Match template protection within biometric security systems

US 20030217276A1
Filed: 05/14/2003
Published: 11/20/2003
Est. Priority Date: 05/15/2002
Status: Active Grant

First Claim

Patent Images

1. A method for performing user authentication in the context of a biometric security system, the method comprising:

receiving from a biometric data collector a first collection of biometric data based on a first biometric source;

applying a transform function to the fist collection of biometric data to generate a match template;

receiving from a biometric data collector a second collection of biometric data based on the first biometric source;

generating an authentication model based on the second collection of biometric data, the authentication model being different than the match template; and

comparing the authentication model to the match template.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Biometric security systems are disclosed wherein a match template is unique as compared to a corresponding authentication model generated during enrollment and/or attempts at authentication. In accordance with one embodiment, the uniqueness of the match template as compared to a corresponding biometric authentication model is complete and non-reversible. Accordingly, the data in the match template cannot be directly utilized to produce an authentication model. Accordingly, match templates stored in a database need only be protected to assure that they are not substituted, altered or supplemented. Replication of match template data is not of concern, as it cannot be used for an authentication.

Citations

20 Claims

1. A method for performing user authentication in the context of a biometric security system, the method comprising:
- receiving from a biometric data collector a first collection of biometric data based on a first biometric source;
  
  applying a transform function to the fist collection of biometric data to generate a match template;
  
  receiving from a biometric data collector a second collection of biometric data based on the first biometric source;
  
  generating an authentication model based on the second collection of biometric data, the authentication model being different than the match template; and
  
  comparing the authentication model to the match template.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein applying the transform function to generate the match template further comprises applying the transform function to generate the match template as a non-reversible derivation of the first collection of biometric data.
  - 3. The method of claim 1, wherein applying the transform function to generate a match template further comprises applying a first transform function to generate a first match template, and wherein the method further comprises:
    - receiving from a biometric data collector a third collection of biometric data based on the first biometric source;
      
      applying a second transform function to the third collection of biometric data to generate a second match template that is different than the first match template.
  - 4. The method of claim 3, wherein:
    - applying a first transform function comprises applying a first transform function that is associated with a first entity; and
      
      applying a second transform function comprises applying a second transform function that is associated with a second entity.
  - 5. The method of claim 1, wherein receiving a first and second collection of biometric data comprises receiving a first and second collection of fingerprint data.
  - 6. The method of claim 1, wherein receiving a first and second collection of biometric data comprises receiving a first and second collection of eye-scan data.
  - 7. The method of claim 1, wherein receiving a first and second collection of biometric data comprises receiving a first and second collection of facial feature data.
  - 8. The method of claim 1, wherein receiving a first and second collection of biometric data comprises receiving a first and second collection of speech data.
  - 9. The method of claim 1, wherein receiving a first and second collection of biometric data comprises receiving a first and second collection of hand geometry data.
  - 10. The method of claim 1, wherein receiving a first and second collection of biometric data comprises receiving a first and second collection of DNA data.
  - 11. The method of claim 1, wherein receiving a first and second collection of biometric data comprises receiving a first and second collection of spectral biometric information.

12. A comparison database for utilization within a biometric security system, the comparison database comprising:
- a match template that corresponds to, but is structurally different than, an authentication model, the authentication model and the first match template being derived based on biometric information associated with a same biometric source.
- View Dependent Claims (13, 14, 15)
- - 13. The comparison database of claim 12, wherein the first authentication model is derived through application of a transform function to a data representation of the biometric information.
  - 14. The comparison database of claim 13, wherein the transform function is structured such that the resulting match template cannot be directly utilized to produce the authentication model.
  - 15. The comparison database of claim 13, wherein the match template is a non-reversible derivation of the data representation.

16. A method of providing security in the context of multiple independent biometric security systems, the method comprising:
- utilizing a first processor associated with a first biometric security system to generate a first match template based on a first collection of biometric information;
  
  storing the first match template in a database associated with the first biometric security system;
  
  utilizing a second processor associated with a second biometric security system to generate a second match template based on a second collection of biometric information that is associated with a same biometric source as the first collection of biometric information;
  
  storing the second match template in a database associated with the second biometric security system;
  
  utilizing the first match template as a basis for providing security in association with the first biometric security system; and
  
  utilizing the second match template as a basis for providing security in association with the second biometric security system.

17. A method of providing security in the context of a biometric security system, the method comprising:
- obtaining a data representation of a first collection of biometric information;
  
  applying a transform function to the data representation of the first collection of biometric information to produce a match template;
  
  obtaining a data representation of a second collection of biometric information;
  
  generating an authentication model based on the data representation of the second collection of biometric information;
  
  comparing the authentication model to the match template to determine whether they are sufficiently related to be deemed matching; and
  
  granting at least one access right if they are sufficiently related to be deemed matching.
- View Dependent Claims (18, 19)
- - 18. The method of claim 17, wherein granting at least one access right comprises granting access in association with a physical access point.
  - 19. The method of claim 17, wherein granting at least one access right comprises granting access in association with an electronic access point.

20. A method of preventing false aliases within a comparison database associated with a biometric security system, the method comprising:
- storing a plurality of match templates in the comparison database, each match template being associated with an alias;
  
  receiving from a biometric data collector a collection of biometric data, the collection of biometric data being associated with an alias that does not correspond to one of the plurality of match templates;
  
  applying a transform function to the first collection of biometric data to generate a proposed match template;
  
  comparing the proposed match template to the plurality of match templates; and
  
  granting or denying an ability to store the proposed match template in the comparison database based on whether or not the proposed match template corresponds to one or more of the plurality of match templates.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bio-Key International Incorporated
Original Assignee
Bio-Key International Incorporated
Inventors
LaCous, Mira Kristina

Granted Patent

US 7,454,624 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/186
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/6245   Protecting personal data, e...

G07C 9/37   using biometric data, e.g. ...

Match template protection within biometric security systems

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Match template protection within biometric security systems

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links