Architecture for secure remote access and transmission using a generalized password scheme with biometric features
First Claim
1. A method for forming a strong password comprising the steps of:
- obtaining biometric data from a user;
generating a one-time password for the user; and
combining the biometric data and the one-time password to form the strong password.
1 Assignment
0 Petitions
Accused Products
Abstract
A remote computer access facility uses two dedicated computers outside the firewall. To ensure security the system makes use of biometrics features and a one-time password mechanism on top of secure socket layer (SSL) to authenticate a user. The system also provides three layers of security levels for transmission. The first layer establishes an SSL connection, the second layer periodically asks for a one-time password (OTP), and the third layer uses any kind of conventional encryption. The combination of the biometric, OTP and encryption key forms a strong password. The system also uses a mechanism for secure file accesses within the organization based on the security privileges assigned to various users. Based on the user'"'"'s access privileges, the server side software module sends the requested file in an encrypted form along with the key to decrypt that file—this key is encrypted by the user'"'"'s strong password.
-
Citations
20 Claims
-
1. A method for forming a strong password comprising the steps of:
-
obtaining biometric data from a user;
generating a one-time password for the user; and
combining the biometric data and the one-time password to form the strong password. - View Dependent Claims (2)
-
-
3. A method for controlling access to secure data comprising the steps of:
-
receiving a strong password including one-time password and biometric data from a user;
separating the one-time password and the biometric data;
comparing the one-time password to a calculated one-time password to determine if the one-time password is valid;
determining a probability that the biometric data is from the user;
encrypting the secure data using an encryption key to obtain encrypted data if the one-time password matches the calculated one-time password and the probability that the biometric data is from the user exceeds a predetermined threshold value;
combining the strong password, the encryption key and the encrypted data; and
transmitting the combined strong password, encryption key and encrypted data to the user. - View Dependent Claims (4, 5)
-
-
6. A system for implementing secure access to a remote computer system comprising:
-
at least one first computer securely coupled to the remote computer system;
at least one second computer coupled to said at least one first computer and configured to obtain identifying information from a user;
whereby the second computer passes the identifying information to the first computer, the first computer passes the identifying information to the remote computer system and the remote computer system verifies the identifying information. - View Dependent Claims (7, 8, 9, 10, 11, 13, 14, 15, 17, 19, 20)
-
-
12. A method of allowing access to secure data on a remote computer, including the steps of:
-
a) receiving a request from a user to access the secure data at a first computer;
b) transferring the request to access the secure data from the first computer to a second computer;
c) transferring the request to access the secure data from the second computer to the remote computer;
d) authorizing access to the secure data at the remote computer;
e) transferring the secure data to the second computer; and
f) transferring the secure data from the second computer to the user without using the first computer.
-
-
16. A computer readable carrier including computer program instructions that cause a computer to form a strong password comprising the steps of:
-
obtaining biometric data from a user;
generating a one-time password for the user; and
combining the biometric data and the one-time password to form the strong password.
-
-
18. A computer readable carrier including computer program instructions that cause a computer to implement a method for controlling access to secure data comprising the steps of:
-
receiving a strong password including one-time password and biometric data from a user;
separating the one-time password and the biometric data;
comparing the one-time password to a calculated one-time password to determine if the one-time password is valid;
determining a probability that the biometric data is from the user;
encrypting the secure data using an encryption key to obtain encrypted data if the one-time password matches the calculated one-time password and the probability that the biometric data is from the user exceeds a predetermined threshold value;
combining the strong password, the encryption key and the encrypted data; and
transmitting the combined strong password, encryption key and encrypted data to the user.
-
Specification