for obtaining the main authentication information being triggered,perform a first authentication based on the main authentication information,request, to a second terminal, first auxiliary authentication information not requiring the user'"'"'s cooperation, based on the first authentication being successful,receive, from the second terminal, the first auxiliary authentication information,perform a second authentication based on the first auxiliary authentication information, wherein the controller is further configured to perform the second authentication by;
  
  determining a distance between the first terminal and the second terminal, the distance being identified based on a strength of a signal including the first auxiliary authentication information,determining, in case that the main authentication information and the first auxiliary authentication information are information of same type, whether a degree of overlap between the main authentication information and the first auxiliary authentication information is higher than a first reference value,determining, in case that the main authentication information and the first auxiliary authentication information are not information of same type, whether a degree of relevance between the main authentication information and the first auxiliary authentication information is higher than a second reference value, anddetermining that the second authentication is failed, in case that the distance is greater than a threshold, the degree of overlap is lower than the first reference value, or the degree of relevance is lower than the second reference value,determine that a third authentication is required by identifying that an error range that occurred in a result of the second authentication is within a threshold range, based on the second authentication having failed,obtain second auxiliary information requiring the user'"'"'s cooperation, based on the determination,perform a third authentication based on the second auxiliary authentication information, andperform an operation according to an authentication based on the third authentication being successful, by obtaining an authority level selected by the user and storing the authority level matched with the second auxiliary authentication information,wherein the operation according to the success of the authentication is set according to the main authentication information, the first auxiliary authentication information and the second auxiliary authentication information,wherein the main authentication information and the second auxiliary authentication information include at least one of the user'"'"'s signature information, password information, and biometric information requiring the user'"'"'s cooperation, andwherein the first auxiliary authentication information includes at least one of context information and biometric information not requiring the user'"'"'s cooperation.
- View Dependent Claims (5, 6)
- - 5. The first terminal of claim 4, wherein the second auxiliary authentication information is reserved to provide for failure of the second authentication.
  - 6. The first terminal of claim 4, further comprising a transceiver configured to transmit and receive information to and from an authentication server,wherein the controller is further configured to:
    - control the transceiver to transmit the main authentication information to an authentication server, andcontrol the transceiver to receive a result of the first authentication based on the main authentication information from the authentication server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung Electronics Co. Ltd.
Original Assignee
Samsung Electronics Co. Ltd.
Inventors
Kim, Soenghun, Park, Joohyun, Lee, Heejeong, Lee, Youmin
Primary Examiner(s)
Feild, Lynn D
Assistant Examiner(s)
McCoy, Richard A

Application Number

US14/837,947
Publication Number

US 20160065572A1
Time in Patent Office

1,678 Days
Field of Search

None
US Class Current
CPC Class Codes

H04L 63/0861 using biometrical features,...

Authentication method and apparatus using biometric information and context information

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

6 Claims

Specification

Solutions

Use Cases

Quick Links

Authentication method and apparatus using biometric information and context information

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

6 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links