System and method for sequentially processing a biometric sample
First Claim
1. A sequential biometric verification system which facilitates the transfer of an initially unverifiable biometric sample and related biometric information from a security token to a stateless server for a subsequent verification attempt and return of a result, said system comprising:
- said security token including a first cryptographic means and a first biometric verification means coupled to an access controlled resource, said stateless server responsive to said security token including second biometric verification means and second cryptography means compatible with said first cryptographic means coupled to said second verification means, wherein successful verification of said initially unverifiable biometric sample returns a cryptographic result to said security token functional by said first cryptographic means to allow access to said access controlled resource.
3 Assignments
0 Petitions
Accused Products
Abstract
This invention provides for progressive processing of biometric samples to facilitate verification of an authorized user. The initial processing is performed by a security token. Due to storage space and processing power limitations, excessive false rejections may occur. To overcome this shortfall, the biometric sample is routed to a stateless server, which has significantly greater processing power and data enhancement capabilities. The stateless server receives, processes and returns the biometric sample to the security token for another attempt at verification using the enhanced biometric sample. In a second embodiment of the invention, a second failure of the security token to verify the enhanced biometric sample sends either the enhanced or raw biometric sample to a stateful server. The stateful server again processes the biometric sample and performs a one to many search of a biometric database. The biometric database contains the master set of enrolled biometric templates associated with all authorized users. Signals generated by the stateful server are used by the security token to allow or deny access to a resource or function. In both embodiments of the invention, the heuristics remain with the security token.
52 Citations
33 Claims
-
1. A sequential biometric verification system which facilitates the transfer of an initially unverifiable biometric sample and related biometric information from a security token to a stateless server for a subsequent verification attempt and return of a result, said system comprising:
-
said security token including a first cryptographic means and a first biometric verification means coupled to an access controlled resource, said stateless server responsive to said security token including second biometric verification means and second cryptography means compatible with said first cryptographic means coupled to said second verification means, wherein successful verification of said initially unverifiable biometric sample returns a cryptographic result to said security token functional by said first cryptographic means to allow access to said access controlled resource. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A sequential biometric verification method comprising the steps of:
-
a. receiving an initially unverifiable biometric sample, a biometric template and a set of biometric processing parameters sent from a security token to a stateless server, b. retrieving a biometric processing algorithm using one of said set of biometric processing parameters, c. processing said biometric sample by said retrieved biometric processing algorithm using a public portion of said biometric template, d. attempting to verify said biometric sample against a private portion of said biometric template, e. generating a cryptographic secret using another of said set of biometric processing parameters and sending said generated cryptographic secret to said security token if step 26d. is successful, f. sending a reject signal to said security token if step 26d. is unsuccessful.
-
-
27. A sequential biometric verification method comprising the steps of:
-
a. receiving a secondarily unverifiable biometric sample and a set of biometric processing parameters sent from a stateless server to a stateful server, b. retrieving a biometric template from a biometric database using another of said set of biometric processing parameters, c. retrieving a biometric processing algorithm using one of said first set of biometric processing parameters, d. processing said biometric sample by said retrieved biometric processing algorithm using a public portion of said retrieved biometric template, e. attempting to verify said biometric sample against a private portion of said retrieved biometric template, f. generating a cryptographic secret using another of said set of biometric processing parameters and sending said generated cryptographic secret to said security token if step 27e. is successful, g. sending a reject signal to said security token if step 27e. is unsuccessful. - View Dependent Claims (28)
-
-
29. A method to optimize a biometric processing applet included in a security token comprising the steps of:
-
a. determining an optimum server based biometric processing algorithm using a biometric sample previously processed by said security, b. retrieving a biometric processing applet equivalent to said optimized server based biometric processing algorithm, c. generating a replacement biometric template, d. generating a cryptographic secret to unlock said security token, e. downloading said replacement biometric template and retrieved biometric processing algorithm to said security token, f. operatively installing said replacement biometric template and retrieved biometric processing algorithm to said security token.
-
-
30. A method to identify the origin of an unverifiable biometric sample comprising the steps of:
-
a. identifying the physiological data type represented by said unverifiable biometric sample, b. retrieving a generic public template appropriate for said physiological data type, c. retrieving a biometric processing algorithm appropriate for said physiological data type, d. processing said unverifiable biometric sample using said biometric processing algorithm and said generic public template, e. performing a one-to-many query of an internal biometric database containing a plurality of biometric templates records using the results of said processing, f. attempting to match said results of said processing to at least one of said plurality of biometric templates records, g. recording the results of said internal biometric database query, h. querying an external biometric database if unsuccessful, i. recording the results of said external biometric database query.
-
-
31. A system to perform sequential biometric verification using a security token and a stateless server comprising:
-
said security token adapted to transfer an initially unverifiable biometric sample and at least one biometric processing parameter to a stateless server and including means to allow access to at least one controlled resource upon presentation of a valid cryptographic secret, said stateless server adapted to perform biometric verification of said biometric sample using said at least one biometric processing parameter and including means to present said valid cryptographic secret to said security token if said initially unverifiable biometric sample is verified.
-
-
32. A system to perform sequential biometric verification using a security token, a stateless server and stateful server comprising:
-
said security token adapted to transfer an initially unverifiable biometric sample and at least one biometric processing parameter to a stateless server and including means to allow access to at least one controlled resource upon presentation of a valid cryptographic secret, said stateless server adapted to perform biometric verification of said biometric sample using said at least one biometric processing parameter and including means to present said valid cryptographic secret to said security token if said biometric sample is verified and means to transfer said unverifiable biometric sample and at least one biometric processing parameter to said stateful server, said stateful server adapted to perform biometric verification of said biometric sample using said at least one biometric processing parameter and including means to present said valid cryptographic secret to said security token if said initially unverifiable biometric sample is verified.
-
-
33. A system to perform sequential biometric verification using a security token, a stateless server and stateful server comprising:
-
said security token adapted to allow access to a controlled resource comprising an access gate responsive to either an affirmative verification signal or an affirmative cryptographic signal, said stateless server adapted to perform biometric verification of a biometric sample received from said security token and further adapted to return said affirmative cryptographic signal to said security token if said biometric verification is successful, said stateful server adapted to perform biometric verification of a biometric sample received from stateless server and further adapted to return said affirmative cryptographic signal to said security token if said biometric verification is successful.
-
Specification