Method for secure transmission and receipt of data over a computer network using biometrics

US 20020116508A1
Filed: 02/20/2002
Published: 08/22/2002
Est. Priority Date: 02/20/2001
Status: Active Grant

First Claim

Patent Images

1. A method for creating a secure access transmission mode for the sending and receipt of data over a computer network said method using biometrics and comprising the steps of:

a) creating a database adapted to store a plurality of predetermined biometric templates of individuals authorized for secure access transmission over said network;

b) populating the database with said predetermined biometric templates of individuals authorized for secure access transmission over the network;

c) providing biometric capture means to capture the predetermined biometric of an individual seeking authority for secure access transmission over the network;

d) providing a data processing unit and connecting the biometric capture means and the database to said unit; and

, e) providing a first means executable by the unit and adapted to receive from said biometric capture means the predetermined biometric of individuals seeking authority for secure access transmission over the network, converting the predetermined biometric to biometric templates and comparing the captured predetermined biometric templates with the previously obtained and predetermined biometric templates of individuals who are authorized for secure access transmission over the network said templates stored on the database so that the identity of the individual seeking to use secure access transmission may be confirmed as an individual authorized for secure access transmission;

f) providing a second means executable by the unit and adapted to cooperate with said first means so that secure access transmission over the network is permitted when first means confirms the identity of the individual and so that secure access transmission over the network is denied when first means is unable to confirm the identity of the individual so that in the secure access transmission mode no data may be sent between two computers on a network without the prior biometric authentication of the sender and recipient of the data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for secure transmission of data, like e-mail and other secure documents, over a computer network includes the use of biometrics to verify that the sender of the data is confirmed as an individual authorized for secure access transmission of data over the network and by verifying that the recipient of the data is also an individual authorized to receive data by secure access transmission over the network. The methodology comprises creating a database containing the biometric templates of all individuals authorized for secure access transmission of data over the network and connecting the database to a data processor. The transmission of counterfeit messages is prevented by confirming the identity of the sender as an individual authorized for secure access transmission over the network by scanning a predetermined biometric of the sender, and comparing the biometric of the sender with the predetermined biometric of all individuals who are authorized for secure access transmission over the network. The recipient of a secure access message is not permitted to access the message until recipient'"'"'s identity has been similarly confirmed as an individual authorized to receive messages secure access transmitted over the network. Once the recipient'"'"'s identity is confirmed the message may be opened. The sender will receive confirmation by return electronic mail that the message has been opened by the authorized recipient.

186 Citations

44 Claims

1. A method for creating a secure access transmission mode for the sending and receipt of data over a computer network said method using biometrics and comprising the steps of:
- a) creating a database adapted to store a plurality of predetermined biometric templates of individuals authorized for secure access transmission over said network;
  
  b) populating the database with said predetermined biometric templates of individuals authorized for secure access transmission over the network;
  
  c) providing biometric capture means to capture the predetermined biometric of an individual seeking authority for secure access transmission over the network;
  
  d) providing a data processing unit and connecting the biometric capture means and the database to said unit; and
  
  , e) providing a first means executable by the unit and adapted to receive from said biometric capture means the predetermined biometric of individuals seeking authority for secure access transmission over the network, converting the predetermined biometric to biometric templates and comparing the captured predetermined biometric templates with the previously obtained and predetermined biometric templates of individuals who are authorized for secure access transmission over the network said templates stored on the database so that the identity of the individual seeking to use secure access transmission may be confirmed as an individual authorized for secure access transmission;
  
  f) providing a second means executable by the unit and adapted to cooperate with said first means so that secure access transmission over the network is permitted when first means confirms the identity of the individual and so that secure access transmission over the network is denied when first means is unable to confirm the identity of the individual so that in the secure access transmission mode no data may be sent between two computers on a network without the prior biometric authentication of the sender and recipient of the data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 39)
- - 2. The method of claim 1 wherein the step of populating the database with said predetermined biometric templates of individuals authorized for secure access transmission over the network comprises the step of populating the database with one of facial biometrics;
    - fingerprint biometrics;
      
      handprint biometrics;
      
      iris biometrics;
      
      or, voice biometrics.
  - 3. The method of claim 2 wherein the step of populating the database with said biometric templates includes the step of populating the database with facial biometrics.
  - 4. The method of claim 1 wherein the step of providing biometric capture means to capture the predetermined biometric of an individual seeking secure access transmission over network comprises the step of providing one of:
    - facial scanning means;
      
      iris scanning means;
      
      thumbprint scanning means;
      
      handprint scanning means or, voice print scanning means.
  - 5. The method of claim 4 wherein the step of providing a biometric capture means includes the step of providing a facial scanning means.
  - 6. The method of claim 5 wherein the step of providing facial scanning means includes the step of providing a digital video camera.
  - 7. The method of claim 6 wherein the step of providing a digital video camera includes the step of providing the IT'"'"'S ME camera by VisionSphere Technologies Inc.
  - 8. The method of claim 1 wherein the step of providing a data processing unit includes the step of providing a computer said computer being sufficiently powerful and fast to process biometric data.
  - 9. The method of claim 1 wherein the step of providing a first means executable by the unit includes the step of providing a first software program adapted to receive digital video images of faces of individuals seeking secure access transmission over the network, converting said digital video images to facial biometric templates and comparing the captured facial biometric templates with the previously obtained facial biometric templates of individuals who are authorized for secure access transmission over the network stored on the database so that the identity of the individual seeking secure access may be confirmed as an individual authorized for secure access transmission over the network.
  - 10. The method of claim 9 wherein the step of providing at least one software program includes the step of providing the IT'"'"'S ME software program by VisionSphere Technologies Inc.
  - 11. The method of claim 1 wherein the step of providing a second means executable by the unit comprises the step of providing a second software program permitting the transmission of messages in a secure access mode if the biometric of the individual seeking to use secure access transmission is matched with a biometric of an individual authorized to use secure access transmission and wherein the second software program prohibits the transmission of messages in a secure access mode if there is no biometric match thereby creating a message transmission system that has an optionally selectable secure access transmission mode dependent upon biometric confirmation and an optionally selectable insecure transmission mode that is independent of biometric confirmation.
  - 12. The method of claim 11 wherein the step of providing a second software program includes the step of providing the VSMAIL software program by VisionSphere Technologies Inc.
  - 13. The method of claim 2 wherein the step of populating the database with facial images of authorized individuals comprises the steps of scanning the facial image of each individual authorized to use secure access transmission over the network using a digital video camera;
    - converting each digital facial image into a biometric template unique to the individual scanned; and
      
      retrievably storing each template in the database.
  - 14. The method of claim 6 wherein the step of providing a video camera includes the step of mounting the video camera to the computer of individuals authorized to use secure access transmission over the network so that individuals seeking to use secure access transmission over the network may have their faces scanned by the camera when they are before the computer and further includes the step of connecting the camera to the processing unit so that images obtained by the camera can be converted to biometric templates and compared to biometric templates stored on the database.
  - 16. The method of claim 15 wherein the step of confirming the identity of the sender by biometrics includes the step of confirming the identity of the authorized individual using facial biometrics.
  - 17. The method of claim 15 wherein the step of populating the data fields includes the step of placing an image of the sender'"'"'s face in the template.
  - 18. The method of claim 15 wherein a secure access encrypted transmission mode of sending messages over the network is created by further including the step of encrypting the template and its contents using suitable encryption means and decrypting the template and its contents using suitable decryption means by the recipient.
  - 19. The method of claim 18 wherein the encryption means is provided with the second software application.
  - 20. The method of claim 18 wherein the step of encryption comprises the step of using a public key encryption system available from any third party provider vending such systems.
  - 21. The method of claim 18 wherein the encryption and decryption process are initiated only upon the biometric verification of the sender and recipient respectively.
  - 22. The method of claim 18 wherein encryption and decryption occur automatically without operator involvement.
  - 23. The method of claim 15 further including the step of embedding an electronic tag comprising a tracking number in the template for electronic tracking of the message over the network.
  - 24. The method of claim 15 further including the step of making a copy of the tagged template and storing said copy in an archival database.
  - 25. The method as claimed in claim 15 wherein the step of creating the message includes the step of attaching at least one data files electronically thereto.
  - 26. The method as claimed in claim 15 wherein the step of confirming by biometric means the identity of the sender comprises the steps of:
    - a) scanning the face of the sender using the digital video camera attached to the sender'"'"'s secure access computer;
      
      b) displaying the scanned image on the computer screen;
      
      c) transmitting the scanned image to the processing unit;
      
      d) converting the scanned image into a biometric template;
      
      e) comparing the biometric template of the scanned image with those of individuals authorized secure access to the network stored in the database;
      
      f) matching the scanned image with the corresponding stored image within a predetermined confidence interval;
      
      g) displaying the matched image on the computer screen beside the scanned image so that a visual match may be made;
      
      h) visually indicating the confidence interval of the match to the sender;
      
      i) visually indicating a match to the sender; and
      
      , j) attaching an image of the identity confirmed sender to the template.
  - 27. The method as claimed in claim 26 wherein the predetermined confidence level may be set by the network administrator.
  - 28. The method of claim 26 wherein if there is a mismatch between the sender'"'"'s biometric template and corresponding stored template said method further comprises the steps of:
    - visually indicating a mismatch to the sender and denying access to the secure access transmission mode to the mismatched sender.
  - 29. The method of claim 15 wherein the step for secure receipt of a transmitted message comprises the following steps executable at recipient'"'"'s secure access computer:
    - a) alerting the recipient as to the receipt of a message;
      
      b) instructing the receiving computer to open the message;
      
      c) using the first software program to confirm by biometric means the identity of the recipient as an individual authorized to receive messages sent by the secure access transmission mode;
      
      d) using the second software program adapted to operatively cooperate with the first software program so that a message received by secure access transmission mode may be opened by recipient upon confirmation of recipients identity by the first software program and wherein the message may not be opened if there is not confirmation of recipient'"'"'s identity;
      
      e) placing a confirmed biometric of the recipient on the template;
      
      f) indicating on the template that the template and secured messages therein have opened; and
      
      , g) transmitting a copy of the opened template to the sender.
  - 30. The method of claim 29 wherein the step of receiving the electronic template includes the step of displaying the template on the recipient'"'"'s computer.
  - 31. The method of claim 29 wherein the step of alerting the recipient as to the receipt of a message in the secure transmission mode includes the step of placing an identifying icon beside the message waiting bar.
  - 32. The method as claimed in claim 29 wherein the step of instructing the computer to open the message comprises the recipient clicking on the message waiting bar.
  - 33. The method as claimed in claim 29 wherein the step of confirming the identity of the recipient by biometric means comprises the steps of:
    - a) scanning the face of the recipient using the digital video camera attached to the recipient'"'"'s computer;
      
      b) displaying the scanned image on the computer screen;
      
      c) transmitting the scanned image to the processing unit;
      
      d) converting the scanned image into a biometric template;
      
      e) comparing the biometric template of the scanned image with those of individuals authorized access to the network stored in the database;
      
      f) matching the scanned image with the correct stored image within a predetermined confidence interval;
      
      g) displaying the matched image on the computer screen beside the scanned image;
      
      h) visually indicating the confidence interval of the match to the recipient;
      
      i) visually indicating a match to the recipient; and
      
      , j) attaching an image of the identity confirmed recipient to the electronic template.
  - 34. The method of claim 29 wherein the step of permitting access to the message and any attachments wherein the message and attachments have been encrypted includes the step of decrypting the message and any attachments.
  - 35. The method of claim 29 wherein the step of indicating that the template has been opened and the messages read further including the steps of placing visible and invisible digital watermarks on the template to signify that the electronic template has been opened by the recipient.
  - 36. The method as claimed in claim 35 wherein the visible watermarks take the form of a plurality of wavy lines superimposed over the face of the sender and the face of the recipient.
  - 37. The method as claimed in claim 36 wherein the watermarks further include the visible word “
    - opened”
      
      placed across the template.
  - 39. The method of claim 38 wherein the step for receiving the template comprises the following steps executable at recipient'"'"'s non-secure access computer:
    - a) alerting the recipient as to the receipt of a secured message;
      
      b) directing the recipient to a site where a reading program that will read the message may be obtained;
      
      c) downloading the reading program;
      
      d) opening the template and the messages contained therein;
      
      e) placing a confirming message on the template that the message has been opened using the reader;
      
      f) indicating on the template that the secure message has been opened by placing plurality of visible and invisible digital water marks on the sender'"'"'s image, the obtain reader instructions and the template;
      
      g) transmitting a copy of the opened template to the sender.

15. In a computer network comprising a plurality of secure access computers each having a first and second software program wherein the network further comprises a sender'"'"'s secure access computer and a recipient'"'"'s secure access computer, a method for the creating a secure access transmission mode over the network between said sender'"'"'s secure access computer and said recipient'"'"'s secure access computer the method comprising the following steps executable at sender'"'"'s computer:
- a) creating a message for transmission over the network;
  
  b) selecting the secure access transmission mode;
  
  c) using a first software program to confirm by biometric means the identity of the sender as an individual authorized to use the secure access transmission mode the network;
  
  d) using a second software program adapted to operatively cooperate with the first software program so that a secure access transmission mode is created when there is a biometric confirmation of an individual and so that a secure access transmission mode is prohibited when there is no biometric confirmation;
  
  e) using said second software program to create an electronic template wherein said template has a plurality of data fields for placing a plurality of information to be transmitted with said message and attaching the message to the template;
  
  f) populating said data fields with;
  
  i) an image of the biometric of the individual authorized secure access;
  
  ii) an image of the sender'"'"'s corporate logo;
  
  iii) the name of the sender;
  
  iv) the name of the recipient;
  
  v) electronic address of the recipient;
  
  vi) the subject of the message;
  
  vii) the date and time the message was sent;
  
  viii) the number of files attached to the message; and
  
  , g) transmitting the template to the recipient computer.

38. In a computer network comprising a plurality of computers wherein the network further comprises a sender'"'"'s secure access computer and a recipient'"'"'s non-secure access computer, a method using biometrics to create a secure access transmission mode between sender'"'"'s secure access computer and recipient'"'"'s non-secure access computer the method comprising the following steps executable at sender'"'"'s computer:
- a) creating a message for transmission over the network;
  
  b) selecting the secure access transmission mode;
  
  c) using a first software program to confirm by biometric means the identity of the sender as an individual authorized to use the secure access transmission mode the network;
  
  d) using a second software program adapted to operatively cooperate with the first software program so that a secure access transmission mode is created when there is a biometric confirmation of the sender and so that a secure access transmission mode is prohibited when there is no biometric confirmation;
  
  e) using said second software program to create an electronic template wherein said template has a plurality of data fields for placing a plurality of information to be transmitted with said message and attaching the message to the template;
  
  f) populating said data fields with;
  
  i) an image of the authenticated sender'"'"'s biometric;
  
  ii) an image of the sender'"'"'s corporate logo;
  
  iii) the name of the sender;
  
  iv) the name of the recipient;
  
  v) electronic address of the recipient;
  
  vi) the subject of the message;
  
  vii) the date and time the message was sent;
  
  viii) the number of files attached to the message;
  
  ix) instructions to obtain mail reading means; and
  
  , g) transmitting the electronic template to the recipient computer.

40. A software product for creating a secure access transmission mode for the transmission of secure messages between a sender and a recipient over a network said software having a series of computer executable instructions said software installed on computers sending messages over a network wherein said computers are equipped with a biometric scanning device to obtain a predetermined biometric from a sender sending messages over the network when the device is connected to a data processing unit and a database comprising the biometric templates of a plurality of individuals authorized for secure access transmission over network said product comprising instructions executable by sender for performing the steps of:
- a) selecting a secure transmission mode;
  
  b) confirming by biometric means the identity of the sender as an individual authorized for secure access transmission over the network;
  
  c) creating an electronic template and attaching said message to said electronic template said template having a plurality of data fields for placing a plurality of information to be transmitted with said message;
  
  d) populating said data fields with;
  
  i) the predetermined biometric of the sender;
  
  ii) an image of the sender'"'"'s corporate logo;
  
  iii) the name of the sender;
  
  iv) the name of the recipient;
  
  v) electronic address of the recipient;
  
  vi) the subject of the message;
  
  vii) the date and time the message was sent; and
  
  , viii) the number of files attached to the message; and
  
  , e) transmitting the electronic template to the recipient computer.
- View Dependent Claims (41, 42, 43)
- - 41. The product of claim 40 wherein the step of populating said data fields includes the step of placing a facial image of the sender with the sender'"'"'s biometric.
  - 42. The product of claim 40 wherein the step of confirming by biometric means includes the step of confirming using facial biometrics.
  - 43. The product of claim 40 wherein said software product is installed on computers receiving messages over a network wherein said computer is equipped with a digital video camera for scanning the face of the computer operator and wherein the camera is connected to a central processing unit and a database comprising the biometric templates of a plurality of persons authorized secure access to the network said product comprising instructions executable at recipient'"'"'s computer for performing the steps of:
    - a) scanning the face of the recipient using the digital video camera attached to the recipient'"'"'s computer;
      
      b) displaying the scanned image on the computer screen;
      
      c) transmitting the scanned image to the processing unit;
      
      d) converting the scanned image into a biometric template;
      
      e) comparing the biometric template of the scanned image with those of individuals authorized access to the network stored in the database;
      
      f) matching the scanned image with the correct stored image within a predetermined confidence interval;
      
      g) displaying the matched image on the computer screen beside the scanned image;
      
      h) visually indicating the confidence interval of the match to the sender;
      
      i) visually indicating a match to the recipient; and
      
      , j) attaching an image of the identity confirmed recipient to the electronic template.

44. A data transmission security apparatus for installation on a computer network for the creation of a secure access transmission mode for transmission of messages across a network said network comprising a plurality of computers, said apparatus comprising:
- a) a database for storing a plurality of predetermined biometric templates of individuals authorized secure access to said network;
  
  b) a database populator for populating database with said biometric templates of individuals authorized secure access to said network;
  
  c) biometric scanning means for scanning the biometric of an individuals seeking secure access transmission mode over the network;
  
  d) a data processing unit connected to scanning means and the database for receiving and processing scanned biometrics from the scanner and comparing them to stored biometrics on the database said unit having means for comparing scanned and stored biometrics and determining a match;
  
  e) a data transmitter executable by the unit and adapted to transmit data messages in a secure access transmission mode from one computer to another over the network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SSK Virtualimage Corporation
Original Assignee
Martin Levine, Sal Khan
Inventors
Khan, Sal, Levine, Martin

Granted Patent

US 7,117,370 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/229
CPC Class Codes

H04L 51/224   providing notification on i...

H04L 63/0861   using biometrical features,...

H04L 63/101   Access control lists [ACL]

Method for secure transmission and receipt of data over a computer network using biometrics

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

186 Citations

44 Claims

Specification

Solutions

Use Cases

Quick Links

Method for secure transmission and receipt of data over a computer network using biometrics

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

186 Citations

44 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links