×

Method and system for securing a computer network and personal identification device used therein for controlling access to network components

  • US 20020104006A1
  • Filed: 02/01/2001
  • Published: 08/01/2002
  • Est. Priority Date: 02/01/2001
  • Status: Active Grant
First Claim
Patent Images

1. A personal digital identifier device for controlling access to a computer network, said network comprising a plurality of workstations each having a base unit associated therewith, said base unit being configured for wireless communications with said personal digital identifier device, and said network further comprising a central server utilizing a security manager component and network storage, said security manager component associated with a private key and a corresponding public key and said network storage containing a public key corresponding to a private key held by said personal digital identifier device, said personal digital identifier device being lightweight, configured for wearing and/or carrying by a user registered thereto and comprising:

  • (a) a wireless communications component comprising a transceiver for communicating with said base unit;

    (b) a biometric acquisition component for obtaining a user'"'"'s input biometric and producing a digital representation thereof;

    (c) a processor configured for communicating with said transceiver and said biometric component and operable for;

    (i) evaluating whether a template derived from said digital representation corresponds to a master template derived from a user'"'"'s biometric digital representation previously produced by said biometric component and generating a matching signal when such a correspondence is determined;

    (ii) generating said private key held by said personal digital identifier device and said public key corresponding thereto and outputting said generated public key for transmission by said transceiver;

    (iii) producing a digital signature using said private key; and

    , (iv) verifying, using said public key for said private key associated with said security manager component, that the source of an encrypted message ostensibly received from said security manager is said security manager component;

    (d) secure storage containing said master template of a user'"'"'s biometric, said generated private key and said public key for said private key associated with said security manager component;

    (e) a power source; and

    , (f) a housing, said personal digital identifier device being configured for producing, using said generated private key, a digitally signed challenge response message following said generating of said matching signal in response to a challenge message received from said security manager component and for transmitting said response message, and said personal digital identifier device being configured to prevent transmission of any of said master template of a user'"'"'s biometric and said private key.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×